$error[] = $lang->phrase('admin_member_year_not_valid');
}
if (strlen($query['fullname']) > 128) {
$error[] = $lang->phrase('admin_member_fullname_too_many_chars');
}
if (intval($query['temp']) < -12 && intval($query['temp']) > 12) {
$error[] = $lang->phrase('admin_member_time_zone_not_valid');
}
if (!isset($cache[$query['opt_4']])) {
$error[] = $lang->phrase('admin_member_design=not_valid');
}
if (!isset($cache2[$query['opt_5']])) {
$error[] = $lang->phrase('admin_member_lang_not_valid');
}
if (!empty($query['pic']) && preg_match('~^'.URL_REGEXP.'$~i', $query['pic'])) {
$query['pic'] = checkRemotePic($query['pic'], $query['id']);
switch ($query['pic']) {
case REMOTE_INVALID_URL:
$error[] = $lang->phrase('admin_member_ava_url_not_valid');
$query['pic'] = '';
break;
case REMOTE_CLIENT_ERROR:
$error[] = $lang->phrase('admin_member_ava_not_from_server');
$query['pic'] = '';
break;
case REMOTE_FILESIZE_ERROR:
$error[] = $lang->phrase('admin_member_ava_filesize_exceeded');
$query['pic'] = '';
break;
case REMOTE_IMAGE_HEIGHT_ERROR:
$error[] = $lang->phrase('admin_member_ava_height_too_high');
$my_uploader->max_filesize($config['avfilesize']);
$my_uploader->max_image_size($config['avwidth'], $config['avheight']);
if ($my_uploader->upload('upload', explode('|', $config['avfiletypes']))) {
$my_uploader->save_file('uploads/pics/', '2');
}
if ($my_uploader->return_error()) {
error($my_uploader->return_error(), 'editprofile.php?action=pic');
} else {
if (file_exists($my->pic)) {
@unlink($my->pic);
}
$ext = $my_uploader->rename_file('uploads/pics/', $my_uploader->file['name'], $my->id);
}
$my->pic = 'uploads/pics/' . $my->id . $ext;
} elseif (!empty($pic) && preg_match('/^(http:\\/\\/|www.)([\\wהצ�ִײ�@\\-_\\.]+)\\:?([0-9]*)\\/(.*)$/', $pic, $url_ary)) {
$my->pic = checkRemotePic($pic, $url_ary, $my->id);
} else {
removeOldImages('uploads/pics/', $my->id);
}
$db->query("UPDATE {$db->pre}user SET pic = '{$my->pic}' WHERE id = '{$my->id}' LIMIT 1", __LINE__, __FILE__);
ok($lang->phrase('editprofile_pic_success'), "editprofile.php?action=pic" . SID2URL_x);
} elseif ($_GET['action'] == "pic") {
if ($my->p['usepic'] == 0) {
errorLogin($lang->phrase('not_allowed'), "editprofile.php");
}
$breadcrumb->Add($lang->phrase('editprofile_pic'));
echo $tpl->parse("header");
echo $tpl->parse("menu");
$filetypes = str_replace("|", ", ", $config['avfiletypes']);
$filesize = formatFilesize($config['avfilesize']);
$size = '';
$error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_emailpn');
}
if ($_POST['opt_2'] != 0 && $_POST['opt_2'] != 1) {
$error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_bad');
}
if ($_POST['opt_3'] < 0 && $_POST['opt_3'] > 2) {
$error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_showmail');
}
if (!isset($cache[$_POST['opt_4']])) {
$error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_design');
}
if (!isset($cache2[$_POST['opt_5']])) {
$error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_language');
}
if (!empty($_POST['pic']) && preg_match(URL_REGEXP, $_POST['pic'])) {
$_POST['pic'] = checkRemotePic($_POST['pic'], $_GET['id'], "managemembers.php?action=edit&id=" . $_GET['id']);
switch ($_POST['pic']) {
case REMOTE_INVALID_URL:
$error[] = $lang->phrase('editprofile_pic_error1');
$_POST['pic'] = '';
break;
