public function deleteModule($moduleComponentId) { global $sourceFolder; require_once "{$sourceFolder}/upload.lib.php"; $arr = getUploadedFiles($moduleComponentId, 'gallery'); $content = true; for ($c = 0; $c < count($arr); $c++) { $content = deleteFile($moduleComponentId, 'gallery', $arr[$c]['upload_filename']) && $content; } $gallQuery = "DELETE FROM `gall_name` where `page_modulecomponentid`='{$moduleComponentId}'"; $gallResult = mysql_query($gallQuery); $gallQuery2 = "DELETE FROM `gall_pics` where `page_modulecomponentid`='{$moduleComponentId}'"; $gallResult2 = mysql_query($gallQuery2); return $content; }
function getProfileForm($userId, $userName, $userFullname, $forEditRegistrant = false) { global $urlRequestRoot, $moduleFolder, $cmsFolder, $sourceFolder, $templateFolder; require_once "{$sourceFolder}/{$moduleFolder}/form/registrationformsubmit.php"; require_once "{$sourceFolder}/{$moduleFolder}/form/registrationformgenerate.php"; require_once "{$sourceFolder}/upload.lib.php"; $fakeModuleComponentId = $userId; $profileimgname = getUploadedFiles($fakeModuleComponentId, 'profile'); if ($profileimgname == NULL) { $profileimgname = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images/no-img.jpg"; } else { $profileimgname = "./+profile&fileget={$profileimgname[0]['upload_filename']}"; } $profileimg = "<img id=profileimg src='{$profileimgname}' alt='Profile Image' title='Profile Image' height=120 width=100><br/>"; $profileimgupload = getFileUploadField('profileimage', 'profile', 512 * 1024); $jsValidationFunctions = array(); $containsFileUploadFields = false; $dynamicFields = getFormElementsHtmlAsArray(0, $userId, $jsValidationFunctions, $containsFileUploadFields); $dynamicFields = join($dynamicFields, "</tr>\n<tr>"); if ($dynamicFields != '') { $dynamicFields = "<tr>{$dynamicFields}</tr>"; } $jsValidationFunctions = join($jsValidationFunctions, ' && '); $captchaValidation = ''; if (!$forEditRegistrant) { $captchaQuery = 'SELECT `form_usecaptcha` FROM `form_desc` WHERE `page_modulecomponentid` = 0'; $captchaResult = mysql_query($captchaQuery); $captchaRow = mysql_fetch_row($captchaResult); if (isset($captchaRow[0]) && $captchaRow[0] == 1) { $captchaValidation = getCaptchaHtml(); } } $fValidatorPath = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts/formValidator.js"; $ValidatorPath = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}/form/validation.js"; $calpath = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}"; $formAction = './+profile'; if ($forEditRegistrant) { $formAction = './+admin&subaction=editsiteregistrants&subsubaction=editregistrant'; } global $ICONS; global $STARTSCRIPTS; $STARTSCRIPTS .= "document.getElementsByName('profileimage[]')[0].disabled=true;"; $profileForm = <<<PREF <script language="javscript" type="text/javascript" src="{$ValidatorPath}"></script> <script language="javascript" type="text/javascript" src="{$fValidatorPath}"></script> <link rel="stylesheet" type="text/css" media="all" href="{$calpath}/form/calendar/calendar.css" title="Aqua" /> <script language="javascript" type="text/javascript" src="{$calpath}/form/calendar/calendar.js"></script> <script language="javascript" type="text/javascript"> \twindow.addEvent("domready", function() { \t\tvar exValidatorA = new fValidator("registrationform"); \t}); \tfunction checkPassword(inputhandler) { \t\tinputhandler2=document.getElementById("user_newpassword"); \t\tif(inputhandler.value!=inputhandler2.value)\t{ \t\t\talert("The password you typed in the New Password field does not match the one in the Confirmation Box."); \t\t\tinputhandler.value=""; \t\t\tinputhandler2.value=""; \t\t\tinputhandler2.focus(); \t\t\treturn false; \t\t} \t\treturn true; \t} \tfunction checkProfileForm(inputhandler) { \t\tif(inputhandler.user_newpassword.value.length!