Viewing file: profiles.php (12.26 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?
require('ax5.inc');
/* <font color="#feffd2">
Table "profiles" Attribute | Type | Modifier ---------------+------+---------- name | text | not null realname | text | location | text | compete_style | text | gym_attend | text | height | text | weight | text | age | text | gender | text | about | text | email | text | url | text | Index: profiles_pkey
*/
function display_load_form($profile="") { ?> <form method="post"> <table cellpadding="0" cellspacing="0"> <tr> <td class="col1">Name:</td> <td class="col2"> <input type="text" name="name" size="30" value="<? echo htmlspecialchars($profile[name]) ?>" /> <input type="submit" name="action" value="Create/load profile" /> </td> </tr> </table> </form> <? }
function textfield($label,$arrayname,$tag,$array) { return '<tr><td class="col1">'.$label.'</td><td class="col2"><input type="text" size="40" name="'.$arrayname.'['.$tag.']" size="40" value="'.htmlspecialchars($array[$tag]).'" /></td>'; }
function display_profile_form($profile) { ?> <form method="post" action="./profiles" enctype="multipart/form-data"> <table id="profileDisplay" cellpadding="0" cellspacing="0"> <tr> <td class="col1">AX name:</td> <td class="col2"> <input type="hidden" name="profile[name]" value="<? echo htmlspecialchars($profile[name]) ?>" /> <span id="userName"><? echo htmlspecialchars($profile[name]) ?></span> [ <a href="./profiles?action=display&name=<? echo urlencode($profile[name]) ?>">View your profile</a> ] <input type="submit" name="action" value="Change user" /> <?php echo textfield('Real name:','profile','realname',$profile); echo textfield('Email address:','profile','email',$profile); echo textfield('Webpage URL:','profile','url',$profile); echo textfield('Where do you live (include country please)?:','profile','location',$profile); echo textfield('What do you train/compete in?:','profile','compete_style',$profile); echo textfield('If you attend a gym, what gym do you attend?:','profile','gym_attend',$profile); echo textfield('Height:','profile','height',$profile); echo textfield('Weight:','profile','weight',$profile); echo textfield('Age:','profile','age',$profile); echo textfield('Gender:','profile','gender',$profile); ?> <tr> <td class="col1"> Attach image: </td> <td class="col2"> <input type="file" name="userfile" /> </td> </tr> <tr> <td class="col1"> Tell us about yourself: </td> <td class="col2"> <textarea name="profile[about]"><? print $profile[about] ?></textarea> </td> <tr> <td class="col1"> Password: </td> <td class="col2"> <input type="password" name="profile[password]" size="10" value="<? echo htmlspecialchars($profile[password]) ?>" /> <input type="submit" name="action" value="Save Profile" /> </td> </tr> </table> </form>
<? } /* <!-- CSS Switcher --> <table style="margin-left: 325px;"> <tr><td> <br><br> Select the Ax view style: <form action="switcher.php" method="post"> <select name="set"> <option value="ax.css" selected>New Style</option> <option value="ax_alt.css">Original</option> </select> <input type="submit" value="Change Style"> </form> <!-- CSS Switcher --> */ function display_profile($profile) { global $HTTP_COOKIE_VARS; ?>
<table id="profileDisplay" cellpadding="0" cellspacing="0"> <tr> <td class="col1"> AX name: </td> <td class="col2"> <form method="post" action="./profiles"> <span class="userName"><? echo htmlspecialchars($profile[name]) ?></span> <? if ($profile["name"]==$HTTP_COOKIE_VARS["name"]) { echo " <input type=\"submit\" name=\"action\" value=\"Edit profile\" />"; } ?> </form> </td> <td class="col3" rowspan="11">
<div id="adProfiles">
<script type="text/javascript"><!-- google_ad_client = "ca-pub-3898637806969579"; /* Ax Profiles Large Rectangle */ google_ad_slot = "1064820955"; google_ad_width = 336; google_ad_height = 280; //--> </script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
