function saveuser($uid, $name, $uname, $email, $femail, $url, $pass, $vpass, $bio, $user_avatar, $user_icq, $user_occ, $user_from, $user_intrest, $user_sig, $user_viewemail, $user_aim, $user_yim, $user_msnm, $attach, $usend_email, $uis_visible, $user_lnl, $C1, $C2, $C3, $C4, $C5, $C6, $C7, $C8, $M1, $M2, $T1, $T2, $B1, $MAX_FILE_SIZE, $raz_avatar)
{
global $NPDS_Prefix;
global $user, $userinfo, $system, $minpass;
$cookie = cookiedecode($user);
$check = $cookie[1];
$result = sql_query("SELECT uid, email FROM " . $NPDS_Prefix . "users WHERE uname='{$check}'");
list($vuid, $vemail) = sql_fetch_row($result);
if ($check == $uname and $uid == $vuid) {
if (isset($pass) && "{$pass}" != "{$vpass}") {
message_error("<i class=\"fa fa-exclamation\"></i> " . translate("Both passwords are different. They need to be identical.") . "<br /><br />", "");
} elseif ($pass != "" && strlen($pass) < $minpass) {
message_error("<i class=\"fa fa-exclamation\"></i> " . translate("Sorry, your password must be at least") . " <strong>{$minpass}</strong> " . translate("characters long") . "<br /><br />", "");
} else {
$stop = userCheck("edituser", $email);
if (!$stop) {
if ($bio) {
$bio = FixQuotes(strip_tags($bio));
}
if ($attach) {
$t = 1;
} else {
$t = 0;
}
if ($user_viewemail) {
$a = 1;
} else {
$a = 0;
}
if ($usend_email) {
$u = 1;
} else {
$u = 0;
}
if ($uis_visible) {
$v = 0;
} else {
$v = 1;
}
if ($user_lnl) {
$w = 1;
} else {
$w = 0;
}
if ($url != "") {
if (!substr_count($url, "http://")) {
$url = "http://" . $url;
}
if (trim($url) == "http://") {
$url = "";
}
}
include_once "modules/upload/upload.conf.php";
global $avatar_size;
if (!$avatar_size) {
$avatar_size = "80*100";
}
$avatar_limit = explode("*", $avatar_size);
if ($DOCUMENTROOT != "") {
$rep = $DOCUMENTROOT;
} else {
global $DOCUMENT_ROOT;
if ($DOCUMENT_ROOT) {
$rep = $DOCUMENT_ROOT;
} else {
$rep = $_SERVER['DOCUMENT_ROOT'];
}
}
if ($B1 != "none") {
global $language;
include_once "modules/upload/lang/upload.lang-{$language}.php";
include_once "modules/upload/clsUpload.php";
$upload = new Upload();
$upload->maxupload_size = $MAX_FILE_SIZE;
$field1_filename = trim($upload->getFileName("B1"));
$suffix = strtoLower(substr(strrchr($field1_filename, '.'), 1));
if ($suffix == "gif" or $suffix == "jpg" or $suffix == "png") {
$field1_filename = removeHack(preg_replace('#[/\\\\:\\*\\?"<>|]#i', '', rawurldecode($field1_filename)));
$field1_filename = preg_replace('#\\.{2}|config.php|/etc#i', '', $field1_filename);
if ($field1_filename) {
if ($autorise_upload_p) {
$user_dir = $racine . "/users_private/" . $uname . "/";
if (!is_dir($rep . $user_dir)) {
@umask("0000");
if (@mkdir($rep . $user_dir, 0777)) {
$fp = fopen($rep . $user_dir . "index.html", 'w');
fclose($fp);
} else {
$user_dir = $racine . "/users_private/";
}
}
} else {
$user_dir = $racine . "/users_private/";
}
if ($upload->saveAs($uname . "." . $suffix, $rep . $user_dir, "B1", true)) {
$old_user_avatar = $user_avatar;
$user_avatar = $user_dir . $uname . "." . $suffix;
$img_size = @getimagesize($rep . $user_avatar);
if ($img_size[0] > $avatar_limit[0] or $img_size[1] > $avatar_limit[1]) {
$raz_avatar = true;
}
if ($racine == "") {
$user_avatar = substr($user_avatar, 1);
}
}
}
}
}
if ($raz_avatar) {
if (strstr($user_avatar, "/users_private")) {
@unlink($rep . $user_avatar);
@unlink($rep . $old_user_avatar);
}
$user_avatar = "blank.gif";
}
if ($pass != '') {
cookiedecode($user);
if (!$system) {
$pass = crypt($pass, $pass);
}
