$contact = $user['contact'];
}
if (isset($_POST['description'])) {
$description = htmlentities(substr(trim($_POST['description']), 0, 512));
} else {
$description = $user['description'];
}
// Only users can edit their own passwords-while admins can edit just about anything else
if (isset($_POST['password']) && $_SESSION['username'] == $username && isset($_POST['changepass'])) {
$password = $_POST['password'];
$passlength = strlen($password);
if ($passlength < 4) {
$passErrString = "Sorry, your password must be at least 4 characters.<br />\n";
} else {
// Everything checked out, so update.
$db->setuserpass($username, $password);
}
}
$picture_ext = $user['has_picture'];
if (isset($_POST['remove_picture'])) {
if ($picture_ext != null) {
unlink(THpath . "images/profiles/" . $username . $ext);
}
$picture_ext = "";
}
$picture_pending = $user['pic_pending'];
if ($_FILES['picture']['error'] == 0 && $_FILES['picture']) {
if ($picture_pending) {
$imgErrString .= "Picture already pending admin approval.<br />\n";
}
if ($_FILES['picture']['size'] > THprofile_maxpicsize) {
