Viewing file:  profiles.php (11.9 KB) -rwxrwxr-x
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?
require('ax5.inc');
/*
<font color="#feffd2">
Table "profiles"
Attribute | Type | Modifier
---------------+------+----------
name | text | not null
realname | text |
location | text |
compete_style | text |
gym_attend | text |
height | text |
weight | text |
age | text |
gender | text |
about | text |
email | text |
url | text |
Index: profiles_pkey
*/
function display_load_form($profile="")
{ ?>
<form method="post">
<table cellpadding="0" cellspacing="0">
<tr>
<td class="col1">Name:</td>
<td class="col2">
<input type="text" name="name" size="30" value="<? echo htmlspecialchars($profile[name]) ?>" />
<input type="submit" name="action" value="Create/load profile" />
</td>
</tr>
</table>
</form>
<? }
function textfield($label,$arrayname,$tag,$array) {
return '<tr><td class="col1">'.$label.'</td><td class="col2"><input type="text" size="40" name="'.$arrayname.'['.$tag.']" size="40" value="'.htmlspecialchars($array[$tag]).'" /></td>';
}
function display_profile_form($profile)
{ ?>
<form method="post" action="./profiles" enctype="multipart/form-data">
<table id="profileDisplay" cellpadding="0" cellspacing="0">
<tr>
<td class="col1">AX name:</td>
<td class="col2">
<input type="hidden" name="profile[name]" value="<? echo htmlspecialchars($profile[name]) ?>" />
<span id="userName"><? echo htmlspecialchars($profile[name]) ?></span>
[ <a href="./profiles?action=display&name=<? echo urlencode($profile[name]) ?>">View your profile</a> ]
<input type="submit" name="action" value="Change user" />
<?php
echo textfield('Real name:','profile','realname',$profile);
echo textfield('Email address:','profile','email',$profile);
echo textfield('Webpage URL:','profile','url',$profile);
echo textfield('Where do you live (include country please)?:','profile','location',$profile);
echo textfield('What do you train/compete in?:','profile','compete_style',$profile);
echo textfield('If you attend a gym, what gym do you attend?:','profile','gym_attend',$profile);
echo textfield('Height:','profile','height',$profile);
echo textfield('Weight:','profile','weight',$profile);
echo textfield('Age:','profile','age',$profile);
echo textfield('Gender:','profile','gender',$profile);
?>
<tr>
<td class="col1">
Attach image:
</td>
<td class="col2">
<input type="file" name="userfile" />
</td>
</tr>
<tr>
<td class="col1">
Tell us about yourself:
</td>
<td class="col2">
<textarea name="profile[about]"><? print $profile[about] ?></textarea>
</td>
<tr>
<td class="col1">
Password:
</td>
<td class="col2">
<input type="password" name="profile[password]" size="10" value="<? echo htmlspecialchars($profile[password]) ?>" />
<input type="submit" name="action" value="Save Profile" />
</td>
</tr>
</table>
</form>
<? }
/*
<!-- CSS Switcher -->
<table style="margin-left: 325px;">
<tr><td>
<br><br>
Select the Ax view style:
<form action="switcher.php" method="post">
<select name="set">
<option value="ax.css" selected>New Style</option>
<option value="ax_alt.css">Original</option>
</select>
<input type="submit" value="Change Style">
</form>
<!-- CSS Switcher -->
*/
function display_profile($profile)
{
global $HTTP_COOKIE_VARS;
?>
<table id="profileDisplay" cellpadding="0" cellspacing="0">
<tr>
<td class="col1">
AX name:
</td>
<td class="col2">
<form method="post" action="./profiles">
<span class="userName"><? echo htmlspecialchars($profile[name]) ?></span>
<?
