Subversion Repositories svnkaklik

Rev

Details | Last modification | View Log

Rev Author Line No. Line
6 kaklik 1
<?php
2
/*************************
3
  Coppermine Photo Gallery
4
  ************************
5
  Copyright (c) 2003-2005 Coppermine Dev Team
6
  v1.1 originaly written by Gregory DEMAR
7
 
8
  This program is free software; you can redistribute it and/or modify
9
  it under the terms of the GNU General Public License as published by
10
  the Free Software Foundation; either version 2 of the License, or
11
  (at your option) any later version.
12
  ********************************************
13
  Coppermine version: 1.3.3
14
  $Source: /cvsroot/coppermine/stable/profile.php,v $
15
  $Revision: 1.7 $
16
  $Author: gaugau $
17
  $Date: 2005/04/19 03:17:11 $
18
**********************************************/
19
 
20
define('IN_COPPERMINE', true);
21
define('PROFILE_PHP', true);
22
 
23
require('include/init.inc.php');
24
 
25
$edit_profile_form_param = array(
26
    array('text', 'username', $lang_register_php['username']),
27
    array('text', 'reg_date', $lang_register_php['reg_date']),
28
    array('text', 'group', $lang_register_php['group']),
29
    array('text', 'email', $lang_register_php['email']),
30
    array('text', 'disk_usage', $lang_register_php['disk_usage']),
31
    array('input', 'location', $lang_register_php['location'], 255),
32
    array('input', 'interests', $lang_register_php['interests'], 255),
33
    array('input', 'website', $lang_register_php['website'], 255),
34
    array('input', 'occupation', $lang_register_php['occupation'], 255),
35
    );
36
 
37
$display_profile_form_param = array(
38
    array('text', 'username', $lang_register_php['username']),
39
    array('text', 'reg_date', $lang_register_php['reg_date']),
40
    array('text', 'group', $lang_register_php['group']),
41
    array('text', 'location', $lang_register_php['location']),
42
    array('text', 'interests', $lang_register_php['interests']),
43
    array('text', 'website', $lang_register_php['website']),
44
    array('text', 'occupation', $lang_register_php['occupation']),
45
    array('thumb', 'user_thumb'),
46
    );
47
 
48
$change_password_form_param = array(
49
    array('password', 'current_pass', $lang_register_php['current_pass'], 25),
50
    array('password', 'new_pass', $lang_register_php['new_pass'], 25),
51
    array('password', 'new_pass_again', $lang_register_php['new_pass_again'], 25),
52
    );
53
 
54
function make_form($form_param, $form_data)
55
{
56
    global $CONFIG, $PHP_SELF, $HTTP_POST_VARS;
57
    global $lang_register_php;
58
 
59
    foreach ($form_param as $element) switch ($element[0]) {
60
        case 'label' :
61
            echo <<<EOT
62
    <tr>
63
        <td colspan="2" class="tableh2">
64
            <b>{$element[1]}<b>
65
        </td>
66
    </tr>
67
 
68
EOT;
69
            break;
70
 
71
        case 'text' :
72
            if ($form_data[$element[1]] == '') break;
73
            echo <<<EOT
74
    <tr>
75
        <td width="40%" class="tableb" height="25">
76
            {$element[2]}
77
        </td>
78
        <td width="60%" class="tableb">
79
            {$form_data[$element[1]]}
80
        </td>
81
    </tr>
82
 
83
EOT;
84
 
85
            break;
86
        case 'input' :
87
            $value = $form_data[$element[1]];
88
 
89
            echo <<<EOT
90
    <tr>
91
        <td width="40%" class="tableb"  height="25">
92
            {$element[2]}
93
        </td>
94
        <td width="60%" class="tableb" valign="top">
95
            <input type="text" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="$value" class="textinput">
96
        </td>
97
    </tr>
98
 
99
EOT;
100
            break;
101
 
102
        case 'password' :
103
            echo <<<EOT
104
    <tr>
105
        <td width="40%" class="tableb">
106
            {$element[2]}
107
        </td>
108
        <td width="60%" class="tableb" valign="top">
109
            <input type="password" style="width: 100%" name="{$element[1]}" maxlength="{$element[3]}" value="" class="textinput">
110
        </td>
111
    </tr>
112
 
113
EOT;
114
            break;
115
        case 'thumb' :
116
            $value = $form_data[$element[1]];
117
 
118
            if ($value) echo <<<EOT
119
    <td valign="top" colspan="2" class="thumbnails" align="center">
120
        <table width="100%" cellpadding="0" cellspacing="0">
121
            <tr>
122
                <td align="center">
123
                    $value
124
                </td>
125
            </tr>
126
        </table>
127
    </td>
128
EOT;
129
            break;
130
 
