Location: PHPKode > scripts > User Register Login Online script > users/class.LogareUser.php
<?php
// LogareUser class (that sets data for User's page) extended from LogareReg
class LogareUser extends LogareReg {
  private $usr;         // for username
  // constructor
  public function __construct($conn_datas, $imgup=array()) {
    // if $conn_datas is an array, and data via POST, or GET['usr'], sets 'conn_datas' property. Otherwise, error
    if(is_array($conn_datas) && (isset($_POST['submit']) || isset($_GET['usr']))) {
      // sets the properties
      $this->usr = $_REQUEST['usr'];
      $this->conn_datas = $conn_datas;
      $this->site = $_SERVER['SERVER_NAME'];
      $this->setConn();    // create the MySQL connection

      // if 'conn' is set
      if($this->conn!==false) {
        // if SESSIONs with user data, and POST['submit']: calls modfMailPass(), uploadImg(), addOptDat()
        if(isset($_SESSION['idusr']) && isset($_SESSION['nume']) && isset($_SESSION['parola']) && isset($_POST['submit'])) {
          $_POST = array_map("trim", $_POST);        // remove external whitespace
          if(isset($_POST['usradres']) && isset($_POST['usrbday'])) $this->result = $this->addOptDat($_POST);
          else if(isset($_FILES['usrimg'])) $this->result = $this->uploadImg($_FILES['usrimg'], $imgup);
          else if(isset($_POST['modf']) && $_POST['modf']==$_SESSION['nume'] && isset($_POST['pass'])) $this->result = $this->modfMailPass($_POST);
          else $this->eror = 'Error: Incomplete fields from form';
        }
      }
      else $this->eror = 'Error: Cannot connect to database';
    }
    else $this->eror = 'Error: Date incorrect data for object instance LogareUser';

    if($this->eror!==false) $this->result = $this->eror;        // if there is a error, adds it in the returned data
    echo $this->result;        // return / output the data stored in $result
  }

  // this method gets the user data from database
  public function getUser($user) {
    $nume = $this->conn->real_escape_string($this->usr);        // filter for SQL

    $sql = "SELECT `users`.`email`, `users`.`visits`, `usersdat`.`nume`, `usersdat`.`pronoun`, `usersdat`.`country`, `usersdat`.`city`, `usersdat`.`adres`, `usersdat`.`ym`, `usersdat`.`msn`, `usersdat`.`site`, `usersdat`.`img`, `usersdat`.`ocupation`, `usersdat`.`interes`, `usersdat`.`transmit`, DATE_FORMAT(`users`.`datereg`, '%M %D, %Y, %H:%i') AS datareg, DATE_FORMAT(`users`.`datevisit`, '%M %D, %Y, %H:%i') AS datvisit, DATE_FORMAT(`usersdat`.`bday`, '%M %D, %Y') AS bday FROM `users` LEFT JOIN `usersdat` ON `usersdat`.`id`=(SELECT `id` FROM `users` WHERE `nume`='$nume' LIMIT 1) WHERE `users`.`nume`='$nume' LIMIT 1";
    $result = $this->conn->query($sql);

    if($result->num_rows>0) {
      while ($rand = $result->fetch_assoc()) {
        $userdat['usrmail'] = $rand['email'];
        $userdat['visits'] = $rand['visits'];
        $userdat['usrnume'] = $rand['nume'];
        $userdat['usrpronoun'] = $rand['pronoun'];
        $userdat['country'] = $rand['country'];
        $userdat['city'] = $rand['city'];
        $userdat['adres'] = $rand['adres'];
        $userdat['usrym'] = $rand['ym'];
        $userdat['usrmsn'] = $rand['msn'];
        $userdat['usrsite'] = $rand['site'];
        $userdat['imgusr'] = $rand['img'];
        $userdat['ocupation'] = $rand['ocupation'];
        $userdat['interes'] = $rand['interes'];
        $userdat['transmit'] = $rand['transmit'];
        $userdat['datareg'] = $rand['datareg'];
        $userdat['datvisit'] = $rand['datvisit'];
        $userdat['bday'] = $rand['bday'];
      }
      $userdat = array_map("stripslashes", $userdat);        // remove slashes added to the filtration
    }
    else $userdat = array();
    $this->conn->close();

    return $userdat;
  }

  // this method Update the User data
  private function modfMailPass($ar_post) {
    $ar_post = array_map("strip_tags", $ar_post);       // remove tags

    // if there are data from 'email', 'pass', 'passnew'
    if(isset($ar_post['email']) && isset($ar_post['pass']) && isset($ar_post['passnew'])) {
      // check password length and email address
      if(strlen($ar_post['passnew'])<7 || strlen($ar_post['passnew'])>18) {
        $this->eror = 'Error: The password must contains between 7 and 18 characters<br /> Without: <b>= , ` \' & % $ # = ^ * + "</b>';
      }
      if(!preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $ar_post['email'])) {
        $this->eror = 'Error: Incorrect email adress';
      }

      // if no errors, continue to filter and update data
      if($this->eror===false) {
        // filter with real_escape_string(), and encript the password
        $pass = $this->conn->real_escape_string($ar_post['passnew']);
        $nume = $this->conn->real_escape_string($_SESSION['nume']);
        $parola = md5($pass);

        // check if the current password is the same as in $_SESSION['parola']
        if($_SESSION['parola']==md5($ar_post['pass'])) {
          // Select to check if there is already the updated e-mail addres to another user
          $sql = "SELECT `email` FROM `users` WHERE `nume`!='$nume' AND `email`='". $ar_post['email']. "'";
          $result = $this->conn->query($sql);

