<?php require 'includes/header.php'; force_id(); update_activity('dashboard'); Output::Assign('sidebar', $sidebar); Output::$tpl->display('dashhead.tpl.php'); $page_title = $User->Level . ' Dashboard'; // Get our user's settings from the database. // Done by User class now if ($_POST['form_sent']) { $name = POST::GetEString('memorable_name', true); $pass = POST::GetEString('memorable_password', true); $pass2 = POST::GetEString('memorable_password2', true); $email = POST::GetEString('email', true); $theme = POST::GetEString('theme', true, 'atbbs'); $flag_topics = POST::GetInt('topics_mode') == 1; $flag_ostrich = POST::GetInt('ostrich_mode') == 1; $flag_spoiler = POST::GetInt('spoiler_mode') == 1; $snippet_len = POST::GetInt('snippet_length'); // Make some specific validations ... if (!empty($_POST['form']['memorable_name']) && $_POST['form']['memorable_name'] != $user_config['memorable_name']) { // Check if the name is already being used. $res = DB::Execute('SELECT 1 FROM {P}UserSettings WHERE LOWER(usrName) = LOWER(' . DB::Q($_POST['form']['memorable_name']) . ')'); if ($res->RecordCount() > 0) { add_error('The memorable name "' . htmlspecialchars($_POST['memorable_name']) . '" is already being used.'); } } if ($pass != $pass2) { add_error(' Both password fields must match.'); }
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ require 'includes/header.php'; if (!$administrator) { add_error('You are not wise enough.', true); } $page_data = array(); Output::Assign('sidebar', $sidebar); Output::$tpl->display('dashhead.tpl.php'); if ($_POST['form_sent']) { $page_data['url'] = POST::GetEString('url'); $page_data['page_title'] = POST::GetEString('title'); $page_data['content'] = POST::GetEString('content'); } if ($_GET['edit']) { if (!ctype_digit($_GET['edit'])) { add_error('Invalid page ID.', true); } $res = DB::Execute('SELECT url, page_title, content FROM {P}Pages WHERE id = ' . $_GET['edit']); if ($res->RecordCount() < 1) { $page_title = 'Non-existent page'; add_error('There is no page with that ID.', true); } if (!$_POST['form_sent']) { $page_data = $res->fields; } $editing = true; $page_title = 'Editing page: <a href="/' . $page_data['url'] . '">' . htmlspecialchars($page_data['page_title']) . '</a>';