131
        default:
132
            cpg_die(CRITICAL_ERROR, 'Invalid action for form creation ' . $element[0], __FILE__, __LINE__);
133
    }
134
}
135
 
136
function get_post_var($var)
137
{
138
    global $HTTP_POST_VARS, $lang_errors;
139
 
140
    if (!isset($HTTP_POST_VARS[$var])) cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'] . " ($var)", __FILE__, __LINE__);
141
    return addslashes(trim($HTTP_POST_VARS[$var]));
142
}
143
 
144
$op = isset($HTTP_GET_VARS['op']) ? $HTTP_GET_VARS['op'] : '';
145
$uid = isset($HTTP_GET_VARS['uid']) ? (int)$HTTP_GET_VARS['uid'] : -1;
146
if (isset($HTTP_POST_VARS['change_pass'])) $op = 'change_pass';
147
 
148
if (isset($HTTP_POST_VARS['change_profile']) && USER_ID && !defined('UDB_INTEGRATION')) {
149
    $location = get_post_var('location');
150
    $interests = get_post_var('interests');
151
    $website = get_post_var('website');
152
    $occupation = get_post_var('occupation');
153
 
154
    $sql = "UPDATE {$CONFIG['TABLE_USERS']} SET " . "user_location = '$location', " . "user_interests = '$interests', " . "user_website = '$website', " . "user_occupation = '$occupation' " . "WHERE user_id = '" . USER_ID . "'";
155
 
156
    $result = db_query($sql);
157
 
158
    $title = sprintf($lang_register_php['x_s_profile'], USER_NAME);
159
    $redirect = "index.php";
160
    pageheader($title, "<META http-equiv=\"refresh\" content=\"3;url=$redirect\">");
161
    msg_box($lang_info, $lang_register_php['update_success'], $lang_continue, $redirect);
162
    pagefooter();
163
    ob_end_flush();
164
    exit;
165
}
166
 
167
if (isset($HTTP_POST_VARS['change_password']) && USER_ID && !defined('UDB_INTEGRATION')) {
168
    $current_pass = get_post_var('current_pass');
169
    $new_pass = get_post_var('new_pass');
170
    $new_pass_again = get_post_var('new_pass_again');
171
 
172
    if (strlen($new_pass) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__);
173
    if ($new_pass != $new_pass_again) cpg_die(ERROR, $lang_register_php['err_password_mismatch'], __FILE__, __LINE__);
174
 
175
    $sql = "UPDATE {$CONFIG['TABLE_USERS']} SET " . "user_password = '$new_pass' " . "WHERE user_id = '" . USER_ID . "' AND BINARY user_password = '$current_pass'";
176
 
177
    $result = db_query($sql);
178
    if (!mysql_affected_rows()) cpg_die(ERROR, $lang_register_php['pass_chg_error'], __FILE__, __LINE__);
179
 
180
    setcookie($CONFIG['cookie_name'] . '_pass', md5($HTTP_POST_VARS['new_pass']), time() + 86400, $CONFIG['cookie_path']);
181
 
182
    $title = sprintf($lang_register_php['x_s_profile'], USER_NAME);
183
    $redirect = $PHP_SELF . "?op=edit_profile";
184
    pageheader($title, "<META http-equiv=\"refresh\" content=\"3;url=$redirect\">");
185
    msg_box($lang_info, $lang_register_php['pass_chg_success'], $lang_continue, $redirect);
186
    pagefooter();
187
    ob_end_flush();
188
    exit;
189
}
190
 
191
switch ($op) {
192
    // ------------------------------------------------------------------------- //
193
    case 'edit_profile' :
194
        if (!USER_ID) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
195
 
196
        if (defined('UDB_INTEGRATION')) udb_edit_profile(USER_ID);
197
 
198
        $sql = "SELECT user_name, user_email, user_group, UNIX_TIMESTAMP(user_regdate) as user_regdate, group_name, " . "user_location, user_interests, user_website, user_occupation, user_group_list, " . "COUNT(pid) as pic_count, ROUND(SUM(total_filesize)/1024) as disk_usage, group_quota " . "FROM {$CONFIG['TABLE_USERS']} AS u " . "INNER JOIN {$CONFIG['TABLE_USERGROUPS']} AS g ON user_group = group_id " . "LEFT JOIN {$CONFIG['TABLE_PICTURES']} AS p ON p.owner_id = u.user_id " . "WHERE user_id ='" . USER_ID . "' " . "GROUP BY user_id ";
199
 
