[Astrospaces-commits] SF.net SVN: astrospaces: [85] trunk/profile.php
Brought to you by:
p3net
Menu
▾
▴
[Astrospaces-commits] SF.net SVN: astrospaces: [85] trunk/profile.php
|
From: <fr...@us...> - 2007-08-01 22:35:26
|
Revision: 85
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=85&view=rev
Author: frcole
Date: 2007-08-01 15:35:29 -0700 (Wed, 01 Aug 2007)
Log Message:
-----------
started on edit() function.... roughly. DONT USE IT YET -- frc
Modified Paths:
--------------
trunk/profile.php
Modified: trunk/profile.php
===================================================================
--- trunk/profile.php 2007-08-01 22:03:28 UTC (rev 84)
+++ trunk/profile.php 2007-08-01 22:35:29 UTC (rev 85)
@@ -1,257 +1,270 @@
-<?php
-/*******************************************************
- * Copyright (C) 2007 http://p3net.net
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-include('globals.php');
-class profile
-{
- /*
- Function Name: register
- Arguments: none
- Purpose: Register user
- */
- function register()
- {
- $step = empty($_GET["step"]) ? '1' : $_GET["step"];
- if($step == 1)
- {
- $form =& new template(AS_TPL.'forms/register.tpl');
- }
- else if($step == 2)
- {
- $_query = 'INSERT INTO '.AS_TBL_USER.' (display_name, password, join_date, time_offset) ';
- $_query .= 'VALUES('.$db->qstr($vars["display_name"],get_magic_quotes_gpc()).',';
- $_query .= $db->qstr(md5($vars["password"]),get_magic_quotes_gpc()).',';
- $_query .= mktime().','.qstr($vars["offset"],get_magic_quotes_gpc()).')';
-
- if ($db->Execute($_query) === false)
- {
- $error->general("<b>DB Error!</b>", $db->ErrorMsg());
- return false;
- } else {
- $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
- }
- }
- }
- /*
- Function Name: edit
- Arguments: none
- Purpose: Edit user profile information (IE, contents of user table)
- */
- function edit()
- {
- /* I'm too lazy to code this so we'll do it later */
- }
- /*
- Function Name: delete
- Arguments: None
- Purpose: delete user
- */
- function delete()
- {
- /* Need to work everything else out first */
- }
- /*
- Function Name: pics
- Arguments: none
- Purpose: Step 1 -- Display image upload form
- Step 2 -- Upload profile image
- */
- function pics()
- {
- if(!($user->logged_in()))
- {
- $error->general("Not logged in", "Pics upload");
- }
- $step = empty($_GET["step"]) ? '1' : $_GET["step"];
- if($step == 1)
- {
- $form =& new template(AS_TPL.'forms/upload_pic.tpl');
- }
- else
- {
- if($_FILES['pic']['size'] < 1)
- {
- $error->general("No image uploaded", "File size = 0");
- }
- $file_name = $_FILES['pic']['name'];
- $tmp_name = $_FILES['pic']['tmp_name'];
- $file_size = $_FILES['pic']['size'];
- $file_type = $_FILES['pic']['type'];
-
- list($width, $height) = getimagesize($tmp_name) or $general->error("Could not upload", "Not an image");
-
- $fp = fopen($tmp_name, 'r');
- $content = fread($fp, filesize($tmp_name));
- $content = addslashes($content);
- fclose($fp);
-
- $_query = 'INSERT INTO '.AS_TBL_IMG.' (owner_id, content, mime_type, desc, width, height, name, views)'
- .'VALUES('. $user->data["user_id"] . ',' . $db->qstr($content) . ',' . $db->qstr($file_type) . "', ''"
- .$db->qstr(htmlspecialchars($_POST["desc"]),get_magic_quotes_gpc()).','.$width.','.$height.','.$db->qstr($file_name,get_magic_quotes_gpc()).", '0')";
- if ($db->Execute($_query) === false)
- {
- $error->general("<b>DB Error!</b>", $db->ErrorMsg());
- return false;
- }
-
- $user->action(4, '');
- $message->thank('for uploading an image', 'go back to the previous page', 'javascript:history.go(\'-2\')');
- }
- }
- /*
- Function Name: login
- Arguments: None
- Purpose: log user in
- */
- function login()
- {
- $step = empty($_GET["step"]) ? '1' : $_GET["step"];
- if($step == 1)
- {
- $form =& new template(AS_TPL.'forms/login.tpl');
- }
- else
- {
- foreach($_POST as $key => $value)
- {
- $var[$key] = $db->qstr(htmlspecialchars($value),get_magic_quotes_gpc());
- }
- $_query = 'SELECT user_id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
- $_query = $db->Execute($_query);
- $num = $_query->RecordCount();
