GIF89a;
Direktori : /home/serb/www/chat/ |
Current File : /home/serb/www/chat/profile.php |
<?php require_once('./inc/smartyinit.php'); require_once( INC_DIR . 'classes/paypal/pp_functions.php' ); //echo "</pre>";print_r($GLOBALS['fc_config']['fc_instance']);echo "</pre>"; // ******** Start of customization variables $req = array_merge($_GET, $_POST); // added on 090706 for chat instances if(isset($_GET[from])) { require_once( INC_DIR . 'classes/paypal/ipn_cls.php'); require_once( INC_DIR . 'classes/paypal/process_paypal.php' ); }//if(isset($_GET[from])) // added on 090706 for chat instances define('CRLF', "\r\n"); $enable_reg = false; // Enable registration options for admin/moderators and spies if set to true, set to false to disable these options $ext = array('.gif', '.jpg', '.png', '.bmp'); // limit upload to these file types only $ufolder = './temp/nick_image/'; // picture upload folder $max_file_size = 500*1024; // max picture file size in bytes $edit_allowed = true; // limitation for guest chatters (only show registered users if false) if FlashChat in two instance mode $pictureWidth = 180; // picture display width limit pixels $thumbWidth = 90; // thumbnail picture display width limit in gallery pixels $showAllProfiles = true; // display list of links to all active profiles at each page $showGallery = true; // when displaying all profiles: use gallery style $FC_owner_email = 'xyz@your_domain.com'; // FlashChat owner email address, set as sender/reply to in password change $FC_owner_name = 'FlashChat Owner name'; // FlashChat owner name (link text) $pics_row = 4; // number of pictures per row when in showGallery mode $default_country = 'USA'; // default country in english at registration (must be found in /chat/inc/country.inc $profiles_per_page = 50; // visible profiles per page require_once('./profile/en.php'); //default language is en ie english if ($req['lang'] == 'xx') require_once('./profile/xx.php'); // replace xx with your language attribute and make available this file in /chat/profile directory // duplicate this /profile/en.php if you need more than two languages // remember UTF-8 characters but not for messages t23-t27 (error messages) $smarty->assign('msg', $msg); $gender_arr = array( 'male' => $msg['t102'], 'female' => $msg['t103'], 'other' => $msg['t104'] ); // ******** End of customizations // ******** Begin of functions function send_style_sheet($msg) { $value = array( 'msg' => $msg, 'showBackground' => true, // set to true if you have a nice background to add 'bgcolor' => '#eeeeee', // text background color leave empty (=> '';) for no color (transparent) //'bgcolor' => htmlColor($GLOBALS['fc_config']['themes'][$GLOBALS['fc_config']['defaultTheme']]['enterRoomNotify']), 'bkgrnd' => $GLOBALS['fc_config']['themes'][$GLOBALS['fc_config']['defaultTheme']]['backgroundImage'], // default background is the default theme //'bkgrnd' => 'http://www.yourdomain.com/mybackgroundfile.jpg', // uncomment this line to use your own background image ); return $value; } function removeEvilAttributes($tagSource) { $stripAttrib = "' (style|class)=\"(.*?)\"'i"; $tagSource = stripslashes($tagSource); $tagSource = preg_replace($stripAttrib, '', $tagSource); return $tagSource; } function removeEvilTags($source) { $allowedTags = '<a><br><b><h1><h2><h3><h4><i><img><li><ol><p><strong><table><tr><td><th><u><ul>'; $source = strip_tags($source, $allowedTags); return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source); } function htmlSelect($name, $arr, $selected, $addprop='') { $ret = "<SELECT name=\"$name\" $addprop>"; foreach($arr as $k=>$v) { if($selected == $k)$sel = 'SELECTED'; else $sel = ''; $ret .= "<option value=\"$k\" $sel>$v"; } $ret .= "</SELECT>"; return $ret; } // ******** End of functions $cmsclass = strtolower( $GLOBALS['fc_config']['CMSsystem'] ); $manageUsers = ($cmsclass == 'defaultcms') || ($cmsclass == 'statelesscms'); if(!$manageUsers) { die('Profiles are only supported for defaultCMS and statelessCMS'); } $req['change_id'] = $req['userid']; if(isset($req['flashchatid'])) { $req['id'] = $req['flashchatid']; $conn =& ChatServer::getConnection($req); $req['id'] = $conn->userid; if(!