sql_query("UPDATE " . $NPDS_Prefix . "users SET name='{$name}', email='{$email}', femail='" . removeHack($femail) . "', url='" . removeHack($url) . "', pass='******', bio='" . removeHack($bio) . "', user_avatar='{$user_avatar}', user_icq='" . removeHack($user_icq) . "', user_occ='" . removeHack($user_occ) . "', user_from='" . removeHack($user_from) . "', user_intrest='" . removeHack($user_intrest) . "', user_sig='" . removeHack($user_sig) . "', user_aim='" . removeHack($user_aim) . "', user_yim='" . removeHack($user_yim) . "', user_msnm='" . removeHack($user_msnm) . "', user_viewemail='{$a}', send_email='{$u}', is_visible='{$v}', user_lnl='{$w}' WHERE uid='{$uid}'");
$result = sql_query("SELECT uid, uname, pass, storynum, umode, uorder, thold, noscore, ublockon, theme FROM " . $NPDS_Prefix . "users WHERE uname='{$uname}' AND pass='******'");
if (sql_num_rows($result) == 1) {
$userinfo = sql_fetch_assoc($result);
docookie($userinfo['uid'], $userinfo['uname'], $userinfo['pass'], $userinfo['storynum'], $userinfo['umode'], $userinfo['uorder'], $userinfo['thold'], $userinfo['noscore'], $userinfo['ublockon'], $userinfo['theme'], $userinfo['commentmax'], "");
}
} else {
sql_query("UPDATE " . $NPDS_Prefix . "users SET name='{$name}', email='{$email}', femail='" . removeHack($femail) . "', url='" . removeHack($url) . "', bio='" . removeHack($bio) . "', user_avatar='{$user_avatar}', user_icq='" . removeHack($user_icq) . "', user_occ='" . removeHack($user_occ) . "', user_from='" . removeHack($user_from) . "', user_intrest='" . removeHack($user_intrest) . "', user_sig='" . removeHack($user_sig) . "', user_aim='" . removeHack($user_aim) . "', user_yim='" . removeHack($user_yim) . "', user_msnm='" . removeHack($user_msnm) . "', user_viewemail='{$a}', send_email='{$u}', is_visible='{$v}', user_lnl='{$w}' WHERE uid='{$uid}'");
}
sql_query("UPDATE " . $NPDS_Prefix . "users_status SET attachsig='{$t}' WHERE uid='{$uid}'");
$result = sql_query("SELECT uid FROM " . $NPDS_Prefix . "users_extend WHERE uid='{$uid}'");
if (sql_num_rows($result) == 1) {
sql_query("UPDATE " . $NPDS_Prefix . "users_extend SET C1='" . removeHack($C1) . "', C2='" . removeHack($C2) . "', C3='" . removeHack($C3) . "', C4='" . removeHack($C4) . "', C5='" . removeHack($C5) . "', C6='" . removeHack($C6) . "', C7='" . removeHack($C7) . "', C8='" . removeHack($C8) . "', M1='" . removeHack($M1) . "', M2='" . removeHack($M2) . "', T1='" . removeHack($T1) . "', T2='" . removeHack($T2) . "', B1='{$B1}' WHERE uid='{$uid}'");
} else {
$result = sql_query("INSERT INTO " . $NPDS_Prefix . "users_extend VALUES ('{$uid}','" . removeHack($C1) . "', '" . removeHack($C2) . "', '" . removeHack($C3) . "', '" . removeHack($C4) . "', '" . removeHack($C5) . "', '" . removeHack($C6) . "', '" . removeHack($C7) . "', '" . removeHack($C8) . "', '" . removeHack($M1) . "', '" . removeHack($M2) . "', '" . removeHack($T1) . "', '" . removeHack($T2) . "', '{$B1}')");
}
if ($pass != "") {
logout();
} else {
header("location: user.php?op=edituser");
}
} else {
message_error($stop, "");
}
}
} else {
Header("Location: index.php");
}
}
function AddImgs($imgscat, $newcard1, $newdesc1, $newcard2, $newdesc2, $newcard3, $newdesc3, $newcard4, $newdesc4, $newcard5, $newdesc5)
{
global $language, $MaxSizeImg, $MaxSizeThumb, $ModPath, $ModStart, $NPDS_Prefix;
include_once "modules/upload/lang/upload.lang-{$language}.php";
include_once "modules/upload/clsUpload.php";
$year = date("Y");
$month = date("m");
$day = date("d");
$hour = date("H");
$min = date("i");
$sec = date("s");
$i = 1;
while ($i <= 5) {
$img = "newcard{$i}";
$tit = "newdesc{$i}";
if (!empty(${$img})) {
$newimg = stripslashes(removeHack(${$img}));
if (!empty(${$tit})) {
$newtit = addslashes(removeHack(${$tit}));
} else {
$newtit = "";