=0) { \t\t\tif(inputhandler.user_password.value.length==0) { \t\t\t\talert("Please enter your current password in order to change to a new one."); \t\t\t\treturn false; \t\t\t} \t\t} \t\tif(checkPassword(inputhandler.user_newrepassword)==false) \t\t\treturn false; \t\treturn {$jsValidationFunctions}; \t} \t \tfunction toggle_img_upform() \t{ \t\tvar obj1=document.getElementsByName('profileimage[]')[0]; \t\tvar obj2=document.getElementById('upnewradio'); \t\tobj1.disabled=(obj2.checked==true?false:true); \t} \t </script> <div class="cms-registrationform"> \t<form id="cms-registrationform" class="fValidator-form" method="POST" name="user_profile_usrFrm" onsubmit="return checkProfileForm(this)" action="{$formAction}" enctype="multipart/form-data"> \t\t<fieldset style="width:80%"> \t\t\t<legend>{$ICONS['User Profile']['small']}Profile Preferences</legend> \t\t\t<table> \t\t\t\t<tr> \t\t\t\t<td colspan=2 style="text-align:center">{$profileimg}</td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td><label for="user_name" class="labelrequired">Name</label></td> \t\t\t\t\t<td><input name="user_name" id="user_name" class="fValidate['required']" type="text" value="{$userName}"></td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td><label for="user_fullname" class="labelrequired">Full Name</label></td> \t\t\t\t\t<td><input name="user_fullname" id="user_fullname" class="fValidate['required']" type="text" value="{$userFullname}"></td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td>Profile image</td> \t\t\t\t\t<td> \t\t\t\t\t<input type="radio" name="profileimgaction" value="usecurrent" checked onclick="toggle_img_upform()"> Use existing image<br/> \t\t\t\t\t<input id='upnewradio' type="radio" name="profileimgaction" value="uploadnew" onclick="toggle_img_upform()"> Upload new image<br/> \t\t\t\t\t<input type="radio" name="profileimgaction" value="noimage" onclick="toggle_img_upform()"> Remove your image \t\t\t\t\t</td> \t\t\t\t<tr> \t\t\t\t\t<td><label for="profileimage">Upload new profile image (maximum size is 512 KB)</td> \t\t\t\t\t<td>{$profileimgupload}</td> \t\t\t\t</tr> PREF; if (!$forEditRegistrant) { $profileForm .= <<<PREF \t\t\t\t<tr> \t\t\t\t\t<td><label for="user_password" class="labelrequired">Current Password (Only for changing password)</label></td> \t\t\t\t\t<td><input name="user_password" id="user_password" class="" type="password"></td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td><label for="user_newpassword" class="labelrequired">New Password</label></td> \t\t\t\t\t<td> <input name="user_newpassword" id="user_newpassword" class="fValidate['']" type="password"></td> \t\t\t\t</tr> \t\t\t\t<tr> <td><label for="user_newrepassword" class="labelrequired">Re-enter New Password</label></td> \t\t\t\t\t<td> <input name="user_newrepassword" id="user_newrepassword" class="fValidate['=user_newpassword']" type="password"></td> \t\t\t\t</tr> PREF; } $profileForm .= <<<PREF \t\t\t\t\t{$dynamicFields} \t\t\t\t\t{$captchaValidation} \t\t\t\t<tr> \t\t\t\t\t<td colspan="2"> </td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td><input type="submit" name="btnSubmitProfile" id="submitbutton" value="Save Profile"></td> \t\t\t\t\t<td></td> \t\t\t\t</tr> \t\t\t</table> PREF; if ($forEditRegistrant) { $profileForm .= '<input type="hidden" name="useremail" value="' . getUserEmail($userId) . '" />'; } $profileForm .= <<<PREF \t\t</fieldset> \t</form> </div> PREF; // TODO: implement getProfileNewsletterList completely. return $profileForm . getProfileGroupsAndFormsList($userId) . getProfileNewsletterList($userId); return $profileForm . getProfileForms($userId) . getProfileGroupsAndFormsList($userId) . getFormDeadlines($userId); }