$req['id']) die ('<center><b>NoNo<br>You must be logged in to FlashChat to use this command</b></center>'); $req['lang'] = $conn->lang; $user = ChatServer::getUser($req['id']); $req['roles'] = $user['roles']; if(isset($req['admin_user_edit'])) $req['change_id'] = $req['cid']; if($req['admin_user_edit'] == 'hidden_edit') $req['change_id'] = $req['cid1']; } if(!isset($req['lang']) && isset($req['id'])) { $langStmt = new Statement('SELECT lang FROM '.$GLOBALS['fc_config']['db']['pref'].'connections WHERE id=?',215); $rs = $langStmt->process($req['id']); $rec = $rs->next(); $req['lang'] = $rec['lang']; } $font = '<center><div class="die"><center><br>'; // some error printouts in file upload section $register = false; $fc_std_profile = false; $userid = 0; $error = false; if($req['register'] == 'true') { $fc_std_profile = true; $register = true; } if(isset($req['save'])) { $fc_std_profile = true; } if(!$fc_std_profile) // addon part { // ******** Begin of functions function makeRandomPassword() { $salt = 'abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ0123456789'; srand((double)microtime()*1000000); $i = 0; while ($i <= 8) { $num = rand() % 56; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } function tryagain($msg1, $msg2, $msg3, $type) { global $smarty; $style_sheet = send_style_sheet($msg3); $tryagain_data = array( 'msg1' => $msg1, 'msg2' => $msg2, 'type' => $type ); $smarty->assign('tryagain', true); $smarty->assign('tryagain_data', $tryagain_data); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } function showInfoLine($itm, $add='') { global $edit, $msg, $width150, $width450, $req; $value = ''; if( !$msg[$itm] && !$edit ) return $value; $value.= $width150.$msg[$itm].$width450; if( $edit ) { $value.= '<input type="text" name="' . $itm . '" size="60" value="' . $req[$itm] . '">'; } else { $s = Message::replaceBadWord($req[$itm]); if( $add == 'link') $value.= '<a href="' . $s . '" target="_blank">' . $s . '</a>'; else if( $add == 'mail') $value.= '<a href="mailto:' . $s . '">' . $s . '</a>'; else $value.= $s; } $value.= '</td></tr>'; return $value; } // ******** End of functions // ******** Begin of variables $fields = array( 't01' => '', 't02' => '', 't03' => '', 't04' => '', 't05' => '', 't06' => '', 't07' => '', 't08' => '', 't09' => '', 't10' => '', 't11' => '', 't12' => '', 't13' => '', 't14' => '', 't15' => '', 't41' => '', 't42' => '', 't43' => '', 't44' => '' ); // ******** End of variables // ******** Begin of code //user wants new password sent to registered email address if(isset($req['newpassword'])) { $style_sheet = send_style_sheet($msg['t56']); $smarty->assign('newpassword', true); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } // user wants old password sent to registered email address if(isset($req['oldpassword'])) { $style_sheet = send_style_sheet($msg['t56']); $smarty->assign('oldpassword', true); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } // send old password to registered email address if(isset($req['sendoldpassword'])) { $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE login=?'); $rs = $stmt->process($req['nick']); if(($rec = $rs->next()) && $rec['profile']) { $profile = unserialize($rec['profile']); } else { tryagain($msg['t55'], $msg['t61'], $msg['t57'], 'oldpassword'); } if(isset($profile['fullname']) && isset($profile['email'])) { $profile['t05'] = $profile['email']; } if($profile['t05'] == $req['email']) { if(!preg_match('/^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$/', $profile['t05'])) { tryagain($msg['t60'] . ' <a href="mailto:' . $FC_owner_email . '">' . $FC_owner_name . '</a>', $msg['t61'], $msg['t57'], 'oldpassword'); } //password encrypted generate new password if( $GLOBALS['fc_config']['encryptPass'] ) { $newPass = makeRandomPassword(); $rec['password'] = $newPass; } $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-type: text/plain; charset=UTF-8\n"; $headers .