Location: PHPKode > projects > WH Community > wh_community/edit_profile.php
<?php require('layout/header.php'); ?>
<?php

    if(isset($_POST['submit']) AND $_POST['submit']=='' . $lang['delete_cookies'] . '') {
    include_once('framework/controller.php');
    cookies_unset();
    }

?>

    <script type="text/javascript">
    	function showSuccessMessage() {
    	showNotification({
    	type : "success",
    	message: "<?php echo $lang['success_profile']; ?>"
    	});    
        }                                
    
    function showErrorMessage() {
    	showNotification({
    	type : "error",
    	message: "<?php echo $lang['couldnot_profile']; ?>"
    	});    
        }                                
    </script>

<div id="content_wrapper">
    <div class="content"><?php

        if(!isset($_SESSION['signed_in'])) {
        
		echo '<p class="false">' . $lang['just_for_users'] . '!</p>
              <p>' . $lang['you_need_to'] . ' <a href="signin.php">' . $lang['signin_s'] . '</a>.
              - ' . $lang['not_yet'] . ' <a href="signup.php">' . $lang['registered'] . '</a>?</p>';

		}else{

		echo '<table align="center" class="usertable">
		<tr>
			<td align="center"><ul class="usermenu">
				<li><a href="myprofile.php">' . $lang['my_profile'] . '</a></li>
				<li><a href="guestbook.php">' . $lang['guestbook'] . '</a></li>
				<li><a href="messagebox.php">' . $lang['messagebox'] . '</a></li>
				<li><a href="password.php">' . $lang['password'] . '</a></li>
				<li><a href="inbox.php">' . $lang['inbox'] . '</a></li>
				<li><a href="outbox.php">' . $lang['outbox'] . '</a></li>
				<li><a href="create_pm.php">' . $lang['m_newpm'] . '</a></li>
				<li><a href="mypostings.php">' . $lang['my_posts'] . '</a></li>
				<li><a href="infos.php">' . $lang['informations'] . '</a></li>
				<li><a href="todo.php">' . $lang['m_todo'] . '</a></li>
				<li><a href="news.php">' . $lang['news'] . '</a></li>
			</ul></td>
		</tr>
		<tr>
			<td><h1>' . $lang['my_profile'] . '</h1></td>
		</tr>';
		
		include_once('functions/bbcode.php');
		include_once('functions/badwords.php');
		
		if(isset($_POST['submit']) AND $_POST['submit']=='' . $lang['change_profile'] . '') {
		
		$id = $_SESSION['user_id'];
		
		$profile = "UPDATE 
						users
					SET
						user_sex = '" . mysql_real_escape_string($_POST['user_sex']) . "',
						user_bday = '" . mysql_real_escape_string($_POST['user_bday']) . "',
						user_email = '" . mysql_real_escape_string($_POST['user_email']) . "',
						user_showmail = '" . mysql_real_escape_string($_POST['user_showmail']) . "',
						user_homepage = '" . mysql_real_escape_string($_POST['user_homepage']) . "',
						user_icq = '" . mysql_real_escape_string($_POST['user_icq']) . "',
						user_live = '" . mysql_real_escape_string($_POST['user_live']) . "',
						user_skype = '" . mysql_real_escape_string($_POST['user_skype']) . "',
						user_facebook = '" . mysql_real_escape_string($_POST['user_facebook']) . "',
						user_twitter = '" . mysql_real_escape_string($_POST['user_twitter']) . "',
						user_about = '" . mysql_real_escape_string($_POST['user_about']) . "',
						user_signature = '" . mysql_real_escape_string($_POST['user_signature']) . "'
					WHERE
						user_id = " . (int)$_SESSION['user_id'];
		
		mysql_query($profile) OR die(mysql_error());
		
		if(mysql_affected_rows() == 1) {
		
		echo '<tr><td><p class="right">' . $lang['success_profile'] . '</p></td></tr>';
		echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
		
			}else{
			
			echo '<tr><td><p class="false">' . $lang['couldnot_profile'] . '</p></td></tr>';
			echo "<script type=\"text/javascript\">showErrorMessage();</script>";
			}
		}
		
		$abfrage = "SELECT
						user_sex,
						user_bday,
						user_email,
						user_showmail,
						user_homepage,
						user_icq,
						user_live,
						user_skype,
						user_facebook,
						user_twitter,
						user_about,
						user_signature
					FROM
						users
					WHERE
						user_id = " . (int)$_SESSION['user_id'];
		
		echo '<tr><td>
		      <table width="100%">';
		
