Beehive PHP Cross Reference Discussion Forums

Source: /edit_profile.php - 318 lines - 12268 bytes - Summary - Text - Print

   1  <?php
   2  
   3  /*======================================================================
   4  Copyright Project Beehive Forum 2002
   5  
   6  This file is part of Beehive Forum.
   7  
   8  Beehive Forum is free software; you can redistribute it and/or modify
   9  it under the terms of the GNU General Public License as published by
  10  the Free Software Foundation; either version 3 of the License, or
  11  (at your option) any later version.
  12  
  13  Beehive Forum is distributed in the hope that it will be useful,
  14  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  GNU General Public License for more details.
  17  
  18  You should have received a copy of the GNU General Public License
  19  along with Beehive; if not, write to the Free Software
  20  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
  21  USA
  22  ======================================================================*/
  23  
  24  // Bootstrap
  25  require_once  'boot.php';
  26  
  27  // Required includes
  28  require_once  BH_INCLUDE_PATH . 'constants.inc.php';
  29  require_once  BH_INCLUDE_PATH . 'form.inc.php';
  30  require_once  BH_INCLUDE_PATH . 'format.inc.php';
  31  require_once  BH_INCLUDE_PATH . 'header.inc.php';
  32  require_once  BH_INCLUDE_PATH . 'html.inc.php';
  33  require_once  BH_INCLUDE_PATH . 'profile.inc.php';
  34  require_once  BH_INCLUDE_PATH . 'session.inc.php';
  35  require_once  BH_INCLUDE_PATH . 'user.inc.php';
  36  require_once  BH_INCLUDE_PATH . 'user_profile.inc.php';
  37  // End Required includes
  38  
  39  // Check we're logged in correctly
  40  if (!session::logged_in()) {
  41      html_guest_error();
  42  }
  43  
  44  $admin_edit = false;
  45  
  46  $profile_uid = $_SESSION['UID'];
  47  
  48  if (session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) {
  49  
  50      if (isset($_GET['profile_uid'])) {
  51  
  52          if (is_numeric($_GET['profile_uid'])) {
  53  
  54              $profile_uid = $_GET['profile_uid'];
  55              $admin_edit = true;
  56  
  57          } else {
  58  
  59              html_draw_error(gettext("No user specified."));
  60          }
  61  
  62      } else if (isset($_POST['profile_uid'])) {
  63  
  64          if (is_numeric($_POST['profile_uid'])) {
  65  
  66              $profile_uid = $_POST['profile_uid'];
  67              $admin_edit = true;
  68  
  69          } else {
  70  
  71              html_draw_error(gettext("No user specified."));
  72          }
  73      }
  74  
  75      if (isset($_POST['cancel'])) {
  76  
  77          header_redirect("admin_user.php?webtag=$webtag&uid=$profile_uid");
  78          exit;
  79      }
  80  }
  81  
  82  if (!(session::check_perm(USER_PERM_ADMIN_TOOLS, 0)) && ($profile_uid != $_SESSION['UID'])) {
  83      html_draw_error(gettext("You do not have permission to use this section."));
  84  }
  85  
  86  // Fetch array of profile items.
  87  $profile_items_array = profile_get_user_values($profile_uid);
  88  
  89  // Array to hold error messages
  90  $error_msg_array = array();
  91  
  92  // Do updates
  93  if (isset($_POST['save'])) {
  94  
  95      $valid = true;
  96  
  97      if (isset($_POST['t_entry']) && is_array($_POST['t_entry'])) {
  98  
  99          $t_entry_array = $_POST['t_entry'];
 100  
 101          $t_entry_cleaned_array = array_map('strip_tags', $t_entry_array);
 102  
 103          if (sizeof(array_diff_assoc($t_entry_array, $t_entry_cleaned_array)) > 0) {
 104  
 105              $error_msg_array[] = gettext("Profile Entries must not include HTML");
 106              $valid = false;
 107          }
 108  
 109          if ($valid) {
 110  
 111              foreach ($t_entry_array as $piid => $profile_entry) {
 112  
 113                  $profile_entry = trim($profile_entry);
 114  
 115                  if ($admin_edit) {
 116  
 117                      $privacy = (isset($profile_items_array[$piid]['PRIVACY']) ? $profile_items_array[$piid]['PRIVACY'] : PROFILE_ITEM_PRIVATE);
 118  
 119                  } else if (isset($_POST['t_entry_private'][$piid]) && in_array($_POST['t_entry_private'][$piid], array(PROFILE_ITEM_PUBLIC, PROFILE_ITEM_FRIENDS, PROFILE_ITEM_PRIVATE))) {
 120  
 121                      $privacy = $_POST['t_entry_private'][$piid];
 122  
 123                  } else {
 124  
 125                      $privacy = PROFILE_ITEM_PRIVATE;
 126                  }
 127  
 128                  if (!user_profile_update($profile_uid, $piid, $profile_entry, $privacy)) {
 129  
