1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
|
if(!$action) eval("\$tpl->output(\"".$tpl->get("usercp")."\");");
if($action=="profile_edit") {
if(isset($_POST['send'])) {
if(is_array($_POST['field'])) $field=trim_array($_POST['field']);
if(isset($_POST['r_email'])) $r_email = trim($_POST['r_email']);
if(isset($_POST['r_homepage'])) $r_homepage = trim($_POST['r_homepage']);
if(isset($_POST['r_icq'])) $r_icq = trim($_POST['r_icq']);
if(isset($_POST['r_aim'])) $r_aim = trim($_POST['r_aim']);
if(isset($_POST['r_yim'])) $r_yim = trim($_POST['r_yim']);
if(isset($_POST['r_msn'])) $r_msn = trim($_POST['r_msn']);
if(isset($_POST['r_day'])) $r_day = trim($_POST['r_day']);
if(isset($_POST['r_month'])) $r_month = trim($_POST['r_month']);
if(isset($_POST['r_year'])) $r_year = trim($_POST['r_year']);
if(isset($_POST['r_gender'])) $r_gender = trim($_POST['r_gender']);
if(isset($_POST['r_usertext'])) $r_usertext = trim($_POST['r_usertext']);
$error="";
$userfield_error=0;
$fieldvalues="";
$result = $db->query("SELECT profilefieldid, required FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while($row=$db->fetch_array($result)) {
if($row['required']==1 && !$field[$row['profilefieldid']]) {
$userfield_error=1;
break;
}
if($fieldvalues) $fieldvalues.=", field$row[profilefieldid] = '".addslashes(htmlspecialchars($field[$row['profilefieldid']]))."'";
else $fieldvalues="field$row[profilefieldid] = '".addslashes(htmlspecialchars($field[$row['profilefieldid']]))."'";
}
if($userfield_error==1 || !$r_email) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if($r_email != $wbbuserdata['email'] && !verify_email($r_email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if(strlen($r_usertext)>$wbbuserdata['maxusertextlength']) eval ("\$error .= \"".$tpl->get("register_error7")."\";");
if($error) eval ("\$usercp_error .= \"".$tpl->get("usercp_error")."\";");
else {
if($r_homepage && !preg_match("/[a-zA-Z]:\/\//si", $r_homepage)) $r_homepage = "http://".$r_homepage;
if($r_day && $r_month) $birthday=ifelse(strlen($r_year)==4,$r_year,ifelse(strlen($r_year)==2,"19$r_year","0000"))."-".ifelse($r_month<10,"0$r_month",$r_month)."-".ifelse($r_day<10,"0$r_day",$r_day);
else $birthday = "0000-00-00";
list($rankid)=$db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN ('0','$wbbuserdata[groupid]') AND needposts<='$wbbuserdata[userposts]' AND gender IN ('0','".intval($r_gender)."') ORDER BY needposts DESC, gender DESC",1);
$db->query("UPDATE bb".$n."_users SET email='".addslashes(htmlspecialchars($r_email))."', usertext='".addslashes(htmlspecialchars($r_usertext))."', icq='".intval($r_icq)."', aim='".addslashes(htmlspecialchars($r_aim))."', yim='".addslashes(htmlspecialchars($r_yim))."', msn='".addslashes(htmlspecialchars($r_msn))."', homepage='".addslashes(htmlspecialchars($r_homepage))."', birthday='".addslashes(htmlspecialchars($birthday))."', gender='".intval($r_gender)."'".ifelse($rankid!=$wbbuserdata['rankid'],", rankid='$rankid'","")." WHERE userid = '$wbbuserdata[userid]'");
if($fieldvalues) $db->query("UPDATE bb".$n."_userfields SET $fieldvalues WHERE userid = '$wbbuserdata[userid]'");
if($r_email != $wbbuserdata['email'] && $emailverifymode!=0) {
if($emailverifymode==3) {
$r_password=password_generate();
$db->query("UPDATE bb".$n."_users SET password='".md5($r_password)."' WHERE userid = '$wbbuserdata[userid]'");
$db->query("UPDATE bb".$n."_sessions SET userid=0 WHERE hash='$sid'");
eval ("\$subject = \"".$tpl->get("ms_emailchange3")."\";");
eval ("\$content = \"".$tpl->get("mt_emailchange3")."\";");
mailer($r_email,$subject,$content);
eval("redirect(\"".$tpl->get("redirect_emailchange3")."\",\"index.php?sid=$session[hash]\",20);");
}
if($emailverifymode==1 || $emailverifymode==2) {
$activation=code_generate();
$db->query("UPDATE bb".$n."_users SET activation='$activation' WHERE userid = '$wbbuserdata[userid]'");
if($emailverifymode==1) {
eval ("\$subject = \"".$tpl->get("ms_emailchange1")."\";");
eval ("\$content = \"".$tpl->get("mt_emailchange1")."\";");
mailer($r_email,$subject,$content);
eval("redirect(\"".$tpl->get("redirect_emailchange1")."\",\"index.php?sid=$session[hash]\",20);");
}
else eval("redirect(\"".$tpl->get("redirect_emailchange2")."\",\"index.php?sid=$session[hash]\",20);");
}
exit();
}
else {
header("Location: usercp.php?action=profile_edit&sid=$session[hash]");
exit();
}
}
}
else {
$r_email = $wbbuserdata['email'];
$r_homepage = $wbbuserdata['homepage'];
$r_icq = $wbbuserdata['icq'];
$r_aim = $wbbuserdata['aim'];
$r_yim = $wbbuserdata['yim'];
$r_msn = $wbbuserdata['msn'];
$birthday=explode("-",$wbbuserdata['birthday']);
$r_day = $birthday[2];
$r_month = $birthday[1];
$r_year = ifelse($birthday[0],$birthday[0],"");
$r_gender = $wbbuserdata['gender'];
$r_usertext = $wbbuserdata['usertext'];
$userfields = $db->query_first("SELECT * FROM bb".$n."_userfields WHERE userid='$wbbuserdata[userid]'");
}
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$r_day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$r_month);
if(isset($r_gender)) $gender[$r_gender]=" selected";
$z=0;
$y=1;
$result=$db->query("SELECT * FROM bb".$n."_profilefields ORDER BY fieldorder ASC");
while($row=$db->fetch_array($result)) {
if(isset($_POST['send'])) $field_value=$field[$row['profilefieldid']];
else $field_value=$userfields["field".$row['profilefieldid']];
if($row['required']==1) {
$tdbgcolor=getone($y,"{tablecolora}","{tablecolorb}");
$tdid=getone($y,"tablea","tableb");
eval ("\$profilefields_required .= \"".$tpl->get("register_userfield")."\";");
$y++;
}
else {
$tdbgcolor=getone($z,"{tablecolora}","{tablecolorb}");
$tdid=getone($z,"tablea","tableb");
eval ("\$profilefields .= \"".$tpl->get("register_userfield")."\";");
$z++;
}
}
if(!$r_icq) $r_icq="";
if($r_year=="0000") $r_year="";
eval("\$tpl->output(\"".$tpl->get("usercp_profile_edit")."\");");
} |