- if($num > 0)
- {
- $id = $_query->GetArray();
- $session->login($id[0]['user_id']);
- $message->thank('logging in', 'to return to the index', 'index.php');
- }
- else
- {
- $error->general('Incorrect Details', print_r($var));
- }
- }
- }
- /*
- Function Name: inbox
- Arguments: none
- Purpose: Diplsay user's PM inbox
- */
- function inbox()
- {
- $_uid_query = 'SELECT user_id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
- $_uid_query = $db->Execute($_query);
- $uid = $_query->GetArray();
- $_query = 'SELECT message_id, sender_id, send_date, subject, read FROM '.AS_TBL_PM.' WHERE recipient_id = '.$uid[0]['user_id'].' ORDER BY id DESC';
- $_query = $db->Execute($_query);
- $count = $_query->RecordCount();
- for ($i = 0; $i < $count; $i++)
- {
- $pm[$i] = array(
- 'id' => $_query->Fields('message_id'),
- 'from' => $session->get_username($_query->Fields('sender_id')),
- 'date' => $session->generate_timestamp($_query->Fields('send_date')),
- 'subject' => $_query->Fields('subject'),
- 'read' => $_query->Fields('read')
- );
- $_query->MoveNext();
- }
- $template =& new template(AS_TPL.'inbox.tpl');
- $template->set_var('pm', $pm);
- }
- /*
- Function Name: message
- Arguments: (int) id -- Private message ID
- Purpose: Display a private message
- */
- function message($id)
- {
- if (!is_numeric($id))
- {
- $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
- return false;
- }
- $_query = 'SELECT * FROM '.AS_TBL_PM.' WHERE message_id = ' . $id;
- $_query = $db->Execute($_query);
- $array = $db->GetArray($_query);
- $read =& new template(AS_TPL.'read.tpl');
- $read->set_var('from', $session->get_username($array[0]["sender_id"]));
- $read->set_var('date', $session->generate_timestamp($array[0]["send_date"]));
- $read->set_var('subject', $array[0]["subject"]);
- $read->set_var('message', $array[0]["message"]);
- if($array[0]['read'] != '1')
- {
- $_query = 'UPDATE '.AS_TBL_PM.' SET read = 1 WHERE id = ' . $id;
- if ($db->Execute($_query) === false)
- {
- $error->general('<b>DB Error!</b>', $db->ErrorMsg());
- return false;
- }
- }
- }
- /*
- Function Name: send
- Arguments: none
- Purpose: Display a form to send a private message
- */
- function send()
- {
- $template =& new template(AS_TPL.'send.tpl');
- }
- /*
- Function Name: send_process
- Arguments: none
- Purpose: Send a private message
- */
- function send_process()
- {
- }
-}
-$profile =& new profile;
-switch ($_GET["mode"])
-{
- case 'register':
- $profile->register();
- break;
- case 'edit':
- $profile->edit();
- break;
- case 'delete':
- $profile->delete();
- break;
- case 'pics':
- $profile->pics();
- break;
- case 'login':
- $profile->login();
- break;
- case 'inbox':
- $profile->inbox();
- break;
- case 'message':
- $profile->message($_GET["id"]);
- break;
- case 'send':
- $profile->send();
- break;
- case 'send_process':
- $profile->send_process();
- break;
-}
-?>
\ No newline at end of file
+<?php
+/*******************************************************
+ * Copyright (C) 2007 http://p3net.net
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+include('globals.php');
+class profile
+{
+ /*
+ Function Name: register
+ Arguments: none
+ Purpose: Register user
+ */
+ function register()
+ {
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template(AS_TPL.'forms/register.tpl');
+ }
+ else if($step == 2)
+ {
+ $_query = 'INSERT INTO '.AS_TBL_USERS.' (display_name, password, join_date, time_offset) ';
+ $_query .= 'VALUES('.$db->qstr($vars["display_name"],get_magic_quotes_gpc()).',';
+ $_query .= $db->qstr(md5($vars["password"]),get_magic_quotes_gpc()).',';
+ $_query .= mktime().','.qstr($vars["offset"],get_magic_quotes_gpc()).')';
+
+ if ($db->Execute($_query) === false)
+ {
+ $error->general("<b>DB Error!</b>", $db->ErrorMsg());
+ return false;
+ } else {
+ $message->thank('for registering.', 'to proceed to the login page.', 'profile.php?mode=login');
+ }
+ }
+ }
+ /*
+ Function Name: edit
+ Arguments: none
+ Purpose: Edit user profile information (IE, contents of user table)
+ */
+ function edit()
+ {
+
+ // DONT USE ME YET, IM STILL BROKEN!!!
