Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - wassimo

Pages: [1]
1
hello
i was thinking how to get thumb size

i hope some one can help me with this
 take a look at this first

http://sh.deviantart.net/shadow/x/702/514/logo3.png
change                                         702 and 514 to any number u want and u will get the size that u want how couldi do that
secound thing i want to bring thumb size not MEDIA  thimbg size just like that {thumb_size}

and thanks alot

2
Discussion & Troubleshooting / Blank page , member.php problem
« on: January 28, 2011, 02:21:40 PM »
Hi,
hope some one Help ?
my pforblem is Blank page , white and empty ,
i added this mod befor "show images in profile "  and when  the member had no favorite images it's ok  there's no problem but when some one try to add favorite image to his profile he can see the problem in his profile so ?

this's the mod http://www.4homepages.de/forum/index.php?topic=15390.15



and that is my member.php


<?php
/**************************************************************************
 *                                                                        *
 *                                                                        *
 *************************************************************************/
$main_template "member";

define('GET_CACHES'1);
define('ROOT_PATH''./');
include(
ROOT_PATH.'global.php');
require(
ROOT_PATH.'includes/sessions.php');
$user_access get_permission();
include(
ROOT_PATH.'includes/page_header.php');

if (
$action == "") {
  
$action "lostpassword";
}
$content "";
$txt_clickstream "";

$sendprocess 0;

if (isset(
$HTTP_GET_VARS[URL_COMMENT_ID]) || isset($HTTP_POST_VARS[URL_COMMENT_ID])) {
  
$comment_id = (isset($HTTP_GET_VARS[URL_COMMENT_ID])) ? intval($HTTP_GET_VARS[URL_COMMENT_ID]) : intval($HTTP_POST_VARS[URL_COMMENT_ID]);
}
else {
  
$comment_id 0;
}

if (
$action == "deletecomment") {
  if (!
$comment_id || ($config['user_delete_comments'] != && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$sql "SELECT c.comment_id, c.user_id AS comment_user_id, c.response, c.comment_response, i.image_id, i.cat_id, i.user_id, i.image_name
          FROM ("
.COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          WHERE c.comment_id = 
$comment_id AND i.image_id = c.image_id";
  
$comment_row $site_db->query_firstrow($sql);
  if (!
$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['comment_delete'];

  
$sql "UPDATE ".IMAGES_TABLE."
          SET image_comments = image_comments - 1
          WHERE image_id = "
.$comment_row['image_id'];
  
$site_db->query($sql);
if (
$comment_row['comment_response'] != && $comment_row['response'] != 0) {
    
$sql "UPDATE ".COMMENTS_TABLE."
            SET comment_response = "
.$comment_row['comment_response']."
            WHERE comment_response = "
.$comment_row['comment_id'];
    
$site_db->query($sql);
  }
  elseif (
$comment_row['response'] && $comment_row['comment_response'] == 0) {
    
$sql "UPDATE ".COMMENTS_TABLE."
            SET comment_response = 0
            WHERE comment_response = "
.$comment_row['comment_id'];
    
$site_db->query($sql);
  }
  elseif (
$comment_row['comment_response'] && $comment_row['response'] == 0) {
    
$response_id $comment_row['comment_response'];
      while (
$response_id != 0) {
        
$sql "SELECT comment_id, user_id, comment_response
                FROM "
.COMMENTS_TABLE."
                WHERE comment_id = 
$response_id";
        
$row $site_db->query_firstrow($sql);
        
$response_id $row['comment_response'];
        
$com_id $row['comment_id'];

        
$sql "DELETE FROM ".COMMENTS_TABLE."
                WHERE comment_id = 
$com_id";
        
$site_db->query($sql);
        
update_comment_count($comment_row['image_id'], $row['user_id']);
      }
  }
  if (
$comment_row['comment_user_id'] != GUEST) {
    
$sql "UPDATE ".USERS_TABLE."
            SET "
.get_user_table_field("""user_comments")." = ".get_user_table_field("""user_comments")." - 1
            WHERE "
.get_user_table_field("""user_id")." = ".$comment_row['comment_user_id'];
    
$site_db->query($sql);
  }

  
$sql "DELETE FROM ".COMMENTS_TABLE."
          WHERE comment_id = 
$comment_id";
  
$result $site_db->query($sql);
  
$msg = ($result) ? $lang['comment_delete_success'] : $lang['comment_delete_error'];
}











/////////////////////////////////////////////////////////////////
if ($action == "showgb_read")
{
  
$update_query "UPDATE ".USERS_GB_TABLE." SET user_gb_read = NOW() WHERE user_id_gb =".$user_info['user_id']." AND users_gb_id = ".@$_GET['entry'];
  
$sql $site_db->query($update_query);
  
$action "showgb_new";
}
if (
$action == "showgb_new")
{
    if (
$user_info['user_level'] == GUEST) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  if(
$_GET['user_id'] == ""$id $user_info[user_id]; else $id $_GET['user_id'];
  if(isset(
$id))
  {
   
$query "SELECT user_id, realname FROM ".USERS_TABLE." WHERE user_id = ".$id."";
   
$sql $site_db->query($query);
   
$ds $site_db->fetch_object($sql);
   
$realname "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$ds->user_id) . "' target=_self>"format_text(trim(stripslashes($ds->realname)), 2) ."</a>";

   
$realname2 $ds->realname;
  } else {
  
$realname $user_info['realname'];
  
$realname2 $user_info['realname'];
  }
  if(isset(
$id)) {$abf_id $id;} else {$abf_id $user_info['user_id'];}
  
$user_gb_own $lang['user_gb'].$realname2."";
  
$query2 "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_gb = ".$abf_id."";
  
$erg $site_db->query_firstrow($query2);
  if(
$erg == "0"){$user_gb_entry $erg.$lang['user_gb_entry'];}
  elseif(
$erg == "1"){$user_gb_entry $erg.$lang['user_gb_entrys'];}
  elseif(
$erg "1"){$user_gb_entry $erg.$lang['user_gb_entrys'];}

  
$offset = @$_GET['off'];
  if(isset(
$offset)) {$offset $_GET['off'];} else {$offset "0";}
    
$gb_query "SELECT users_gb_id,user_id_gb,user_id_ein,realname_gb,user_gb_text,user_gb_date,DATE_FORMAT(user_gb_date,'%e.%c.%Y') AS user_gb_datum,DATE_FORMAT(user_gb_date,'%H:%i:%s') AS user_gb_uhr, user_id, realname, user_level
                  FROM ("
.USERS_GB_TABLE." i)
                  LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = i.user_id_ein)
                  WHERE user_id_gb = "
.$abf_id." AND user_gb_read = '0000-00-00 00:00:00'
                  ORDER BY user_gb_date DESC
                  LIMIT 
$offset, 10";
  
  
$gb_sql $site_db->query($gb_query);
  while(
$ds $site_db->fetch_object($gb_sql))
    {
    if(
$ds->user_id_ein == $user_info[user_id] AND $ds->user_id != $ds->user_id_gb)
    {
      
$user_link_del "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showgb_read&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang['read_shout']."</a>";} else {$user_link_del ="";
}
    if(
$abf_id == $user_info[user_id])
    {
      
$user_gb_delete "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showgb_read&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang['read_shout']."</a> ".$user_link_del;
}
    else {
$user_gb_delete $user_link_del;}

    if (
$ds->user_id == "")
    {
      
$user $ds->realname_gb;
      
$gb_link "";
      
$gender "";
    }
    else
    {
      
$user "<b><a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$ds->user_id_ein) . "'>"format_text(trim(stripslashes($ds->realname_gb)), 2) ."</a></b>";
}


    
$text $ds->user_gb_text;

    
$gb_time $ds->user_gb_datum.$lang['user_gb_at'].$ds->user_gb_uhr;
    
$level $ds->user_level;
    if(
$level == "9") {$level $lang['level_admin'];}
    elseif(
$level == "2") {$level $lang['level_user'];}
    else {
$level "";}

  
$site_template->register_vars(array(
    
"user" => $user,
    
"gb_time" => $gb_time,
    
"admin_link" => $user_gb_delete,
    
"userpic" => $user_pic,
    
"gender" => $gender,
    
"level" => $level,
    
"text" => format_text($text$config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments'])
    ));

  
$gb_entrys .= $site_template->parse_template("user_gb_bit");
  }

  
//Pageing
  
if($offset == 0) {$vor $lang['user_gb_prev'];}
  else
  {
    
$offset2 $offset 10;
    
$vor "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showgb_new&user_id=".(int)$abf_id."&off=".$offset2) . "'>".$lang['user_gb_prev']."</a>";
}
  
$offset3 $offset 10;
  if(
$offset3 >= $erg ) { $weiter $lang['user_gb_next'];}
  else {
$weiter "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showgb_new&user_id=".(int)$abf_id."&off=".$offset3) . "'>".$lang['user_gb_next']."</a>";}
$gb_pageing $vor."&nbsp;".$weiter;

   
$site_template->register_vars(array(
    
"gb_entrys" => $gb_entrys,
    
"user_gb_own" => $user_gb_own,
    
"gb_pageing" => $gb_pageing,
    
"user_gb_entry" => $user_gb_entry,
    
"user_gb_entry_text" => $user_gb_entry_text
  
));