/** * function actionEdit: * Edit interface for all safedit module instances * will be called from $this->getHtml function */ public function actionEdit() { $ret = <<<RET <style type="text/css"> textarea { \tfont-size: 130%; \tbackground: white; } </style> RET; global $sourceFolder, $ICONS; require_once $sourceFolder . "/upload.lib.php"; submitFileUploadForm($this->moduleComponentId, "safedit", $this->userId, UPLOAD_SIZE_LIMIT); $end = "<fieldset id='uploadFile'><legend>{$ICONS['Uploaded Files']['small']}File Upload</legend>Upload files : <br />" . getFileUploadForm($this->moduleComponentId, "safedit", './+edit', UPLOAD_SIZE_LIMIT, 5) . getUploadedFilePreviewDeleteForm($this->moduleComponentId, "safedit", './+edit') . '</fieldset>'; $val = mysql_fetch_assoc(mysql_query("SELECT `page_title` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module` = 'safedit' AND `page_modulecomponentid` = '{$this->moduleComponentId}'")); $ret .= "<h1>Editing '" . $val['page_title'] . "' page</h1>"; if (isset($_GET['subaction'])) { if ($_GET['subaction'] == "addSection") { $show = isset($_POST['sectionShow']); $heading = escape($_POST['heading']); $result = mysql_query("SELECT MAX(`section_id`)+1 as `section_id` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'") or die(mysql_error()); $row = mysql_fetch_row($result); $sectionId = $row[0]; $result = mysql_query("SELECT MAX(`section_priority`)+1 as `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'"); $row = mysql_fetch_row($result); $priority = $row[0]; $query = "INSERT INTO `safedit_sections`(`page_modulecomponentid`,`section_id`,`section_heading`,`section_type`,`section_show`,`section_priority`) VALUES ('{$this->moduleComponentId}','{$sectionId}','{$heading}','" . escape($_POST['type']) . "','{$show}','{$priority}')"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section: {$heading}, created"); } else { displayerror("Couldn't create section"); } } else { if ($_GET['subaction'] == 'deleteSection') { $sectionId = escape($_GET['sectionId']); $query = "DELETE FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section deleted succesfully"); } else { displayerror("Couldn't delete section"); } } else { if ($_GET['subaction'] == 'saveSection') { $sectionId = escape($_POST['sectionId']); $heading = escape($_POST['heading']); $typeUpdate = isset($_POST['type']) ? ", `section_type` = '{$_POST['type']}'" : ''; $show = ", `section_show` = '" . isset($_POST['sectionShow']) . "'"; $result = mysql_query("SELECT `section_type` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"); $row = mysql_fetch_row($result); $type = $row[0]; if ($type == "para" || $type == "ulist" || $type == "olist") { $sectionContent = escape($this->processSave($_POST['content'])); } else { if ($type == "picture") { $sectionContent = escape($_POST['selectFile']); } } $query = "UPDATE `safedit_sections` SET `section_heading` = '{$heading}', `section_content` = '{$sectionContent}'{$typeUpdate}{$show} WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section saved successfully"); } } else { if ($_GET['subaction'] == 'moveUp' || $_GET['subaction'] == 'moveDown') { $compare = $_GET['subaction'] == 'moveUp' ? '<=' : '>='; $arrange = $_GET['subaction'] == 'moveUp' ? 'DESC' : 'ASC'; $sectionId = escape($_GET['sectionId']); $query = "SELECT `section_id`,`section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` '{$compare}' (SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}') ORDER BY `section_priority` '{$arrange}' LIMIT 2"; $result = mysql_query($query); $row = mysql_fetch_row($result); $sid = $row[0]; $spr = $row[1]; if ($row = mysql_fetch_row($result)) { mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$spr}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$row[0]}'"); mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$row[1]}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sid}'"); } } else { if ($_GET['subaction'] == 'moveTop' || $_GET['subaction'] == 'moveBottom') { $sectionId = escape($_GET['sectionId']); $cpri = mysql_fetch_row(mysql_query("SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'")) or die(mysql_error()); if ($_GET['subaction'] == 'moveTop') { $sign = '+'; $cmpr = '<'; $set = '0'; } else { $sign = '-'; $cmpr = '>'; $set = mysql_fetch_row(mysql_query("SELECT MAX(`section_priority`) FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'")) or die(mysql_error()); $set = isset($set[0]) ? $set[0] : ''; } $cmpr = $_GET['subaction'] == 'moveTop' ? '<' : '>'; $query = "UPDATE `safedit_sections` SET `section_priority` = `section_priority`{$sign}1 WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` {$cmpr} '{$cpri[0]}'"; mysql_query($query) or die(mysql_error()); mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$set}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'") or die(mysql_error()); } } } } } } $result = mysql_query("SELECT `section_id`,`section_heading`,`section_type`,`section_content`,`section_show` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `section_priority`"); while ($row = mysql_fetch_assoc($result)) { $show = $row['section_show'] ? 'checked ' : ''; $type = $row['section_type']; $help = $type != "picture" ? " <a href='#help' title='Only Plain text allowed, Click to know more'>{$ICONS['Help']['small']}</a>" : ''; $ret .= <<<RET <form action='./+edit&subaction=saveSection' method=POST><input type=hidden value='{$row['section_id']}' name='sectionId' /><fieldset><legend><input type=checkbox name='sectionShow' {$show}/><input type=text name=heading value='{$row['section_heading']}' style='border:0;background:none;' /> <a href='./+edit&subaction=moveUp§ionId={$row['section_id']}' title='Move one level Up'>{$ICONS['Up']['small']}</a> <a href='./+edit&subaction=moveDown§ionId={$row['section_id']}' title='Move one level Down'>{$ICONS['Down']['small']}</a> <a href='./+edit&subaction=moveTop§ionId={$row['section_id']}' title='Move to Top'>{$ICONS['Top']['small']}</a> <a href='./+edit&subaction=moveBottom§ionId={$row['section_id']}' title='Move to Bottom'>{$ICONS['Bottom']['small']}</a> <a href='./+edit&subaction=deleteSection§ionId={$row['section_id']}' title='Delete Section'>{$ICONS['Delete Section']['small']}</a>{$help}</legend><div class='safedit_section'> RET; $safeContent = safe_html($row['section_content']); if ($type == "ulist" || $type == "olist" || $type == "para") { $usel = $type == "ulist" ? ' selected' : ''; $osel = $type == "olist" ? ' selected' : ''; $psel = $type == "para" ? ' selected' : ''; $ret .= <<<PARA <textarea name=content rows=7 style="width:100%">{$safeContent}</textarea> <select name=type> <option value="para"{$psel}>Paragraph</option> <option value="ulist"{$usel}>List</option> <option value="olist"{$osel}>Numbered List</option> </select> PARA; } else { if ($type == "picture") { $files = getUploadedFiles($this->moduleComponentId, "safedit"); $ret .= "<a href='#uploadFile'>Upload File</a><br /><select name=selectFile><option value=''>No picture</option>"; foreach ($files as $currFile) { $select = $row['section_content'] == $currFile['upload_filename'] ? ' selected' : ''; $ret .= "<option value='{$currFile['upload_filename']}'{$select}>{$currFile['upload_filename']}</option>"; } $ret .= "</select>"; } } $ret .= <<<SUBMIT <input type=submit value='Save section' /></div></fieldset></form> SUBMIT; } $ret .= <<<RET <fieldset> <legend>{$ICONS['Add']['small']}Create New Section</legend> <form action="./+edit&subaction=addSection" method=POST> <select name='type'> <option value="para">Paragraph</option> <option value="ulist">List</option> <option value="olist">Numbered List</option> <option value="picture">Picture</option> </select> <input type=text name="heading" /> <input type=checkbox name="sectionShow" checked /> <input type=submit value="Add section" name="btnAddSection" /> </form> </fieldset> RET; $ret .