+ $form =& new template(AS_TPL.'forms/edit_profile.tpl');
+
+ $_query1 = "SELECT * from " . AS_TBL_USERS . " where user_id='" . $user_id . "'";
+ $_query2 = "SELECT * from " . AS_TBL_SPROFLDS . " where user_id='" . $user_id . "'";
+ $_query3 = "SELECT * from " . AS_TBL_DPROFLDS . " where user_id='" . $user_id . "'";
+
+ if (($db->Execute($_query1) == false) || ($db->Execute($_query2) == false) || ($db->Execute($_query3) == false))
+ {
+ $error->general("<b>DB Error!</b>", $db->ErrorMsg());
+ return false;
+ }
+
+ }
+ /*
+ Function Name: delete
+ Arguments: None
+ Purpose: delete user
+ */
+ function delete()
+ {
+ /* Need to work everything else out first */
+ }
+ /*
+ Function Name: pics
+ Arguments: none
+ Purpose: Step 1 -- Display image upload form
+ Step 2 -- Upload profile image
+ */
+ function pics()
+ {
+ if(!($user->logged_in()))
+ {
+ $error->general("Not logged in", "Pics upload");
+ }
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template(AS_TPL.'forms/upload_pic.tpl');
+ }
+ else
+ {
+ if($_FILES['pic']['size'] < 1)
+ {
+ $error->general("No image uploaded", "File size = 0");
+ }
+ $file_name = $_FILES['pic']['name'];
+ $tmp_name = $_FILES['pic']['tmp_name'];
+ $file_size = $_FILES['pic']['size'];
+ $file_type = $_FILES['pic']['type'];
+
+ list($width, $height) = getimagesize($tmp_name) or $general->error("Could not upload", "Not an image");
+
+ $fp = fopen($tmp_name, 'r');
+ $content = fread($fp, filesize($tmp_name));
+ $content = addslashes($content);
+ fclose($fp);
+
+ $_query = 'INSERT INTO '.AS_TBL_IMG.' (owner_id, content, mime_type, desc, width, height, name, views)'
+ .'VALUES('. $user->data["user_id"] . ',' . $db->qstr($content) . ',' . $db->qstr($file_type) . "', ''"
+ .$db->qstr(htmlspecialchars($_POST["desc"]),get_magic_quotes_gpc()).','.$width.','.$height.','.$db->qstr($file_name,get_magic_quotes_gpc()).", '0')";
+ if ($db->Execute($_query) === false)
+ {
+ $error->general("<b>DB Error!</b>", $db->ErrorMsg());
+ return false;
+ }
+
+ $user->action(4, '');
+ $message->thank('for uploading an image', 'go back to the previous page', 'javascript:history.go(\'-2\')');
+ }
+ }
+ /*
+ Function Name: login
+ Arguments: None
+ Purpose: log user in
+ */
+ function login()
+ {
+ $step = empty($_GET["step"]) ? '1' : $_GET["step"];
+ if($step == 1)
+ {
+ $form =& new template(AS_TPL.'forms/login.tpl');
+ }
+ else
+ {
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = $db->qstr(htmlspecialchars($value),get_magic_quotes_gpc());
+ }
+ $_query = 'SELECT user_id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
+ $_query = $db->Execute($_query);
+ $num = $_query->RecordCount();
+ if($num > 0)
+ {
+ $id = $_query->GetArray();
+ $session->login($id[0]['user_id']);
+ $message->thank('logging in', 'to return to the index', 'index.php');
+ }
+ else
+ {
+ $error->general('Incorrect Details', print_r($var));