if ($profile["name"]==$HTTP_COOKIE_VARS["name"]) {
echo " <input type=\"submit\" name=\"action\" value=\"Edit profile\" />";
}
?>
</form>
</td>
</tr>
<? if ($profile['messages_posted']) { ?>
<tr>
<td class="col1">
Number of posts:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[messages_posted]) ?>
</td>
</tr>
<? }; ?>
<tr>
<td class="col1">
Real name:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[realname]) ?>
</td>
</tr>
<tr>
<td class="col1">
Email address:
</td>
<td class="col2">
<a href="mailto:<? echo htmlspecialchars($profile[email]) ?>"><? echo htmlspecialchars($profile[email]) ?></a>
</td>
</tr>
<tr>
<td class="col1">
Webpage URL:
</td>
<td class="col2">
<a href="<? echo htmlspecialchars(((strpos($profile['url'],'://')===FALSE)?'http://':'').trim($profile[url]))?>" rel="nofollw" target="_blank"><? echo htmlspecialchars($profile[url]) ?></a>
</td>
</tr>
<tr>
<td class="col1">
Where do you live?:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[location]) ?>
</td>
</tr>
<tr>
<td class="col1">
What do you train/compete in?:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[compete_style]) ?>
</td>
</tr>
<tr>
<td class="col1">
If you attend a gym, what gym do you attend?:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[gym_attend]) ?>
</td>
</tr>
<tr>
<td class="col1">
Height:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[height]) ?>
</td>
</tr>
<tr>
<td class="col1">
Weight:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[weight]) ?>
</td>
</tr>
<tr>
<td class="col1">
Age:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[age]) ?>
</td>
</tr>
<tr>
<td class="col1">
Gender:
</td>
<td class="col2">
<? echo htmlspecialchars($profile[gender]) ?>
</td>
</tr>
<tr>
<td class="col1">
Tell us about yourself:
</td>
<td class="col2">
<? print nl2br($profile[about]) ?>
</td>
</tr>
</table>
<? }
function retrieve_profile_data($name) // try to retrieve profile data based on user name
{
global $conn;
$result=pg_exec($conn,"select * from profiles where name='".addslashes($name)."';");
if ($result) {
if (pg_numrows($result)==0) {
$profile[name]=$name;
} else {
$profile=pg_fetch_array($result,0);
$messages_result=pg_query($conn,"select messages_posted from users where name='".pg_escape_string($name)."';");
//echo pg_last_error();
if (pg_num_rows($messages_result)) {
$profile['messages_posted']=pg_result($messages_result,0,0);
} else {
$profile['messages_posted']='';
}
}
return $profile;
}
return false;
}
function update_profile_data($profile)
{
global $conn;
$fields=array("name","realname","location","compete_style","gym_attend","height","weight","age","gender","about","email","url");
$names="(".implode(",",$fields).")";
unset($value);
while (list($key,$val) = each($fields)) {
$value[]=addslashes($profile[$val]);
}
$values="('".implode("','",$value)."')";
pg_exec($conn,"begin;");
pg_exec($conn,"delete from profiles where name='".addslashes($profile[name])."';");
pg_exec($conn,"insert into profiles ".$names." values ".$values.";");
pg_exec($conn,"commit;");
pg_exec($conn,"end;");
}
// main
$conn=pg_connect("","","","","ax");
switch ($action) {
case "display":
$profile=retrieve_profile_data($HTTP_GET_VARS[name]);
if (isset($profile[realname])) {
disp_preamble("Ax Profiles",$HTTP_GET_VARS[name]);
display_profile($profile);
} else {
disp_preamble("Ax Profiles",$HTTP_GET_VARS[name]." - not found");
if ($HTTP_GET_VARS[name]==$HTTP_COOKIE_VARS[name]) {
echo "<p align=center>You haven't created a profile yet.</p>";
} else {
echo "<p align=center>This user hasn't created a profile yet.</p>";
}
}
disp_tail();
break;
case "browse":
disp_preamble("Ax Profiles","Browsing Ax Profiles");
$result=pg_exec($conn,"select name, about from profiles order by lower(name);");
$rows=pg_numrows($result);
echo "<div id=\"browseProfiles\">\n";
echo "<h2>The following ".$rows." people have entered information about themselves:</h2>";