 130                      $error_msg_array[] = gettext("Failed to update user profile");
 131                      $valid = false;
 132                  }
 133              }
 134  
 135              if ($valid) {
 136  
 137                  if ($admin_edit === true) {
 138  
 139                      header_redirect("admin_user.php?webtag=$webtag&uid=$profile_uid&profile_updated=true", gettext("Profile updated."));
 140                      exit;
 141  
 142                  } else {
 143  
 144                      header_redirect("edit_profile.php?webtag=$webtag&uid=$profile_uid&profile_updated=true", gettext("Profile updated."));
 145                      exit;
 146                  }
 147              }
 148          }
 149      }
 150  }
 151  
 152  if (is_array($profile_items_array) && sizeof($profile_items_array) > 0) {
 153  
 154      if ($admin_edit === true) {
 155  
 156          $user = user_get($profile_uid);
 157  
 158          html_draw_top(sprintf('title=%s', sprintf(gettext("Admin - Edit Profile - %s"), format_user_name($user['LOGON'], $user['NICKNAME']))), 'class=window_title');
 159  
 160          echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Manage User"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", format_user_name($user['LOGON'], $user['NICKNAME']), "</h1>\n";
 161  
 162      } else {
 163  
 164          html_draw_top(sprintf('title=%s', gettext("My Controls - Edit Profile")), 'class=window_title');
 165  
 166          echo "<h1>", gettext("Edit Profile"), "</h1>\n";
 167      }
 168  
 169      if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
 170  
 171          html_display_error_array($error_msg_array, '700', ($admin_edit) ? 'center' : 'left');
 172  
 173      } else if (isset($_GET['profile_updated'])) {
 174  
 175          html_display_success_msg(gettext("Profile updated."), '700', ($admin_edit) ? 'center' : 'left');
 176      }
 177  
 178      if ($admin_edit === true) echo "<div align=\"center\">\n";
 179  
 180      echo "<br />\n";
 181      echo "<form accept-charset=\"utf-8\" name=\"f_profile\" action=\"edit_profile.php\" method=\"post\" target=\"_self\">\n";
 182      echo "  ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
 183  
 184      if ($admin_edit === true) echo "  ", form_input_hidden('profile_uid', htmlentities_array($profile_uid)), "\n";
 185  
 186      echo "  <table cellpadding=\"0\" cellspacing=\"0\" width=\"700\">\n";
 187      echo "    <tr>\n";
 188      echo "      <td align=\"left\">\n";
 189      echo "        <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n";
 190      echo "          <tr>\n";
 191      echo "            <td align=\"left\">\n";
 192      echo "              <table class=\"box\" width=\"100%\">\n";
 193      echo "                <tr>\n";
 194      echo "                  <td align=\"left\" class=\"posthead\">\n";
 195      echo "                    <table class=\"posthead\" width=\"100%\">\n";
 196  
 197      $last_psid = false;
 198  
 199      foreach ($profile_items_array as $profile_item) {
 200  
 201          if (!isset($profile_item['ENTRY'])) $profile_item['ENTRY'] = '';
 202  
 203          if ($profile_item['PSID'] != $last_psid) {
 204  
 205              if ($last_psid !== false) {
 206  
 207                  echo "                      <tr>\n";
 208                  echo "                        <td align=\"left\">&nbsp;</td>\n";
 209                  echo "                      </tr>\n";
 210                  echo "                    </table>\n";
 211                  echo "                  </td>\n";
 212                  echo "                </tr>\n";
 213                  echo "              </table>\n";
 214                  echo "            </td>\n";
 215                  echo "          </tr>\n";
 216                  echo "        </table>\n";
 217                  echo "        <br />\n";
 218                  echo "        <table cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">\n";
 219                  echo "          <tr>\n";
 220                  echo "            <td align=\"left\">\n";
 221                  echo "              <table class=\"box\" width=\"100%\">\n";
 222                  echo "                <tr>\n";
 223                  echo "                  <td align=\"left\" class=\"posthead\">\n";
 224                  echo "                    <table class=\"posthead\" width=\"100%\">\n";
 225                  echo "                      <tr>\n";
 226                  echo "                        <td align=\"left\" class=\"subhead\" colspan=\"3\">{$profile_item['SECTION_NAME']}</td>\n";
 227                  echo "                      </tr>\n";
 228  
 229              } else {
 230  
