• register now
• log in';
else {
eval ("\$title_myprofile = \"".gettemplate("title_myprofile")."\";");
echo $title_myprofile;
if($_POST['submit']) {
$nickname = substr(trim($_POST['nickname']), 0, 30);
$mail = $_POST['mail'];
$usernamenew = substr(trim($_POST['usernamenew']), 0, 30);
$usertext = $_POST['usertext'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$b_day = $_POST['b_day'];
$b_month = $_POST['b_month'];
$b_year = $_POST['b_year'];
$sex = $_POST['sex'];
$flag = $_POST['flag'];
$town = $_POST['town'];
$icq = $_POST['icq'];
$about = $_POST['messageabout'];
$clantag = $_POST['clantag'];
$clanname = $_POST['clanname'];
$clanhp = $_POST['clanhp'];
$clanirc = $_POST['clanirc'];
$clanhistory = $_POST['clanhistory'];
$cpu = $_POST['cpu'];
$mainboard = $_POST['mainboard'];
$monitor = $_POST['monitor'];
$ram = $_POST['ram'];
$graphiccard = $_POST['graphiccard'];
$soundcard = $_POST['soundcard'];
$connection = $_POST['connection'];
$keyboard = $_POST['keyboard'];
$mouse = $_POST['mouse'];
$mousepad = $_POST['mousepad'];
$newsletter = $_POST['newsletter'];
$homepage = $_POST['homepage'];
$pm_mail = $_POST['pm_mail'];
$avatar = $_FILES['avatar'];
$userpic = $_FILES['userpic'];
$id = $userID;
if($_POST['userID'] OR $_GET['userID'] OR $userID=="") die('Not logged in.');
$editname=false;
$ergebnis=safe_query("SELECT * FROM ".PREFIX."user WHERE userID='$id' ");
$ds=mysql_fetch_array($ergebnis);
if($usernamenew != $ds[username]) {
$ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE username = '".$usernamenew."' ");
$num = mysql_num_rows($ergebnis);
if($num) {
$error="your selected username is already in use!";
die('ERROR: '.$error.'
');
}
$editname=true;
}
if($_POST['delavatar']) {
$filepath = "./images/avatars/";
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
safe_query("UPDATE ".PREFIX."user SET avatar='' WHERE userID='$id' ");
}
if($_POST['deluserpic']) {
$filepath = "./images/userpics/";
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
safe_query("UPDATE ".PREFIX."user SET userpic='' WHERE userID='$id' ");
}
//avatar
$filepath = "./images/avatars/";
if ($avatar['name'] != "" OR ($_POST['avatar_url'] != "" AND $_POST['avatar_url'] != "http://")) {
if($avatar['name'] != "") {
move_uploaded_file($avatar[tmp_name], $filepath.$avatar[name].".tmp");
} else {
$avatar[name] = strrchr($_POST['avatar_url'],"/");
if(!copy($_POST['avatar_url'],$filepath.$avatar[name].".tmp")) {
$error = "can not copy file from server";
die('ERROR: '.$error.'
');
}
}
@chmod($filepath.$avatar[name].".tmp", 0755);
$info = getimagesize($filepath.$avatar[name].".tmp");
if($info[0] < 91 && $info[1] < 91) {
if($info[2] == 2) {
$pic=$id.'.jpg';
if(file_exists($filepath.$pic)) @unlink($filepath.$pic);
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
rename($filepath.$avatar[name].".tmp", $filepath.$pic);
safe_query("UPDATE ".PREFIX."user SET avatar='$pic' WHERE userID='$id' ");
}
elseif($info[2] == 1) {
$pic=$id.'.gif';
if(file_exists($filepath.$pic)) @unlink($filepath.$pic);
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
rename($filepath.$avatar[name].".tmp", $filepath.$pic);
safe_query("UPDATE ".PREFIX."user SET avatar='$pic' WHERE userID='$id' ");
}
else {
if(unlink($filepath.$avatar[name].".tmp")) {
$error = "invalid picture-format (allowed: gif or jpg)";
die('ERROR: '.$error.'
');
} else {
$error = "upload failed";
die('ERROR: '.$error.'
');
}
}
}
else {
@unlink($filepath.$avatar[name].".tmp");
$error = "picture is to big max 90/90px";
die('ERROR: '.$error.'
