PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<?php session_start(); //allows session ?>
<html><?php echo "<title>Editing profile for $user[username] | sodaDome.com</title>"; ?>
<head>
</head>
<body>
<?php
include "config.php";
echo "<center>";
//checks see if there logged in
if($logged[id])
{
if(isset($_GET['update'])){
//Email
$email = addslashes(htmlspecialchars($_POST[email]));
//Where you are
$location = addslashes(htmlspecialchars($_POST[location]));
//Headline yo
$headline = addslashes(htmlspecialchars($_POST[headline]));
//Your Age
$age = (int) $_POST['age']; // you could also use the intval() function, but this works fine
//Gender
$sex = addslashes(htmlspecialchars($_POST[sex]));
//Sodaplay.com account
$sodaname = addslashes(htmlspecialchars($_POST[sodaname]));
//Avatar
$avatar = addslashes(htmlspecialchars($_POST[avatar]));
//MSN
$msn = addslashes(htmlspecialchars($_POST[msn]));
//AIM
$aim = addslashes(htmlspecialchars($_POST[aim]));
//WebPage
$sitename = addslashes(htmlspecialchars($_POST[sitename]));
//Site URL
$siteurl = addslashes(htmlspecialchars($_POST[siteurl]));
//Small Biography
$smallbio = addslashes(htmlspecialchars($_POST[smallbio]));
//Personal Text
$customeheader = (int)addslashes(htmlspecialchars($_POST[customeheader]));
//Interests
$interests = addslashes(htmlspecialchars($_POST[interests]));
//checks the sex if its ok
if(($sex == "Male") || ($sex == "Female")){
//updates there profile in the db
$update = mysql_query("UPDATE `members` SET `email` = '$email', `sex` = '$sex', `siteurl` = '$siteurl', `headline` = '$headline', `avatar` = '$avatar', `interests` = '$interests', `sitename` = '$sitename', `msn` = '$msn', `sodaname` = '$sodaname', `age` = '$age', `location` = '$location' WHERE `username` = '$logged[username]'");
echo "<font color=green><b>Profile updated.</b></font> <a href=http://sodadome.com/account/editprofile.php>Go back to editing profile</a> or <a href=http://sodadome.com/account/members.php?user=$logged[username]>view your profile.</a>.";
}
//if the sex is invalid
else{
echo "Invalid sex input!";
}
}else{
$getuser = mysql_query("SELECT * FROM `members` WHERE `username` = '$logged[username]'");
$user = mysql_fetch_array($getuser);
echo "<form name='form1' action='editprofile.php?update' method='post'>
<fieldset><legend>Edit Profile for $logged[username]</legend>
<fieldset><legend>Other</legend>
<table width=100%><tr><td><b>Avatar:</b></td><td align=left><input type='text' name='avatar' size='30' value='$user[avatar]'></td></tr>
<tr><td><b>Headline:</b></td><td align=left><input type='text' name='headline' size='30' maxlength='40' value='$user[headline]'></td></tr></table>
</fieldset>
<fieldset><legend>Personal Information</legend>
<table width=100%>
<tr><td><b>Location</b></td><td align=left><input type='text' name='location' size='30' maxlength='40' value='$user[location]'></td></tr>
<tr><td><b>Age</b></td><td align=left> <input type='text' name='age' size='30' maxlength='10' value='$user[age]'></td></tr>
<tr><td><b>Email</b></td><td align=left><input type='text' name='email' size='30' maxlength='55' value='$user[email]'></td></tr>
<tr><td><b>Sex:</b></td><td align=left><select size='1' name='sex' value='$user[sex]'>
<option value='Male' "; if($user[sex] == Male) {
echo "selected"; }
echo ">Male</option>
<option value='Female' "; if($user[sex] == Female) {
echo "selected"; }
echo ">Female</option>
</select></td></tr></table>
</fieldset><br>
<fieldset><legend>Contact Handlers</legend>
<table width=100%><tr><td><b>AIM</b></td><td> <input type='text' name='aim' size='30' maxlength='35' value='$user[aim]'></td></tr>
<td><b>MSN</b></td><td> <input type='text' name='msn' size='30' maxlength='55' value='$user[msn]'></td></tr></table>
</fieldset>
<fieldset><legend>Interests</legend>
<input type='text' name='interests' size='30' maxlength='30' value='$user[interests]'></fieldset><br>
<fieldset><legend>Small Biography</legend><left>
<textarea type='text' name='smallbio' rows='7' cols='30' value='$user[smallbio]'></textarea></fieldset></left>
<fieldset><legend>Website</legend>
<table width=100%><tr><td><b>Site Name</b></td><td> <input type='text' name='sitename' size='30' maxlength='35' value='$user[sitename]'></td></tr>
<td><b>Site URL</b></td><td> <input type='text' name='siteurl' size='30' maxlength='55' value='$user[siteurl]'></td></tr></table>
</fieldset><br>
<fieldset><legend>sodaplay account</legend><table width=100%><tr><td>
http://sodaplay.com/creators/<input type=text name=sodaname size=20 maxlength=25 onkeydown=change_case(); onBlur=change_case(); value=$user[sodaname]></fieldset></td></tr></table></fieldset><br>
<table width=100%><tr><td><input type='submit' value='Update'></td></tr></table>
</form></fieldset>";
}
}
else
{
echo "You are not logged in.";
}
echo "<center>";
?>
<script type="text/javascript">
function change_case()
{
document.form1.sodaname.value=document.form1.sodaname.value.toLowerCase();
}
</script>
</body></html>
PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php session_start(); //allows session ?>
<html><?php echo "<title>Member List | sodaDome.com</title>"; ?>
<head>
</head>
<body>
<?php
include "config.php";
echo "<center>";
if(isset($_GET['user'])){ //if there trying to view a profile
//gets the user name and makes it safe
$username = addslashes($_GET[user]);
//querys the db to find the username
$getuser = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'");
//checks see if the username exists in the db
$usernum = mysql_num_rows($getuser);
//if it don't exist
if ($usernum == 0)
{
//don't exist
echo ("User Not Found");
}
//if it does exist then show there profile
else
{
$user = mysql_fetch_array($getuser);
echo "<fieldset style='width: 500'>
<b>$user[username]'s Profile | sodaDome.com</b><br><br>
<img src=$user[avatar] width=150px height=150px border=0><br><br>
<I>$user[headline]</i><br><br>
Last Logged On: $user[last_seen]<br>
<a href='friendrequest.php?user=$user[username]'>Add as Friend</a><br>
Email: $user[email]<br>
Member No.: $user[id]<br>
Homepage: <a href=$user[siteurl] target=_blank>$user[sitename]</a><br>
Location: $user[location]<br>
Sex: $user[sex]<br>
Member Level: $user[userlevel]<br>
Age: $user[age]<br>
Joined on: $user[signupdate]<br>
sodaplay account: <a href=http://sodaplay.com/creators/$user[sodaname] target=_blank>$user[sodaname]</a>
</fieldset>";
}
}
else
{
//gets all the members from the database
$getusers = mysql_query("SELECT * FROM `members` ORDER BY `id` ASC") or die(mysql_error());
//loops there name out
while ($user = mysql_fetch_array($getusers))
{
echo "<a href='members.php?user=$user[username]'>$user[username]</a><br>";
}
}
echo "<center>";
?>
</body></html>