= $end; $ret .= <<<RET <small id="help"><ul><li>You can display only Plain text, any custom formatting will be prevented.<br />To make a link, enclose the text with '{' and '}' and add the target to the end of the line after '|'<br />For eg:<br />{This is a link}, and this is not a link|http://www.google.com<br />The above line will make a link to google.com</li><li>Leave section heading text box blank(without even spaces) to avoid displaying Heading</li></ul></small> RET; return $ret; }
/** * Returns a form which displays the list of files uploaded in that page and if the user has sufficient permissions option to delete files. * @param $moduleComponentId page_modulecomponentid. * @param $moduleName The module which is calling this function. * @param $deleteFormAction The page or action that must be taken on clicking the delete option in the final form, * @return A variable that has the required form. * */ function getUploadedFilePreviewDeleteForm($moduleComponentId, $moduleName, $deleteFormAction = './+edit') { global $uploadedFormNumber; if (!isset($uploadedFormNumber)) { $uploadedFormNumber = 1; } $uploadedFormNumber += 1; if (isset($_POST['file_deleted']) && $_POST['file_deleted'] == "form_{$uploadedFormNumber}") { if (isset($_GET['deletefile'])) { if (deleteFile($moduleComponentId, $moduleName, escape($_GET['deletefile']))) { displayinfo("The file " . escape($_GET['deletefile']) . " has been removed"); } else { displayinfo("Unable to remove the file."); } } } $uploadedFiles = getUploadedFiles($moduleComponentId, $moduleName); $uploadedFilesString = ""; foreach ($uploadedFiles as $file) { $uploadedUserEmail = getUserEmail($file['user_id']); $uploadedUserName = getUserFullName($file['user_id']); $fileDelete = addslashes($file['upload_filename']); $uploadedFilesString .= <<<UPLOADEDFILESSTRING \t\t<tr> \t\t\t<td><a href="./{$file['upload_filename']}" onMouseOver="javascript:showPath('{$fileDelete}')" target="previewIframe_{$uploadedFormNumber}">{$file['upload_filename']}</a></td> \t\t\t<td>{$uploadedUserName}</td> \t\t\t<td>{$uploadedUserEmail}</td> \t\t\t<td>{$file['upload_time']}</td> \t\t\t<td><input type='submit' value='Delete' onclick="return checkDeleteUpload(this, '{$fileDelete}');"></td> \t\t</tr> UPLOADEDFILESSTRING; } global $urlRequestRoot; global $cmsFolder; global $STARTSCRIPTS; if (count($uploadedFiles) > 0) { $smarttablestuff = smarttable::render(array('filestable'), null); $STARTSCRIPTS .= "initSmartTable();"; $uploadedFilesString = <<<UPLOADEDFILESSTRING \t<form action="{$deleteFormAction}" method="POST" name="deleteFile"> \t\t<script language="javascript"> \t \tfunction showPath(fileName) { \t \t\tpath = document.location.pathname; \t\t\t\tpath = path.split('+'); \t\t\t\tpath = path[0].split('&'); \t\t\t\tdocument.getElementById("preview_uploadedfile_{$uploadedFormNumber}").setAttribute('value',path[0]+fileName); \t\t\t} \t\t\tfunction checkDeleteUpload(butt,fileDel) { \t\t\t\tif(confirm('Are you sure you want to delete '+fileDel+'?')) { \t\t\t\t\tbutt.form.action+='&deletefile='+fileDel; \t\t\t\t\tbutt.form.submit(); \t\t\t\t} \t\t\t\telse \t\t\t\t\treturn false; \t\t\t} \t\t\t \t </script> \t\t{$smarttablestuff} \t\t<table border="1" width="100%"> \t\t\t\t<tr> \t\t\t\t\t \t\t\t\t\t<td height="100" width="100%" style="overflow:scroll"> \t\t\t\t\t<center>Preview (only for images)</center> \t\t\t\t\t<iframe name="previewIframe_{$uploadedFormNumber}" width="100%" style="min-height:200px" ></iframe> \t\t\t\t\t</td> \t\t\t\t\t \t\t\t\t</tr> \t\t\t<tr> \t\t\t\t<td> \t\t\t\t\t<b>Click</b> for preview \t\t\t\t</td> \t\t\t\t \t\t\t</tr> \t\t\t<tr> \t\t\t\t<td> \t\t\t\t\t<table