= "X-Mailer: php\n"; $headers .= "From: \"" . $FC_owner_name . "\" <" . $FC_owner_email . ">\n"; if( mail($req['email'], $msg['t63'] . ' ' . $rec['login'], $msg['t64'] . CRLF . CRLF . $rec['password'] . CRLF . CRLF . $msg['t53'], $headers) ) { //setup new password if( $GLOBALS['fc_config']['encryptPass'] ) { $s = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET `password`=MD5(?) WHERE login=? LIMIT 1'); $r = $s->process($newPass, $req['nick']); } } else { tryagain($msg['t59'], $msg['t61'], $msg['t57'], 'oldpassword'); } } else { tryagain($msg['t55'], $msg['t61'], $msg['t57'], 'oldpassword'); } $style_sheet = send_style_sheet($msg['t56']); $smarty->assign('sendoldpassword', true); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } // send new password to registered email address if(isset($req['sendnewpassword'])) { $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE login=?'); $rs = $stmt->process($req['nick']); if(($rec = $rs->next()) && $rec['profile']) { $profile = unserialize($rec['profile']); } else { tryagain($msg['t55'], $msg['t47'], $msg['t57'], 'newpassword'); } if($profile['fullname']) { $profile['t05'] = $profile['email']; } if($profile['t05'] == $req['email']) { if(!preg_match('/^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$/', $profile['t05'])) { tryagain($msg['t60'] . ' <a href="mailto:' . $FC_owner_email . '">' . $FC_owner_name . '</a>', $msg['t47'], $msg['t57'], 'newpassword'); } $newpassword = makeRandomPassword(); $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-type: text/plain; charset=UTF-8\n"; $headers .= "X-Mailer: php\n"; $headers .= "From: \"" . $FC_owner_name . "\" <" . $FC_owner_email . ">\n"; if(mail($req['email'], $msg['t51'] . ' ' . $rec['login'], $msg['t52'] . CRLF . CRLF . $newpassword . CRLF . CRLF . $msg['t53'], $headers)) { $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET password=? WHERE id=?',125); if( $GLOBALS['fc_config']['encryptPass'] > 0 ) { $newpassword = md5($newpassword); } $stmt->process($newpassword, $rec['id']); } else { tryagain($msg['t59'], $msg['t47'], $msg['t57'], 'newpassword'); } } else { tryagain($msg['t55'], $msg['t47'], $msg['t57'], 'newpassword'); } $style_sheet = send_style_sheet($msg['t56']); $smarty->assign('sendnewpassword', true); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } // user finished selection of file so try to upload the file now if(isset($req['load'])) { $_FILES['img1']['name'] = strtolower($_FILES['img1']['name']); //make sure file name is lower case. $_FILES['img1']['name'] = str_replace(' ', '_', $_FILES['img1']['name']); //get rid of spaces $_FILES['img1']['name'] = str_replace('$', '_', $_FILES['img1']['name']); //get rid of '$' $file_name = $_FILES['img1']['name']; //take the file name, and then get all the stuff after the last '.' (the file extension) $file_name = strrchr($file_name, '.'); //make sure file type is supported if(!in_array($file_name, $ext)) { $error = $font . $msg['t23']; foreach( $ext as $exts ) { $error .= $exts . " "; } $error .= '<br> <br>'; } if(!$error) { $file_size = $_FILES['img1']['size']; //make sure file isn't too large if($file_size > $max_file_size) { $error = $font . $msg['t24'] . round(($file_size/1024), 0) . $msg['t25'] . round((( $max_file_size / 1024 ) ) , 2) . ' KB'. '<br> '; } } if(!$error) { //get the file type from mime types and upload file to directory if ($_FILES['img1'] != '') { $file_type = '/error'; if(!is_script($_FILES['img1']['tmp_name'])) { if( $_FILES['img1']['type'] == "image/gif" ) $file_type = '.gif'; if( $_FILES['img1']['type'] == "image/pjpeg" ) $file_type = '.jpg'; if( $_FILES['img1']['type'] == "image/jpeg" ) $file_type = '.jpg'; if( $_FILES['img1']['type'] == "image/jpc" ) $file_type = '.jpg'; if( $_FILES['img1']['type'] == "image/bmp") $file_type = '.bmp'; $fw = $ufolder . $req['change_id']; if(file_exists($fw . '.jpg')) unlink($fw . '.jpg'); if(file_exists($fw . '.gif')) unlink($fw . '.gif'); if(file_exists($fw . '.bmp')) unlink($fw . '.bmp'); $newtofile = $fw . $file_type; //name file with user id and save in profile image directory copy($_FILES['img1']['tmp_name'], $newtofile) or $error = $font . $msg['t26'] . '<br> '; } else { $error = $font . $msg['t124'] . '<br> '; } } else { $error = $font . $msg['t27'] . '<br> '; } } // Update user profile with new URL to picture if(!