$error[] = $lang->phrase('admin_member_year_not_valid'); } if (strlen($query['fullname']) > 128) { $error[] = $lang->phrase('admin_member_fullname_too_many_chars'); } if (intval($query['temp']) < -12 && intval($query['temp']) > 12) { $error[] = $lang->phrase('admin_member_time_zone_not_valid'); } if (!isset($cache[$query['opt_4']])) { $error[] = $lang->phrase('admin_member_design=not_valid'); } if (!isset($cache2[$query['opt_5']])) { $error[] = $lang->phrase('admin_member_lang_not_valid'); } if (!empty($query['pic']) && preg_match('~^'.URL_REGEXP.'$~i', $query['pic'])) { $query['pic'] = checkRemotePic($query['pic'], $query['id']); switch ($query['pic']) { case REMOTE_INVALID_URL: $error[] = $lang->phrase('admin_member_ava_url_not_valid'); $query['pic'] = ''; break; case REMOTE_CLIENT_ERROR: $error[] = $lang->phrase('admin_member_ava_not_from_server'); $query['pic'] = ''; break; case REMOTE_FILESIZE_ERROR: $error[] = $lang->phrase('admin_member_ava_filesize_exceeded'); $query['pic'] = ''; break; case REMOTE_IMAGE_HEIGHT_ERROR: $error[] = $lang->phrase('admin_member_ava_height_too_high');
$my_uploader->max_filesize($config['avfilesize']); $my_uploader->max_image_size($config['avwidth'], $config['avheight']); if ($my_uploader->upload('upload', explode('|', $config['avfiletypes']))) { $my_uploader->save_file('uploads/pics/', '2'); } if ($my_uploader->return_error()) { error($my_uploader->return_error(), 'editprofile.php?action=pic'); } else { if (file_exists($my->pic)) { @unlink($my->pic); } $ext = $my_uploader->rename_file('uploads/pics/', $my_uploader->file['name'], $my->id); } $my->pic = 'uploads/pics/' . $my->id . $ext; } elseif (!empty($pic) && preg_match('/^(http:\\/\\/|www.)([\\wהצ�ִײ�@\\-_\\.]+)\\:?([0-9]*)\\/(.*)$/', $pic, $url_ary)) { $my->pic = checkRemotePic($pic, $url_ary, $my->id); } else { removeOldImages('uploads/pics/', $my->id); } $db->query("UPDATE {$db->pre}user SET pic = '{$my->pic}' WHERE id = '{$my->id}' LIMIT 1", __LINE__, __FILE__); ok($lang->phrase('editprofile_pic_success'), "editprofile.php?action=pic" . SID2URL_x); } elseif ($_GET['action'] == "pic") { if ($my->p['usepic'] == 0) { errorLogin($lang->phrase('not_allowed'), "editprofile.php"); } $breadcrumb->Add($lang->phrase('editprofile_pic')); echo $tpl->parse("header"); echo $tpl->parse("menu"); $filetypes = str_replace("|", ", ", $config['avfiletypes']); $filesize = formatFilesize($config['avfilesize']); $size = '';
$error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_emailpn'); } if ($_POST['opt_2'] != 0 && $_POST['opt_2'] != 1) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_bad'); } if ($_POST['opt_3'] < 0 && $_POST['opt_3'] > 2) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_showmail'); } if (!isset($cache[$_POST['opt_4']])) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_design'); } if (!isset($cache2[$_POST['opt_5']])) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_language'); } if (!empty($_POST['pic']) && preg_match(URL_REGEXP, $_POST['pic'])) { $_POST['pic'] = checkRemotePic($_POST['pic'], $_GET['id'], "managemembers.php?action=edit&id=" . $_GET['id']); switch ($_POST['pic']) { case REMOTE_INVALID_URL: $error[] = $lang->phrase('editprofile_pic_error1'); $_POST['pic'] = ''; break; case REMOTE_CLIENT_ERROR: $error[] = $lang->phrase('editprofile_pic_error2'); $_POST['pic'] = ''; break; case REMOTE_FILESIZE_ERROR: case REMOTE_IMAGE_HEIGHT_ERROR: case REMOTE_IMAGE_WIDTH_ERROR: case REMOTE_EXTENSION_ERROR: $error[] = $lang->phrase('editprofile_pic_error3'); $_POST['pic'] = '';