}
$upload = new Upload();
$upload->maxupload_size = 200000 * 100;
$origin_filename = trim($upload->getFileName("newcard" . $i));
$filename_ext = strtolower(substr(strrchr($origin_filename, "."), 1));
if ($filename_ext == "jpg" or $filename_ext == "gif" or $filename_ext == "png") {
$newfilename = $year . $month . $day . $hour . $min . $sec . "-" . $i . "." . $filename_ext;
if ($upload->saveAs($newfilename, "modules/{$ModPath}/imgs/", "newcard" . $i, true)) {
if (function_exists('gd_info') or extension_loaded('gd')) {
@CreateThumb($newfilename, "modules/{$ModPath}/imgs/", "modules/{$ModPath}/imgs/", $MaxSizeImg, $filename_ext);
@CreateThumb($newfilename, "modules/{$ModPath}/imgs/", "modules/{$ModPath}/mini/", $MaxSizeThumb, $filename_ext);
}
if (sql_query("INSERT INTO " . $NPDS_Prefix . "tdgal_img VALUES ('','{$imgscat}','{$newfilename}','{$newtit}','','0','0')")) {
echo '<p class="lead"><i class="fa fa-info-circle"></i> ' . gal_trans("Image ajoutée avec succès") . '</p>';
} else {
echo '<p class="lead text-danger">' . gal_trans("Impossible d'ajouter l'image en BDD") . '</p>';
@unlink("modules/{$ModPath}/imgs/{$newfilename}");
@unlink("modules/{$ModPath}/mini/{$newfilename}");
}
} else {
echo '<p class="lead text-danger">' . $upload->errors . '</p>';
}
} else {
if ($filename_ext != "") {
echo '<p class="lead text-danger">' . gal_trans("Ce fichier n'est pas un fichier jpg ou gif") . '</p>';
}
}
}
$i++;
}
}
include_once "modules/upload/upload.conf.php";
settype($op, 'string');
switch ($op) {
case "upload":
if ($ficcmd_fma[0]) {
if ($userfile != "none") {
global $language;
include_once "modules/upload/lang/upload.lang-{$language}.php";
include_once "modules/upload/clsUpload.php";
$upload = new Upload();
$filename = trim($upload->getFileName("userfile"));
if ($filename) {
$upload->maxupload_size = $max_size;
$auto = fma_filter('f', $filename, $obj->Extension);
if ($auto[0]) {
if (!$upload->saveAs($auto[2], $base . '/', 'userfile', true)) {
$Err = $upload->errors;
} else {
Ecr_Log("security", "Upload File", $log_dir . "/" . $filename . " IP=>" . getip());
}
} else {
$Err = $auto[1];
}
}
}
}
break;
// Répertoires
// Répertoires
case "createdir":
if ($dircmd_fma[0]) {
include_once "modules/upload/upload.conf.php";
settype($op, 'string');
switch ($op) {
case "upload":
if ($ficcmd_fma[0]) {
if ($userfile != "none") {
global $language;
include_once "modules/upload/lang/upload.lang-{$language}.php";
include_once "modules/upload/clsUpload.php";
$upload = new Upload();
$filename = trim($upload->getFileName("userfile"));
if ($filename) {
$upload->maxupload_size = $max_size;
$auto = fma_filter("f", $filename, $obj->Extension);
if ($auto[0]) {
if (!$upload->saveAs($auto[2], $base . "/", "userfile", true)) {
$Err = $upload->errors;
} else {
Ecr_Log("security", "Upload File", $log_dir . "/" . $filename . " IP=>" . getip());
}
} else {
$Err = $auto[1];
}
}
}
}
break;
// Répertoires
// Répertoires
case "createdir":
if ($dircmd_fma[0]) {
array_walk($allowed_files, 'array_trim');
while (list($field, $values) = each($_FILES)) {
${$field} = '';
if ($upload->getFilename($field) == '') {
continue;
}
$file_name = $upload->getFilename($field);
${$field} = $file_name;
$upload_suffix = create_random(20);
$file_extension = trim(substr($file_name, strrpos($file_name, '.') + 1));
reset($allowed_files);
while (list($ext_key, $ext_val) = each($allowed_files)) {
if (preg_match('#' . preg_quote($ext_val) . '#i', $file_extension) <= 0) {
continue;
}
if ($upload->saveAs($file_name . '_' . $upload_suffix, $configuration['temp_folder'], $field, true)) {