  
//Pageing
  
if($offset == 0) {$vor $lang['user_gb_prev'];}
  else
  {
    
$offset2 $offset 10;
    
$vor "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showgb_new&id=".(int)$abf_id."&off=".$offset2) . "'>".$lang['user_gb_prev']."</a>";
}
  
$offset3 $offset 10;
  if(
$offset3 >= $erg ) { $weiter $lang['user_gb_next'];}
  else {
$weiter "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showgb_new&id=".(int)$abf_id."&off=".$offset3) . "'>".$lang['user_gb_next']."</a>";}
$gb_pageing $vor."&nbsp;".$weiter;

   
$site_template->register_vars(array(
    
"gb_entrys" => $gb_entrys,
    
"user_gb_own" => $user_gb_own,
    
"gb_pageing" => $gb_pageing,
    
"user_gb_entry" => $user_gb_entry,
    
"user_gb_entry_text" => $user_gb_entry_text
  
));
  
$txt_clickstream $lang['user_gb'].$realname;
  
$content $site_template->parse_template("user_gb_showgb");

}


if (
$action == "delete_entry")
{
  if(isset(
$_GET['aktion']))
  {
    if(
$_GET['aktion'] == $lang['user_gb_delete_yes'])
    {
      
$query "DELETE FROM ".USERS_GB_TABLE." WHERE users_gb_id = ".@$_GET['entry']."";
      
$sql $site_db->query($query);
      
$user_gb .= "<meta http-equiv=refresh content=\"0; URL=" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$_GET['user_id']."&msg_del=yes") . "\">";
$txt_clickstream $lang['user_gb_delete_ok'];
    }
    if(
$_GET['aktion'] == $lang['user_gb_delete_no'])
    {
      
$user_gb .= "<meta http-equiv=refresh content=\"0; URL=" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$_GET['user_id']."&msg_del=no") . "\">";
}
  }
  else
  {
    
$txt_clickstream $lang['user_gb_delete_click'];
  }
    if (
$user_info['user_level'] == GUEST)
    {
       
show_error_page($lang['no_permission']);
    exit;
    }

    
$site_template->register_vars(array(
    
"user_gb" => $user_gb,
    
"entry" => $_GET['entry'],
    
"user_id" => $_GET['user_id'],
    
"delete_entry" => $lang['user_gb_delete_quest'],
    
"delete_entry_yes" => $lang['user_gb_delete_yes'],
    
"delete_entry_no" => $lang['user_gb_delete_no']
    ));
    
$content $site_template->parse_template("user_gb_delete");
}
/////////////////////////////////////////////////////////////////






















if ($action == "removecomment") {
  if (!
$comment_id || ($config['user_delete_comments'] != && $user_info['user_level'] != ADMIN)) {
    
redirect($url);
  }

  
$sql "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.realname AS comment_realname, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.""realname")."
          FROM ("
.COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = c.user_id)
          WHERE c.comment_id = 
$comment_id AND i.image_id = c.image_id";
  
$comment_row $site_db->query_firstrow($sql);
  if (!
$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
redirect($url);
  }

  
$txt_clickstream get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['comment_delete'];

  if (isset(
$comment_row[$user_table_fields['realname']]) && $comment_row['comment_user_id'] != GUEST) {
    
$realname $comment_row[$user_table_fields['realname']];
  }
  else {
    
$realname $comment_row['comment_realname'];
  }

  
$site_template->register_vars(array(
    
"comment_id" => $comment_id,
    
"image_name" => format_text($comment_row['image_name']),
    
"realname" => format_text($realname),
    
"comment_headline" => format_text($comment_row['comment_headline'], 0$config['wordwrap_comments'], 00),
    
"comment_text" => format_text($comment_row['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
    
"lang_delete_comment" => $lang['comment_delete'],
    
"lang_delete_comment_confirm" => $lang['comment_delete_confirm'],
    
"lang_image_name" => $lang['image_name'],
    
"lang_name" => $lang['name'],
    
"lang_headline" => $lang['headline'],
    
"lang_comment" => $lang['comment'],
    
"lang_submit" => $lang['submit'],
    
"lang_reset" => $lang['reset'],
    
"lang_yes" => $lang['yes'],
    
"lang_no" => $lang['no']
  ));
  
$content $site_template->parse_template("member_deletecomment");
}

if (
$action == "updatecomment") {
  if (!
$comment_id || ($config['user_edit_comments'] != && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }
  
$sql "SELECT c.comment_id, c.image_id, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.""realname")."
          FROM ("
.COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = c.user_id)
          WHERE c.comment_id = 
$comment_id AND i.image_id = c.image_id";
  
$comment_row $site_db->query_firstrow($sql);
  if (!
$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['comment_edit'];

  
$error 0;

  
$comment_headline un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
  
$comment_text un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));

  if (
$comment_headline == "")  {
    
$error 1;
    
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['headline']), $lang['field_required']);
    
$msg .= (($msg != "") ? "<br />" "").$field_error;
  }
  if (
$comment_text == "")  {
    
$error 1;
    
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['comment']), $lang['field_required']);
    
$msg .= (($msg != "") ? "<br />" "").$field_error;
  }

  if (!
$error) {
    
$sql "UPDATE ".COMMENTS_TABLE."
            SET comment_headline = '
$comment_headline', comment_text = '$comment_text'
            WHERE comment_id = 
$comment_id";
    
$result $site_db->query($sql);
    
// start - go automaticaly back to image after "editcomment"
	
    
$sql "SELECT image_id
            FROM "
.COMMENTS_TABLE.
            WHERE comment_id = 
$comment_id";
    
$id_result $site_db->query($sql);
	
$row $site_db->fetch_array($id_result);
	
$image_id $row['image_id'];
// end - go automaticaly back to image after "editcomment"
    
$msg = ($result) ? $lang['comment_edit_success'] : $lang['comment_edit_error'];
// start - go automaticaly back to image after "editcomment"
	
header("Refresh: 1; url=".$site_sess->url(ROOT_PATH."details.php?image_id=".$image_id"&"));
// end - go automaticaly back to image after "editcomment"
  
}
  else {
    
$action "editcomment";
    
$sendprocess 1;
  }
}

if (
$action == "editcomment") {
  if (!
$comment_id || ($config['user_edit_comments'] != && $user_info['user_level'] != ADMIN)) {
    
redirect($url);
  }

  
$sql "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.realname AS comment_realname, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.""realname")."
          FROM ("
.COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = c.user_id)
          WHERE c.comment_id = 
$comment_id AND i.image_id = c.image_id";
  
$comment_row $site_db->query_firstrow($sql);
  if (!
$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
header("Location: ".$site_sess->url($url"&"));
    exit;
  }

  
$txt_clickstream get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['comment_edit'];

  
$comment_headline = (isset($HTTP_POST_VARS['comment_headline'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_headline']))) : $comment_row['comment_headline'];
  
$comment_text = (isset($HTTP_POST_VARS['comment_text'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_text']))) : $comment_row['comment_text'];

  if (isset(
$comment_row[$user_table_fields['realname']]) && $comment_row['comment_user_id'] != GUEST) {
    
$realname $comment_row[$user_table_fields['realname']];
  }
  else {
    
$realname $comment_row['comment_realname'];
  }

  
$bbcode "";
  if (
$config['bb_comments'] == 1) {
    
$site_template->register_vars(array(
      
"lang_bbcode" => $lang['bbcode'],
      
"lang_tag_prompt" => $lang['tag_prompt'],
      
"lang_link_text_prompt" => $lang['link_text_prompt'],
      
"lang_link_url_prompt" => $lang['link_url_prompt'],
      
"lang_link_email_prompt" => $lang['link_email_prompt'],
      
"lang_list_type_prompt" => $lang['list_type_prompt'],
      
"lang_list_item_prompt" => $lang['list_item_prompt']
    ));
    
$bbcode $site_template->parse_template("bbcode");
  }

  
$site_template->register_vars(array(
    
"bbcode" => $bbcode,
    
"comment_id" => $comment_id,
    
"image_name" => format_text($comment_row['image_name'], 2),
    
"realname" => format_text($realname2),
    
"comment_headline" => format_text($comment_headline2),
    
"comment_text" => format_text($comment_text2),
    
"lang_edit_comment" => $lang['comment_edit'],
    
"lang_image_name" => $lang['image_name'],
    
"lang_name" => $lang['name'],
    
"lang_headline" => $lang['headline'],
    
"lang_comment" => $lang['comment'],
    
"lang_submit" => $lang['submit'],
    
"lang_reset" => $lang['reset'],
    
"lang_yes" => $lang['yes'],
    
"lang_no" => $lang['no']
  ));
  
$content $site_template->parse_template("member_editcomment");
}

if (
$action == "deleteimage") {
  if (!
$image_id || ($config['user_delete_image'] != && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }
  
$sql "SELECT image_id, cat_id, user_id, image_name, image_media_file, image_thumb_file
          FROM "
.IMAGES_TABLE."
          WHERE image_id = 
$image_id";
  