$my_uploader->max_filesize($config['avfilesize']); $my_uploader->max_image_size($config['avwidth'], $config['avheight']); $my_uploader->file_types(explode(',', $config['avfiletypes'])); $my_uploader->set_path('uploads/pics/'); $my_uploader->rename_file($my->id); if ($my_uploader->upload('upload')) { removeOldImages('uploads/pics/', $my->id); if ($my_uploader->save_file()) { $my->pic = 'uploads/pics/' . $my_uploader->fileinfo('filename'); } } if ($my_uploader->upload_failed()) { $error[] = $my_uploader->get_error(); } } elseif (!empty($pic) && preg_match(URL_REGEXP, $pic)) { $my->pic = checkRemotePic($pic, $my->id); switch ($my->pic) { case REMOTE_INVALID_URL: $error[] = $lang->phrase('editprofile_pic_error1'); $my->pic = ''; break; case REMOTE_CLIENT_ERROR: $error[] = $lang->phrase('editprofile_pic_error2'); $my->pic = ''; break; case REMOTE_FILESIZE_ERROR: case REMOTE_IMAGE_HEIGHT_ERROR: case REMOTE_IMAGE_WIDTH_ERROR: case REMOTE_EXTENSION_ERROR: $error[] = $lang->phrase('editprofile_pic_error3') . " [ErrNo: {$my->pic}]"; $my->pic = '';
$_POST['birthyear'] = leading_zero($_POST['birthyear'], 4); $bday = $_POST['birthyear'] . '-' . $_POST['birthmonth'] . '-' . $_POST['birthday']; } $_POST['icq'] = str_replace('-', '', $_POST['icq']); if (!is_id($_POST['icq'])) { $_POST['icq'] = 0; } $pw = $gpc->get('pw', none); if (!empty($pw) && strlen($pw) >= $config['minpwlength']) { $md5 = md5($pw); $update_sql = ", pw = '{$md5}' "; } else { $update_sql = ' '; } if (!empty($_POST['pic']) && preg_match('/^(http:\\/\\/|www.)([\\wהצ�ִײ�@\\-_\\.]+)\\:?([0-9]*)\\/(.*)$/', $_POST['pic'], $url_ary)) { $_POST['pic'] = checkRemotePic($_POST['pic'], $url_ary, $_GET['id'], "managemembers.php?action=edit&id=" . $_GET['id'] . SID2URL_x); } elseif (empty($_POST['pic']) || !file_exists($_POST['pic'])) { $_POST['pic'] = ''; } $db->query("UPDATE {$db->pre}user SET groups = '" . $_POST['groups'] . "', timezone = '" . $_POST['temp'] . "', opt_textarea = '" . $_POST['opt_0'] . "', opt_pmnotify = '" . $_POST['opt_1'] . "', opt_hidebad = '" . $_POST['opt_2'] . "', opt_hidemail = '" . $_POST['opt_3'] . "', template = '" . $_POST['opt_4'] . "', language = '" . $_POST['opt_5'] . "', pic = '" . $_POST['pic'] . "', about = '" . $_POST['comment'] . "', icq = '" . $_POST['icq'] . "', yahoo = '" . $_POST['yahoo'] . "', aol = '" . $_POST['aol'] . "', msn = '" . $_POST['msn'] . "', jabber = '" . $_POST['jabber'] . "', birthday = '" . $bday . "', gender = '" . $_POST['gender'] . "', hp = '" . $_POST['hp'] . "', signature = '" . $_POST['signature'] . "', location = '" . $_POST['location'] . "', fullname = '" . $_POST['fullname'] . "', mail = '" . $_POST['email'] . "', name = '" . $_POST['name'] . "'" . $update_sql . " WHERE id = '" . $user['id'] . "' LIMIT 1", __LINE__, __FILE__); ok($lang->phrase('data_success'), "profile.php?id=" . $_GET['id']); } } } else { errorLogin($lang->phrase('not_allowed')); } $slog->updatelogged(); $zeitmessung = t2(); echo $tpl->parse("footer"); $phpdoc->Out(); $db->close();