From 2344d1f2d722ba78a0821f7dbe22ed63919b2ad3 Mon Sep 17 00:00:00 2001 From: James Atkinson Date: Fri, 4 May 2001 23:51:52 +0000 Subject: [PATCH] Users can now edit profile. However, it dosan't retain the data on an error, yet git-svn-id: file:///svn/phpbb/trunk@245 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/profile.php | 105 ++++++++++++++++++- phpBB/templates/Default/profile_add_body.tpl | 1 + phpBB/templates/PSO/profile_add_body.tpl | 2 +- 3 files changed, 103 insertions(+), 5 deletions(-) diff --git a/phpBB/profile.php b/phpBB/profile.php index 77184d75a5..c07a9bd3d5 100644 --- a/phpBB/profile.php +++ b/phpBB/profile.php @@ -295,16 +295,114 @@ switch($mode) if(isset($HTTP_POST_VARS['submit'])) { + $user_id = $HTTP_POST_VARS['user_id']; + $username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : ""; + $email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : ""; + $password = (!empty($HTTP_POST_VARS['password'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['password']))) : ""; + $password_confirm = (!empty($HTTP_POST_VARS['password_confirm'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['password_confirm']))) : ""; + $icq = (!empty($HTTP_POST_VARS['icq'])) ? trim(strip_tags($HTTP_POST_VARS['icq'])) : ""; + $aim = (!empty($HTTP_POST_VARS['aim'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['aim']))) : ""; + $msn = (!empty($HTTP_POST_VARS['msn'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['msn']))) : ""; + $yim = (!empty($HTTP_POST_VARS['yim'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['yim']))) : ""; + + $website = (!empty($HTTP_POST_VARS['website'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['website']))) : ""; + $location = (!empty($HTTP_POST_VARS['location'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['location']))) : ""; + $occupation = (!empty($HTTP_POST_VARS['occupation'])) ? trim(strip_tags(addslashes($HTTP_POST_VARS['occupation']))) : ""; + $interests = (!empty($HTTP_POST_VARS['interests'])) ? trim(addslashes($HTTP_POST_VARS['interests'])) : ""; + $signature = (!empty($HTTP_POST_VARS['signature'])) ? trim(addslashes($HTTP_POST_VARS['signature'])) : ""; + + $viewemail = $HTTP_POST_VARS['viewemail']; + $attachsig = $HTTP_POST_VARS['attachsig']; + $allowhtml = $HTTP_POST_VARS['allowhtml']; + $allowbbcode = $HTTP_POST_VARS['allowbbcode']; + $allowsmilies = $HTTP_POST_VARS['allowsmilies']; + + $user_theme = ($HTTP_POST_VARS['theme']) ? $HTTP_POST_VARS['theme'] : $board_config['default_theme']; + $user_lang = ($HTTP_POST_VARS['language']) ? $HTTP_POST_VARS['language'] : $board_config['default_lang']; + $user_timezone = (isset($HTTP_POST_VARS['timezone'])) ? $HTTP_POST_VARS['timezone'] : $board_config['default_timezone']; + $user_template = ($HTTP_POST_VARS['template']) ? $HTTP_POST_VARS['template'] : $board_config['default_template']; + $user_dateformat = ($HTTP_POST_VARS['dateformat']) ? trim($HTTP_POST_VARS['dateformat']) : $board_config['default_dateformat']; + + $error = FALSE; + + if($password && $password_confirm) + { + // The user wants to change their password, isn't that cute.. + if($password != $password_confirm) + { + $error = TRUE; + $error_msg = $l_mismatch . "
" . $l_tryagain; + } + else + { + $password = md5($password); + } + } + else if($password && !$password_confirm) + { + $error = TRUE; + $error_msg = $l_mismatch . "
" . $l_tryagain; + } + else if(!password && !$password_confirm) + { + $password = $userdata['password']; + } + + if($allow_namechange) + { + if(!validate_username($username)) + { + $error = TRUE; + if(isset($error_msg)) + { + $error_msg .= "
"; + } + $error_msg .= $l_invalidname; + } + } + if(!$error) + { + + $sql = "UPDATE ".USERS_TABLE." + set username = '$username', user_password = '$password', user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occ', + user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = '$viewemail', user_aim = '$aim', user_yim = '$yim', + user_msnm = '$msn', user_attachsig = '$attachsig', user_desmile = '$allowsmilies', user_html = '$allowhtml', user_bbcode = '$allowbbcode', user_timezone = '$user_timezone', + user_dateformat = '$user_dateformat', user_lang = '$user_lang', user_template = '$user_template', user_theme = '$user_theme' WHERE user_id = '$user_id'"; + + if($result = $db->sql_query($sql)) + { + $msg = $l_infoupdated; + $template->set_filenames(array( + "reg_header" => "error_body.tpl" + )); + $template->assign_vars(array( + "ERROR_MESSAGE" => $msg + )); + $template->pparse("reg_header"); + + include('includes/page_tail.'.$phpEx); + exit(); + } + } + else + { + $template->set_filenames(array( + "reg_header" => "error_body.tpl" + )); + $template->assign_vars(array( + "ERROR_MESSAGE" => $error_msg + )); + $template->pparse("reg_header"); + } } - else - { $template->set_filenames(array( "body" => "profile_add_body.tpl")); $template->assign_vars(array( "COPPA" => 0, "MODE" => $mode, + "USER_ID" => $userdata['user_id'], "USERNAME" => $userdata['username'], "EMAIL" => $userdata['user_email'], "YIM" => $userdata['user_yim'], @@ -369,9 +467,8 @@ switch($mode) $template->pparse("body"); include('includes/page_tail.'.$phpEx); - } - break; + break; case 'register': $username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : ""; diff --git a/phpBB/templates/Default/profile_add_body.tpl b/phpBB/templates/Default/profile_add_body.tpl index 30a2a7fd8a..cdb9cfaa95 100755 --- a/phpBB/templates/Default/profile_add_body.tpl +++ b/phpBB/templates/Default/profile_add_body.tpl @@ -107,6 +107,7 @@ + diff --git a/phpBB/templates/PSO/profile_add_body.tpl b/phpBB/templates/PSO/profile_add_body.tpl index dc3aaf6bda..40dfd27fc4 100644 --- a/phpBB/templates/PSO/profile_add_body.tpl +++ b/phpBB/templates/PSO/profile_add_body.tpl @@ -103,7 +103,7 @@ - + <