$error) { $user = ChatServer::getUser($req['change_id']); $stmt = new Statement('SELECT profile FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120); $rs = $stmt->process($user['id']); if(($rec = $rs->next()) && $rec['profile']) { $profile = unserialize($rec['profile']); } else { $profile = array(); } $profile['t12'] = $newtofile; $req = array_merge($fields, $profile, $req); $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?',114); $stmt->process(serialize($profile), $user['id']); } } // user clicked for upload of picture so show that page if(isset($req['TCpicture']) || $error) { $user = ChatServer::getUser($req['change_id']); if(!$error) { // update user profile fields first foreach($fields as $k => $v) { $fields[$k] = $req[$k]; } $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?',114); $stmt->process(serialize($fields), $user['id']); } $style_sheet = send_style_sheet($msg['t32']); $s_ext = ''; foreach ( $ext as $exts ) { $s_ext.= $exts.' '; } $file_size = round(( $max_file_size / 1024 ) , 2); $smarty->assign('TCpicture', true); $smarty->assign('error', $error); $smarty->assign('req', $req); $smarty->assign('user', $user); $smarty->assign('exts', $s_ext); $smarty->assign('file_size', $file_size); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } // user want to save the text in profile set and maybe also update password if(isset($req['TCsave'])) { $user = ChatServer::getUser($req['change_id']); foreach($fields as $k => $v) { $fields[$k] = $req[$k]; } $pwdmsg = ''; // fix $fields['t14'] = trim($fields['t14']); $fields['t15'] = trim($fields['t15']); if((strlen($fields['t14']) > 0) || (strlen($fields['t15']) > 0)) { if((strlen($fields['t14']) < 1) || (strlen($fields['t15']) < 1)) { $pwdmsg = $msg['t40']; } // password change if((strlen($fields['t14']) > 0) && (strlen($fields['t15']) > 0)) { $stmt = new Statement('SELECT password FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120); $rs = $stmt->process($user['id']); $pwdmsg = $msg['t39']; $rec = $rs->next(); if($fields['t14'] === $rec['password'] || md5($fields['t14']) === $rec['password']) { $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET password=? WHERE id=?',125); if( $GLOBALS['fc_config']['encryptPass'] > 0 ) { $fields['t15'] = md5($fields['t15']); } $stmt->process($fields['t15'], $user['id']); $pwdmsg = $msg['t38']; } $fields['t14'] = ''; $fields['t15'] = ''; } } foreach($fields as $k => $v) { $fields[$k] = removeEvilTags($v); } if(strlen(trim($fields['t12'])) < 2) { $fw = $ufolder . $req['change_id']; if(file_exists($fw . '.jpg')) unlink($fw . '.jpg'); if(file_exists($fw . '.gif')) unlink($fw . '.gif'); if(file_exists($fw . '.bmp')) unlink($fw . '.bmp'); } $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?',114); $stmt->process(serialize($fields), $user['id']); //update gender of user in chat $gender = strtoupper(substr($fields['t43'], 0, 1)); $conn->process(array('c' => 'sgen', 'u' => $user['id'], 't' => ($gender != 'M' && $gender != 'F')? NULL : $gender)); //send notification to all users about new photo //$conn->sendToAll(new Message('spht', $conn->userid, null, (strlen(trim($fields['t12'])) < 2)? '' : $fields['t12'])); } // **************************************** // display the user profile (default entry) // **************************************** $edit = (isset($req['flashchatid']) && ($req['id'] != SPY_USERID) && $req['userid'] == $req['id']); if($req['admin_show_profile']) $edit = true; if(!$edit_allowed) $edit = false; $user = ChatServer::getUser($req['change_id']); if(!