Code: Select all
<?php require_once('Connections/pickageek.php'); ?>
<?php
if (isset($_COOKIE["pickageek"]))
{
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE users SET FirstName=%s, LastName=%s, Email=%s, Streetadr=%s, Appthouse=%s, City=%s, Postalcode=%s, Province=%s, Country=%s, Phone=%s, Fax=%s, Expertise=%s, Resume=%s, receivemails=%s WHERE Username=%s",
GetSQLValueString($_POST['FirstName'], "text"),
GetSQLValueString($_POST['LastName'], "text"),
GetSQLValueString($_POST['Email'], "text"),
GetSQLValueString($_POST['Streetadr'], "text"),
GetSQLValueString($_POST['Appthouse'], "text"),
GetSQLValueString($_POST['City'], "text"),
GetSQLValueString($_POST['Postalcode'], "text"),
GetSQLValueString($_POST['Province'], "text"),
GetSQLValueString($_POST['country'], "text"),
GetSQLValueString($_POST['Phone'], "text"),
GetSQLValueString($_POST['Fax'], "text"),
GetSQLValueString($_POST['Expertise'], "text"),
GetSQLValueString($_POST['Resume'], "text"),
GetSQLValueString(isset($_POST['receivemails']) ? "true" : "", "defined","1","0"),
GetSQLValueString($_POST['Username'], "text"));
mysql_select_db($database_pickageek, $pickageek);
$Result1 = mysql_query($updateSQL, $pickageek) or die(mysql_error());
if ($_FILES['userfile']['name']==""){
}
else
{
$dir = $_SERVER['DOCUMENT_ROOT'] . '/images/userlogo/';
$uploadfile = $dir . basename($_FILES['userfile']['name']);
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile);
}
$updateGoTo = "index2.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
mysql_select_db($database_pickageek, $pickageek);
$query_ctrs = "SELECT name FROM countries ORDER BY iso ASC";
$ctrs = mysql_query($query_ctrs, $pickageek) or die(mysql_error());
$row_ctrs = mysql_fetch_assoc($ctrs);
$totalRows_ctrs = mysql_num_rows($ctrs);
$colname_userinfo = "1";
if (isset($_COOKIE['pickageek'])) {
$colname_userinfo = (get_magic_quotes_gpc()) ? $_COOKIE['pickageek'] : addslashes($_COOKIE['pickageek']);
}
mysql_select_db($database_pickageek, $pickageek);
$query_userinfo = sprintf("SELECT Username, FirstName, LastName, Email, Streetadr, Appthouse, City, Postalcode, Province, Country, Phone, Fax, password, Logo, Expertise, Resume, receivemails FROM users WHERE Username = '%s'", $colname_userinfo);
$userinfo = mysql_query($query_userinfo, $pickageek) or die(mysql_error());
$row_userinfo = mysql_fetch_assoc($userinfo);
$totalRows_userinfo = mysql_num_rows($userinfo);
}
else
header ("Location: index2.php");
?>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_validateForm() { //v4.0
var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
if (val) { nm=val.name; if ((val=val.value)!="") {
if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
} else if (test!='R') { num = parseFloat(val);
if (isNaN(val)) errors+='- '+nm+' must contain a number without spaces and special characters.\n';
if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
min=test.substring(8,p); max=test.substring(p+1);
if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
} } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
} if (errors) alert('The following error(s) occurred:\n'+errors);
document.MM_returnValue = (errors == '');
}
//-->
</script>
<link href="style.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style10 {font-size: 12}
-->
</style>
<table width="450" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><form action="<?php echo $editFormAction; ?>" method="post" name="form1" onSubmit="MM_validateForm('FirstName','','R','LastName','','R','Email','','NisEmail','Phone','','RisNum','password','','R');return document.MM_returnValue">
<table align="center" class="text3">
<tr valign="baseline">
<td width="146" align="right" nowrap class="title1">Screen Name:</td>
<td width="270" class="title1 style10"><?php echo $row_userinfo['Username']; ?><br>
<div class="text3">(Screen Names cannot be changed)<br>
<br>
</div></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1"><span class="style1">*</span>First Name:</td>
<td class="text3"><input type="text" name="FirstName" value="<?php echo $row_userinfo['FirstName']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1"><span class="style1">*</span>Last Name:</td>