$image_row $site_db->query_firstrow($sql);
  if (!
$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream $lang['image_delete'];

  
$sql "DELETE FROM ".IMAGES_TABLE."
          WHERE image_id = 
$image_id";
  
$del_img $site_db->query($sql);

  if (!
is_remote($image_row['image_media_file']) && !is_local_file($image_row['image_media_file'])) {
    @
unlink(MEDIA_PATH."/".$image_row['cat_id']."/".$image_row['image_media_file']);
  }
  if (!empty(
$image_row['image_thumb_file']) && !is_remote($image_row['image_thumb_file']) && !is_local_file($image_row['image_thumb_file'])) {
    @
unlink(THUMB_PATH."/".$image_row['cat_id']."/".$image_row['image_thumb_file']);
  }

  include(
ROOT_PATH.'includes/search_utils.php');
  
remove_searchwords($image_id);

  if (!empty(
$user_table_fields['user_comments'])) {
    
$sql "SELECT user_id
            FROM "
.COMMENTS_TABLE."
            WHERE image_id = 
$image_id";
    
$result $site_db->query($sql);
    
$user_id_sql "";
    while (
$row $site_db->fetch_array($result)) {
      if (
$row['user_id'] != GUEST) {
        
$sql "UPDATE ".USERS_TABLE."
                SET "
.get_user_table_field("""user_comments")." = ".get_user_table_field("""user_comments")." - 1
                WHERE "
.get_user_table_field("""user_id")." = ".$row['user_id'];
        
$site_db->query($sql);
      }
    }
  }

  
$sql "DELETE FROM ".COMMENTS_TABLE."
          WHERE image_id = 
$image_id";
  
$del_com $site_db->query($sql);

  if (
$del_img) {
    
$msg $lang['image_delete_success'];
  }
  else {
    
$msg $lang['image_delete_error'];
  }
}

if (
$action == "removeimage") {
  if (!
$image_id || ($config['user_delete_image'] != && $user_info['user_level'] != ADMIN)) {
    
redirect($url);
  }
  
$sql "SELECT image_id, cat_id, user_id, image_name
          FROM "
.IMAGES_TABLE."
          WHERE image_id = 
$image_id";
  
$image_row $site_db->query_firstrow($sql);
  if (!
$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['image_delete'];

  
$site_template->register_vars(array(
    
"image_id" => $image_id,
    
"image_name" => format_text($image_row['image_name'], 2),
    
"lang_delete_image" => $lang['image_delete'],
    
"lang_delete_image_confirm" => $lang['image_delete_confirm'],
    
"lang_submit" => $lang['submit'],
    
"lang_reset" => $lang['reset'],
    
"lang_yes" => $lang['yes'],
    
"lang_no" => $lang['no']
  ));
  
$content $site_template->parse_template("member_deleteimage");
}

if (
$action == "updateimage") {
  if (!
$image_id || ($config['user_edit_image'] != && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
  }
  
$sql "SELECT image_id, cat_id, user_id, image_name
          FROM "
.IMAGES_TABLE."
          WHERE image_id = 
$image_id";
  
$image_row $site_db->query_firstrow($sql);
  if (!
$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['image_edit'];

  
$error 0;

  
$image_name un_htmlspecialchars(trim($HTTP_POST_VARS['image_name']));
  
$image_description un_htmlspecialchars(trim($HTTP_POST_VARS['image_description']));
  
$image_keywords un_htmlspecialchars(trim($HTTP_POST_VARS['image_keywords']));
  
$image_keywords preg_replace("/[\n\r]/is"" "$image_keywords);
  
$image_keywords str_replace(","," ",$image_keywords);
  
$image_keywords ereg_replace("( ){2,}"" "$image_keywords);

  if (
$image_name == "")  {
    
$error 1;
    
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['image_name']), $lang['field_required']);
    
$msg .= (($msg != "") ? "<br />" "").$field_error;
  }

  if (!empty(
$additional_image_fields)) {
    foreach (
$additional_image_fields as $key => $val) {
      if (isset(
$HTTP_POST_VARS[$key]) && intval($val[2]) == && trim($HTTP_POST_VARS[$key]) == "") {
        
$error 1;
        
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$val[0]), $lang['field_required']);
        
$msg .= (($msg != "") ? "<br />" "").$field_error;
      }
    }
  }

  if (!
$error) {
    
$additional_sql "";

    if (isset(
$HTTP_POST_VARS['image_allow_comments'])) {
      
$additional_sql .= ", image_allow_comments = ".intval($HTTP_POST_VARS['image_allow_comments']);
    }

    if (!empty(
$additional_image_fields)) {
      
$table_fields $site_db->get_table_fields(IMAGES_TABLE);
      foreach (
$additional_image_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          
$additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }

    
$sql "UPDATE ".IMAGES_TABLE."
            SET image_name = '
$image_name', image_description = '$image_description', image_keywords = '$image_keywords'".$additional_sql."
            WHERE image_id = 
$image_id";
    
$result $site_db->query($sql);
    if (
$result) {
      include(
ROOT_PATH.'includes/search_utils.php');
      
$search_words = array();
      foreach (
$search_match_fields as $image_column => $match_column) {
        if (isset(
$HTTP_POST_VARS[$image_column])) {
          
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
        }
      }
      
remove_searchwords($image_id);
      
add_searchwords($image_id$search_words);
      
$msg $lang['image_edit_success'];
	
        
header("Refresh: 1; url=".$site_sess->url(ROOT_PATH."details.php?image_id=".$image_id"&")); // refresh after edit MOD
    
}
    else {
      
$msg $lang['image_edit_error'];
    }
  }
  else {
    
$action "editimage";
    
$sendprocess 1;
  }
}

if (
$action == "editimage") {
  if (!
$image_id || ($config['user_edit_image'] != && $user_info['user_level'] != ADMIN)) {
    
redirect($url);
  }

  
$additional_sql "";
  if (!empty(
$additional_image_fields)) {
    foreach (
$additional_image_fields as $key => $val) {
      
$additional_sql .= ", ".$key;
    }
  }
  
$sql "SELECT image_id, cat_id, user_id, image_name, image_description, image_keywords, image_allow_comments".$additional_sql."
          FROM "
.IMAGES_TABLE."
          WHERE image_id = 
$image_id";
  
$image_row $site_db->query_firstrow($sql);
  if (!
$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    
redirect($url);
  }

  
$txt_clickstream get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
  
$txt_clickstream .= $lang['image_edit'];

  
$image_name = (isset($HTTP_POST_VARS['image_name'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_name']))) : $image_row['image_name'];
  
$image_description = (isset($HTTP_POST_VARS['image_description'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_description']))) : $image_row['image_description'];
  
$image_keywords = (isset($HTTP_POST_VARS['image_keywords'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_keywords']))) : $image_row['image_keywords'];
  
$image_allow_comments = (isset($HTTP_POST_VARS['image_allow_comments'])) ? intval($HTTP_POST_VARS['image_allow_comments']) : $image_row['image_allow_comments'];

  
$site_template->register_vars(array(
    
"image_id" => $image_id,
    
"image_name" => format_text($image_name2),
    
"image_description" => format_text($image_description2),
    
"image_keywords" => format_text($image_keywords2),
    
"image_allow_comments_yes" => ($image_allow_comments) ? " checked=\"checked\"" "",
    
"image_allow_comments_no" => (!$image_allow_comments) ? " checked=\"checked\"" "",
    
"lang_edit_image" => $lang['image_edit'],
    
"lang_image_name" => $lang['image_name'],
    
"lang_description" => $lang['description'],
    
"lang_keywords" => $lang['keywords_ext'],
    
"lang_allow_comments" => isset($lang['allow_comments']) ? $lang['allow_comments'] : "",
    
"lang_submit" => $lang['submit'],
    
"lang_reset" => $lang['reset'],
    
"lang_yes" => $lang['yes'],
    
"lang_no" => $lang['no']
  ));

  if (!empty(
$additional_image_fields)) {
    
$additional_field_array = array();
    foreach (
$additional_image_fields as $key => $val) {
      if (
$val[1] == "radio") {
        
$value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : $image_row[$key];
        if (
$value == 1) {
          
$additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          
$additional_field_array[$key.'_no'] = "";
        }
        else {
          
$additional_field_array[$key.'_yes'] = "";
          
$additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }
      else {
        
$value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : $image_row[$key];
      }
      
$additional_field_array[$key] = $value;
      
$additional_field_array['lang_'.$key] = $val[0];
    }
    if (!empty(
$additional_field_array)) {
      
$site_template->register_vars($additional_field_array);
    }
  }
  
$content $site_template->parse_template("member_editimage");
}

if (
$action == "uploadimage") {
  if (
$cat_id != && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload"$cat_id))) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream "";
  if (
$cat_id && isset($cat_cache[$cat_id])) {
    
$txt_clickstream .= get_category_path($cat_id1).$config['category_separator'];
  }
  
$txt_clickstream .= $lang['user_upload'];

  
$remote_media_file format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['remote_media_file'])));
  
$remote_thumb_file format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['remote_thumb_file'])));

  
$image_name un_htmlspecialchars(trim($HTTP_POST_VARS['image_name']));
  
