From 4f12fecebcd3f2a5bc6a0e7cdf9c420af4ed435a Mon Sep 17 00:00:00 2001 From: Carson Fleming Date: Thu, 16 Feb 2017 23:59:34 -0500 Subject: Did the profile --- dash/profile.php | 123 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 dash/profile.php (limited to 'dash/profile.php') diff --git a/dash/profile.php b/dash/profile.php new file mode 100644 index 0000000..13fc8d7 --- /dev/null +++ b/dash/profile.php @@ -0,0 +1,123 @@ + 0; +$title = 'Profile / Bulletin'; +$extra_head = ' '.PHP_EOL; +if (!$public) $extra_head .= ' '.PHP_EOL; +require('header.php'); +$user = $b_user; +if ($public) { + $result = $db->query('SELECT users.*, SUM(ratings.stars) / COUNT(ratings.stars) AS rating FROM users LEFT JOIN ratings ON ratings.rated = users.id LEFT JOIN responses ON responses.uid = users.id WHERE users.id = '.intval($_GET['id']).' AND users.active = 1 AND responses.matched = 1 LIMIT 1') or dash_fatal($db->error); + $user = $result->fetch_assoc(); + $result->free(); + if ($user['id'] < 1) dash_fatal('A user with that ID does not exist. You must have reached this page in error.'); +?> +
+
+

+

+
+
+
+'.PHP_EOL; + else + echo ' Profile Picture'.PHP_EOL; +?> +
+
+
+
+

Bio

+

No bio included in profile.' : htmlentities($user['bio'])); ?>

+
+
+
+

Personal Information

+

Email:

+ +

Phone:

+
+

Address

+

No address specified.' : htmlentities($user['address']));?>

+

Zipcode:

+
+
+
+escape_string($_POST['bio']).'\''; + $addr = empty($_POST['address']) ? 'NULL' : '\''.$db->escape_string($_POST['address']).'\''; + $patterns = array( + 'email' => '/^.+@.+\..+$/', + 'zip' => '/^\d{5}([-\s]\d{4})?$/', + 'phone' => '/\+?\d{1,3}\s*\(?\d{3}\)?\s*\d{3}([-\s]*)\d{4}$/', + ); + $pkeys = array_keys($patterns); + foreach ($pkeys as $pkey) { + if (!preg_match($patterns[$pkey], $_POST[$pkey])) dash_fatal('Invalid field values have been entered.'); + } + $deactivate = ''; + $usepropic = ''; + if ($_POST['email'] != $b_user['email']) { + $deactivate = ', active = 0'; + mail($_POST['email'], 'Verify Your Bulletin Email', eml_tpl(array( + 'activation_vars' => 'uid='.$b_user['id'].'&key='.$b_user['session'], + )), "From: ".$b_config['mail_from']."\r\nContent-type: text/html") or dash_fatal('We couldn\'t send mail to your new email address, so your profile has not been updated.'); + } + if (!empty($_FILES['picture']['tmp_name'])) { + $usepropic = ', picture = id'; + $tmpfile = $_FILES['picture']['tmp_name']; + if (getimagesize($tmpfile) === false) dash_fatal('Your uploaded file is not an image.'); + @$img = imagecreatefromstring(file_get_contents($tmpfile)); + @imagepng($img, 'uimg/'.$b_user['id'].'.png'); + @imagedestroy($img); + } + $db->query('UPDATE users SET email = \''.$db->escape_string($_POST['email']).'\', zipcode = \''.$db->escape_string($_POST['zip']).'\', phone = \''.$db->escape_string($_POST['phone']).'\', address = '.$addr.', bio = '.$bio.$usepropic.$deactivate.' WHERE id = '.$b_user['id']) or dash_fatal($db->error); + dash_fatal('Your profile has been updated. If you have changed your email, you will need to verify it before returning to Bulletin.', $b_config['base_url'].'dash/profile.php'); +} else { +?> +
+
+

+

+
+
+
+

Profile Picture

+
+'.PHP_EOL; + else + echo ' Profile Picture'.PHP_EOL; +?> +

Upload New

+
+ +
+
+
+

Include a Bio

+

+
+
+

Basic Information

+

+

+

+

+

+
+
+
+
+ -- cgit v1.2.3