+ }
+ }
+ }
+ /*
+ Function Name: inbox
+ Arguments: none
+ Purpose: Diplsay user's PM inbox
+ */
+ function inbox()
+ {
+ $_uid_query = 'SELECT user_id FROM '.AS_TBL_USER.' WHERE email = ' . $var['email'] . ' AND password = ' . qstr(md5($var['password']));
+ $_uid_query = $db->Execute($_query);
+ $uid = $_query->GetArray();
+ $_query = 'SELECT message_id, sender_id, send_date, subject, read FROM '.AS_TBL_PM.' WHERE recipient_id = '.$uid[0]['user_id'].' ORDER BY id DESC';
+ $_query = $db->Execute($_query);
+ $count = $_query->RecordCount();
+ for ($i = 0; $i < $count; $i++)
+ {
+ $pm[$i] = array(
+ 'id' => $_query->Fields('message_id'),
+ 'from' => $session->get_username($_query->Fields('sender_id')),
+ 'date' => $session->generate_timestamp($_query->Fields('send_date')),
+ 'subject' => $_query->Fields('subject'),
+ 'read' => $_query->Fields('read')
+ );
+ $_query->MoveNext();
+ }
+ $template =& new template(AS_TPL.'inbox.tpl');
+ $template->set_var('pm', $pm);
+ }
+ /*
+ Function Name: message
+ Arguments: (int) id -- Private message ID
+ Purpose: Display a private message
+ */
+ function message($id)
+ {
+ if (!is_numeric($id))
+ {
+ $error->general('Invalid userID', "Invalid userID = Possible hack! Input value: \"".$id."\" User Hostname: ".$_SERVER['REMOTE_ADDR']);
+ return false;
+ }
+ $_query = 'SELECT * FROM '.AS_TBL_PM.' WHERE message_id = ' . $id;
+ $_query = $db->Execute($_query);
+ $array = $db->GetArray($_query);
+ $read =& new template(AS_TPL.'read.tpl');
+ $read->set_var('from', $session->get_username($array[0]["sender_id"]));
+ $read->set_var('date', $session->generate_timestamp($array[0]["send_date"]));
+ $read->set_var('subject', $array[0]["subject"]);
+ $read->set_var('message', $array[0]["message"]);
+ if($array[0]['read'] != '1')
+ {
+ $_query = 'UPDATE '.AS_TBL_PM.' SET read = 1 WHERE id = ' . $id;
+ if ($db->Execute($_query) === false)
+ {
+ $error->general('<b>DB Error!</b>', $db->ErrorMsg());
+ return false;
+ }
+ }
+ }
+ /*
+ Function Name: send
+ Arguments: none
+ Purpose: Display a form to send a private message
+ */
+ function send()
+ {
+ $template =& new template(AS_TPL.'send.tpl');
+ }
+ /*
+ Function Name: send_process
+ Arguments: none
+ Purpose: Send a private message
+ */
+ function send_process()
+ {
+ }
+}
+$profile =& new profile;
+switch ($_GET["mode"])
+{
+ case 'register':
+ $profile->register();
+ break;
+ case 'edit':
+ $profile->edit();
+ break;
+ case 'delete':
+ $profile->delete();
+ break;
+ case 'pics':
+ $profile->pics();
+ break;
+ case 'login':
+ $profile->login();
+ break;
+ case 'inbox':
+ $profile->inbox();
+ break;
+ case 'message':
+ $profile->message($_GET["id"]);
+ break;
+ case 'send':
+ $profile->send();
+ break;
+ case 'send_process':
+ $profile->send_process();
+ break;
+}
+?>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
