function changeprofile($title)
{
if (!check_login()) {
header('location:login.php');
} else {
include 'config/globals.php';
$p = $_SERVER['QUERY_STRING'];
$arr = array("password", "contact", "photo");
if (in_array($p, $arr)) {
include 'config/db.php';
include 'config/settings.php';
$dbname = $branchyear . '_Users';
$table = $branchyear . '_Students';
//if(!mysql_select_db($dbname)) die(mysql_error());
$userid = $_SESSION['UserId'];
$q = "select Password, PhoneNo, Branch from {$table} where Id = '{$userid}'";
$res = mysql_query($q) or die(mysql_error());
$row = mysql_fetch_array($res);
$branch = $row['Branch'];
$pass = $row['Password'];
$phoneno = $row['PhoneNo'];
$class = substr($p, -1);
$ex = array("png", "jpg", "jpeg", "gif", "bmp");
echo "<!DOCTYPE html>\n<html>\n";
display_headers($title);
echo "\n<body>";
menu();
echo <<<a
\t\t\t\t<div class='container'>
\t\t\t\t\t<div id="error" style="display:none;"></div>
\t\t\t\t\t<div class='row'>
\t\t\t\t\t<div class='span9'>
\t\t\t\t\t\t<div class="well well-large" style="background:#FFF;height:450px;">
a;
if ($p == 'password') {
display_password();
}
if (isset($_POST['Password'])) {
$pass1 = md5($_POST['OPass']);
$newpass1 = md5($_POST['NPass1']);
$newpass2 = md5($_POST['NPass2']);
if (strlen(trim($pass1)) < 7) {
echo "<script>show_error('Error : Password should not be null');</script>";
exit;
}
if (strlen(trim($newpass1)) < 7) {
echo "<script>show_error('Error : New Password should not be null');</script>";
exit;
}
if (strlen(trim($newpass2)) < 7) {
echo "<script>show_error('Error : Re- New Password should not be null');</script>";
exit;
}
if ($pass1 != $pass) {
echo "<script>show_error('Error : Your Current Password does not matched ... Please try again....');</script>";
} else {
if ($newpass1 != $newpass2) {
echo "<script>show_error('Error : New Password both does not matched ... Please try again....');</script>";
} else {
$q = mysql_query("update {$table} set Password = '******' where Id = '{$userid}';") or die(mysql_error());
insert_log("{$userid} changed his Password ");
echo "<script>show_success('Password has been updated');</script>";
}
}
}
if ($p == 'contact') {
display_contact();
}
if (isset($_POST['Contact'])) {
$pass1 = md5($_POST['OPass']);
$contact1 = $_POST['MNo'];
if (strlen(trim($pass1)) < 7) {
echo "<script>show_error('Error : Password should not be null');</script>";
exit;
}
if (strlen(trim($contact1)) == 0) {
echo "<script>show_error('Error : Contact No should not be null');</script>";
exit;
}
if ($pass1 != $pass) {
echo "<script>show_error('Error : Your Current Password does not matched ... Please try again....');</script>";
} else {
if (strlen($contact1) != 10) {
echo "<script>show_error('Error : New Contact No. to short... Please try again....');</script>";
} else {
$q = mysql_query("update {$table} set PhoneNo = '{$contact1}' where Id = '{$userid}';") or die(mysql_error());
insert_log("{$userid} changed his Contact No");
echo "<script>show_success('Contact No has been updated');</script>";
}
}
}
if ($p == 'photo') {
display_photo();
}
if (isset($_POST['Photo'])) {
$pass1 = md5($_POST['OPass']);
if (strlen(trim($pass1)) < 7) {
echo "<script>show_error('Error : Password should not be null');</script>";
exit;
}
if ($pass1 != $pass) {
echo "<script>show_error('Error : Your Current Password does not matched ... Please try again....');</script>";
} else {
if (isset($_FILES['PhotoFile'])) {
$fname = $_FILES['PhotoFile']["name"];
$fsize = $_FILES['PhotoFile']["size"];
$fext = strtolower(end(explode(".", $fname)));
if ($fsize > 102400) {
echo "<script>show_error('Error : Input file is larger than 100KB ... Please try again....');</script>";
} else {
if (!in_array($fext, $ex)) {
echo "<script>show_error('Error : Input file is not a image file ... Please try again....');</script>";
} else {
$fname_new = "assets/img/users/" . $userid . ".png";
if (!move_uploaded_file($_FILES["PhotoFile"]["tmp_name"], $fname_new)) {
echo "<script>show_error('Error : In moving the input file ... Please try again....');</script>";
} else {
exec("chmod 777 {$fname_new}");
$q = mysql_query("update {$table} set Picture = '{$fname_new}' where Id = '{$userid}';") or die(mysql_error());
insert_log("{$userid} changed his profile photo");
echo "<script>show_success('Profile Photo Updated ');</script>";
}
}
}
} else {
echo "<script>show_error('Error : No input file ... Please try again....');</script>";
}
}
}
echo <<<b
\t\t</div>\t
\t\t</div>
\t\t<div class='span3'>
b;
go_home();
echo <<<b
