";
$sql = "INSERT INTO main (user,nick,format,header,footer) VALUES ('$nick','$nick','$format','$defaultheader','$defaultfooter')";
mysql_query($sql);
}
Require "/home/spencep/inc/chanpage/header.inc";
if ($_POST['update']) {
if (!$format)
$format = "%s: %s
";
$sql = "UPDATE main SET first='$first',last='$last',city='$city',province='$province',country='$country',nick='$nick',email='$email',url='$url',pic='$pic',comment='$comment',format='$format',header='$header',footer='$footer' WHERE user='$nick'";
$result = mysql_query($sql);
}
if ($_FILES['picsent']) {
//HTTP POST Image upload handler
if (is_uploaded_file($_FILES['picsent']['tmp_name'])) {
if (strncasecmp($_FILES['picsent']['type'],"image/",6) == 0 && $_FILES['picsent']['size'] <= 512000) {
/* MIME type confirmed, handle image, save it, edit db */
$ext = strrchr($_FILES['picsent']['name'],".");
$file = sprintf("%s%s%s",$uploadpath,$nick,$ext);
$picurl = sprintf("%s%s%s",$uploadimgurl,$nick,$ext);
move_uploaded_file($_FILES['picsent']['tmp_name'],$file);
if (!$format)
$format = "%s: %s
";
$sql = "UPDATE main SET first='$first',last='$last',city='$city',province='$province',country='$country',nick='$nick',email='$email',url='$url',pic='$picurl',comment='$comment',format='$format',header='$header',footer='$footer' WHERE user='$nick'";
$result = mysql_query($sql);
echo "File uploaded
\n";
} else {
echo "Images and files less than 512000 bytes only please\n
\n";
}
} else {
$sql = "UPDATE main SET first='$first',last='$last',city='$city',province='$province',country='$country',nick='$nick',email='$email',url='$url',pic='$pic',comment='$comment',format='$format',header='$header',footer='$footer' WHERE user='$nick'";
}
}
$sql = sprintf("SELECT * FROM main WHERE user='%s'",$nick);
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
//Display user edit form
Require "useredit.html";
Require "/home/spencep/inc/chanpage/footer.inc";
mysql_close($db);
} elseif ($_GET['sidebar']) {
$db = mysql_connect($sqlhost,$sqluser,$sqlpass);
mysql_select_db("channel",$db);
$result = mysql_query("SELECT user,nick FROM main ORDER BY nick",$db);
echo "User Profiles\n";
while ($myrow = mysql_fetch_array($result)) {
//List users sorted by nicknames
if ($myrow["nick"])
printf("![\"Blitzed](\"http://www.blitzed.org/online.phtml?nick=%s&style=picture\")
%s\n",$PHP_SELF,$myrow["user"],strip_tags($myrow["nick"]),strip_tags($myrow["nick"]));
}
mysql_close($db);
} elseif ($_GET['display']) {
/* This section displays the username and all their info
but only shows fields that are filled
*/
$db = mysql_connect($sqlhost,$sqluser,$sqlpass);
mysql_select_db("channel",$db);
$sql = "SELECT * FROM main WHERE user='$display'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
if (!$row["format"])
$format = "%s: %s
\n";
else
$format = sprintf("%s\n",$row["format"]);
if ($row["header"])
echo $row["header"];
if ($row["pic"])
printf("![\"%s\"/](\"%s\")
\n
",$row["pic"],$row["nick"]);
if ($row["nick"]) {
$output = sprintf($format,"Nickname",$row["nick"]);
echo $output;
}
if ($row["first"]) {
$output = sprintf($format,"First name",$row["first"]);
echo $output;
}
if ($row["last"]) {
$output = sprintf($format,"Last name",$row["last"]);
echo $output;
}
if ($row["city"]) {
$output = sprintf($format,"City",$row["city"]);
echo $output;
}
if ($row["province"]) {
$output = sprintf($format,"Province",$row["province"]);
echo $output;
}
if ($row["country"]) {
$output = sprintf($format,"Country",$row["country"]);
echo $output;
}
if ($row["email"]) {
$email = sprintf("%s",$row["email"],$row["email"]);
$output = sprintf($format,"E-mail",$email);
echo $output;
}
if ($row["url"]) {
$url = sprintf("%s",$row["url"],$row["url"]);
$output = sprintf($format,"Home page",$url);
echo $output;
}
if ($row["comment"]) {
$comments = nl2br($row["comment"]);
$output = sprintf($format,"Comments",$comments);
echo $output;
}
if ($row["footer"]) {
echo $row["footer"];
}
mysql_close($db);
}
?>