200
        $result = db_query($sql);
201
 
202
        if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__);
203
        $user_data = mysql_fetch_array($result);
204
        mysql_free_result($result);
205
 
206
        $group_list = '';
207
        if ($user_data['user_group_list'] != '') {
208
            $sql = "SELECT group_name " . "FROM {$CONFIG['TABLE_USERGROUPS']} " . "WHERE group_id IN ({$user_data['user_group_list']}) AND group_id != {$user_data['user_group']} " . "ORDER BY group_name";
209
            $result = db_query($sql);
210
            while ($row = mysql_fetch_array($result)) {
211
                $group_list .= $row['group_name'] . ', ';
212
            }
213
            mysql_free_result($result);
214
            $group_list = '<br /><i>(' . substr($group_list, 0, -2) . ')</i>';
215
        }
216
 
217
        $form_data = array('username' => $user_data['user_name'],
218
            'reg_date' => localised_date($user_data['user_regdate'], $register_date_fmt),
219
            'group' => $user_data['group_name'] . $group_list,
220
            'email' => $user_data['user_email'],
221
            'disk_usage' => $user_data['disk_usage'] .
222
            ($user_data['group_quota'] ? '/' . $user_data['group_quota'] : '') . '&nbsp;' . $lang_byte_units[1],
223
            'location' => $user_data['user_location'],
224
            'interests' => $user_data['user_interests'],
225
            'website' => $user_data['user_website'],
226
            'occupation' => $user_data['user_occupation'],
227
            );
228
 
229
        $title = sprintf($lang_register_php['x_s_profile'], USER_NAME);
230
        pageheader($title);
231
        starttable(-1, $title, 2);
232
        echo <<<EOT
233
    <form method="post" action="$PHP_SELF">
234
 
235
EOT;
236
        make_form($edit_profile_form_param, $form_data);
237
        echo <<<EOT
238
    <tr>
239
        <td colspan="2" align="center" class="tablef">
240
            <input type="submit" name="change_profile" value="{$lang_register_php['apply_modif']}" class="button">
241
            <img src="images/spacer.gif" width="20" height="1">
242
            <input type="submit" name="change_pass" value="{$lang_register_php['change_pass']}" class="button">
243
        </td>
244
    </tr>
245
    </form>
246
 
247
EOT;
248
        endtable();
249
        pagefooter();
250
        ob_end_flush();
251
        break;
252
    // ------------------------------------------------------------------------- //
253
    case 'change_pass' :
254
        if (!USER_ID || defined('UDB_INTEGRATION')) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
255
 
256
        $title = $lang_register_php['change_pass'];
257
        pageheader($title);
258
        starttable(-1, $title, 2);
259
        echo <<<EOT
260
    <form method="post" action="$PHP_SELF">
261
 
262
EOT;
263
        make_form($change_password_form_param, '');
264
        echo <<<EOT
265
    <tr>
266
        <td colspan="2" align="center" class="tablef">
267
            <input type="submit" name="change_password" value="$title" class="button">
268
        </td>
269
    </tr>
270
    </form>
271
 
272
EOT;
273
        endtable();
274
        pagefooter();
275
        ob_end_flush();
276
        break;
277
    // ------------------------------------------------------------------------- //
278
    default :
279
 
280
        if (defined('UDB_INTEGRATION')) {
281
            $user_data = udb_get_user_infos($uid);
282
        } else {
283
            $sql = "SELECT user_name, user_email, UNIX_TIMESTAMP(user_regdate) as user_regdate, group_name, " . "user_location, user_interests, user_website, user_occupation " . "FROM {$CONFIG['TABLE_USERS']} AS u " . "INNER JOIN {$CONFIG['TABLE_USERGROUPS']} AS g ON user_group = group_id " . "WHERE user_id ='$uid'";
284
 
285
            $result = db_query($sql);
286
 
287
            if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['err_unk_user'], __FILE__, __LINE__);
288
            $user_data = mysql_fetch_array($result);
289
            mysql_free_result($result);
290
        }
291
        if ($FORBIDDEN_SET != "") $FORBIDDEN_SET = "AND $FORBIDDEN_SET";
292
        $query = "SELECT count(*), MAX(pid) FROM {$CONFIG['TABLE_PICTURES']} AS p WHERE owner_id = '$uid' AND approved = 'YES' $FORBIDDEN_SET";
293
        $result = db_query($query);
294
        $nbEnr = mysql_fetch_array($result);
295
        $picture_count = $nbEnr[0];
296
        $thumb_pid = $nbEnr[1];
297
        mysql_free_result($result);
298
 