          // if the result contains at least one row, means that email is already used by other user
          if($result->num_rows>0) $re = 'Error: The e-mail '.$ar_post['email'].' is already used by other user';
          else {
            // Otherwise, perform the update and sets the new password in session
            $sql = "UPDATE `users` SET `parola`='$parola', `pass`='$pass', `email`='". $ar_post['email']. "' WHERE `nume`='$nume' AND `parola`='". $_SESSION['parola']."'";

            if (!$this->conn->query($sql)) $re = 'Error Update: '. $this->conn->error;       // message if error on update
            else {
              $_SESSION['parola'] = $parola;
              $re = 'Your data was successfully updated.';
              // sends an message to user's e-mail with the new data
              $subiect = 'Registration data updated';
              $mesaj = "            Hy,<br /><br />
              Your new registration data on the website ". $this->site. " :<br /><br />
        Name = ". $_SESSION['nume']. " <br />
        Password = $pass <br />
        E-mail = ".$ar_post['email']." <br /><br /><br /><br />
  <i>Respectfully,<br /> Admin</i><br /><center>";
              if($this->sendMail($ar_post['email'], $this->from, $this->site, $subiect, $mesaj)) $re .= "\n An email with your new data is sent to: ".$ar_post['email'];
            }
          }
        }
        else $re = 'Error: Incorrect current password';
      }
      else $re = $this->eror;
    }
    else $re = 'Error: Accessing modfMP with incorrect data';
    $this->conn->close();

    return $re;
  }

  // add user optional data (address, birthday ...) in "usersdat" table
  private function addOptDat($ar_post) {
    $usrtransmit = strip_tags($ar_post['usrtransmit'], '<b><i><u><p><ol><ul><li><a><blockquote>');     // store this item to keep some tas
    $ar_post = array_map("strip_tags", $ar_post);       // remove tags

    // filter with real_escape_string()
    $nume = $this->conn->real_escape_string($ar_post['usrnume']);
    $pronoun = $this->conn->real_escape_string($ar_post['usrpronoun']);
    $country = $this->conn->real_escape_string($ar_post['usrcountry']);
    $city = $this->conn->real_escape_string($ar_post['usrcity']);
    $adres = $this->conn->real_escape_string($ar_post['usradres']);
    $ym = $this->conn->real_escape_string($ar_post['usrym']);
    $msn = $this->conn->real_escape_string($ar_post['usrmsn']);
    $site = $this->conn->real_escape_string($ar_post['usrsite']);
    $ocupation = $this->conn->real_escape_string($ar_post['usrocupation']);
    $interes = $this->conn->real_escape_string($ar_post['usrinteres']);
    $transmit = $this->conn->real_escape_string($usrtransmit);
    $id = $_SESSION['idusr'];
    $bday = intval($ar_post['usrbyear']).'-'.intval($ar_post['usrbmonth']).'-'.intval($ar_post['usrbday']);    // an-luna-zi

    // adds data in "usersdat", or Update if there is already a row for this user
    $sql = "INSERT INTO `usersdat` (`id`, `nume`, `pronoun`, `country`, `city`, `adres`, `bday`, `ym`, `msn`, `site`, `ocupation`, `interes`, `transmit`) VALUES ($id, '$nume', '$pronoun', '$country', '$city', '$adres', '$bday', '$ym', '$msn', '$site', '$ocupation', '$interes', '$transmit') ON DUPLICATE KEY UPDATE `nume`='$nume', `pronoun`='$pronoun', `country`='$country', `city`='$city', `adres`='$adres', `bday`='$bday', `ym`='$ym', `msn`='$msn', `site`='$site', `ocupation`='$ocupation', `interes`='$interes', `transmit`='$transmit'";
    if($this->conn->query($sql)) return 'Your data were successfully registered';
    else $this->eror = 'Error: Your optional data could not be saved: '. $this->conn->error;
  }

  // this method Upload the image, save in database its name and path, and return it
  private function uploadImg($ar_fileimg, $imgup) {
    // gets file extension
	  $splitimg = explode('.', strtolower($ar_fileimg['name']));
    $ext = end($splitimg);
    $fileimg = strtolower($imgup['dir']. $_SESSION['nume']. '.'.$ext);          // define image name and path for upload

    list($width, $height) = getimagesize($ar_fileimg['tmp_name']);     // gets image width and height

    // If the file has the extension allowed
    if(in_array($ext, $imgup['allowext'])) {
	    // Check if the file has allowed size
	    if ($ar_fileimg['size']<=$imgup['maxsize']*1000) {
        // check image width and height
        if ($width<=$imgup['width'] && $height<=$imgup['height']) {
          // if the upload is performed
          if(move_uploaded_file($ar_fileimg['tmp_name'], '../'.$fileimg)) {
            // add file path in "usersdat", or update if there is already a record
            $sql = "INSERT INTO `usersdat` (`id`, `img`) VALUES (".$_SESSION['idusr'].", '$fileimg') ON DUPLICATE KEY UPDATE `img`='$fileimg'";
            if($this->conn->query($sql)) $re = $fileimg;
            else $re = 'Error: The image path could not be added: '. $this->conn->error;
          }
          else $re = 'Error: on image Upload';
        }
        else $re = 'Error: image width and height must be maximum '. $imgup['width'].'x'.$imgup['height'];
	    }
	    else $re = 'Error: The file '. $ar_fileimg['name']. ' exceeds the allowed size';
    }
	  else $re = 'Error: The file '. $ar_fileimg['name']. ' has not an allowed extension type';

    // returns the result in a call of a JavaScript function
    return '<body onload="parent.uplImg(\''.$re.'\')">'.$re.'</body>';
  }
}
?>
Return current item: User Register Login Online script