		$result = mysql_query($abfrage) OR die(mysql_error());
		$row = mysql_fetch_assoc($result);
		
		echo '<tr>
    		  <td colspan="2"><form id="profile" name="profile" method="post" action=""><p><strong>User Name: <span class="blue">' . $_SESSION['user_name'] . '</span>&nbsp;&nbsp;(User ID = <span class="blue">' . $_SESSION['user_id'] . '</span>)</strong></p></td>
    		  </tr>
    		  <tr>
    		  <td width="350">'; if($row['user_sex']=='male') {
    			  echo '<input type="radio" name="user_sex" value="male" checked> ' . $lang['male'] . '&nbsp;&nbsp;&nbsp;';
    			  echo '<input type="radio" name="user_sex" value="female"> ' . $lang['female'] . '';
    		  }elseif ($row['user_sex']=='female') {
    			  echo '<input type="radio" name="user_sex" value="male"> ' . $lang['male'] . '&nbsp;&nbsp;&nbsp;';
    			  echo '<input type="radio" name="user_sex" value="female" checked> ' . $lang['female'] . '';
    		  }else{
    			  echo '<input type="radio" name="user_sex" value="male"> ' . $lang['male'] . '&nbsp;&nbsp;&nbsp;';
    			  echo '<input type="radio" name="user_sex" value="female"> ' . $lang['female'] . ''; }
    	echo '<br><br></td>
    		  <td><strong>' . $lang['sex'] . '</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_bday" type="text" value="'; if($row['user_bday'] > 0) {
    			  echo date('Y-m-d', strtotime($row['user_bday']));
    		  }else{
    			  echo ''; }
    	echo '" class="fields" size="40" maxlength="10"><br><br></td>
    		  <td><strong>' . $lang['birthday'] . '</strong> <small>(yyyy-mm-dd)</small><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_email" type="text" value="' . htmlentities($row['user_email'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
    		  <td><strong>' . $lang['email_adress'] . '</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350">'; if($row['user_showmail']=='1') {
    			  echo "<input type=\"radio\" name=\"user_showmail\" value=\"1\" checked> " . $lang['yes'] . "&nbsp;&nbsp;&nbsp;";
    			  echo "<input type=\"radio\" name=\"user_showmail\" value=\"0\"> " . $lang['no'] . "";
    		  }else{
    			  echo "<input type=\"radio\" name=\"user_showmail\" value=\"1\"> " . $lang['yes'] . "&nbsp;&nbsp;&nbsp;";
    			  echo "<input type=\"radio\" name=\"user_showmail\" value=\"0\" checked> " . $lang['no'] . ""; }
    	echo '<br><br></td>
    		  <td><strong>' . $lang['show_email_adress'] . '</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_homepage" type="text" value="' . htmlentities($row['user_homepage'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
    		  <td><strong>' . $lang['homepage'] . '</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_icq" type="text" value="' . htmlentities($row['user_icq'], ENT_QUOTES) . '" class="fields" size="40" maxlength="35"><br><br></td>
    		  <td><strong>ICQ</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_live" type="text" value="' . htmlentities($row['user_live'], ENT_QUOTES) . '" class="fields" size="40" maxlength="50"><br><br></td>
    		  <td><strong>Live Messenger</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_skype" type="text" value="' . htmlentities($row['user_skype'], ENT_QUOTES) . '" class="fields" size="40" maxlength="50"><br><br></td>
    		  <td><strong>Skype</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_facebook" type="text" value="' . htmlentities($row['user_facebook'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
    		  <td><strong>Facebook</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td width="350"><input name="user_twitter" type="text" value="' . htmlentities($row['user_twitter'], ENT_QUOTES) . '" class="fields" size="40" maxlength="70"><br><br></td>
    		  <td><strong>Twitter</strong><br><br></td>
    		  </tr>
    		  <tr>
    		  <td colspan="2"><strong>' . $lang['about_me'] . '</strong><br><textarea name="user_about" class="fields_text"  maxlength="500">' . htmlentities($row['user_about'], ENT_QUOTES) . '</textarea><br><small>(max. 500 ' . $lang['signs'] . ')</small><br><br></td>
    		  </tr>
    		  <td colspan="2"><strong>' . $lang['signature'] . '</strong><br><textarea name="user_signature" class="fields_text"  maxlength="100">' . htmlentities($row['user_signature'], ENT_QUOTES) . '</textarea><br><small>(max. 100 ' . $lang['signs'] . ')</small><br><br></td>
    		  <tr>
    		  <td colspan="2"><input type="submit" name="submit" class="button" value="' . $lang['change_profile'] . '"></form><br><br></td>
    		  </tr>';
		
		echo '</table>
		      </td></tr>';
		
		echo '<tr><td>
		      <table width="100%">
		      <tr><td>';
		
		echo '<h1>' . $lang['my_avatar'] . '</h1>';
		
		if(isset($_POST['submit']) AND $_POST['submit'] == "" . $lang['upload_avatar'] . "") {

		$errors = array();

			switch ($_FILES['pic']['error']){
			case 1: $errors[] = '<p class="false">' . $lang['avatar_not_bigger'] . '.</p>';
			break;
			case 2: $errors[] = '<p class="false">' . $lang['avatar_not_bigger'] . '.</p>';
			break;
			case 3: $errors[] = '<p class="false">' . $lang['avatar_partially_uploaded'] . '.</p>';
			break;
			case 4: $errors[] = '<p class="false">' . $lang['avatar_not_selected'] . '.</p>';
			break;
			default : break;
			}

		if(!@getimagesize($_FILES['pic']['tmp_name']))
			$errors[] = '<p class="false">' . $lang['avatar_invalid_typ'] . '.</p>';

			else{
			$erlaubte_typen = array('image/pjpeg',
                                        'image/jpeg',
                                        'image/gif',
                                        'image/png'
                                       );

		if(!in_array($_FILES['pic']['type'], $erlaubte_typen))
			$errors[] = '<p class="false">' . $lang['avatar_invalid_typ'] . '.</p>';
			$erlaubte_endungen = array('jpeg',
                                           'jpg',
                                           'gif',
                                           'png'
                                          );

