public function billpic()
{
$picpath = BILLPIC;
uploadpic($picpath);
}
$extrabit = "Your photos first need to be reviewed by an administrator before they will be visible on the website.";
}
}
}
if ($extrabit) {
confirmMail("photo", $album);
}
if ($number_added > 0) {
$data->update_query("users", "numphotos = numphotos + {$number_added}", "id='{$check['id']}'");
}
show_message("{$number_added} photos added. {$extrabit}", "index.php?page=mythings&cat=album&action=edit&id={$id}&menuid={$menuid}");
} elseif ($_POST['Submit'] == "Update Photo") {
$photoid = safesql($_POST['photoid'], "int");
if ($_FILES['editfilename']['name'] != '') {
if ($_FILES['editfilename']['type'] == 'image/gif' || $_FILES['editfilename']['type'] == 'image/jpeg' || $_FILES['editfilename']['type'] == 'image/png' || $_FILES['editfilename']['type'] == 'image/pjpeg') {
$filestuff = uploadpic($_FILES['editfilename'], $config['photox'], $config['photoy'], true);
$filename = safesql($filestuff['filename'], "text");
$desc = safesql($_POST['editcaption'], "text");
if (confirm('photo') && $album['allowed'] == 1) {
$data->update_query("photos", "filename={$filename}, date='{$timestamp}', caption = {$desc}, allowed = 0", "ID={$photoid}");
} else {
$data->update_query("photos", "filename={$filename}, date='{$timestamp}', caption = {$desc}", "ID={$photoid}");
}
if (confirm('photo') == 1 && $album['allowed'] == 1) {
$extrabit = "It first needs to be reviewed before it will be visible on the website.";
confirmMail("photo", $album);
}
} else {
show_message("Sorry, we only accept .gif, .jpg, .jpeg or .png images.", "index.php?page=mythings&cat=album&action=edit&id={$id}&menuid={$menuid}");
}
} else {
public function headpic()
{
$picpath = HEADPIC;
uploadpic($picpath);
}
public function billpic()
{
set_time_limit(0);
$picpath = BILLPIC;
uploadpic($picpath);
}
if ($action == "") {
/********************************************Build page*****************************************/
$currentPage = $_SERVER["PHP_SELF"];
$id = safesql($check["id"], "int");
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$location = "User Control Panel >> Profile";
if ($_POST["submit"] == "Submit") {
if ($_FILES['avy']['name'] != '') {
$avyfilename = "";
$temp = $data->select_fetch_one_row("users", "WHERE id={$id}");
unlink($config['avatarpath'] . "/" . $temp['avyfile']);
if ($_FILES['avy']['type'] == 'image/gif' || $_FILES['avy']['type'] == 'image/jpeg' || $_FILES['avy']['type'] == 'image/png' || $_FILES['avy']['type'] == 'image/pjpeg') {
$filestuff = uploadpic($_FILES['avy'], $config['avyx'], $config['avyy'], false, $config['avatarpath']);
$avyfilename = safesql($filestuff['filename'], "text");
} else {
show_message("Sorry, we only accept .gif, .jpg, .jpeg or .png images.", "index.php?page=profile");
}
}
$errors .= "<span id=\"error\">";
if ($_POST['newpassword'] != $_POST['repassword'] && $_POST['newpassword'] != '') {
$errors .= "Passwords do not match<br />";
} elseif (strlen($_POST['newpassword']) < 6 && $_POST['newpassword'] != '') {
$errors .= "Minimum password length is 6 characters<br />";
}
$sig = strip_tags($_POST['sig']);
if (strlen($sig) > $config['sigsize']) {
$errors .= "Your signature is to long, it can't be longer than {$config['sigsize']} characters";
}