<?php
if (isset($_POST['replacemail1'])) {
if (!security::isSecureString($_SESSION['username'], 3)) {
$errors[] = "Username field contains forbidden symbols";
}
if (!security::isSecureString($_POST['email'], 2)) {
$errors[] = "Email field contains forbidden symbols";
}
if (!security::isCorrectEmail($_POST['email'])) {
$errors[] = "Invalid email address";
}
if (count($errors) > 0) {
for ($i = 0; $i < count($errors); $i++) {
echo $errors[$i] . ".<br/>";
}
} else {
core::$sql->changeDB('acc');
$user = $_SESSION['username'];
$email = $_POST['email'];
if (empty($_SESSION['username']) || empty($_POST['email'])) {
echo 'Error :';
echo '<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['replacemail1']);
} else {
$check = core::$sql->numRows("select Name from TB_User where StrUserID = '{$user}' and Email = '{$email}'");
if ($check !== 1) {
echo 'Error :';
echo '<br />';
echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
}
break;
case 'myprofile':
//module disabled
if ($core->aConfig['allowMyProfile'] == 0) {
echo "This module is currently disabled.";
return;
}
if (isset($_POST['submit'])) {
$nGender = (int) $_POST['gender'];
$szAvatarUrl = null;
$szSkype = null;
$szMsn = null;
$nPublic = (int) $_POST['ispublic'];
security::isValidUrl($_POST['avatar']) ? $szAvatarUrl = $_POST['avatar'] : ($szAvatarUrl = $core->aConfig[url] . "img/noavatar.png");
security::isCorrectEmail($_POST['msn']) ? $szMsn = $_POST['msn'] : ($szMsn = "None");
$szSkype = security::toHTML($_POST['skype']);
if (strlen($szSkype) > 50) {
$szSkype = "None";
}
if (strlen($szMsn) > 60) {
$szMsn = "None";
}
if (strlen($szAvatarUrl) > 500) {
$szAvatarUrl = $core->aConfig['url'] . "img/noavatar.png";
}
$avatarImageData = @getimagesize($szAvatarUrl);
//no error if shit happens
if (empty($avatarImageData[0]) || empty($avatarImageData[1])) {
$avatarImageData[0] = 0;
$avatarImageData[1] = 0;