function changeprofile($title)
{
if (!check_login()) {
header('location:login.php');
} else {
include 'config/globals.php';
$p = $_SERVER['QUERY_STRING'];
$arr = array("password", "contact", "photo");
if (in_array($p, $arr)) {
include 'config/db.php';
include 'config/settings.php';
$dbname = $branchyear . '_Users';
$table = $branchyear . '_Students';
//if(!mysql_select_db($dbname)) die(mysql_error());
$userid = $_SESSION['UserId'];
$q = "select Password, PhoneNo, Branch from {$table} where Id = '{$userid}'";
$res = mysql_query($q) or die(mysql_error());
$row = mysql_fetch_array($res);
$branch = $row['Branch'];
$pass = $row['Password'];
$phoneno = $row['PhoneNo'];
$class = substr($p, -1);
$ex = array("png", "jpg", "jpeg", "gif", "bmp");
echo "<!DOCTYPE html>\n<html>\n";
display_headers($title);
echo "\n<body>";
menu();
echo <<<a
\t\t\t\t<div class='container'>
\t\t\t\t\t<div id="error" style="display:none;"></div>
\t\t\t\t\t<div class='row'>
\t\t\t\t\t<div class='span9'>
\t\t\t\t\t\t<div class="well well-large" style="background:#FFF;height:450px;">
a;
if ($p == 'password') {
display_password();
}
if (isset($_POST['Password'])) {
$pass1 = md5($_POST['OPass']);
$newpass1 = md5($_POST['NPass1']);
$newpass2 = md5($_POST['NPass2']);
if (strlen(trim($pass1)) < 7) {
echo "<script>show_error('Error : Password should not be null');</script>";
exit;
}
if (strlen(trim($newpass1)) < 7) {
echo "<script>show_error('Error : New Password should not be null');</script>";
exit;
}
if (strlen(trim($newpass2)) < 7) {
echo "<script>show_error('Error : Re- New Password should not be null');</script>";
exit;
}
if ($pass1 != $pass) {
echo "<script>show_error('Error : Your Current Password does not matched ... Please try again....');</script>";
} else {
if ($newpass1 != $newpass2) {
echo "<script>show_error('Error : New Password both does not matched ... Please try again....');</script>";
} else {
$q = mysql_query("update {$table} set Password = '******' where Id = '{$userid}';") or die(mysql_error());
insert_log("{$userid} changed his Password ");
echo "<script>show_success('Password has been updated');</script>";
}
}
}
if ($p == 'contact') {
display_contact();
}
if (isset($_POST['Contact'])) {
$pass1 = md5($_POST['OPass']);
$contact1 = $_POST['MNo'];
if (strlen(trim($pass1)) < 7) {
echo "<script>show_error('Error : Password should not be null');</script>";
exit;
}
if (strlen(trim($contact1)) == 0) {
echo "<script>show_error('Error : Contact No should not be null');</script>";
exit;
}
if ($pass1 != $pass) {
echo "<script>show_error('Error : Your Current Password does not matched ... Please try again....');</script>";
} else {
if (strlen($contact1) != 10) {
echo "<script>show_error('Error : New Contact No. to short... Please try again....');</script>";
} else {
$q = mysql_query("update {$table} set PhoneNo = '{$contact1}' where Id = '{$userid}';") or die(mysql_error());
insert_log("{$userid} changed his Contact No");
echo "<script>show_success('Contact No has been updated');</script>";
}
}
}
if ($p == 'photo') {
display_photo();
}
if (isset($_POST['Photo'])) {
$pass1 = md5($_POST['OPass']);
if (strlen(trim($pass1)) < 7) {
echo "<script>show_error('Error : Password should not be null');</script>";
exit;
}
if ($pass1 != $pass) {
echo "<script>show_error('Error : Your Current Password does not matched ... Please try again....');</script>";
} else {
if (isset($_FILES['PhotoFile'])) {
$fname = $_FILES['PhotoFile']["name"];
$fsize = $_FILES['PhotoFile']["size"];
$fext = strtolower(end(explode(".", $fname)));
if ($fsize > 102400) {
echo "<script>show_error('Error : Input file is larger than 100KB ... Please try again....');</script>";
} else {
if (!in_array($fext, $ex)) {
echo "<script>show_error('Error : Input file is not a image file ... Please try again....');</script>";
} else {
$fname_new = "assets/img/users/" . $userid . ".png";
if (!move_uploaded_file($_FILES["PhotoFile"]["tmp_name"], $fname_new)) {
echo "<script>show_error('Error : In moving the input file ... Please try again....');</script>";
} else {
exec("chmod 777 {$fname_new}");
$q = mysql_query("update {$table} set Picture = '{$fname_new}' where Id = '{$userid}';") or die(mysql_error());
insert_log("{$userid} changed his profile photo");
echo "<script>show_success('Profile Photo Updated ');</script>";
}
}
}
} else {
echo "<script>show_error('Error : No input file ... Please try again....');</script>";
}
}
}
echo <<<b
\t\t</div>\t
\t\t</div>
\t\t<div class='span3'>
b;
go_home();
echo <<<b
\t\t<ul class="nav nav nav-tabs nav-stacked">
\t\t
\t\t<li><a href='?password'>Change Password <i class="icon-chevron-right pull-left" style="padding-top:5px;"></i></a> </li>
\t\t<li><a href='?contact'>Change Contact No<i class="icon-chevron-right pull-left" style="padding-top:5px;"></i></a> </li>
\t\t<li><a href='?photo'>Change Photo <i class="icon-chevron-right pull-left" style="padding-top:5px;"></i></a> </li>
\t\t
\t\t</ul>
b;
echo "</div></div></div>";
display_footer();
echo "\n</body>\n</html>";
} else {
echo "<script type='text/javascript'>document.location.href='404.php';</script>";
}
}
}
display_password(constant($game->sprache("TEXT125")));
return;
}
if ($_POST['user_new_password'] != $_POST['user_new_password2']) {
display_password(constant($game->sprache("TEXT126")));
return;
}
$sql = 'UPDATE user
SET user_password = "******"
WHERE user_id = ' . $game->player['user_id'];
if (!$db->query($sql)) {
message(DATABASE_ERROR, 'Could not update user password');
}
redirect('a=settings&view=password');
}
display_password();
break;
case 'loginname':
if ($game->SITTING_MODE) {
message(NOTICE, constant($game->sprache("TEXT124")));
}
if (!empty($_POST['submit'])) {
if (md5($_POST['current_password']) != $game->player['user_password']) {
display_loginname(constant($game->sprache("TEXT121")));
return;
}
if (empty($_POST['user_loginname'])) {
display_loginname(constant($game->sprache("TEXT127")));
return;
}
if ($_POST['user_loginname'] == $game->player['user_loginname']) {