$attachment_file_names[] = array('new' => $configuration['temp_folder'] . $file_name . '_' . $upload_suffix, 'old' => $file_name);
$form_output_file_names[$field] = $file_name;
$form_output_suffix[$field] = $upload_suffix;
}
}
}
// debug_mode($upload->errors, 'Upload');
// print_a($attachment_file_names);
}
// -----------------------------------------------------------------------------
/**
* Redirect to error page
*/
if (isset($limit_message) and !empty($limit_message) and isset($_POST['limit_error_page']) and !empty($_POST['limit_error_page'])) {
if ($debug_mode != 'on') {
function AddImgs($imgscat, $newcard1, $newdesc1, $newcard2, $newdesc2, $newcard3, $newdesc3, $newcard4, $newdesc4, $newcard5, $newdesc5, $user_connecte)
{
global $language, $MaxSizeImg, $MaxSizeThumb, $ModPath, $ModStart, $NPDS_Prefix, $ThisFile, $adminmail, $nuke_url, $notif_admin;
include_once "modules/upload/lang/upload.lang-{$language}.php";
include_once "modules/upload/clsUpload.php";
$newdesc1 = $newdesc1 . gal_trans(" proposé par ") . $user_connecte;
$newdesc2 = $newdesc2 . gal_trans(" proposé par ") . $user_connecte;
$newdesc3 = $newdesc3 . gal_trans(" proposé par ") . $user_connecte;
$newdesc4 = $newdesc4 . gal_trans(" proposé par ") . $user_connecte;
$newdesc5 = $newdesc5 . gal_trans(" proposé par ") . $user_connecte;
$year = date("Y");
$month = date("m");
$day = date("d");
$hour = date("H");
$min = date("i");
$sec = date("s");
echo '<h4 class="breadcrumb"><a href="' . $ThisFile . '">' . gal_trans("Accueil") . '</a></h4>';
echo '<p>' . gal_trans("Proposer des images") . '</p>';
echo "<ul>";
$soumission = false;
$i = 1;
while ($i <= 5) {
$img = "newcard{$i}";
$tit = "newdesc{$i}";
if (!empty(${$img})) {
$newimg = stripslashes(removeHack(${$img}));
if (!empty(${$tit})) {
$newtit = addslashes(removeHack(${$tit}));
} else {
$newtit = "";
}
$upload = new Upload();
$upload->maxupload_size = 200000 * 100;
$origin_filename = trim($upload->getFileName("newcard" . $i));
$filename_ext = strtolower(substr(strrchr($origin_filename, "."), 1));
if ($filename_ext == "jpg" or $filename_ext == "gif") {
$newfilename = $year . $month . $day . $hour . $min . $sec . "-" . $i . "." . $filename_ext;
if ($upload->saveAs($newfilename, "modules/{$ModPath}/imgs/", "newcard" . $i, true)) {
if (function_exists('gd_info') or extension_loaded('gd')) {
@CreateThumb($newfilename, "modules/{$ModPath}/imgs/", "modules/{$ModPath}/imgs/", $MaxSizeImg, $filename_ext);
@CreateThumb($newfilename, "modules/{$ModPath}/imgs/", "modules/{$ModPath}/mini/", $MaxSizeThumb, $filename_ext);
}
if (sql_query("INSERT INTO " . $NPDS_Prefix . "tdgal_img VALUES ('','{$imgscat}','{$newfilename}','{$newtit}','','0','1')")) {
echo "<li>" . gal_trans("Photo envoyée avec succès, elle sera traitée par le webmaster") . " : {$origin_filename}</li>";
$soumission = true;
} else {
echo "<li><span class=\"text-danger\">" . gal_trans("Impossible d'ajouter l'image en BDD") . " : {$origin_filename}</span></li>";
@unlink("modules/{$ModPath}/imgs/{$newfilename}");
@unlink("modules/{$ModPath}/mini/{$newfilename}");
}
} else {
echo "<li><span class=\"text-danger\">" . $upload->errors . "</span></li>";
}
} else {
if ($filename_ext != "") {
echo "<li><span class=\"text-danger\">" . gal_trans("Ce fichier n'est pas un fichier jpg ou gif") . " : {$origin_filename}</span></li>";
}
}
}
$i++;
}
echo "</ul>";
if ($notif_admin and $soumission) {
$subject = gal_trans("Nouvelle soumission de Photos");
$message = gal_trans("Des photos viennent d'être proposées dans la galerie photo du site ") . $nuke_url . gal_trans(" par ") . $user_connecte;
send_email($adminmail, $subject, $message, "", true, "html");
}
}