\t\t<ul class="nav nav nav-tabs nav-stacked">
\t\t
\t\t<li><a href='?password'>Change Password <i class="icon-chevron-right pull-left" style="padding-top:5px;"></i></a> </li>
\t\t<li><a href='?contact'>Change Contact No<i class="icon-chevron-right pull-left" style="padding-top:5px;"></i></a> </li>
\t\t<li><a href='?photo'>Change Photo <i class="icon-chevron-right pull-left" style="padding-top:5px;"></i></a> </li>
\t\t
\t\t</ul>
b;
echo "</div></div></div>";
display_footer();
echo "\n</body>\n</html>";
} else {
echo "<script type='text/javascript'>document.location.href='404.php';</script>";
}
}
}
/**
* This displays a person's name, picture etc. including basic biographical information and assistant info if relevant
* @param User $user
*/
function display_person(User $user)
{
global $ENTRADA_ACL;
$photos = $user->getPhotos();
$user_id = $user->getID();
$is_administrator = $ENTRADA_ACL->amIallowed('user', 'update');
$prefix = $user->getPrefix();
$firstname = $user->getFirstname();
$lastname = $user->getLastname();
$fullname = $user->getName("%f %l");
$departments = $user->getDepartments();
if (0 < count($departments)) {
$dep_titles = array();
foreach ($departments as $department) {
$dep_titles[] = ucwords($department->getTitle());
}
$group_line = implode("<br />", $dep_titles);
} else {
$group = $user->getGroup();
$role = $user->getRole();
$group_line = ucwords($group . " > " . ($group == "student" ? "Class of " : "") . $role);
}
$privacy_level = $user->getPrivacyLevel();
$organisation = $user->getOrganisation();
$org_name = $organisation ? $organisation->getTitle() : "";
$email = 1 < $privacy_level || $is_administrator ? $user->getEmail() : "";
$email_alt = $user->getAlternateEmail();
if (2 < $privacy_level || $is_administrator) {
$show_address = true;
$city = $user->getCity();
$province = $user->getProvince();
$prov_name = $province->getName();
$country = $user->getCountry();
$country_name = $country->getName();
$phone = $user->getTelephone();
$fax = $user->getFax();
$address = $user->getAddress();
$postcode = $user->getPostalCode();
$office_hours = $user->getOfficeHours();
}
$assistants = $user->getAssistants();
//there are 4 photo cases (at time of writing): no photos, official only, uploaded only, or both.
//privacy options also need to be considered here.
ob_start();
?>
<div id="result-<?php
echo $user_id;
?>
" class="person-result">
<div id="img-holder-<?php
echo $user_id;
?>
" class="img-holder">
<?php
$num_photos = count($photos);
if (0 === $num_photos) {
echo display_photo_placeholder();
} else {
foreach ($photos as $photo) {
echo display_photo($photo);
}
if (2 <= $num_photos) {
$label = 0;
foreach ($photos as $photo) {
echo display_photo_link($photo, ++$label);
}
}
echo display_zoom_controls($user_id);
}
?>
</div>
<div class="person-data">
<div class="basic">
<span class="person-name"><?php
echo html_encode($fullname);
?>
</span>
<span class="person-group"><?php
echo html_encode($group_line);
?>
</span>
<span class="person-organisation"><?php
echo html_encode($org_name);
?>
</span>
<div class="email-container">
<?php
if ($email) {
echo display_person_email($email);
if ($email_alt) {
echo display_person_email($email_alt);
}
}
?>
</div>
</div>
<div class="address">
<?php
if ($show_address) {
if ($phone) {
?>
<div>
<span class="address-label">Telephone:</span>
<span class="address-value"><?php
echo html_encode($phone);
?>
</span>
</div>
<?php
}
if ($fax) {
?>
<div>
<span class="address-label">Fax:</span>
<span class="address-value"><?php
echo html_encode($fax);
?>
</span>
</div>
<?php
}
if ($address && $city) {
?>
<div>
<span class="address-label">Address:</span><br />
<span class="address-value">
<?php
echo html_encode($address) . "<br />" . html_encode($city);
if ($prov_name) {
echo ", " . html_encode($prov_name);
}
echo "<br />";
echo html_encode($country_name);
if ($postcode) {
echo ", " . html_encode($postcode);
}
?>
</span>
</div>
<?php
}
if ($office_hours) {
?>
<div>
<span class="address-label">Office Hours:</span>
<span class="address-value"><?php
echo html_encode($office_hours);
?>
</span>
</div>
<?php
}
}
?>
</div>
<div class="assistant"><?php
if (count($assistants) > 0) {
?>
<span class="content-small">Administrative Assistants:</span>
<ul class="assistant-list">
<?php
foreach ($assistants as $assistant) {
echo "<li>" . display_person_email($assistant->getEmail(), $assistant->getName("%f %l")) . "</li>";
}
?>
</ul><?php
}
?>
</div>
</div>
<div></div>
<div class="clearfix"> </div>
</div>
<?php
return ob_get_clean();
}