$image_description un_htmlspecialchars(trim($HTTP_POST_VARS['image_description']));
  
$image_keywords un_htmlspecialchars(trim($HTTP_POST_VARS['image_keywords']));
  
$image_keywords preg_replace("/[\n\r]/is"" "$image_keywords);
  
$image_keywords str_replace(","," ",$image_keywords);
  
$image_keywords ereg_replace("( ){2,}"" "$image_keywords);

  
$image_active = (isset($HTTP_POST_VARS['image_active']) && $HTTP_POST_VARS['image_active'] == 0) ? 1;
  
$image_allow_comments = (isset($HTTP_POST_VARS['image_allow_comments']) && $HTTP_POST_VARS['image_allow_comments'] == 0) ? 1;
  
$image_download_url = (isset($HTTP_POST_VARS['image_download_url'])) ? format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['image_download_url']))) : "";

  
$captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";

  
$direct_upload = (check_permission("auth_directupload"$cat_id)) ? 0;
  
$upload_cat = ($direct_upload) ? $cat_id 0;

  
$error 0;
  
$uploaderror 0;

  if (
$cat_id == 0)  {
    
$error 1;
    
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['category']), $lang['field_required']);
    
$msg .= (($msg != "") ? "<br />" "").$field_error;
  }
  if ((empty(
$HTTP_POST_FILES['media_file']['tmp_name']) || $HTTP_POST_FILES['media_file']['tmp_name'] == "none") && ($remote_media_file == "" || !check_remote_media($remote_media_file))) {
    
$error 1;
    
$msg .= (($msg != "") ? "<br />" "").$lang['image_file_required'];
  }
  if (
$image_name == "")  {
    
$error 1;
    
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$lang['image_name']), $lang['field_required']);
    
$msg .= (($msg != "") ? "<br />" "").$field_error;
  }

  if (
$captcha_enable_upload && !captcha_validate($captcha)) {
    
$msg .= (($msg != "") ? "<br />" "").$lang['captcha_required'];
    
$error 1;
  }

  if (!empty(
$additional_image_fields)) {
    foreach (
$additional_image_fields as $key => $val) {
      if (isset(
$HTTP_POST_VARS[$key]) && intval($val[2]) == && trim($HTTP_POST_VARS[$key]) == "") {
        
$error 1;
        
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$val[0]), $lang['field_required']);
        
$msg .= (($msg != "") ? "<br />" "").$field_error;
      }
    }
  }

  if (!
$error) {
    
// Start Upload
    
include(ROOT_PATH.'includes/upload.php');
    
$site_upload = new Upload();

    
// Upload Media file
    
if (!empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none") {
      
$new_name $site_upload->upload_file("media_file""media"$upload_cat);
      if (!
$new_name) {
        
$msg .= (($msg != "") ? "<br />" "")."<b>".$lang['file_upload_error'].": ".$new_name."</b><br />".$site_upload->get_upload_errors();
        
$uploaderror 1;
      }
    }
    else {
      
$new_name $remote_media_file;
    }

    
// Uplad thumb file
    
$new_thumb_name "";
    if (!empty(
$HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$uploaderror) {
      
$new_thumb_name $site_upload->upload_file("thumb_file""thumb"$upload_catget_basefile($new_name));
      if (!
$new_thumb_name) {
        
$msg .= (($msg != "") ? "<br />" "")."<b>".$lang['thumb_upload_error'].": ".$new_thumb_name."</b><br />".$site_upload->get_upload_errors();
        @
unlink(MEDIA_TEMP_PATH."/".$new_name);
        
$uploaderror 1;
      }
    }
    elseif (
check_remote_thumb($remote_thumb_file)) {
      
$new_thumb_name $remote_thumb_file;
    }
    elseif (
$config['auto_thumbnail'] == && !empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none" && !$uploaderror) {
      if (
$direct_upload) {
        
$src MEDIA_PATH."/".$cat_id."/".$new_name;
        
$dest THUMB_PATH."/".$cat_id."/".$new_name;
      }
      else {
        
$src MEDIA_TEMP_PATH."/".$new_name;
        
$dest THUMB_TEMP_PATH."/".$new_name;
      }
      
$do_create 0;
      if (
$image_info = @getimagesize($src)) {
        if (
$image_info[2] == || $image_info[2] == || $image_info[2] == 3) {
          
$do_create 1;
        }
      }
      if (
$do_create) {
        require(
ROOT_PATH.'includes/image_utils.php');
        
$convert_options init_convert_options();
        if (!
$convert_options['convert_error']) {
          
$dimension = (intval($config['auto_thumbnail_dimension'])) ? intval($config['auto_thumbnail_dimension']) : 100;
          
$resize_type = (intval($config['auto_thumbnail_resize_type'])) ? intval($config['auto_thumbnail_resize_type']) : 1;
          
$quality = (intval($config['auto_thumbnail_quality']) && intval($config['auto_thumbnail_quality']) <= 100) ? intval($config['auto_thumbnail_quality']) : 100;

          if (
create_thumbnail($src$dest$quality$dimension$resize_type)) {
            
$new_thumb_name $new_name;
          }
        }
      }
    }








//-------------------------------------------------------------------------------------------
// --- Annotate Images ----------------------------------------------------------------------
//-------------------------------------------------------------------------------------------

if ($config['annotation_use'] && strtolower(get_file_extension($new_name) == jpg)) {
require(
ROOT_PATH.'includes/annotate.php');
$ann_realname = ($user_info['realname']);
  if (
$direct_upload) { $ann_src MEDIA_PATH."/".$cat_id."/".$new_name; }
  else { 
$ann_src MEDIA_TEMP_PATH."/".$new_name; }
  
annotate_image($ann_src);
}

//





//--------------------------------------------
//--------- Auto Image Resizing --------------
//--------------------------------------------
    
if ($config['auto_image'] && !$uploaderror)
    {
      if (
$direct_upload)
      {
        
$src MEDIA_PATH."/".$cat_id."/".$new_name;
      }
      else
      {
        
$src MEDIA_TEMP_PATH."/".$new_name;
      }
      
$do_resize 0;
      if (
$image_info = @getimagesize($src))
      {
        if (
$image_info[2] > && $image_info[2] < && $image_info[0] > $config['max_image_width'] || $image_info[1] > $config['max_image_height'])
        {
          if (!
function_exists("init_convert_options"))
          {
            require(
ROOT_PATH.'includes/image_utils.php');
          }
          
$convert_options init_convert_options();
          if (!
$convert_options['convert_error'])
          {
            
$quality intval($config['auto_image_quality']);
            
$quality = ($quality >= && $quality <= 100) ? $quality 85;
            if (!
resize_image($src$quality$config['max_image_width'], 1$config['max_image_height']))
            {
              
$msg .= (($msg != "") ? "<br />" "")."<b>".$lang['file_upload_error'].": ".$new_name;
              
$uploaderror 1;
            }
          }
        }
      }
    }
//--- End Auto Image Resizing ----------------




    
if (!$uploaderror) {
      
$additional_field_sql "";
      
$additional_value_sql "";
      if (!empty(
$additional_image_fields)) {
        
$table = ($direct_upload) ? IMAGES_TABLE IMAGES_TEMP_TABLE;
        
$table_fields $site_db->get_table_fields($table);
        foreach (
$additional_image_fields as $key => $val) {
          if (isset(
$HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
            
$additional_field_sql .= ", $key";
            
$additional_value_sql .= ", '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
          }
        }
      }

      
$current_time time();
      if (
$direct_upload) {
        
$sql "INSERT INTO ".IMAGES_TABLE."
                (cat_id, user_id, image_name, image_description, image_keywords, image_date, image_active, image_media_file, image_thumb_file, image_download_url, image_allow_comments"
.$additional_field_sql.")
                VALUES
                (
$cat_id, ".$user_info['user_id'].", '$image_name', '$image_description', '$image_keywords', $current_time$image_active, '$new_name', '$new_thumb_name', '$image_download_url', $image_allow_comments".$additional_value_sql.")";
        
$result $site_db->query($sql);
        
$image_id $site_db->get_insert_id();
        if (
$result) {
          include(
ROOT_PATH.'includes/search_utils.php');
          
$search_words = array();
          foreach (
$search_match_fields as $image_column => $match_column) {
            if (isset(
$HTTP_POST_VARS[$image_column])) {
              
$search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
            }
          }
          
add_searchwords($image_id$search_words);
        }
      }
      else {
        
$sql "INSERT INTO ".IMAGES_TEMP_TABLE."
                (cat_id, user_id, image_name, image_description, image_keywords, image_date, image_media_file, image_thumb_file, image_download_url"
.$additional_field_sql.")
                VALUES
                (
$cat_id, ".$user_info['user_id'].", '$image_name', '$image_description', '$image_keywords', $current_time, '$new_name', '$new_thumb_name', '$image_download_url'".$additional_value_sql.")";
        
$result $site_db->query($sql);
      }

      if (
$config['upload_notify'] == && !$direct_upload) {
        include(
ROOT_PATH.'includes/email.php');
        
$site_email = new Email();