$edit) $user = ChatServer::getUser($req['userid']); $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120); $rs = $stmt->process($user['id']); if(($rec = $rs->next()) && $rec['profile']) { $test_profile = unserialize($rec['profile']); if( is_array($test_profile) && array_key_exists('fullname', $test_profile)) { $profile['t01'] = $test_profile['fullname']; $profile['t04'] = $test_profile['age']; $profile['t05'] = $test_profile['email']; $profile['t06'] = $test_profile['msnm']; $profile['t07'] = $test_profile['site']; $profile['t10'] = $test_profile['icq']; $profile['t13'] = $test_profile['comments']; $profile['t41'] = $test_profile['aim']; $profile['t42'] = $test_profile['yim']; $profile['t43'] = $test_profile['gender']; $profile['t44'] = $test_profile['location']; } else { $profile = unserialize($rec['profile']); $profile['t13'] = str_replace('\\', '', $profile['t13']); // fix for those who enters multiple \ } } else { $profile = array(); } $req = array_merge($fields, $profile, $req); if($user) { if(!$edit) { foreach($req as $k => $v) { if(!$v) $msg[$k] = null; } } $htmlSelect = ''; if($edit) { $htmlSelect = htmlSelect('t43', $gender_arr, $req['t43']); } else { $htmlSelect = Message::replaceBadWord($req['t43']); } if(substr($req['t12'], 0, 7) == 'http://' && $nick = strpos($req['t12'], 'nick_image')) { $req['t12'] = './' . substr($req['t12'], $nick); } $is_http = false; $is_file_exists = false; if(substr($req['t12'], 0, 7) == 'http://') { $is_http = true; } else if($req['t12'] && file_exists($req['t12'])) { $is_file_exists = true; $size = getimagesize($req['t12']); if($size['0'] < $pictureWidth) { $pictureWidth = $size['0']; } } $width150 = '<tr><td align="right" width="250">'; $width450 = '</td><td width="450">'; $infoLine1 = showInfoLine('t01'). showInfoLine('t02'). showInfoLine('t44'). showInfoLine('t03'); $infoLine2 = showInfoLine('t04'). showInfoLine('t05', 'mail'). showInfoLine('t07', 'link'). showInfoLine('t08', 'link'). showInfoLine('t41'). showInfoLine('t42'). showInfoLine('t10'). showInfoLine('t06'); $replaceBadWord_t13 = Message::replaceBadWord($req['t13']); $is_writable = is_writable($ufolder); $is_role_admin = ($rec['roles'] == ROLE_ADMIN); $is_role_user = ($req['roles'] == ROLE_USER); $style_sheet = send_style_sheet('"' . $user['login'] . '"'); // display a list of all profiles in users table if($showAllProfiles || $is_role_admin) { $value = ''; //pages $page_num = $_REQUEST['pg']; if( ($page_num == '') && !is_numeric($page_num) ) $page_num = 1; $page_num--; $stmt = new Statement('SELECT count(*) users_amount FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE profile <> \'\'',121); $rs = $stmt->process(); $rec = $rs->next(); $limit = ''; $all_profiles = $rec['users_amount']; if( $all_profiles > $profiles_per_page ) { $limit = ' LIMIT ' . $page_num*$profiles_per_page . ', '.$profiles_per_page; } //--- $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE profile <> \'\' ORDER BY login '.$limit , 122 ); $rs = $stmt->process(); if($rs->hasNext()) { $value.= '</table><center><div width=50%><h2>'.$msg['t22'].'</h2></div></center>'; //--- if( $all_profiles > $profiles_per_page ) { $value.= '<div align=center class=pages>All profeles '.$all_profiles.' | Showing Profiles '. ($page_num*$profiles_per_page+1). '-' . min((($page_num+1)*$profiles_per_page), $all_profiles) . ' | Page '; for($i=1; $i<=ceil($all_profiles/$profiles_per_page); $i++) { if($i == $page_num+1) { $value.= $i.' '; continue; } $value.= "<a href=\"profile.php?userid={$_REQUEST['userid']}&lang={$_REQUEST['lang']}&pg=$i\">$i</a>"; } $value.= '</div>'; } //--- if(!$showGallery) $value.= '<table align=center border=0 cellpadding=5 cellspacing=0 width=30%>'; else $value.= '<table align=center border=0 cellpadding=5 cellspacing=2 width=80%><tr>'; $pics = 1; while($rec = $rs->next()) { if(isset($rec['profile'])) { $profile = unserialize($rec['profile']); if($showGallery) { $pict_msg = $msg['t45']; if(!$profile['t12']) { $profile['t12'] = 'flashChat_slogo.png'; $pict_msg = $msg['t68']; } $profileLink = '<td align=center valign=middle width=18%><a href="' . $profile['t12'] . '" target="_blank"><img border=0 width=' . $thumbWidth . ' border=0 src="' . $profile['t12'] . '" alt="' . $pict_msg . '"></a>'; $profileLink .