-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathprofile.php
More file actions
157 lines (125 loc) · 5.33 KB
/
Copy pathprofile.php
File metadata and controls
157 lines (125 loc) · 5.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
<?php
/*
ExtCalendar v2
Copyright (C) 2003-2004 Mohamed Moujami (Simo)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Date Started : 01/07/2004
Date Last Updated : 23/12/2004
Author(s) : Mohamed Moujami (Simo), Kristof De Jaeger
Description : User Profile
Get the latest version of ExtCalendar at http://extcal.sourceforge.net//
*/
define('PROFILE_PHP', true);
require_once "config.inc.php";
require_login(); // must be logged in to access the user's profile
$mode = isset($_GET['mode'])?$_GET['mode']:'';
$mode = isset($_POST['mode'])?$_POST['mode']:$mode;
$user_id = $Session['user']['user_id'];
switch($mode) {
case "edit":
pageheader($lang_user_profile_data['edit_profile'] . " :: " . $lang_user_profile_data['section_title']);
if(!empty($user_id)) print_edit_profile_form($user_id);
break;
default:
pageheader($lang_user_profile_data['section_title']);
if(!empty($user_id)) print_user_profile($user_id);
}
// footer
pagefooter();
// Functions
function print_edit_profile_form($user_id) {
/* print an existing category form so we can edit it */
global $CONFIG, $ME, $zone_stamp, $lang_user_profile_data, $lang_general, $errors;
$successful = false;
// Retrieve the form array
if(count($_POST)) $form = $_POST;
else {
$query = "
SELECT * FROM ".$CONFIG['TABLE_USERS']."
WHERE user_id = '$user_id'";
$result = db_query($query);
$form = db_fetch_array($result);
$form['password'] = '';
}
if(count($_POST)) {
// Process form submission
// Form Validation
$errors = '';
if (empty($form['email'])) { $errors .= theme_error_string($lang_user_profile_data['no_email']);}
elseif (!preg_match( "/^[-^!#$%&'*+\/=?`{|}~.\w]+@[-a-zA-Z0-9]+(\.[-a-zA-Z0-9]+)+$/", $form['email'] )) { $errors .= theme_error_string($lang_user_profile_data['invalid_email']);}
elseif(!$CONFIG['reg_duplicate_emails']) {
// check if there is an existing account with the same email
$email = isset($form['email'])?addslashes($form['email']):"";
$query = "SELECT user_id FROM ".$CONFIG['TABLE_USERS']." where email = '$email' AND user_id <> '$user_id'";
$result = db_query($query);
if(db_num_rows($result)) $errors .= theme_error_string($lang_user_profile_data['email_exists']);
}
if (!empty($form['password'])) {
if (!eregi("^[[:alnum:]]{4,16}$", $form['password'] )) { $errors .= theme_error_string($lang_user_profile_data['invalid_password']); }
elseif ($form['password'] == $form['username']) { $errors .= theme_error_string($lang_user_profile_data['password_is_username']); }
elseif ($form['password'] != $form['password_confirm']) { $errors .= theme_error_string($lang_user_profile_data['password_not_match']); }
}
if(!$errors) {
$firstname = isset($form['firstname'])?addslashes($form['firstname']):"";
$lastname = isset($form['lastname'])?addslashes($form['lastname']):"";
$email = isset($form['email'])?addslashes($form['email']):"";
$user_website = isset($form['user_website'])?addslashes($form['user_website']):"";
$user_location = isset($form['user_location'])?addslashes($form['user_location']):"";
$user_occupation = isset($form['user_occupation'])?addslashes($form['user_occupation']):"";
$query = "
UPDATE ".$CONFIG['TABLE_USERS']." SET
`firstname` = '$firstname',
`lastname` = '$lastname',
`email` = '$email',
`user_website` = '$user_website',
`user_location` = '$user_location',
`user_occupation` = '$user_occupation'
WHERE user_id = '{$form['user_id']}'";
db_query($query);
if (!empty($form['password'])) {
$query = "
UPDATE ".$CONFIG['TABLE_USERS']." SET
`password` = '".md5($form['password'])."'
WHERE user_id = '{$form['user_id']}'";
db_query($query);
}
// Successfull message
theme_redirect_dialog($lang_user_profile_data['edit_profile'], $lang_user_profile_data['edit_profile_success'], $lang_general['continue'], $ME);
// to remember not to display the form again
$successful = true;
}
}
// Render the form
if(!$successful) {
theme_user_profile_form($ME,'edit',$form);
}
}
function print_user_profile($user_id) {
/* print an existing category form so we can edit it */
global $CONFIG, $ME, $zone_stamp, $lang_user_profile_data, $lang_general, $lang_system;
// Retrieve the form array
$query = "
SELECT *, group_name FROM ".$CONFIG['TABLE_USERS']." AS e, ".$CONFIG['TABLE_GROUPS']." AS g
WHERE user_id = '$user_id' AND e.group_id = g.group_id" ;
$result = db_query($query);
$row = db_num_rows($result);
$profile_info = db_fetch_array($result);
// if no rows
if (!$row) {
theme_redirect_dialog($lang_group_admin_data['section_title'], $lang_system['no_profile'], $lang_general['back'], "calendar.php");
// show group and members
} else {
theme_user_profile($ME,$profile_info);
}
}
?>