        
$config['upload_emails'] = str_replace(" """$config['upload_emails']);
        
$emails explode(","$config['upload_emails']);

        
$validation_url $script_url."/admin/index.php?goto=".urlencode("validateimages.php?action=validateimages");

        
$site_email->set_to($config['site_email']);
        
$site_email->set_subject($lang['new_upload_emailsubject']);
        
$site_email->register_vars(array(
          
"image_name" => stripslashes($image_name),
          
"file_name" => $new_name,
          
"cat_name" => $cat_cache[$cat_id]['cat_name'],
          
"validation_url" => $validation_url,
          
"site_name" => $config['site_name']
        ));
        
$site_email->set_body("upload_notify"$config['language_dir_default']);
        
$site_email->set_bcc($emails);
        
$site_email->send_email();
      }

      
$msg .= $lang['image_add_success'].": <b>".format_text(stripslashes($image_name))."</b> (".$new_name.")";
      
$msg .= (!$direct_upload) ? "<br />".$lang['new_upload_validate_desc'] : "";

      
$file_extension get_file_extension($new_name);
      
$file = (is_remote($new_name)) ? $new_name : (($direct_upload) ? MEDIA_PATH."/".$cat_id."/".$new_name MEDIA_TEMP_PATH."/".$new_name);
      
$width_height "";
      if (!
is_remote($file) && $imageinfo = @getimagesize($file)) {
        
$width_height " ".$imageinfo[3];
      }
      
$media_icon "<img src=\"".ICON_PATH."/".$file_extension.".gif\" border=\"0\" alt=\"\" />";
      
$site_template->register_vars(array(
        
"media_src" => $file,
        
"media_icon" => $media_icon,
        
"image_name" => format_text(stripslashes($image_name)),
        
"width_height" => $width_height
      
));
      
$media $site_template->parse_template("media/".$file_extension);
      
$content .= "<table border=\"0\" align=\"center\">\n<tr>\n<td>\n".$media."\n</td>\n</tr>\n</table>\n";
    }
    else {
      
$action "uploadform";
      
$sendprocess 1;
    }
  }
  else {
    
$action "uploadform";
    
$sendprocess 1;
  }
}

if (
$action == "uploadform") {
  if (
$cat_id != && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload"$cat_id))) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  
$txt_clickstream "";
  if (
$cat_id && isset($cat_cache[$cat_id])) {
    
$txt_clickstream .= get_category_path($cat_id1).$config['category_separator'];
  }
  
$txt_clickstream .= $lang['user_upload'];

  if (!
$sendprocess) {
    
$remote_media_file "";
    
$remote_thumb_file "";
    
$image_name "";
    
$image_description "";
    
$image_keywords "";
    
$image_download_url "";
    
$image_allow_comments 1;
  }

  
$site_template->register_vars(array(
    
"cat_id" => $cat_id,
    
"cat_name" => ($cat_id != 0) ? format_text($cat_cache[$cat_id]['cat_name'], 2) : get_category_dropdown($cat_id),
    
"remote_media_file" => format_text(stripslashes($remote_media_file), 2),
    
"remote_thumb_file" => format_text(stripslashes($remote_thumb_file), 2),
    
"image_name" => format_text(stripslashes($image_name), 2),
    
"image_description" => format_text(stripslashes($image_description), 2),
    
"image_keywords" => format_text(stripslashes($image_keywords), 2),
    
"image_allow_comments_yes" => ($image_allow_comments) ? " checked=\"checked\"" "",
    
"image_allow_comments_no" => (!$image_allow_comments) ? " checked=\"checked\"" "",
    
"image_download_url" => format_text(stripslashes($image_download_url), 2),
    
"lang_category" => $lang['category'],
    
"lang_user_upload" => $lang['user_upload'],
    
"lang_media_file" => $lang['media_file'],
    
"lang_thumb_file" => $lang['thumb_file'],
    
"lang_allowed_file_types" => $lang['allowed_mediatypes_desc'],
    
"allowed_media_types" => str_replace(",",", ",$config['allowed_mediatypes']),
    
"allowed_thumb_types" => "jpg, gif, png",
    
"lang_max_filesize" => $lang['max_filesize'],
    
"lang_max_imagewidth" => $lang['max_imagewidth'],
    
"lang_max_imageheight" => $lang['max_imageheight'],
    
"max_thumb_filsize" => $config['max_thumb_size']."&nbsp;".$lang['kb'],
    
"max_thumb_imagewidth" => $config['max_thumb_width']."&nbsp;".$lang['px'],
    
"max_thumb_imageheight" => $config['max_thumb_height']."&nbsp;".$lang['px'],
    
"max_media_filsize" => $config['max_media_size']."&nbsp;".$lang['kb'],
    
"max_media_imagewidth" => $config['max_image_width']."&nbsp;".$lang['px'],
    
"max_media_imageheight" => $config['max_image_height']."&nbsp;".$lang['px'],
    
"lang_image_name" => $lang['image_name'],
    
"lang_description" => $lang['description'],
    
"lang_keywords" => $lang['keywords_ext'],
    
"lang_allow_comments" => isset($lang['allow_comments']) ? $lang['allow_comments'] : "",
    
"lang_submit" => $lang['submit'],
    
"lang_reset" => $lang['reset'],
    
"lang_yes" => $lang['yes'],
    
"lang_no" => $lang['no'],
    
"lang_captcha" => $lang['captcha'],
    
"lang_captcha_desc" => $lang['captcha_desc'],
    
"captcha_upload" => (bool)$captcha_enable_upload
  
));

  if (!empty(
$additional_image_fields)) {
    
$additional_field_array = array();
    foreach (
$additional_image_fields as $key => $val) {
      if (
$val[1] == "radio") {
        
$value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : 1;
        if (
$value == 1) {
          
$additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          
$additional_field_array[$key.'_no'] = "";
        }
        else {
          
$additional_field_array[$key.'_yes'] = "";
          
$additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }
      else {
        
$value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : "";
      }
      
$additional_field_array[$key] = $value;
      
$additional_field_array['lang_'.$key] = $val[0];
    }
    if (!empty(
$additional_field_array)) {
      
$site_template->register_vars($additional_field_array);
    }
  }
  
$content $site_template->parse_template("member_uploadform");
}

if (
$action == "emailuser") {
  
$txt_clickstream $lang['profile'];
  
$user_id = (isset($HTTP_POST_VARS[URL_USER_ID])) ? intval($HTTP_POST_VARS[URL_USER_ID]) : GUEST;
  
$error 0;

  if (
$user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
    
show_error_page($lang['no_permission']);
    exit;
  }
  
$subject stripslashes(trim($HTTP_POST_VARS['subject']));
  
$message stripslashes(trim($HTTP_POST_VARS['message']));

  if (
$subject == "" || $message == "") {
    
$msg $lang['lostfield_error'];
    
$sendprocess 1;
    
$error 1;
  }

  if (!
$error) {
    if (
$user_row get_user_info($user_id)) {
    
    if (
function_exists('member_viewprofile_check_user')) {
    
member_viewprofile_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level']);
}

    
    
      if (isset(
$user_row['user_showemail']) && $user_row['user_showemail'] == 0) {
        
$content $lang['invalid_user_id'];
      }
      else {
        
$sender_realname = ($user_info['user_level'] != GUEST) ? (isset($user_info['realname']) ? $user_info['realname'] : $lang['userlevel_user']) : $lang['userlevel_guest'];
        
$sender_user_email = ($user_info['user_level'] != GUEST && isset($user_info['user_email'])) ? $user_info['user_email'] : $config['site_email'];

        
// Start Emailer
        
include(ROOT_PATH.'includes/email.php');
        
$site_email = new Email();
        
$site_email->set_from($sender_user_email$sender_user_name);
        
$site_email->set_to($user_row['user_email']);
        
$site_email->set_subject($subject);
        
$site_email->register_vars(array(
          
"sender_user_name" => $sender_user_name,
          
"sender_user_email" => $sender_user_email,
          
"message" => $message,
          
"site_name" => $config['site_name']
        ));
        
$site_email->set_body("mailform_message"$config['language_dir']);
        
$site_email->send_email();
        
$msg $lang['emailuser_success'];
      }
    }
    else {
      
$content $lang['invalid_user_id'];
    }
  }
  else {
    
$action "mailform";
  }
}

if (
$action == "mailform") {
  
$txt_clickstream $lang['profile'];
  if (isset(
$HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
    
$user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
    if (!
$user_id) {
      
$user_id GUEST;
    }
  }
  else {
    
$user_id GUEST;
  }

  if (
$user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
    
show_error_page($lang['no_permission']);
    exit;
  }

  if (!
$sendprocess) {
    
$subject "";
    
$message "";
  }

  if (
$user_row get_user_info($user_id)) {
    if (isset(
$user_row['user_showemail']) && $user_row['user_showemail'] == 0) {
      
$content $lang['invalid_user_id'];
    }
    else {
      
$site_template->register_vars(array(
        
"user_id" => $user_row['user_id'],
        
"user_name" => format_text($user_row['user_name'], 2),
        
"subject" => format_text($subject2),
        
"message" => format_text($message2),
        
"lang_send_email_to" => $lang['send_email_to'],
        
"lang_subject" => $lang['subject'],
        
"lang_message" => $lang['message'],
        
"lang_submit" => $lang['submit'],
        
"lang_reset" => $lang['reset']
      ));
      