</div> </td> </tr> <? if ($profile['messages_posted']) { ?> <tr> <td class="col1"> Number of posts: </td> <td class="col2"> <? echo htmlspecialchars($profile[messages_posted]) ?> </td> </tr> <? }; ?> <tr> <td class="col1"> Real name: </td> <td class="col2"> <? echo htmlspecialchars($profile[realname]) ?> </td> </tr> <tr> <td class="col1"> Email address: </td> <td class="col2"> <a href="mailto:<? echo htmlspecialchars($profile[email]) ?>"><? echo htmlspecialchars($profile[email]) ?></a> </td> </tr> <tr> <td class="col1"> Webpage URL: </td> <td class="col2"> <a href="<? echo htmlspecialchars(((strpos($profile['url'],'://')===FALSE)?'http://':'').trim($profile[url]))?>" rel="nofollw" target="_blank"><? echo htmlspecialchars($profile[url]) ?></a> </td> </tr> <tr> <td class="col1"> Where do you live?: </td> <td class="col2"> <? echo htmlspecialchars($profile[location]) ?> </td> </tr> <tr> <td class="col1"> What do you train/compete in?: </td> <td class="col2"> <? echo htmlspecialchars($profile[compete_style]) ?> </td> </tr> <tr> <td class="col1"> If you attend a gym, what gym do you attend?: </td> <td class="col2"> <? echo htmlspecialchars($profile[gym_attend]) ?> </td> </tr> <tr> <td class="col1"> Height: </td> <td class="col2"> <? echo htmlspecialchars($profile[height]) ?> </td> </tr> <tr> <td class="col1"> Weight: </td> <td class="col2"> <? echo htmlspecialchars($profile[weight]) ?> </td> </tr> <tr> <td class="col1"> Age: </td> <td class="col2"> <? echo htmlspecialchars($profile[age]) ?> </td> </tr> <tr> <td class="col1"> Gender: </td> <td class="col2"> <? echo htmlspecialchars($profile[gender]) ?> </td> </tr> <tr> <td class="col1"> Tell us about yourself: </td> <td class="col2" colspan="2"> <? print nl2br($profile[about]) ?> </td> </tr> </table>
<? }
function retrieve_profile_data($name) // try to retrieve profile data based on user name { global $conn;
$result=pg_exec($conn,"select * from profiles where name='".addslashes($name)."';"); if ($result) { if (pg_numrows($result)==0) { $profile[name]=$name; } else { $profile=pg_fetch_array($result,0); $messages_result=pg_query($conn,"select messages_posted from users where name='".pg_escape_string($name)."';"); //echo pg_last_error(); if (pg_num_rows($messages_result)) { $profile['messages_posted']=pg_result($messages_result,0,0); } else { $profile['messages_posted']=''; } } return $profile; } return false; }
function update_profile_data($profile) { global $conn;
$fields=array("name","realname","location","compete_style","gym_attend","height","weight","age","gender","about","email","url"); $names="(".implode(",",$fields).")"; unset($value); while (list($key,$val) = each($fields)) { $value[]=addslashes($profile[$val]); } $values="('".implode("','",$value)."')";
pg_exec($conn,"begin;"); pg_exec($conn,"delete from profiles where name='".addslashes($profile[name])."';"); pg_exec($conn,"insert into profiles ".$names." values ".$values.";"); pg_exec($conn,"commit;"); pg_exec($conn,"end;"); }
// main
$conn=pg_connect("","","","","ax");
switch ($action) { case "display": $profile=retrieve_profile_data($HTTP_GET_VARS[name]); if (isset($profile[realname])) { disp_preamble("Profiles",$HTTP_GET_VARS[name]); display_profile($profile); } else { disp_preamble("Profiles",$HTTP_GET_VARS[name]." - not found"); if ($HTTP_GET_VARS[name]==$HTTP_COOKIE_VARS[name]) { echo "<p align=center>You haven't created a profile yet.</p>"; } else { echo "<p align=center>This user hasn't created a profile yet.</p>"; } } disp_tail(); break;