			$endung = strtolower(substr($_FILES['pic']['name'],strrpos($_FILES['pic']['name'],'.')+1));

		if(!in_array($endung, $erlaubte_endungen))
			$errors[] = '<p class="false">' . $lang['avatar_allowed_typ'] . '.</p>';
			$size = getimagesize($_FILES['pic']['tmp_name']);

		if($size[0] > 100 OR $size[1] > 100)
			$errors[] = '<p class="false">' . $lang['avatar_max_size'] . '.</p>';
			}

		if($_FILES['pic']['size'] > 0.2*1024*1024)
			$errors[] = '<p class="false">' . $lang['avatar_not_bigger'] . '.</p>';

		if(count($errors)){
			echo '<p class="false">' . $lang['avatar_not_saved'] . '.</p>';

		foreach($errors as $error)
		echo $error;
		}

		else{

		$uploaddir = 'images/avatars/';
		$name = 'IMG_'.substr(microtime(),-8).'.'.$endung;

		if(move_uploaded_file($_FILES['pic']['tmp_name'], $uploaddir.$name)) {
		$sql = "UPDATE
					users
				SET
					user_avatar = '" . mysql_real_escape_string(trim($name)) . "'
				WHERE
					user_id = " . $_SESSION['user_id'];

		mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());

		echo '<p class="right">' . $lang['avatar_succ_saved'] . '</p>';
		echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
		}

			else{
			echo '<p class="false">' . $lang['avatar_not_saved'] . '.</p>';
			echo "<script type=\"text/javascript\">showErrorMessage();</script>";
			}

		}}

		elseif(isset($_POST['submit']) AND $_POST['submit'] == '' . $lang['delete_avatar'] . ''){

		$sql = "SELECT
					user_avatar
				FROM
					users
				WHERE
					user_id = " . (int)$_SESSION['user_id'];

		$result = mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());
		$row = mysql_fetch_assoc($result);

		unlink('images/avatars/'.$row['user_avatar']);

		$sql = "UPDATE
					users
				SET
					user_avatar = ''
				WHERE
					user_id = " . (int)$_SESSION['user_id'];

		mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());

		echo '<p class="right">' . $lang['avatar_succ_deleted'] . '</p>';
		echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
		}

		echo '<form name="avatar" action="" method="post" enctype="multipart/form-data" accept-charset="ISO-8859-1">';

		$sql = "SELECT
					user_avatar
				FROM
					users
				WHERE
					user_id = " . (int)$_SESSION['user_id'];

		$result = mysql_query($sql) OR die("<pre>" . $sql . "</pre>".mysql_error());
		$row = mysql_fetch_assoc($result);

		if($row['user_avatar'] == '')
		echo '<p class="false">' . $lang['avatar_not_available'] . '.</p>';

			else
			echo '<img src="images/avatars/' . htmlentities($row['user_avatar'], ENT_QUOTES) . '"><br><br>';

		if($row['user_avatar']=='') {
		echo '<input type="hidden" name="MAX_FILE_SIZE" class="fields" value="' . (0.02*1024*1024) . '">';
		echo '<input name="pic" class="fields" type="file"><br><br>';
		echo '<input type="submit" name="submit" class="button" value="' . $lang['upload_avatar'] . '">';

			}else{
			echo '<input type="submit" name="submit" class="button" value="' . $lang['delete_avatar'] . '">';
			echo '</form>';
			}
		
		echo '</td></tr>
		      </table>';
		
		echo '<tr><td><table width="100%">
		      <tr><td><br>';
		
		echo '<h1>' . $lang['manage_cookies'] . '</h1>';
		
		echo '<p><strong>' . $lang['about_cookies'] . '</strong></p>';
		
		if(isset($_POST['submit']) AND $_POST['submit']=='' . $lang['delete_cookies'] . '') {
		
        echo '<p class="right">' . $lang['unset_cookies'] . '!</p>';
    	}
    	
    	echo '<form id="cookies" name="cookies" method="post" action="">
              <input type="submit" name="submit" class="button" value="' . $lang['delete_cookies'] . ' "></form>';
		
		echo '<br><br></td></tr></table>
		      </td></tr>';
		
		echo '</td></tr>
		      </table>';
		      }
		
		echo '<div class="spacer_div">&nbsp;</div>';

		?>
    </div>
</div>

<div id="infobox_wrapper">
    <div class="infobox">
        <?php include('layout/infobox.php'); ?>
    </div>
</div>

<?php require('layout/footer.php'); ?>
Return current item: WH Community