Viewing file:  profiles.inc (10.61 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<!-- This file was created from users.inc on 2006.03.19 BR -->
<?php
function disp_table($conn, $table)
{
global $PHP_SELF, $HTTP_GET_VARS;
$query = "select ";
switch ($HTTP_GET_VARS[mode]) {
case 5:
$query.= "* from profiles where name~* '". addslashes(trim($HTTP_GET_VARS[searchprofile])) ."' order by name";
break;
case 4:
$query.= "profiles.gender, users.* FROM users, profiles WHERE (lower(profiles.gender) CONTAINS 'f') or (lower(profiles.gender) CONTAINS 'w') ORDER BY registered, enabled, name";
break;
case 3:
$query.= "users.* FROM users, profiles WHERE users.name = profiles.name ORDER BY registered, enabled, name";
break;
case 2:
$query.= "profiles.* FROM profiles, users WHERE not(profiles.name = users.name) ORDER BY name";
break;
case 1:
$query.= "* FROM profiles ORDER BY name";
break;
default:
$query.= "* FROM profiles ORDER BY name";
break;
};
$result = pg_Exec($conn, $query.";");
$rows=pg_numrows($result);
echo "<div id=\"queryView\"><b>SQL:</b> ".$query."</div>\n";
echo "<div id=\"queryDetails\"><b>Results:</b> ".$rows." row(s)</div>\n";
echo "<form method=\"post\">\n";
echo " <div id=\"userActions\">\n";
echo " <input id=\"newButton\" type=\"submit\" name=\"action\" value=\"new\" />\n";
echo " <input id=\"editButton\" type=\"submit\" name=\"action\" value=\"edit\" />\n";
echo " <input id=\"deleteButton\" type=\"submit\" name=\"action\" value=\"delete\" />\n";
echo " </div>\n";
echo " <table id=\"profileTable\" cellspacing=\"0\" cellpadding=\"0\">\n";
echo " <tr>\n";
echo " <th>Select</th>\n";
echo " <th>Links</th>\n";
for($field=0;$field<pg_numfields($result);$field++) {
$fieldname=pg_fieldname($result,$field);
echo " <th>".$fieldname."</th>\n";
}
echo " </tr>\n";
for($row=0;$row<$rows;$row++) {
$obj=pg_Fetch_Row($result,$row);
echo " <tr";
if ($obj[5]=='f') {
echo " class=\"notRegistered\" ";
} elseif ($obj[6]=='f') {
echo " class=\"notEnabled\" ";
}
echo ">\n";
echo " <td class=\"col1\">\n";
echo " <input type=\"checkbox\" name=\"name[]\" value=\"".htmlspecialchars($obj[1])."\" />\n";
echo " </td>\n";
echo " <td class=\"col2\">\n";
echo " <a href=\"users?mode=5&searchname=".htmlspecialchars(urlencode($obj[1]))."\">User account</a>";
echo " </td>\n";
foreach($obj as $key=>$val) $obj[$key]=nl2br(htmlspecialchars($val));
foreach($obj as $key=>$val) {
echo " <td class=\"col".($key+3)."\">\n";
if ($key == 8) {
echo " ".substr($obj[$key],0,16)."\n";
} else {
echo " ".$obj[$key]."\n";
}
echo " </td>\n";
}
echo " </tr>\n";
}
/*
echo '<FORM method=post>';
echo "\n<TR>";
for($field=0;$field<pg_numfields($result);$field++) {
$fieldname=pg_fieldname($result,$field);
echo "<TD><input type=text name=\"",$fieldname,"\" value=\"",$HTTP_POST_VARS[$fieldname],"\">\n";
}
*/
echo("</TABLE>");
echo("</FORM>");
}
function edit_dialog($result,$name) {
$obj=pg_fetch_row($result,0);
echo "<form method=post>\n";
echo "<input type=hidden name=name[] value=\"".htmlspecialchars(current($name))."\">\n";
echo "<table border cellpadding=0 cellspacing=0>\n";
for($field=0;$field<pg_numfields($result);$field++) {
echo "<tr><th align=right>".pg_fieldname($result,$field).":";
echo "<td>";
if (strchr($obj[$field],"\n") || strchr($obj[$field],"\r") || pg_fieldname($result,$field)=='about') {
echo "<textarea name=\"fields[".pg_fieldname($result,$field)."]\" rows=10 cols=80>\n";
echo htmlentities($obj[$field]);
echo "</textarea>";
} else {
echo "<input type=text size=".strlen($obj[$field])." name=\"fields[".pg_fieldname($result,$field)."]\"";
echo " value=\"".htmlentities($obj[$field])."\">";
}
echo "</tr>\n";
}
echo "<tr><td><th><input type=submit name=action value=update> <input type=submit name=action value=cancel>";
echo "</table>\n";
echo "</form>\n";
}
function new_dialog($result) {
echo "<form method=post>\n";
echo "<table border>\n";
for($field=0;$field<pg_numfields($result);$field++) {
echo "<tr><th align=right>".pg_fieldname($result,$field).":";
echo "<td><input type=text size=40 name=\"fields[".pg_fieldname($result,$field)."]\"></tr>\n";
}
echo "<tr><td><th><input type=submit name=action value=insert> <input type=submit name=action value=cancel>";
echo "</table>\n";
echo "</form>\n";
}
function email_url_change($conn)
{
global $HTTP_POST_VARS;
$result=pg_exec($conn,"select * from users;");
$rows=pg_numrows($result);
for ($row=0;$row<$rows;$row++) {
$obj=pg_fetch_array($result,$row);