= "<br><a href=\"profile.php?pg={$_REQUEST['pg']}&userid=" . $rec['id'] . '&lang=' . $req['lang'] . '" title="' . $msg['t46'] . '" target="_self">' . $rec['login'] . '</a>'; if($req['flashchatid'] && ($req['roles'] == ROLE_ADMIN)) { $profileLink .= '<br><form action="profile.php" method="post" name="fc_profile">'; $profileLink .= '<input type="hidden" name="flashchatid" value="' . $req['flashchatid'] . '">'; $profileLink .= '<input type="hidden" name="lang" value="' . $req['lang'] . '">'; $profileLink .= '<input type="hidden" name="userid" value="' . $req['id'] . '">'; $profileLink .= '<input type="hidden" name="cid" value="' . $rec['id'] . '">'; $profileLink .= '<input type="submit" name="admin_user_edit" value="Edit">'; $profileLink .= '</form>'; } $value.= $profileLink . '</td>'; if($pics++ == $pics_row) { $pics = 1; $value.= '</tr><tr>'; } } else { $profileLink = '<tr>'; if($profile['t12']) { $profileLink .= '<td align="right"><a href="' . $profile['t12'] . '" target="_blank"><img border=0 height=10 width=15 border=0 src="./profile/camera.gif" alt="' . $msg['t45'] . '"></a>'; } else { $profileLink .= '<td></td>'; } $profileLink .= '<td align="left"><a href="profile.php?userid=' . $rec['id'] . '&lang=' . $req['lang'] . '" title="' . $msg['t46'] . '">' . $rec['login'] . '</a></td></tr>'; $value.= $profileLink; } } } } $smarty->assign('value', $value); } $smarty->assign('default', true); $smarty->assign('msg', $msg); $smarty->assign('user', $user); $smarty->assign('req', $req); $smarty->assign('edit', $edit); $smarty->assign('infoLine1', $infoLine1); $smarty->assign('infoLine2', $infoLine2); $smarty->assign('width150', $width150); $smarty->assign('width450', $width450); $smarty->assign('htmlSelect', $htmlSelect); $smarty->assign('is_writable', $is_writable); $smarty->assign('is_role_admin', $is_role_admin); $smarty->assign('is_role_user', $is_role_user); $smarty->assign('ufolder', $ufolder); $smarty->assign('is_http', $is_http); $smarty->assign('is_file_exists', $is_file_exists); $smarty->assign('pictureWidth', $pictureWidth); $smarty->assign('replaceBadWord_t13', $replaceBadWord_t13); $smarty->assign('pwdmsg', $pwdmsg); $smarty->assign('showAllProfiles', $showAllProfiles); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } else { $style_sheet = send_style_sheet($msg['t17'].$req['userid']); $smarty->assign('not_user', true); $smarty->assign('req', $req); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } // ******** End of code } else // start of FlashChat standard registration page { require_once('inc/country.inc.php'); $req = array_merge($_GET, $_POST); $fields = array( 'fullname' => '', 'email' => '', 'site' => '', 'icq' => '', 'aim' => '', 'yim' => '', 'msnm' => '', 'comments' => '', 'gender' => '', 'age' => '', 'location' => '' ); if( isset($req['save']) ) { if( $req['register'] ) { //check if user existing //changed on 090706 for chat instances /*$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=? LIMIT 1"); $usr = $stmt->process($req['user_name']);*/ $usrNumRows = 0; if($req['fc_instance_purchase'] != 1)//for new chat instaqnce purchase no need to check if a member exists since new instance to be created (added on 090706 for chat instances { $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE login=? and instance_id=? LIMIT 1',112); $usr = $stmt->process($req['user_name'], $_SESSION['session_inst']); $usrNumRows = $usr->numRows; } //changed on 090706 for chat instances ends here if($usrNumRows > 0 || Message::replaceBadWord($req['user_name']) != $req['user_name']) { $register_succ = false; $register = true; $errmsg = str_replace('[user_name]', $req['user_name'], $msg['t100']); $req['user_name'] = ''; $userid = -1; } else { if( $usrNumRows != 0 ) { $req['role'] = ROLE_USER;//always insert user } // added on 090706 for chat instances if($req['is_paid'] == 1) { if(!isset($req['from']) ) { if($req['fc_instance_purchase'] == 1) { $PAYPAL[transaction_type]='New_Instance_Purchase'; $PAYPAL['business'] = $GLOBALS['fc_config']['fc_instance']['paypal_admin_bussiness_email']; $PAYPAL['amount'] = $GLOBALS['fc_config']['fc_instance']['instance_value']; $PAYPAL['currency_code'] = $GLOBALS['fc_config']['fc_instance']['admin_currency_type']; $PAYPAL['notify'] = paypal_notify_url().'