echo "<ul>\n";
for($row=0;$row<$rows;$row++) {
$obj=pg_fetch_array($result,$row);
// $about=$result[about];
$name=$obj[name];
if (substr_count(strtolower($obj[about]), "<img")>0)
{
echo "<li><a href=\"profiles?action=display&name=".urlencode($name)."\">".$name."</a><font color=#99999> - With Photo</font>\n";
}
else
{
echo "<li><a href=\"profiles?action=display&name=".urlencode($name)."\">".$name."</a>\n";
}
}
echo "</ul>\n";
echo "</div>\n";
disp_tail();
break;
case "Create/load profile":
disp_preamble("Ax Profiles",$HTTP_POST_VARS["name"]);
$profile=retrieve_profile_data($HTTP_POST_VARS[name]);
if ($HTTP_POST_VARS[name]==$HTTP_COOKIE_VARS[name])
$profile[password]=$HTTP_COOKIE_VARS[password];
display_profile_form($profile);
disp_tail();
break;
case "Save Profile":
$profile=$HTTP_POST_VARS["profile"];
$result=pg_query("select userid, name, password from users where name='".addslashes($profile[name])."' and password='".addslashes($profile[password])."';");
if (pg_numrows($result)==1) {
disp_preamble("Ax Profiles","Profile update successful");
if ($_FILES['userfile'] && $_FILES['userfile']['tmp_name']!="none" && $_FILES['userfile']['name']!="" )
{
// posting image
//$basedir="images/user_uploaded/";
//$namepart=strtr($profile['name'],"/","-");
$row = pg_fetch_row($result);
$user_id = (string) $row[0];
$full_base_path="/www/message.axkickboxing.com/public_html/";
$basedir="user_images/";
$mydir=$full_base_path.$basedir.$user_id;
$myumask=umask(2);
@ mkdir($mydir,02775);
@ chgrp($mydir,'www-data');
$filename = $HTTP_POST_FILES['userfile']['name'];
$file_info = pathinfo($filename);
$extension = $file_info['extension'];
$file_basename = basename($filename, '.'.$extension);
$counter = 0;
while (file_exists($mydir."/".$filename)) {
$counter++;
$filename = $file_basename."_".(string) $counter.".".$extension;
/*if ($counter == 10) {
echo "Filename:".$filename."\n";
echo "File upload failed. Quitting execution";
exit;
}*/
}
$full_file_path = $mydir."/".$filename;
if (copy($HTTP_POST_FILES['userfile']['tmp_name'],$full_file_path)) {
@ chmod($full_file_path,0664);
@ chgrp($full_file_path,'ax');
$link="http://message.axkickboxing.com/".$basedir.rawurlencode($user_id)."/".rawurlencode($filename);
$profile['about'].="\n".'<br /><img src="'.$link.'" />'."\n";
//$_POST['text']= $_POST['text']."\n<img src=\"".$link."\" /><br />";
};
umask($myumask);
};
update_profile_data($profile);
pg_exec("insert into authattempt (name,password,result,date,ipaddr) values ('".addslashes($name)."','".addslashes($password)."','OK',now(),'".addslashes($REMOTE_ADDR)."');");
echo "<p align=center>The information you entered is hopefully in the database now.</p>";
$profile=retrieve_profile_data($profile[name]);
$profile[password]=$HTTP_COOKIE_VARS[password];
display_profile_form($profile);
disp_tail();
} else {
disp_preamble("Ax Profiles","Profile update failed");
echo "<p align=center>We could not find your user account. Please check your name and password.</p>";
pg_exec("insert into authattempt (name,password,result,date,ipaddr) values ('".addslashes($name)."','".addslashes($password)."','failed',now(),'".addslashes($REMOTE_ADDR)."');");
display_profile_form($profile);
disp_tail();
}
break;
case "Change user":
disp_preamble("Ax Profiles","");
display_load_form();
disp_tail();
break;
case "Edit Profile":
default:
if (isset($HTTP_COOKIE_VARS["name"])) {
disp_preamble("Ax Profiles",$HTTP_COOKIE_VARS["name"]);
$profile=retrieve_profile_data($HTTP_COOKIE_VARS["name"]);
//if (!isset($profile[realname])) $profile[realname]=$HTTP_COOKIE_VARS[name];
if ($profile[email]=="") $profile[email]=$HTTP_COOKIE_VARS[email];
if ($profile[url]=="") $profile[url]=$HTTP_COOKIE_VARS[url];
$profile[password]=$HTTP_COOKIE_VARS[password];
display_profile_form($profile);
disp_tail();
} else {
disp_preamble("Ax Profiles","");
display_load_form();
disp_tail();
}
}
?>
|