<?php
function profile()
{
global $action, $_FILES, $current_user, $UTIL_DIR;
include_once($UTIL_DIR . "/error.php");
$str = "";
if($action == "update") {
global $name, $email, $signature, $password, $password_confirm, $users;
// $current_user->username = $username;
$current_user->name = $name;
$current_user->email = $email;
// $current_user->avatar = $avatar;
$current_user->signature = stripslashes($signature);
if($password != "") {
if($password == $password_confirm) {
$current_user->password = sha1(md5($password));
} else {
error("Passwords do not match - thus not changed!");
}
}
if(is_uploaded_file($_FILES['userfile']['tmp_name'])) {
if(!file_exists("gfx/avatars")) mkdir("gfx/avatars");
// Prepend username to prevent overwriting of other users avatars.
$filename = $current_user->username . "_" . $_FILES['userfile']['name'];
if($current_user->avatar) unlink("gfx/avatars/" . $current_user->avatar);
move_uploaded_file($_FILES['userfile']['tmp_name'], "gfx/avatars/" . $filename);
$current_user->avatar = $filename;
}
$users->write();
}
$str .= "<form method=\"post\" enctype=\"multipart/form-data\" action=\"?mode=profile&action=update\">";
//$str .= " Username: <input name=\"username\" value=\"" . $current_user->username . "\"<br/>";
$str .= " Name: <input name=\"name\" value=\"" . $current_user->name . "\"><br/>";
$str .= " New password: <input type=\"password\" name=\"password\" value=\"\"><br/>";
$str .= " Confirm password: <input type=\"password\" name=\"password_confirm\" value=\"\"><br/>";
$str .= " E-Mail: <input name=\"email\" value=\"" . $current_user->email . "\"><br/>";
$str .= " Avatar:<br/>";
$str .= " <img alt=\"Avatar\" src=\"gfx/avatars/" . $current_user->avatar . "\"/><br/>";
$str .= " <input name=\"userfile\" type=\"file\"><br/>";
$str .= " Signature:<br/>";
$str .= " <textarea name=\"signature\" cols=\"60\" rows=\"2\">". $current_user->signature . "</textarea><br/>";
$str .= " <br/>";
$str .= " <button type=\"submit\">Update</button>";
$str .= "</form>";
return $str;
}