case REMOTE_CLIENT_ERROR:
$error[] = $lang->phrase('editprofile_pic_error2');
$_POST['pic'] = '';
break;
case REMOTE_FILESIZE_ERROR:
case REMOTE_IMAGE_HEIGHT_ERROR:
case REMOTE_IMAGE_WIDTH_ERROR:
case REMOTE_EXTENSION_ERROR:
$error[] = $lang->phrase('editprofile_pic_error3');
$_POST['pic'] = '';
$my_uploader->max_filesize($config['avfilesize']);
$my_uploader->max_image_size($config['avwidth'], $config['avheight']);
$my_uploader->file_types(explode(',', $config['avfiletypes']));
$my_uploader->set_path('uploads/pics/');
$my_uploader->rename_file($my->id);
if ($my_uploader->upload('upload')) {
removeOldImages('uploads/pics/', $my->id);
if ($my_uploader->save_file()) {
$my->pic = 'uploads/pics/' . $my_uploader->fileinfo('filename');
}
}
if ($my_uploader->upload_failed()) {
$error[] = $my_uploader->get_error();
}
} elseif (!empty($pic) && preg_match(URL_REGEXP, $pic)) {
$my->pic = checkRemotePic($pic, $my->id);
switch ($my->pic) {
case REMOTE_INVALID_URL:
$error[] = $lang->phrase('editprofile_pic_error1');
$my->pic = '';
break;
case REMOTE_CLIENT_ERROR:
$error[] = $lang->phrase('editprofile_pic_error2');
$my->pic = '';
break;
case REMOTE_FILESIZE_ERROR:
case REMOTE_IMAGE_HEIGHT_ERROR:
case REMOTE_IMAGE_WIDTH_ERROR:
case REMOTE_EXTENSION_ERROR:
$error[] = $lang->phrase('editprofile_pic_error3') . " [ErrNo: {$my->pic}]";
$my->pic = '';
$_POST['birthyear'] = leading_zero($_POST['birthyear'], 4);
$bday = $_POST['birthyear'] . '-' . $_POST['birthmonth'] . '-' . $_POST['birthday'];
}
$_POST['icq'] = str_replace('-', '', $_POST['icq']);
if (!is_id($_POST['icq'])) {
$_POST['icq'] = 0;
}
$pw = $gpc->get('pw', none);
if (!empty($pw) && strlen($pw) >= $config['minpwlength']) {
$md5 = md5($pw);
$update_sql = ", pw = '{$md5}' ";
} else {
$update_sql = ' ';
}
if (!empty($_POST['pic']) && preg_match('/^(http:\\/\\/|www.)([\\wהצ�ִײ�@\\-_\\.]+)\\:?([0-9]*)\\/(.*)$/', $_POST['pic'], $url_ary)) {
$_POST['pic'] = checkRemotePic($_POST['pic'], $url_ary, $_GET['id'], "managemembers.php?action=edit&id=" . $_GET['id'] . SID2URL_x);
} elseif (empty($_POST['pic']) || !file_exists($_POST['pic'])) {
$_POST['pic'] = '';
}
$db->query("UPDATE {$db->pre}user SET groups = '" . $_POST['groups'] . "', timezone = '" . $_POST['temp'] . "', opt_textarea = '" . $_POST['opt_0'] . "', opt_pmnotify = '" . $_POST['opt_1'] . "', opt_hidebad = '" . $_POST['opt_2'] . "', opt_hidemail = '" . $_POST['opt_3'] . "', template = '" . $_POST['opt_4'] . "', language = '" . $_POST['opt_5'] . "', pic = '" . $_POST['pic'] . "', about = '" . $_POST['comment'] . "', icq = '" . $_POST['icq'] . "', yahoo = '" . $_POST['yahoo'] . "', aol = '" . $_POST['aol'] . "', msn = '" . $_POST['msn'] . "', jabber = '" . $_POST['jabber'] . "', birthday = '" . $bday . "', gender = '" . $_POST['gender'] . "', hp = '" . $_POST['hp'] . "', signature = '" . $_POST['signature'] . "', location = '" . $_POST['location'] . "', fullname = '" . $_POST['fullname'] . "', mail = '" . $_POST['email'] . "', name = '" . $_POST['name'] . "'" . $update_sql . " WHERE id = '" . $user['id'] . "' LIMIT 1", __LINE__, __FILE__);
ok($lang->phrase('data_success'), "profile.php?id=" . $_GET['id']);
}
}
} else {
errorLogin($lang->phrase('not_allowed'));
}
$slog->updatelogged();
$zeitmessung = t2();
echo $tpl->parse("footer");
$phpdoc->Out();
$db->close();