$content $site_template->parse_template("member_mailform");
    }
  }
  else {
    
$content $lang['invalid_user_id'];
  }
}
//-----------------------------------------------------
//--- Rate user ---------------------------------------
//-----------------------------------------------------
if ($action == "rate_user") {
    
    if (isset(
$HTTP_POST_VARS[URL_USER_ID])) {
        
$user_id = (isset($HTTP_POST_VARS[URL_USER_ID])) ? intval(trim($HTTP_POST_VARS[URL_USER_ID])) : 0;
        
$user_id preg_replace("/[^0-9]+/i"""$user_id);
    } else {
        
$user_id 0;
    }
    
    if (isset(
$HTTP_POST_VARS['rate_user'])) {
        
$rate_user = (isset($HTTP_POST_VARS['rate_user'])) ? intval(trim($HTTP_POST_VARS['rate_user'])) : 0;
        
$rate_user preg_replace("/[^0-9]+/i"""$rate_user);
    } else {
        
$rate_user 0;
    }
    
    if (empty(
$user_id) || empty($rate_user)) {
        
redirect($url);
    }
    
    if (isset(
$user_id) && !empty($user_id) && $rate_user == "---") {
        
redirect("member.php?action=showprofile&" URL_USER_ID "=" $user_id);
    }
    
    if (isset(
$user_id) && !empty($user_id) && isset($rate_user) && !empty($rate_user)) {
        if (
function_exists('member_rating_insert_rates')) {
            
member_rating_insert_rates($user_info['user_id'], $user_id$user_info['user_level'], $rate_user);            
            
redirect("member.php?action=showprofile&" URL_USER_ID "=" $user_id);            
        }
    } elseif (isset(
$user_id) && !empty($user_id)) {
        
redirect("member.php?action=showprofile&" URL_USER_ID "=" $user_id);
    
    } else {
        
redirect($url);
    }
}


//-----------------------------------------------------
//--- Show Profile ------------------------------------
//-----------------------------------------------------
if ($action == "showprofile") {
  
$txt_clickstream $lang['profile'];
  if (isset(
$HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
    
$user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
    if (!
$user_id) {
      
$user_id GUEST;
    }
  }
  else {
    
$user_id GUEST;
  }










//----------------------------------------------------------------------------------
//--- COMENZAR Favoritas en perfil por CCSAKUWEB http://www.myart.es ---------------
//----------------------------------------------------------------------------------
$imgtable_width ceil(intval($config['image_table_width']) / $config['image_cells']);
if ((
substr($config['image_table_width'], -1)) == "%") {
  
$imgtable_width .= "%";
}
  
$additional_sql "";
  if (!empty(
$additional_image_fields)) {
    foreach (
$additional_image_fields as $key => $val) {
      
$additional_sql .= ", i.".$key;
    }
  }
  if (
$user_row get_user_info($user_id)) {
	
$sql "SELECT *
        FROM "
.LIGHTBOXES_TABLE."
        WHERE user_id = 
$user_id";
    
$user_favoritos_info $site_db->query_firstrow($sql);
    
$num_rows_all 0;
    if (!empty(
$user_favoritos_info['lightbox_image_ids'])) {
    
$image_id_sql str_replace(" "","trim($user_favoritos_info['lightbox_image_ids']));
    
$sql "SELECT COUNT(image_id) AS images
         FROM "
.IMAGES_TABLE."
         WHERE image_active = 1 AND image_id IN (
$image_id_sql)";
    
$result $site_db->query_firstrow($sql);
    
$num_images $result['images'];
	
$site_db->free_result();
	
$num_rows_all = (isset($num_images)) ? $num_images 0;
    
$user_total_favorites $num_rows_all;
	
$site_template->register_vars("user_total_favorites"$user_total_favorites);
    
	
unset(
$user_total_favorites);


$user_favorites 3// Indicar cuantas imagenes favoritas quiere mostrar
  
$link_arg $site_sess->url(ROOT_PATH."member.php?action=showprofile&user_id=$user_id");
include(
ROOT_PATH.'includes/paging.php');
$getpaging_favorites = new Paging($page$user_favorites$num_rows_all$link_arg);
$offset $getpaging_favorites->get_offset();
$site_template->register_vars(array(
"paging_favorites" => $getpaging_favorites->get_paging(),
"paging_favorites_stats" => $getpaging_favorites->get_paging_stats()
));

  
$sql "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.""user_name")."
          FROM ("
.IMAGES_TABLE." i,  ".CATEGORIES_TABLE." c)
          LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = i.user_id)
          WHERE image_active = 1 AND image_id IN (
$image_id_sql) AND c.cat_id = i.cat_id AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat""NOTIN").")
        ORDER BY i.image_date DESC
        LIMIT 
$offset$user_favorites";
  
$result $site_db->query($sql);
  
$num_rows $site_db->get_numrows($result);
  
  
$lightbox_lastaction format_date($config['date_format']." ".$config['time_format'], $user_info['lightbox_lastaction']);
if (empty(
$user_info['lightbox_lastaction'])) {
  
$lightbox_lastaction "n/a";
}
$site_template->register_vars("lightbox_lastaction"$lightbox_lastaction);
unset(
$lightbox_lastaction);
}else{
	
$num_rows 0;
}


if (!
$num_rows)  {
  
$user_profile_favorites "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\"><tr class=\"responses\"><td>";
  
$user_profile_favorites .= $lang['lightbox_no_images'];
  
$user_profile_favorites .= "</td></tr></table>";
}
else  {
  
$user_profile_favorites "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\">";
  
$count 0;
  
$bgcounter 0;
  while (
$image_row $site_db->fetch_array($result)){
    if (
$count == 0) {
      
$row_bg_number = ($bgcounter++ % == 0) ? 2;
      
$user_profile_favorites .= "".$row_bg_number."\">\n";
    }
    
$user_profile_favorites .= "<td width=\"".$imgtable_width."\" valign=\"top\">\n";

    
show_image($image_row"lightbox");
    
$user_profile_favorites .= $site_template->parse_template("thumbnail_bit");
    
$user_profile_favorites .= "\n</td>\n";
    
$count++;
    if (
$count == $config['image_cells']) {
      
$user_profile_favorites .= "</tr>\n";
      
$count 0;
    }
  } 
// fin while
 
  
if ($count 0)  {
    
$leftover = ($config['image_cells'] - $count);
    if (
$leftover >= 1) {
      for (
$f 0$f $leftover$f++) {
        
$user_profile_favorites .= "<td width=\"".$imgtable_width."\">\n&nbsp;\n</td>\n";
      }
      
$user_profile_favorites .= "</tr>\n";
    }
  }
  
$user_profile_favorites .= "</table>\n";
// fin else
$site_template->register_vars("user_profile_favorites"$user_profile_favorites);

unset(
$user_profile_favorites);

}
//----------------------------------------------------------------------------------
//--- FINALIZAR Favoritas en perfil por CCSAKUWEB http://www.myart.es --------------
//----------------------------------------------------------------------------------









// MOD: User page permission.
if (function_exists('get_page_permission') && !get_page_permission($user_info['user_id'], $user_info['user_level'], $self_url$action)) {    
    
show_error_page($lang['no_permission']);    
}
// End of MOD: User page permission.






  
if ($user_row get_user_info($user_id)) {
    
$user_homepage = (isset($user_row['user_homepage'])) ? format_text(format_url($user_row['user_homepage']), 2) : REPLACE_EMPTY;
	

    if (!empty(
$user_homepage) && $user_homepage != REPLACE_EMPTY) {
      
$user_homepage_button "<a href=\"".$user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$user_homepage."\" /></a>";
    }
    else {
      
$user_homepage_button REPLACE_EMPTY;
    }
	
    if(
$user_info['user_id'] <> GUEST)
    {
    if(
$user_info[user_id] <>  $user_row['user_id'])
    {
     
$query "SELECT COUNT(*) FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' AND user_on_id = '".$user_info[user_id]."' ";
     
$sql mysql_query($query);
     
$on mysql_result($sql,0);
     if(
$on == "0")
     {
       
$time time();
       
$query "INSERT INTO ".LASTUSER_TABLE." (userprofil_id, user_on_id, last_date) VALUES ('".$user_row['user_id']."', '".$user_info[user_id]."', '".$time."') ";
       
$sql mysql_query($query);
     }
     if(
$on == "1")
     {
       
$new_time time();
       
$query "UPDATE ".LASTUSER_TABLE." SET last_date = '".$new_time."' WHERE userprofil_id = '".$user_row['user_id']."' AND user_on_id = '".$user_info[user_id]."' ";
       
$sql mysql_query($query);
     }
    }
    
$limit 5;  // last visitors IF YOU WANT SHOW MORE THEN 5 CHANGE IT ;)
    