<td class="text3"><input type="text" name="LastName" value="<?php echo $row_userinfo['LastName']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1"><span class="style1">*</span>Email:</td>
<td class="text3"><input type="text" name="Email" value="<?php echo $row_userinfo['Email']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Street address:</td>
<td class="text3"><input type="text" name="Streetadr" value="<?php echo $row_userinfo['Streetadr']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Appt/house number:</td>
<td class="text3"><input type="text" name="Appthouse" value="<?php echo $row_userinfo['Appthouse']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">City:</td>
<td class="text3"><input type="text" name="City" value="<?php echo $row_userinfo['City']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Postal code:</td>
<td class="text3"><input type="text" name="Postalcode" value="<?php echo $row_userinfo['Postalcode']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Province:</td>
<td class="text3"><input type="text" name="Province" value="<?php echo $row_userinfo['Province']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Country:</td>
<td class="text3">
<select name="country" id="country" class="style3">
<?php
do {
?>
<option value="<?php echo $row_ctrs['name']?>"><?php echo $row_ctrs['name']?></option>
<?php
} while ($row_ctrs = mysql_fetch_assoc($ctrs));
$rows = mysql_num_rows($ctrs);
if($rows > 0) {
mysql_data_seek($ctrs, 0);
$row_ctrs = mysql_fetch_assoc($ctrs);
}
?>
<option SELECTED VALUE='<? echo $row_userinfo['Country']; ?>'><? echo $row_userinfo['Country']; ?></option>
</select></td>
<tr valign="baseline">
<td align="right" nowrap class="title1"><span class="style1">*</span>Phone Number:</td>
<td class="text3"><input type="text" name="Phone" value="<?php echo $row_userinfo['Phone']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Fax Number:</td>
<td class="text3"><input type="text" name="Fax" value="<?php echo $row_userinfo['Fax']; ?>" size="32"></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Password:</td>
<td class="text3">For security reasons you can change your<br>
password only from the main user menu <br>
by clicking on the link "change password" </td>
</tr>
<tr valign="baseline">
<td align="right" valign="top" nowrap class="title1"><br>
Logo:</td>
<td align="left" valign="top" class="text3"><br> <img src="images/spacer.gif" width="5" height="5"><img src='images/userlogo/<? echo $row_userinfo['Logo'] ?>' width="182" height="182" border='1'><br> <br>
<input name="userfile" type="file" class="text3" id="userfile" size="32">
<br>
Only .JPG files allowed in resolution up<br>
to 182 x 182 pixels and size up to 50Kb.</td>
</tr>
<tr valign="baseline">
<td align="right" valign="top" nowrap class="title1"><br>
Expertise Area:</td>
<td class="text3">
<br>
<textarea name="Expertise" cols="40" rows="5"><?php echo $row_userinfo['Expertise']; ?></textarea>
</td>
</tr>
<tr valign="baseline">
<td align="right" valign="top" nowrap class="title1">Resume:</td>
<td class="text3">
<textarea name="Resume" cols="40" rows="5"><?php echo $row_userinfo['Resume']; ?></textarea>
<br>
</td>
</tr>
<tr valign="baseline">
<td align="right" nowrap class="title1">Receive mails:</td>
<td><input type="checkbox" name="receivemails" <?php if (!(strcmp($row_userinfo['receivemails'],"1"))) {echo "checked";} ?>>
(Check this field if you want to receive our daily <br>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="6%"> </td>
<td width="94%" class="text3">job digest. This e-mail is <span class="style1">ADVERTISEMENT FREE.<br>
</span>And it will conatain only project categories you are<br>
interested in)</td>
</tr>
</table></td>
</tr>
<tr valign="baseline">
<td nowrap align="right"><input name="hiddenField" type="hidden" value="<?php echo $row_userinfo['Logo']; ?>"></td>
<td><div align="center">
<br>
<br>
<input type="submit" class="text3" value="Update record">
</div></td>
</tr>
</table>
<input type="hidden" name="MM_update" value="form1">
<input type="hidden" name="Username" value="<?php echo $row_userinfo['Username']; ?>">
</form>
</td>
</tr>
</table>
<?php
mysql_free_result($ctrs);
mysql_free_result($userinfo);
?>