299
        $result = db_query("SELECT count(*) FROM {$CONFIG['TABLE_ALBUMS']} AS p WHERE category = '" . (FIRST_USER_CAT + $uid) . "' $FORBIDDEN_SET");
300
        $nbEnr = mysql_fetch_array($result);
301
        $album_count = $nbEnr[0];
302
        mysql_free_result($result);
303
 
304
        $result = db_query("SELECT count(*), MAX(msg_id) FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE c.pid = p.pid AND author_id = '$uid' $FORBIDDEN_SET");
305
        $nbEnr = mysql_fetch_array($result);
306
        $comment_count = $nbEnr[0];
307
        $lastcom_id = $nbEnr[1];
308
        mysql_free_result($result);
309
 
310
        $lastcom = '';
311
        if ($comment_count) {
312
            $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight, msg_author, UNIX_TIMESTAMP(msg_date) as msg_date, msg_body " . "FROM {$CONFIG['TABLE_COMMENTS']} AS c, {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE msg_id='" . $lastcom_id . "' AND c.pid = p.pid";
313
            $result = db_query($sql);
314
            if (mysql_num_rows($result)) {
315
                $row = mysql_fetch_array($result);
316
                mysql_free_result($result);
317
                $pic_url =  get_pic_url($row, 'thumb');
318
                if (!is_image($row['filename'])) {
319
                        $image_info = getimagesize($pic_url);
320
                        $row['pwidth'] = $image_info[0];
321
                        $row['pheight'] = $image_info[1];
322
                }
323
                $image_size = compute_img_size($row['pwidth'], $row['pheight'], $CONFIG['thumb_width']);
324
                $mime_content = get_type($row['filename']);
325
                $lastcom = '<img src="' . $pic_url . '" class="image"' . $image_size['geom'] . ' border="0" alt="">';
326
                $lastcom = '<td width="50%" valign="top" align="center">'
327
                            . '<a href="thumbnails.php?album=lastcomby&uid=' . $uid . '">'
328
                            . $lastcom
329
                            . '</a><br />';
330
                $lastcom .= "<span class=\"thumb_caption\"><b>" . $row['msg_author'] . '</b></span>' . "<span class=\"thumb_caption\">" . localised_date($row['msg_date'], $lastcom_date_fmt) . '</span>' . "<span class=\"thumb_caption\">" . $row['msg_body'] . '</span></td>';
331
            }
332
        }
333
 
334
        $user_thumb = '';
335
        if ($picture_count) {
336
            $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE pid='" . $thumb_pid . "'";
337
            $result = db_query($sql);
338
            if (mysql_num_rows($result)) {
339
                $picture = mysql_fetch_array($result);
340
                mysql_free_result($result);
341
                $pic_url =  get_pic_url($picture, 'thumb');
342
                if (!is_image($picture['filename'])) {
343
                        $image_info = getimagesize($pic_url);
344
                        $picture['pwidth'] = $image_info[0];
345
                        $picture['pheight'] = $image_info[1];
346
                }
347
                $image_size = compute_img_size($picture['pwidth'], $picture['pheight'], $CONFIG['thumb_width']);
348
                $mime_content = get_type($picture['filename']);
349
                $user_thumb = '<img src="' . $pic_url . '" class="image"'
350
                                . $image_size['geom'] . ' border="0" alt="">';
351
                $user_thumb = '<td width="50%" valign="top" align="center">'
352
                            . '<a href="thumbnails.php?album=lastupby&uid=' . $uid . '">'
353
                            . $user_thumb
354
                            . '</a></td>';
355
            }
356
        }
357
 
358
        $quick_jump = ($user_thumb . $lastcom) ? '<table width="100%" border="0" cellspacing="5"><tr>' . $user_thumb . $lastcom . '</tr></table>' : '';
359
 
360
        $form_data = array('username' => $user_data['user_name'],
361
            'reg_date' => localised_date($user_data['user_regdate'], $register_date_fmt),
362
            'group' => $user_data['group_name'],
363
            'location' => $user_data['user_location'],
364
            'interests' => $user_data['user_interests'],
365
            'website' => make_clickable($user_data['user_website']),
366
            'occupation' => $user_data['user_occupation'],
367
            'user_thumb' => $quick_jump,
368
            );
369
 
370
        $title = sprintf($lang_register_php['x_s_profile'], $user_data['user_name']);
371
        pageheader($title);
372
        starttable(-1, $title, 2);
373
        make_form($display_profile_form_param, $form_data);
374
        endtable();
375
        pagefooter();
376
        ob_end_flush();
377
        break;
378
}
379
 
380
?>