®ister=1&fc_instance_purchase=1'; } else //if($req['fc_instance_purchase'] == 1) { $PAYPAL[transaction_type]='paid_registration_'+$_SESSION['session_inst_name']; $PAYPAL['business'] = $GLOBALS['fc_config']['paypal_bussiness_email']; $PAYPAL['amount'] = $GLOBALS['fc_config']['membership_amount']; $PAYPAL['currency_code'] = $GLOBALS['fc_config']['payment_currency_type']; $PAYPAL['notify'] = paypal_notify_url().'®ister=1'; }//if($req['fc_instance_purchase'] == 1) $PAYPAL['url'] = paypal_url(); $PAYPAL['itemname'] = $PAYPAL[transaction_type]; $PAYPAL['item_number'] = paypal_invoice_number(); $PAYPAL['payer_email'] = $req['email']; $PAYPAL['payer_id'] = $req['user_name']; $PAYPAL['shipping'] = 0; $PAYPAL['return'] = paypal_return_url(); $PAYPAL['cancel_return'] = paypal_cancel_url(); //emulatepaypal(); $smarty->assign('PAYPAL', $PAYPAL); $smarty->display('paypal_form.tpl'); die(); }//if(!isset($req['from']) }//if($req['is_paid'] == 1) // added on 090706 for chat instances ends here //--- //changed on 090706 for chat instances /*$stmt = new Statement("INSERT INTO {$GLOBALS['fc_config']['db']['pref']}users (login,password,roles) VALUES (?,?,?)"); if( !isset($req['role']) ) $req['role'] = ROLE_USER; if( $GLOBALS['fc_config']['encryptPass'] > 0 ) {$req['password'] = md5($req['password']);} $userid = $stmt->process($req['user_name'] , $req['password'], $req['role']);*/ if( !isset($req['role']) ) $req['role'] = ROLE_USER; $req['session_inst'] = $_SESSION['session_inst']; //added on 090706 for chat instance if($req['fc_instance_purchase'] == 1) { $req['role'] = ROLE_MODERATOR; $stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}config_instances WHERE is_default=1"); $rs = $stmt->process(); if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf( $stmt->final_query.'<br>' ); $rec = $rs->next(); $fc_default_inst = $rec['id']; //is_active,is_default,name,created_date $stmt = new Statement("INSERT INTO {$GLOBALS['fc_config']['db']['pref']}config_instances (is_active,is_default,name,created_date) VALUES ('1','0','NEW INSTANCE of {$req['user_name']}',NOW())"); $req['session_inst'] = $stmt->process(); if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf( $stmt->final_query.'<br>' ); $fc_new_instance_queries = array("values"=>"INSERT INTO {$GLOBALS['fc_config']['db']['pref']}config_values ( instance_id,config_id,value,disabled ) SELECT '{$req['session_inst']}',config_id,value,disabled FROM {$GLOBALS['fc_config']['db']['pref']}config_values WHERE {$GLOBALS['fc_config']['db']['pref']}config_values.instance_id = $fc_default_inst;", "rooms"=>"INSERT INTO {$GLOBALS['fc_config']['db']['pref']}rooms ( created,name,password,ispublic,ispermanent,instance_id ) SELECT NOW() ,name,password,ispublic,ispermanent, '{$req['session_inst']}' FROM {$GLOBALS['fc_config']['db']['pref']}rooms WHERE {$GLOBALS['fc_config']['db']['pref']}rooms.instance_id = $fc_default_inst" ); foreach($fc_new_instance_queries as $type=>$fc_new_instance_query) { mysql_query($fc_new_instance_query);//stmt doesnt work for subqueries if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf( $fc_new_instance_query.'<br>' ); }//foreach($fc_new_instance_queries as $fc_new_instance_query) //admin/cnf_config.php?module=instances&method=Dublicate&ID=1 }//if($req['fc_instance_purchase'] == 1) $stmt = new Statement('INSERT INTO '.