profile.php
Code: Select all
<?PHP
echo '<html>';
echo '<head>';
echo '<title>Edit User Profile</title>';
echo '</head>';
include ('header.php');
if (empty($_COOKIE[user])) {
echo '<table width=\'627\' height=\'120\' cellpadding=\'0\' cellspacing=\'0\' border=\'0\' bgcolor=\'#4F4E4E\' class=\'cat\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\'>Error:</td>';
echo '</tr>';
echo '<tr>';
echo '<td valign=\'top\' >';
echo 'You must be signed in to view this page.';
echo '</td>';
echo '</tr>';
echo '</table>';
}
else {
$dbh=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("database");
$query = sprintf("SELECT * FROM users WHERE username='$_COOKIE[user]' && password='$_COOKIE[pass]'",
mysql_real_escape_string(users));
$numba = 0;
$result = mysql_query($query);
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
$numbe = '0';
while ($row = mysql_fetch_assoc($result)) {
$puser = $row['username'];
$pemail = $row['email'];
$paim = $row['aim'];
$pmsn = $row['msn'];
$pyahoo = $row['yahoo'];
$picq = $row['icq'];
$pwebsite = $row['website'];
$pintrists = $row['intrists'];
$pjoined = $row['joindate'];
$numbe++;
}
echo '<form action=\'profile2.php\' method=\'post\'>';
echo '<table align=\'center\' width=\'627\' cellpadding=\'2\' cellspacing=\'0\' border=\'0\' class=\'cat\' bgcolor=\'#4F4E4E\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\' bgcolor=\'#424242\'>Update Profile:</td>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\' bgcolor=\'#424242\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'bgcolor=\'#424242\'><strong>Name:</strong></td>';
echo '<td width=\'49%\' class=\'profile2\'bgcolor=\'#424242\'><font class=\'text\'>';
echo $puser;
echo '</font></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Current Password:*</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input class=\'text\' type=\'password\' name=\'currentpwd\' maxlength=\'20\' ></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>New Password:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'password\' name=\'pwd1\' maxlength=\'20\' ></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Repeat Password:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input type=\'password\' class=\'text\' name=\'pwd2\' maxlength=\'20\' ></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>Email:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'text\' name=\'uemail\' maxlength=\'30\' value=\'';
echo $pemail;
echo '\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>AIM Address:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input type=\'text\' class=\'text\' name=\'uaim\' maxlength=\'30\' value=\'';
echo $paim;
echo '\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>MSN Address:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'text\' name=\'umsn\' maxlength=\'30\' value=\'';
echo $pmsn;
echo '\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Yahoo Address:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input type=\'text\' class=\'text\' name=\'uyahoo\' maxlength=\'30\' value=\'';
echo $pyahoo;
echo '\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>ICQ Number:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'text\' name=\'uicq\' maxlength=\'30\' value=\'';
echo $picq;
echo '\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Website:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input class=\'text\' type=\'text\' name=\'usite\' maxlength=\'30\' value=\'';
echo $pwebsite;
echo '\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>Intrists:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><textarea name=\'uintrists\' style=\'width: 300px\' rows=\'6\' cols=\'30\' class=\'text\' maxlength=\'500\'>';
echo $pintrists;
echo '</textarea></td>';
echo '</tr>';
echo '</table>';
echo '<table align=\'center\' width=\'627\' cellpadding=\'2\' cellspacing=\'0\' border=\'0\' class=\'profile\' bgcolor=\'#4F4E4E\'>';
echo '<tr>';
echo '<td align=\'center\' background=\'images/09.gif\' height=\'25\' class=\'title\'><input class=\'text\' type=\'submit\' value=\'Update Your Profile\'></td>';
echo '</tr>';
echo '</table>';
echo '</form>';
}
include ('footer.php');
?>profile2.php
Code: Select all
<?PHP
echo '<html>';
echo '<head>';
echo '<title>Edit User Profile</title>';
echo '</head>';
include ('header.php');
$currentpwd = $_POST['currentpwd'];
$pwd1 = $_POST['pwd1'];
$pwd2 = $_POST['pwd2'];
$uemail = $_POST['uemail'];
$uaim = $_POST['uaim'];
$umsn = $_POST['umsn'];
$uyahoo = $_POST['uyahoo'];
$uicq = $_POST['uicq'];
$usite = $_POST['usite'];
$uintrists = $_POST['uintrists '];
echo '<center>';
if (empty($_COOKIE[user])) {
echo '<table width=\'627\' height=\'120\' cellpadding=\'0\' cellspacing=\'0\' border=\'0\' bgcolor=\'#4F4E4E\' class=\'cat\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\'>Error:</td>';
echo '</tr>';
echo '<tr>';
echo '<td valign=\'top\' class=\'text\'>';
echo 'You must be signed in to view this page.';
echo '</td>';
echo '</tr>';
echo '</table>';
}
else {
echo '<table width=\'627\' height=\'120\' cellpadding=\'0\' cellspacing=\'0\' border=\'0\' bgcolor=\'#4F4E4E\' class=\'cat\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\'>Update Profile:</td>';
echo '</tr>';
echo '<tr>';
echo '<td valign=\'top\' class=\'text\'>';
//start validate and update
$dbh=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("database");
$query = sprintf("SELECT * FROM users WHERE username='$_COOKIE[user]' && password='$_POST[currentpwd]'",
mysql_real_escape_string(users));
$numba = 0;
$result = mysql_query($query);
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
$countit = '0';
$errors = '0';
while ($row = mysql_fetch_assoc($result)) {
$countit++;
//checks if passwords equal
if($pwd1 == $pwd2) {
echo '';
}
else {
echo 'Passwords did not match<br>';
$errors++;
}
//validate email in right format
list($userName, $mailDomain) = split("@", $uemail);
if (checkdnsrr($mailDomain, "MX")) {
echo '';
}
else {
echo 'Email is not in the valid format<br>';
$errors++;
}
}
if ($countit == '0') {
echo 'Sorry the username and password did not match.<br>';
$errors++;
}
if ($errors == '0') {
$dbquery = mysql_query("UPDATE users SET password='$upwd', email='$uemail', aim='$uaim', msn='$umsn', yahoo='$uyahoo', icq='$uicq', website='$uweb', intrists='$uintrists'. 'WHERE username= '$_COOKIE[user]' && password='$currentpwd'");
echo 'Success: You have updated your profile.';
}
elseif ($errors == '1') {
echo 'Sorry you had a error.';
}
else {
echo 'Sorry you had ';
echo $errors;
echo ' errors.';
}
//end validate and update
echo '</td>';
echo '</tr>';
echo '</table>';
}
include ('footer.php');
?>