');
}
}
//userpic
$filepath = "./images/userpics/";
if ($userpic[name] != "" OR ($_POST['userpic_url'] != "" AND $_POST['userpic_url'] != "http://")) {
if($userpic[name] != "") {
move_uploaded_file($userpic[tmp_name], $filepath.$userpic[name].".tmp");
} else {
$userpic[name] = strrchr($_POST['userpic_url'],"/");
if(!copy($_POST['userpic_url'],$filepath.$userpic[name].".tmp")) {
$error = "can not copy file from server";
die('ERROR: '.$error.'
');
}
}
@chmod($filepath.$userpic[name].".tmp", 0755);
$info = getimagesize($filepath.$userpic[name].".tmp");
if($info[0] < 231 && $info[1] < 211) {
if($info[2] == 2) {
$pic=$id.'.jpg';
if(file_exists($filepath.$pic)) @unlink($filepath.$pic);
if(file_exists($filepath.$id.'.gif')) @unlink($filepath.$id.'.gif');
rename($filepath.$userpic[name].".tmp", $filepath.$pic);
safe_query("UPDATE ".PREFIX."user SET userpic='$pic' WHERE userID='$id' ");
}
elseif($info[2] == 1) {
$pic=$id.'.gif';
if(file_exists($filepath.$pic)) @unlink($filepath.$pic);
if(file_exists($filepath.$id.'.jpg')) @unlink($filepath.$id.'.jpg');
rename($filepath.$userpic[name].".tmp", $filepath.$pic);
safe_query("UPDATE ".PREFIX."user SET userpic='$pic' WHERE userID='$id' ");
}
else {
if(unlink($filepath.$userpic[name].".tmp")) {
$error = "invalid picture-format (allowed: gif or jpg)";
die('ERROR: '.$error.'
');
} else {
$error = "upload failed";
die('ERROR: '.$error.'
');
}
}
}
else {
@unlink($filepath.$userpic[name].".tmp");
$error = "picture is to big max 230/210px";
die('ERROR: '.$error.'
');
}
}
$birthday = $b_year.'-'.$b_month.'-'.$b_day;
$ergebnis = safe_query("SELECT * FROM ".PREFIX."user WHERE nickname = '$nickname' ");
$num = mysql_num_rows($ergebnis);
if($num && getnickname($userID)!=$nickname) die('nickname already in use!
');
safe_query("UPDATE `".PREFIX."user` SET nickname='".mysql_escape_string($nickname)."',
email='".mysql_escape_string($mail)."',
firstname='".mysql_escape_string($firstname)."',
lastname='".mysql_escape_string($lastname)."',
sex='".mysql_escape_string($sex)."',
country='".mysql_escape_string($flag)."',
town='".mysql_escape_string($town)."',
birthday='".mysql_escape_string($birthday)."',
icq='".mysql_escape_string($icq)."',
usertext='".mysql_escape_string($usertext)."',
clantag='".mysql_escape_string($clantag)."',
clanname='".mysql_escape_string($clanname)."',
clanhp='".mysql_escape_string($clanhp)."',
clanirc='".mysql_escape_string($clanirc)."',
clanhistory='".mysql_escape_string($clanhistory)."',
cpu='".mysql_escape_string($cpu)."' WHERE userID='$id' ");
safe_query("UPDATE `".PREFIX."user` SET mainboard='".mysql_escape_string($mainboard)."',
ram='".mysql_escape_string($ram)."',
monitor='".mysql_escape_string($monitor)."',
graphiccard='".mysql_escape_string($graphiccard)."',
soundcard='".mysql_escape_string($soundcard)."',
verbindung='".mysql_escape_string($connection)."',
keyboard='".mysql_escape_string($keyboard)."',
mouse='".mysql_escape_string($mouse)."',
mousepad='".mysql_escape_string($mousepad)."',
mailonpm='".mysql_escape_string($pm_mail)."',
newsletter='".mysql_escape_string($newsletter)."',
homepage='".mysql_escape_string($homepage)."',
about='".mysql_escape_string($about)."' WHERE userID='$id' ");
if($editname) safe_query("UPDATE ".PREFIX."user SET username='$usernamenew' WHERE userID='$id' ");
echo'Your Profile has been updated. Just wait a few seconds to be redirected!