class="display" id="filestable" border="1" width="100%"> \t\t\t\t\t\t<thead> \t\t\t\t\t\t<tr> \t\t\t\t\t\t\t<th>File</th> \t\t\t\t\t\t\t<th>Uploaded By</th> \t\t\t\t\t\t\t<th>Email Id</th> \t\t\t\t\t\t\t<th>Upload Time</th> \t\t\t\t\t\t\t<th>Delete</th> \t\t\t\t\t\t</tr> \t\t\t\t\t\t</thead> \t\t\t\t\t\t<tbody> \t\t\t\t\t\t{$uploadedFilesString} \t\t\t\t\t\t</tbody> \t\t\t\t\t</table> \t\t\t\t</td> \t\t\t\t \t\t\t</tr> \t\t\t<tr> \t\t\t\t<td align="right">Path for file (move mouse over name): \t\t\t\t \t\t\t\t\t<input type="text" style="width:97%" readonly="readonly" id="preview_uploadedfile_{$uploadedFormNumber}" value="Copy the path from here" /> \t\t\t\t</td> \t\t\t</tr> \t\t\t</table> \t\t\t\t<input type="hidden" name="file_deleted" value="form_{$uploadedFormNumber}"> \t\t\t</form> UPLOADEDFILESSTRING; } else { $uploadedFilesString = "No files associated with this page."; } return $uploadedFilesString; }
/** * @package pragyan * @author Boopathi Rajaa, balanivash * @copyright (c) 2011 Pragyan Team * @license http://www.gnu.org/licenses/ GNU Public License * For more details, see README */ function generatePublicProfile($userProfileId, $accessUserId) { $userId = $userProfileId; global $urlRequestRoot, $moduleFolder, $cmsFolder, $sourceFolder, $templateFolder; require_once "{$sourceFolder}/{$moduleFolder}/form/registrationformsubmit.php"; require_once "{$sourceFolder}/{$moduleFolder}/form/viewregistrants.php"; require_once "{$sourceFolder}/upload.lib.php"; require_once "{$sourceFolder}/profile.lib.php"; $profileQuery = 'SELECT `user_name`, `user_fullname`, `user_email` FROM `' . MYSQL_DATABASE_PREFIX . 'users` WHERE `user_id` = \'' . $userId . "'"; $profileResult = mysql_query($profileQuery); if (!$profileResult) { displayerror('An error occurred while trying to process your request.<br />' . mysql_error() . '<br />' . $profileQuery); return ''; } if (mysql_num_rows($profileResult) == 0) { displayerror("The Requested user is not found."); return "Click <a href='" . $urlRequestRoot . "'>here </a> to return to the home page"; } $profileRow = mysql_fetch_row($profileResult); $userName = $profileRow[0]; $userFullname = $profileRow[1]; $userEmail = $profileRow[2]; $fakeModuleComponentId = $userId; $profileimgname = getUploadedFiles($fakeModuleComponentId, 'profile'); if ($profileimgname == NULL) { $profileimgname = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images/no-img.jpg"; } else { $profileimgname = "./+profile&fileget={$profileimgname[0]['upload_filename']}&mcid={$userId}"; } $profileimg = "<img id=profileimg src='{$profileimgname}' alt='Profile Image' title='Profile Image' height=120 width=100><br/>"; $dynamicFields = getFormElementsHtmlAsArrayForView(0, $userId); $dynamicFields = join($dynamicFields, "</tr>\n<tr>"); if ($dynamicFields != '') { $dynamicFields = "<tr>{$dynamicFields}</tr>"; } global $ICONS; $profileForm = <<<PREF <div class="cms-profile"> \t\t<fieldset> \t\t\t<legend>{$ICONS['User Profile']['small']} User Profile</legend> \t\t\t<table style="width:75%;"> \t\t\t\t<tr> \t\t\t\t<td colspan=2 style="text-align:center">{$profileimg}</td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td><label for="user_name" class="labelrequired">Name</label></td> \t\t\t\t\t<td>{$userName}</td> \t\t\t\t</tr> \t\t\t\t<tr> \t\t\t\t\t<td><label for="user_fullname" class="labelrequired">Full Name</label></td> \t\t\t\t\t<td>{$userFullname}</td> \t\t\t\t</tr> \t\t\t\t\t{$dynamicFields} PREF; if ($userId == $accessUserId) { $profileForm .= "<tr>\n\t\t\t\t\t<td colspan=2 style='text-align:center'><a href=./+profile>{$ICONS['Edit']['small']} Edit Profile</a></td>\n\t\t\t\t</tr>"; } $profileForm .= <<<PREF \t\t\t</table> \t\t</fieldset> \t</form> </div> PREF; return $profileForm . "<br />" . getProfileGroupsAndFormsList($userId); }