mail($obj[email],"AX is moving!","Welcome ".$obj['name'].",\n\nWe are glad to announce, that we have our own domain now! This means, that you probably were not able to reach the board in the last couple of days. We apologize for that. Here is the new internet address you can reach us at:\n\nhttp://www.axkickboxing.com/\nThere isn't much content there for now, but that should change in the near future. Our message board has also moved to a new address: http://message.axkickboxing.com/ - hopefully that will be easier to remember than the previous address. However, the address change also means that the cookies with your settings on the old message board (your name, password and time zone) became invalid, and you will have to reenter that information on the new board. We apologize for any inconvenience this might cause, and send this email with your account info to you to help reenter your name and password.\n\nShould you have any questions or problems, please email us at our regular address axcontact@yahoo.com.\n\nWe apologize once again.\n\nRegards,\nBrian & Andras\nfrom the AX Team\n\nPS: Here is your account information as a reminder.\n\nYour login name is: '".$obj['name']."'\nBe careful to type it exactly as it appears between the quotes when posting to allow the board to recognize you.\nYour password for the ax message board is: ".$obj[password]."\nYour registration is ".($obj[registered]=='t'?"":"not ")."approved.\nYour account is currently ".($obj[enabled]=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://message.axkickboxing.com/\n\nThank you,\nThe AX Team","From: server@axkickboxing.com\nReply-To: axcontact@yahoo.com");
}
}
function email_account_status($conn)
{
global $HTTP_POST_VARS;
$result=pg_exec($conn,"select * from users where name in ('".join("', '",array_map('addslashes',$HTTP_POST_VARS['name']))."');");
$rows=pg_numrows($result);
for ($row=0;$row<$rows;$row++) {
$obj=pg_fetch_array($result,$row);
// mail($obj[email],"Your account on the AX discussion board","Welcome ".$obj['name'].",\n\nYour login name is: '".$obj['name']."'\nBe careful to type it exactly as it appears between the quotes when posting to allow the board to recognize you.\nYour password for the AX message board is: ".$obj[password]."\nYour registration has ".($obj[registered]=='t'?"":"not yet ")."been approved.\nYour account is currently ".($obj[enabled]=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://message.axkickboxing.com/\n\nThank you,\nThe AX Team","From: server@axkickboxing.com\nReply-To: axcontact@yahoo.com");
mail($obj[email],"Your account on the AX discussion board","Welcome ".$obj['name'].",\n\nYour login name is: '".$obj['name']."'\nBe careful to type it exactly as it appears between the quotes (but don't type the quotes themselves) when posting to allow the board to recognize you.\nYour password for the AX message board is: ".$obj[password]."\nYour registration has ".($obj[registered]=='t'?"":"not yet ")."been approved.\nYour account is currently ".($obj[enabled]=='t'?"enabled":"disabled").".\n\nYou can reach the board at http://message.axkickboxing.com/\n\n".($obj[registered]=='t'?"We suggest to begin with filling out your profile at http://message.axkickboxing.com/profiles if you want others to be able to learn more about you.\n\n":"")."Thank you,\nThe AX Team","From: server@axkickboxing.com\nReply-To: support@axkickboxing.com");
}
}
function handle_table($conn,$table) {
global $HTTP_POST_VARS;
if (isset($HTTP_POST_VARS[action])) {
if ($p=strpos($HTTP_POST_VARS[action]," ")) {
$HTTP_POST_VARS['name'][]=substr($HTTP_POST_VARS[action],$p+1);
$HTTP_POST_VARS[action]=substr($HTTP_POST_VARS[action],0,$p);
}
switch ($HTTP_POST_VARS[action]) {
case "delete":
if(pg_exec($conn,"delete from ".$table." where name in ('".join("', '",array_map('addslashes',$HTTP_POST_VARS['name']))."');"))
disp_table($conn,$table);
break;
case "enable":
if(pg_exec($conn,"update ".$table." set enabled='t' where name in ('".join("', '",array_map('addslashes',$HTTP_POST_VARS['name']))."');")) {
email_account_status($conn);
disp_table($conn,$table);
}
break;
case "disable":
if(pg_exec($conn,"update ".$table." set enabled='f' where name in ('".join("', '",array_map('addslashes',$HTTP_POST_VARS['name']))."');")) {
email_account_status($conn);
disp_table($conn,$table);
}
break;
case "edit":
if ($result=pg_exec($conn,"select * from ".$table." where name='".addslashes(current($HTTP_POST_VARS['name']))."';"))
edit_dialog($result,$HTTP_POST_VARS['name']);
break;
case "new":
$result=pg_exec($conn,"select * from ".$table." where name='';");
new_dialog($result);
break;
case "insert":
unset($k);
unset($v);
while ($a=each($HTTP_POST_VARS[fields])) {
if ($a[value]!="") {
$k[]=$a[key];
$v[]="'".addslashes($a[value])."'";
}
}
if (sizeof($k)==0) {
echo "Empty form - not inserting.";
exit();
}
if (pg_exec($conn,"insert into ".$table." (".join($k,", ").") VALUES (".join($v,", ").");")) {
// $result=pg_exec($conn,"select * from ".$table." where name=1;");
// new_dialog($result);
disp_table($conn,$table);
}
break;
case "update":
unset($q);
while (list($key, $value)=each($HTTP_POST_VARS['fields'])) {
if ($value=="")
$q[]="\"".$key."\" = null";
else
$q[]="\"".$key."\" = '".addslashes($value)."'";
}
if (pg_exec($conn,"update ".$table." set ".join($q,", ")." where name='".addslashes(current($HTTP_POST_VARS['name']))."';")) {
email_account_status($conn);
disp_table($conn,$table);
echo "update ".$table." set ".join($q,", ")." where name='".addslashes(current($HTTP_POST_VARS['name']))."';";
}
break;
default:
disp_table($conn,$table);
}
} else
disp_table($conn,$table);
}
?>
|