$GLOBALS['fc_config']['db']['pref'].'users (login,password,roles,instance_id) VALUES (?,?,?,?)',113); if( $GLOBALS['fc_config']['encryptPass'] > 0 ) {$req['password'] = md5($req['password']);} $userid = $stmt->process($req['user_name'] , $req['password'], $req['role'], $req['session_inst']); if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf($stmt->final_query); //changed on 090706 for chat instances ends here unset($req['user_name'] ,$req['password'],$req['register'], $req['role']); if( isset($userid) && $userid > 0 ) { $register_succ = true; } //added on 090706 for chat instance if($req['fc_instance_purchase'] == 1) { //create instance code } //added on 090706 for chat instance ends here } } if($req['gender'] == 'male') $req['gender'] = $msg['t102']; if($req['gender'] == 'female') $req['gender'] = $msg['t103']; if($req['gender'] == 'other') $req['gender'] = $msg['t104']; foreach($fields as $k => $v) { $fields[$k] = removeEvilTags($req[$k]); } $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?', 114); $stmt->process(serialize($fields), $userid); $req['userid'] = $userid; } $edit = (isset($req['userid']) && ($req['userid'] != SPY_USERID) && ($userid == $req['userid'])) || $register; $user = ChatServer::getUser($req['userid']); $stmt = new Statement('SELECT profile FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120); $rs = $stmt->process($req['userid']); if(($rec = $rs->next()) && $rec['profile']) { $profile = unserialize($rec['profile']); } else { $profile = array(); } $req = array_merge($fields, $profile, $req); if( $register_succ === true ) { $style_sheet = send_style_sheet($msg['t101']); $user_name = stripslashes(str_replace('[user_name]', $_POST['user_name'], $msg['t106'])); $smarty->assign('register_succ', $register_succ); $smarty->assign('user_name', $user_name); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } else if($user || $register) { if(!$register) { $msgt = 'Profile for user "'.$user['login'].'"'; } else { $msgt = $msg['t101']; $req['location'] = $default_country; } $style_sheet = send_style_sheet($msgt); //---check if is registered users $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users LIMIT 1',115); $rs = $stmt->process(); $firstUser = $rs->numRows == 0; //--- $is_role_user = $req['role'] == ROLE_USER || !isset($req['role']); $is_role_admin = ($req['role'] == ROLE_ADMIN); $is_role_spy = ($req['role'] == ROLE_SPY); $is_role_customer = ($req['role'] == ROLE_CUSTOMER); $is_live_support_mode = $GLOBALS['fc_config']['liveSupportMode']; $htmlSelect_gender = htmlSelect('gender', $gender_arr, $req['gender']); $gender = $gender_arr[$req['gender']]; $htmlSelect_location = htmlSelect('location', $countries, $req['location']); $location = $countries[$req['location']]; $nl2br = nl2br($req['comments']); $smarty->assign('req', $req); $smarty->assign('user_or_register', ($user || $register)); $smarty->assign('user', $user); $smarty->assign('register', $register); $smarty->assign('firstUser', $firstUser); $smarty->assign('errmsg', $errmsg); $smarty->assign('edit', $edit); $smarty->assign('enable_reg', $enable_reg); $smarty->assign('ROLE_USER', ROLE_USER); $smarty->assign('ROLE_ADMIN', ROLE_ADMIN); $smarty->assign('ROLE_SPY', ROLE_SPY); $smarty->assign('ROLE_CUSTOMER', ROLE_CUSTOMER); $smarty->assign('is_role_user', $is_role_user); $smarty->assign('is_role_admin', $is_role_admin); $smarty->assign('is_role_spy', $is_role_spy); $smarty->assign('is_role_customer', $is_role_customer); $smarty->assign('is_live_support_mode', $is_live_support_mode); $smarty->assign('htmlSelect_gender', $htmlSelect_gender); $smarty->assign('gender', $gender); $smarty->assign('htmlSelect_location', $htmlSelect_location); $smarty->assign('location', $location); $smarty->assign('nl2br', $nl2br); $smarty->assign('style_sheet', $style_sheet); // added on 090706 for chat instances if($GLOBALS['fc_config']['is_paid_chat'] == 1 && !$firstUser && $register) { $smarty->assign('is_paid', 1); $smarty->assign('session_inst', $_SESSION['session_inst']); if($req['fc_instance_purchase'] == 1) { $smarty->assign('fc_instance_purchase', 1); $smarty->assign('fc_roles', ROLE_MODERATOR); }//if($req['fc_instance_purchase'] == 1) $smarty->display('profile_paid.tpl'); die(); }//if($GLOBALS['fc_config']['is_paid_chat'] == 1 && !$firstUser && $register) // added on 090706 for chat instances ends here $smarty->display('profile.tpl'); die(); } else { $style_sheet = send_style_sheet($msg['t17'].$req['userid']); $smarty->assign('req', $req); $smarty->assign('style_sheet', $style_sheet); $smarty->display('profile.tpl'); die(); } } ?>