$query "SELECT lastuser_id, userprofil_id, user_on_id, last_date, u.user_id, user_name FROM (".LASTUSER_TABLE." i)
              LEFT JOIN "
.USERS_TABLE." u ON (u.user_id) = i.user_on_id
              WHERE userprofil_id = "
.$user_row['user_id']." ORDER BY i.last_date DESC LIMIT 0 , ".$limit."";
    
$sql mysql_query($query);

    while(
$ds mysql_fetch_object($sql))
    {
      
$on_time date("d.m.Y H:i"$ds->last_date);
      
$last_user .= "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$ds->user_id) . "'>"format_text(trim(stripslashes($ds->user_name)), 2)."</a> <small>(".$on_time.")</small> | ";
}

    
$query "SELECT COUNT(*) FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' ";
    
$sql mysql_query($query);
    
$on mysql_result($sql,0);

    if(
$on $limit)
    {
      
$query "SELECT * FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' ORDER BY last_date DESC LIMIT ".$limit.", ".$limit." ";
      
$sql mysql_query($query);
      
$ds mysql_fetch_object($sql);

      
$query "DELETE FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' AND last_date <= ".$ds->last_date." ";
      
$sql mysql_query($query);
    }
    }
//-----------------------------------------------------
//--- real name -------------------------------------
//-----------------------------------------------------
    
$realname = (isset($user_row['realname'])) ? format_text(format_url($user_row['realname']), 2) : REPLACE_EMPTY;
    if (!empty(
$realname) && $realname != REPLACE_EMPTY) {
      
$realname_button "<a href=\"".$realname."\" target=\"_blank\"><img src=\"".get_gallery_image("aim.gif")."\" border=\"0\" alt=\"".$realname."\" /></a>";
    }
    else {
      
$realname_button REPLACE_EMPTY;
    }
//-------- end real name---------------------------------------------



    
$user_icq = (isset($user_row['user_icq'])) ? $user_row['user_icq'] : REPLACE_EMPTY;
    if (!empty(
$user_icq) && $user_icq != REPLACE_EMPTY) {
      
$user_icq_button "<a href=\"http://www.icq.com/people/about_me.php?uin=".$user_icq."\" target=\"_blank\"><img src=\"http://status.icq.com/online.gif?icq=".$user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$user_icq."\" /></a>";
    }
    else {
      
$user_icq_button REPLACE_EMPTY;
    }
    
    
    
    
    
    
    
    
    
    
    
    
/////////////////////////////////////////////////////
  
$msg_del $_GET['msg_del'];
  if(
$msg_del == "yes"$msg $lang['user_gb_delete_ok'];
  elseif(
$msg_del == "no"$msg $lang['user_gb_delete_not'];
  elseif(
$msg_del == ""$msg "";

  if(
$_GET['user_id'] == ""$id $user_info[user_id]; else $id $_GET['user_id'];
  if(isset(
$id))
  {
   
$query "SELECT user_id, user_name FROM ".USERS_TABLE." WHERE user_id = ".$id."";
   
$sql $site_db->query($query);
   
$ds $site_db->fetch_object($sql);
   
$user_name "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$ds->user_id) ."' target=_self>"format_text(trim(stripslashes($ds->user_name)), 2) ."</a>";
$user_name2 $ds->user_name;
  } else {
  
$user_name $user_info['user_name'];
  
$user_name2 $user_info['user_name'];
  }
  if(isset(
$id)) {$abf_id $id;} else {$abf_id $user_info['user_id'];}
  
$user_gb_own $lang['user_gb'].$user_name2."";
  
$query2 "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_gb = ".$abf_id."";
  
$erg $site_db->query_firstrow($query2);
  if(
$erg == "0"){$user_gb_entry $erg.$lang['user_gb_entry'];}
  elseif(
$erg == "1"){$user_gb_entry $erg.$lang['user_gb_entrys'];}
  elseif(
$erg "1"){$user_gb_entry $erg.$lang['user_gb_entrys'];}

  
$offset = @$_GET['off'];
  if(isset(
$offset)) {$offset $_GET['off'];} else {$offset "0";}
    
$gb_query "SELECT users_gb_id,user_id_gb,user_id_ein,user_name_gb,user_gb_text,user_gb_date,DATE_FORMAT(user_gb_date,'%e.%c.%Y') AS user_gb_datum,DATE_FORMAT(user_gb_date,'%H:%i:%s') AS user_gb_uhr, user_id, user_name, user_level, userpic
                  FROM ("
.USERS_GB_TABLE." i)
                  LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = i.user_id_ein)
                  WHERE user_id_gb = "
.$abf_id."
                  ORDER BY user_gb_date DESC
                  LIMIT 
$offset, 10";

  
$gb_sql $site_db->query($gb_query);

  while(
$ds $site_db->fetch_object($gb_sql))
    {

    if(
$ds->user_id_ein == $user_info[user_id] AND $ds->user_id != $ds->user_id_gb)
    {
      
$user_link_del "<a href='" $site_sess->url(ROOT_PATH "member.php?action=delete_entry&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang['delete']."</a>";} else {$user_link_del ="";
}
    if(
$abf_id == $user_info[user_id])
    {
      
$user_gb_delete "<a href='" $site_sess->url(ROOT_PATH "member.php?action=delete_entry&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang[delete]."</a> ".$user_link_del;
}
    else {
$user_gb_delete $user_link_del;}

    if (
$ds->user_id == "")
    {
      
$user $ds->user_name_gb;
      
$gb_link "";
      
$gender "";
    }
    else
    {
      
$user "<b><a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$ds->user_id_ein) . "'>"format_text(trim(stripslashes($ds->user_name_gb)), 2) ."</a></b>";
      
$gb_link "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".$ds->user_id) . "'\n target=_self><img src='".TEMPLATE_PATH."/images/gb_".$config['language_dir'].".gif' border=0></a>";
}


    
$user_pic = (isset($ds->userpic) && !empty($ds->userpic)) ? ROOT_PATH "data/userpic/" get_file_name(basename($ds->userpic)) : "";

$text $ds->user_gb_text;

    
$gb_time $ds->user_gb_datum.$lang['user_gb_at'].$ds->user_gb_uhr;
    
$level $ds->user_level;
    if(
$level == "9") {$level $lang['level_admin'];}
    elseif(
$level == "2") {$level $lang['level_user'];}
    else {
$level "";}

  
$site_template->register_vars(array(
    
"user" => $user,
    
"gb_time" => $gb_time,
    
"admin_link" => $user_gb_delete,
    
"userpic" => $user_pic,
    
"gender" => $gender,
    
"gb_link" => $gb_link,
    
"level" => $level,
    
"text" => format_text($text$config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments'])
    ));
  
$gb_entrys .= $site_template->parse_template("user_gb_bit");
  }

  
//Pageing
  
if($offset == 0) {$vor $lang['user_gb_prev'];}
  else
  {
    
$offset2 $offset 10;
    
$vor "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$abf_id."&off=".$offset2) . "'>".$lang['user_gb_prev']."</a>";
}
  
$offset3 $offset 10;
  if(
$offset3 >= $erg ) { $weiter $lang['user_gb_next'];}
  else {
$weiter "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$abf_id."&off=".$offset3) . "'>".$lang['user_gb_next']."</a>";}
$gb_pageing $vor."&nbsp;".$weiter;

   
$site_template->register_vars(array(
    
"gb_entrys" => $gb_entrys,
    
"user_gb_own" => $user_gb_own,
    
"gb_pageing" => $gb_pageing,
    
"user_gb_entry" => $user_gb_entry,
    
"user_gb_entry_text" => $user_gb_entry_text
  
));

  if(
$_GET['ent'] == ""$afg "false"; else $afg $_GET['ent'];
  if (
$_POST['comment_text'] == "" $_GET['ent'] == "true")
    {
      
$msg $lang['error_no_text'];
      
$afg "false";
    }
  if(
$afg == "true")
  {
    
$text $_POST['comment_text'];
    if(
$_POST['user_id'] == $user_info[user_id]) { $a "NOW()";}
    else {
$a "'0000-00-00 00:00:0'";}
    
$query "INSERT INTO ".USERS_GB_TABLE."
              (user_id_gb, user_id_ein, user_name_gb, user_gb_text, user_gb_date, user_gb_read)
              VALUES
              ('"
.$_POST['user_id']."', '".$user_info[user_id]."', '".$user_info[user_name]."','".$text."', NOW(), ".$a.")";
    
$sql $site_db->query($query);

    
$msg .= "<meta http-equiv=refresh content=\"5; URL=" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$_POST['user_id']) ."\">\n
<fieldset style=border : 1px solid blue><legend style=color: black;><b>"
.$lang['user_gb_new_ok']."</b>\n
    </legend>\n<table border=0 cellspacing=0 cellpadding=8><tr>\n
    <td><p>&nbsp;"
.$lang['user_gb_new_wait']."
    <a href='" 
$site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$_POST['user_id'])."'>".$lang['user_gb_new_to']."</a><br></p></td></tr></table></fieldset>";
}
  elseif (
$afg == "false")
  {
    