 231                  echo "                      <tr>\n";
 232                  echo "                        <td align=\"left\" class=\"subhead\" colspan=\"3\">{$profile_item['SECTION_NAME']}</td>\n";
 233                  echo "                      </tr>\n";
 234              }
 235          }
 236  
 237          $last_psid = $profile_item['PSID'];
 238  
 239          echo "                      <tr>\n";
 240          echo "                        <td align=\"left\" width=\"1%\"></td>\n";
 241          echo "                        <td align=\"left\" colspan=\"2\">{$profile_item['ITEM_NAME']}</td>\n";
 242          echo "                      </tr>\n";
 243          echo "                      <tr>\n";
 244          echo "                        <td align=\"left\" width=\"1%\"></td>\n";
 245          echo "                        <td align=\"left\" width=\"564\">\n";
 246  
 247          if (($profile_item['TYPE'] == PROFILE_ITEM_RADIO) || ($profile_item['TYPE'] == PROFILE_ITEM_DROPDOWN)) {
 248  
 249              $profile_item_options_array = htmlentities_array(explode("\n", $profile_item['OPTIONS']));
 250  
 251              profile_item_add_clear_entry($profile_item_options_array, $profile_item['TYPE']);
 252  
 253              if ($profile_item['TYPE'] == PROFILE_ITEM_RADIO) {
 254                  echo form_radio_array("t_entry[{$profile_item['PIID']}]", $profile_item_options_array, (isset($t_entry_array[$profile_item['PIID']]) ? htmlentities_array($t_entry_array[$profile_item['PIID']]) : htmlentities_array($profile_item['ENTRY']))), "\n";
 255              } else {
 256                  echo form_dropdown_array("t_entry[{$profile_item['PIID']}]", $profile_item_options_array, (isset($t_entry_array[$profile_item['PIID']]) ? htmlentities_array($t_entry_array[$profile_item['PIID']]) : htmlentities_array($profile_item['ENTRY'])), null, 'bhinputprofileitem'), "\n";
 257              }
 258  
 259          } else if ($profile_item['TYPE'] == PROFILE_ITEM_MULTI_TEXT) {
 260  
 261              echo form_textarea("t_entry[{$profile_item['PIID']}]", (isset($t_entry_array[$profile_item['PIID']]) ? htmlentities_array($t_entry_array[$profile_item['PIID']]) : htmlentities_array($profile_item['ENTRY'])), null, null, null, 'bhinputprofileitem'), "\n";
 262  
 263          } else {
 264  
 265              echo form_input_text("t_entry[{$profile_item['PIID']}]", (isset($t_entry_array[$profile_item['PIID']]) ? htmlentities_array($t_entry_array[$profile_item['PIID']]) : htmlentities_array($profile_item['ENTRY'])), null, null, null, 'bhinputprofileitem'), "\n";
 266          }
 267  
 268          echo "</td>\n";
 269  
 270          if ($admin_edit === false) {
 271              echo "                        <td align=\"left\" valign=\"top\" width=\"100\">", form_dropdown_array("t_entry_private[{$profile_item['PIID']}]", array(gettext("Public"), gettext("Friends"), gettext("Only Me")), $profile_item['PRIVACY'], null, 'bhinputprofileprivacy'), "</td>\n";
 272          } else {
 273              echo "                        <td align=\"left\" valign=\"top\">&nbsp;</td>\n";
 274          }
 275  
 276          echo "                      </tr>\n";
 277      }
 278  
 279      echo "                      <tr>\n";
 280      echo "                        <td align=\"left\">&nbsp;</td>\n";
 281      echo "                      </tr>\n";
 282      echo "                    </table>\n";
 283      echo "                  </td>\n";
 284      echo "                </tr>\n";
 285      echo "              </table>\n";
 286      echo "            </td>\n";
 287      echo "          </tr>\n";
 288      echo "          <tr>\n";
 289      echo "            <td align=\"left\">&nbsp;</td>\n";
 290      echo "          </tr>\n";
 291  
 292      if ($admin_edit === true) {
 293  
 294          echo "          <tr>\n";
 295          echo "            <td align=\"center\">", form_submit("save", gettext("Save")), "&nbsp;", form_submit("cancel", gettext("Cancel")), "</td>\n";
 296          echo "          </tr>\n";
 297  
 298      } else {
 299  
 300          echo "          <tr>\n";
 301          echo "            <td align=\"center\">", form_submit("save", gettext("Save")), "</td>\n";
 302          echo "          </tr>\n";
 303      }
 304  
 305      echo "        </table>\n";
 306      echo "      </td>\n";
 307      echo "    </tr>\n";
 308      echo "  </table>\n";
 309      echo "</form>\n";
 310  
 311      if ($admin_edit === true) echo "</div>\n";
 312  
 313      html_draw_bottom();
 314  
 315  } else {
 316  
 317      html_draw_error(gettext("The forum owner has not set up Profiles."));
 318  }

title

Description

title

Description

title

Description

title

title

Body