';
}
elseif($_GET['action']=="editpwd") {
echo'';
}
elseif($_POST['savepwd']) {
$oldpwd = $_POST['oldpwd'];
$pwd1 = $_POST['pwd1'];
$pwd2 = $_POST['pwd2'];
$id=$userID;
$ergebnis=safe_query("SELECT * FROM ".PREFIX."user WHERE userID='$id'");
$ds=mysql_fetch_array($ergebnis);
if(!(strlen(trim($oldpwd)))) {
$error="you forgot to enter your old password!";
die('ERROR: '.$error.'
');
}
$oldmd5pwd=md5($oldpwd);
if($oldmd5pwd != $ds[password]) {
$error="your old password is not valid!";
die('ERROR: '.$error.'
');
}
if($pwd1 == $pwd2) {
if(!(strlen(trim($pwd1)))) {
$error="you forgot to enter a new password!";
die('ERROR: '.$error.'
');
}
}
else {
$error="your repeated password is not valid!";
die('ERROR: '.$error.'
');
}
$newmd5pwd=md5($pwd1);
safe_query("UPDATE ".PREFIX."user SET password='$newmd5pwd' WHERE userID='$userID'");
echo'Your password has been changed. You have to log in again.';
//logout
unset($_SESSION['ws_auth']);
unset($_SESSION['ws_lastlogin']);
if (isset($_COOKIE['ws_session'])) {
setcookie('ws_session', '', time()-42000, '/');
}
if (isset($_COOKIE['PHPSESSID'])) {
setcookie('PHPSESSID', '', time()-42000, '/');
}
session_destroy();
if (isset($_COOKIE['ws_auth'])) {
setcookie('ws_auth', '', time()-(24*60*60));
}
}
else {
$ergebnis=safe_query("SELECT * FROM ".PREFIX."user WHERE userID='$userID' ");
$anz=mysql_num_rows($ergebnis);
if($anz) {
$ds=mysql_fetch_array($ergebnis);
$flag = '[flag]'.$ds[country].'[/flag]';
$country=flags($flag);
if($ds[sex]=="m") $sex='';
else $sex='';
if($ds[newsletter]=="1") $newsletter='';
else $newsletter='';
if($ds[mailonpm]=="1") $pm_mail='';
else $pm_mail='';
$b_day=substr($ds[birthday],8,2);
$b_month=substr($ds[birthday],5,2);
$b_year=substr($ds[birthday],0,4);
$countries=str_replace(" selected", "", $countries);
$countries=str_replace('value="'.$ds[country].'"', 'value="'.$ds[country].'" selected', $countries);
if($ds[avatar]) $viewavatar='• Avatar:';
else $viewavatar='Avatar:';
if($ds[userpic]) $viewpic='• Userpic:';
else $viewpic='User-Pic:';
$usertext=clearfromtags($ds[usertext]);
$clanhistory=clearfromtags($ds[clanhistory]);
$clanname=clearfromtags($ds[clanname]);
$clantag=clearfromtags($ds[clantag]);
$clanirc=clearfromtags($ds[clanirc]);
$firstname=clearfromtags($ds[firstname]);
$lastname=clearfromtags($ds[lastname]);
$town=clearfromtags($ds[town]);
$cpu=clearfromtags($ds[cpu]);
$mainboard=clearfromtags($ds[mainboard]);
$ram=clearfromtags($ds[ram]);
$monitor=clearfromtags($ds[monitor]);
$graphiccard=clearfromtags($ds[graphiccard]);
$soundcard=clearfromtags($ds[soundcard]);
$connection=clearfromtags($ds[verbindung]);
$keyboard=clearfromtags($ds[keyboard]);
$mouse=clearfromtags($ds[mouse]);
$mousepad=clearfromtags($ds[mousepad]);
$clanhp=getinput($ds[clanhp]);
$bg1=BG_1;
$bg2=BG_2;
$bg3=BG_3;
$bg4=BG_4;
eval ("\$myprofile = \"".gettemplate("myprofile")."\";");
echo $myprofile;
}
else echo'You have to be logged in to view your profile!
• register now
• log in';
}
}
?>