case "browse": disp_preamble("Profiles","Browsing Ax Profiles"); $result=pg_exec($conn,"select name, about from profiles order by lower(name);"); $rows=pg_numrows($result); echo "<div id=\"browseProfiles\">\n"; echo "<h2>The following ".$rows." people have entered information about themselves:</h2>"; echo "<ul>\n"; for($row=0;$row<$rows;$row++) { $obj=pg_fetch_array($result,$row); // $about=$result[about]; $name=$obj[name]; if (substr_count(strtolower($obj[about]), "<img")>0) { echo "<li><a href=\"profiles?action=display&name=".urlencode($name)."\">".$name."</a><font color=#99999> - With Photo</font>\n"; } else { echo "<li><a href=\"profiles?action=display&name=".urlencode($name)."\">".$name."</a>\n"; } } echo "</ul>\n"; echo "</div>\n"; disp_tail(); break;
case "Create/load profile": disp_preamble("Profiles",$HTTP_POST_VARS["name"]); $profile=retrieve_profile_data($HTTP_POST_VARS[name]); if ($HTTP_POST_VARS[name]==$HTTP_COOKIE_VARS[name]) $profile[password]=$HTTP_COOKIE_VARS[password]; display_profile_form($profile); disp_tail(); break;
case "Save Profile": $profile=$HTTP_POST_VARS["profile"];
$result=pg_query("select userid, name, password from users where name='".addslashes($profile[name])."' and password='".addslashes($profile[password])."';"); if (pg_numrows($result)==1) { disp_preamble("Profiles","Profile update successful"); if ($_FILES['userfile'] && $_FILES['userfile']['tmp_name']!="none" && $_FILES['userfile']['name']!="" ) { // posting image
//$basedir="images/user_uploaded/"; //$namepart=strtr($profile['name'],"/","-"); $row = pg_fetch_row($result); $user_id = (string) $row[0]; $full_base_path="/www/message.axkickboxing.com/public_html/"; $basedir="user_images/"; $mydir=$full_base_path.$basedir.$user_id; $myumask=umask(2); @ mkdir($mydir,02775); @ chgrp($mydir,'www-data');
$filename = $HTTP_POST_FILES['userfile']['name']; $file_info = pathinfo($filename); $extension = $file_info['extension']; $file_basename = basename($filename, '.'.$extension);
$counter = 0; while (file_exists($mydir."/".$filename)) { $counter++; $filename = $file_basename."_".(string) $counter.".".$extension; /*if ($counter == 10) { echo "Filename:".$filename."\n"; echo "File upload failed. Quitting execution"; exit; }*/ } $full_file_path = $mydir."/".$filename; if (copy($HTTP_POST_FILES['userfile']['tmp_name'],$full_file_path)) { @ chmod($full_file_path,0664); @ chgrp($full_file_path,'ax'); $link="http://message.axkickboxing.com/".$basedir.rawurlencode($user_id)."/".rawurlencode($filename); $profile['about'].="\n".'<br /><img src="'.$link.'" />'."\n"; //$_POST['text']= $_POST['text']."\n<img src=\"".$link."\" /><br />"; }; umask($myumask); }; update_profile_data($profile); pg_exec("insert into authattempt (name,password,result,date,ipaddr) values ('".addslashes($name)."','".addslashes($password)."','OK',now(),'".addslashes($REMOTE_ADDR)."');"); echo "<p align=center>The information you entered is hopefully in the database now.</p>"; $profile=retrieve_profile_data($profile[name]); $profile[password]=$HTTP_COOKIE_VARS[password]; display_profile_form($profile); disp_tail(); } else { disp_preamble("Profiles","Profile update failed"); echo "<p align=center>We could not find your user account. Please check your name and password.</p>"; pg_exec("insert into authattempt (name,password,result,date,ipaddr) values ('".addslashes($name)."','".addslashes($password)."','failed',now(),'".addslashes($REMOTE_ADDR)."');"); display_profile_form($profile); disp_tail(); } break;
case "Change user": disp_preamble("Profiles",""); display_load_form(); disp_tail(); break;
case "Edit Profile":
default: if (isset($HTTP_COOKIE_VARS["name"])) { disp_preamble("Profiles",$HTTP_COOKIE_VARS["name"]); $profile=retrieve_profile_data($HTTP_COOKIE_VARS["name"]); //if (!isset($profile[realname])) $profile[realname]=$HTTP_COOKIE_VARS[name]; if ($profile[email]=="") $profile[email]=$HTTP_COOKIE_VARS[email]; if ($profile[url]=="") $profile[url]=$HTTP_COOKIE_VARS[url]; $profile[password]=$HTTP_COOKIE_VARS[password]; display_profile_form($profile); disp_tail(); } else { disp_preamble("Profiles",""); display_load_form(); disp_tail(); } }
?>
|