$id $_GET['user_id'];
  }

    if (
$config['bb_comments'] == 1) {
    
$site_template->register_vars(array(
      
"lang_bbcode" => $lang['bbcode'],
      
"lang_tag_prompt" => $lang['tag_prompt'],
      
"lang_link_text_prompt" => $lang['link_text_prompt'],
      
"lang_link_url_prompt" => $lang['link_url_prompt'],
      
"lang_link_email_prompt" => $lang['link_email_prompt'],
      
"lang_list_type_prompt" => $lang['list_type_prompt'],
      
"lang_list_item_prompt" => $lang['list_item_prompt']
    ));
    
$bbcode $site_template->parse_template("bbcode"); }

    
$site_template->register_vars(array(
    
"user_gb" => $user_gb,
    
"bbcode" => $bbcode,
    
"head_gb" => $lang['user_gb_new'],
    
"button_send" => $lang['submit'],
    
"button_reset" => $lang['reset'],
    
"gb_id" => $user_id
    
));

    
$query "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_gb = ".$user_row['user_id']."";
    
$erg $site_db->query_firstrow($query);
    
$user_gb_ein $erg;

    
$query "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_ein = ".$user_row['user_id']."";
    
$erg $site_db->query_firstrow($query);
    
$user_gb_ge $erg;


    
$user_gb_link "<a href='" $site_sess->url(ROOT_PATH "member.php?action=showprofile&user_id=".(int)$user_row['user_id']) . "'>".$lang['user_gb_too_gb']. format_text(trim(stripslashes($user_row['user_name'])), 2) ." (".$user_gb_ein.")</a>";
$site_template->register_vars(array(
    
"user_gb_ein" => $user_gb_ein,
    
"user_gb_ge" => $user_gb_ge,
    
"lang_gb_ein" => $lang['user_gb_ein'],
    
"lang_user_gb_er" => $lang['user_gb_er'],
    
"lang_user_gb_ge" => $lang['user_gb_ge'],
    
"user_gb_link" => $user_gb_link
    
));
///////////////////////////////////////////////
    
    
    
    
    
    
    
    
    
    
    //----------  [MOD] BUDDY  V2 beta ----------
//----------     2007 by eMagix    ----------
//----------   2010 by Sumale.nin  ----------
//----------       Start Code      ----------

	


	



	


 if ((
$user_info['user_level'] != GUEST) && ($user_info['user_id'] != $user_row['user_id'])) {

	


    
$buddy_url $self_url;

	


    
$buddy_url .= (!empty($mode)) ? ((strpos($buddy_url'?') !== false) ? "&amp;" "?")."mode=".$mode "";

	


    
$buddy_url .= strpos($buddy_url'?') !== false "&amp;" "?";

	


	



	


    
    
// IF USER ALREADY A BUDDY SHOW ALREADY BUDDY TEXT

	


    
$buddy_status check_buddy($user_row['user_id']);

	


    if (
$buddy_status == 1) {

	


      
$buddy_button $lang['user_buddy_yes'];

	


    }
    
// IF USER REQUEST PENDING SHOW PENDING TEXT

	


    elseif (
$buddy_status == 0) {

	


   

	


  
$buddy_button $lang['user_buddy_pending'];

	


    }

	


// IF NOT YET BUDDY SHOW BUTTON

	


    elseif (
$buddy_status == -1) {

	


      
$buddy_url .= "action=addbuddy&amp;id=".$user_row['user_id']."";

	


      
$buddy_button "<a href=\"".$site_sess->url($buddy_url)."\"><img src=\"".get_gallery_image("buddy_no.gif")."\" border=\"0\" alt=\"\" /></a>";

	


    }

	


  }

	


  else {

	


    
$buddy_button "<img src=\"".get_gallery_image("buddy_off.gif")."\" border=\"0\" alt=\"\" />";

	


  }

	


$site_template->register_vars("lang_buddy_add"$lang['lang_buddy_add']);

	


        
// SHOW YOUR BUDDIES ON YOUR PROFILE

	


$buddy_sql "SELECT * 

	


	


FROM ("
.USERS_TABLE." u)

	


	


                  INNER JOIN "
.USERS_FRIENDSHIP_TABLE." i ON (".get_user_table_field("u.""user_id")." = i.user_id_primary)

	


	


                 

	


	


WHERE i.friendship_status =1 AND i.user_id_secondary = "
.$user_row['user_id']."   

	


	



	


	


UNION   

	


	



	


	


SELECT * 

	


	


FROM ("
.USERS_TABLE." u)

	


	


                  INNER JOIN "
.USERS_FRIENDSHIP_TABLE." i1 ON (".get_user_table_field("u.""user_id")." = i1.user_id_secondary)

	


	


                 

	


	


WHERE i1.friendship_status =1 AND i1.user_id_primary = "
.$user_row['user_id']."     

	


	


                  


               LIMIT 50"
// NUMBER OF BUDDIES YOU WANT TO SHOW ON YOUR PROFILE
        

	


	


$buddy_result $site_db->query($buddy_sql);

	


	


$num_rows $site_db->get_numrows($buddy_result);

	


	


if (!
$num_rows)  {

	


	


  
$buddylist $lang['buddy_no_empty'];

	


	


  
$msg $lang['buddy_no_empty'];

	


	


}

	


	


else {

	


	


$buddylist ="";

	


        while(
$ds mysql_fetch_object($buddy_result)){  

	


	


            
$user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/"$ds->user_id$url_show_profile) : ROOT_PATH."member.php?action=showprofile&amp;".URL_USER_ID."=".$ds->user_id;

	


	


            
$buddylist .= " <a href=\"".$site_sess->url($user_profile_link)."\">".htmlspecialchars($ds->user_name)."</a> ";

	



	


        }
    

	


}
    
$site_template->register_vars("buddy"$buddylist);

	


$site_template->register_vars("buddy_msg"$msg);

	


unset(
$userlist,$msg);
        
//----------- END CODE  -----------------
    
    
    
    
    

    
if (!empty($user_row['user_email']) && (!isset($user_row['user_showemail']) || (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 1))) {
      
$user_email $user_row['user_email'];
      
$user_email_save str_replace("@"" at "$user_row['user_email']);
      
$user_email_save str_replace("."" dot "$user_row['user_email']);
      if (!empty(
$url_mailform)) {
        
$user_mailform_link $site_sess->url(preg_replace("/{user_id}/"$user_row['user_id'], $url_mailform));
      }
      else {
        
$user_mailform_link $site_sess->url(ROOT_PATH."member.php?action=mailform&amp;".URL_USER_ID."=".$user_row['user_id']);
      }
      
$user_email_button "<a href=\"".$user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$user_email_save."\" /></a>";
    }
    
    
    
    
    else {
      
$user_email REPLACE_EMPTY;
      
$user_email_save REPLACE_EMPTY;
      
$user_mailform_link REPLACE_EMPTY;
      
$user_email_button REPLACE_EMPTY;
    }
    
	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

	

   
// User images.//////////////////////////////////////////////
   // User images.//////////////////////////////////////////////
   // User images.//////////////////////////////////////////////
   // User images.//////////////////////////////////////////////
$sql "SELECT COUNT(i.image_id) as total_images
           FROM " 
IMAGES_TABLE " i
           INNER JOIN " 
CATEGORIES_TABLE " c ON (c.cat_id = i.cat_id)
           INNER JOIN " 
USERS_TABLE " u ON (" get_user_table_field("u.""user_id") . " = i.user_id)
           WHERE i.image_active = 1 AND i.user_id = " 
. (int)$user_id " AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat""NOTIN").")";

$total_images $site_db->query_firstrow($sql);

$imgtable_width ceil((intval($config['image_table_width'])) / $config['image_cells']);
if ((
substr($config['image_table_width'], -1)) == "%") {
  
$imgtable_width .= "%";
}

if ((int)
$total_images['total_images'] <= 0)  {
  
$user_images "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\"><tr class=\"imagerow1\"><td>";
  
$user_images .= $lang['no_new_images'];
  
$user_images .= "</td></tr></table>";
}
else  {
  
$user_images "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\">";
  
$count 2;
  
$bgcounter 0;

  
$num_rows_all = (isset($total_images['total_images']) && (int)$total_images['total_images'] > 0) ? (int)$total_images['total_images'] : 0;
$link_arg $site_sess->url(ROOT_PATH."member.php?action=showprofile&user_id=" . (int)$user_id);

include(
ROOT_PATH.'includes/paging.php');
$getpaging = new Paging($page$perpage$num_rows_all$link_arg);
$offset $getpaging->get_offset();

$site_template->register_vars(array(
  
"paging" => $getpaging->get_paging(),
  
"paging_stats" => $getpaging->get_paging_stats()
));  

  
$sql "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.""user_name")."
        FROM "
.IMAGES_TABLE." i
        INNER JOIN " 
CATEGORIES_TABLE " c ON (c.cat_id = i.cat_id)
        INNER JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = i.user_id)
        WHERE i.image_active = 1 AND i.user_id = " 
. (int)$user_id " AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat""NOTIN").")
        ORDER BY i.image_date DESC
        LIMIT " 
$offset ", " $perpage;

  
$result $site_db->query($sql);
  
$num_rows $site_db->get_numrows($result);

  if (
$num_rows 0) {
  while (
$image_row $site_db->fetch_array($result)){
    if (
$count == 2) {
      
$row_bg_number = ($bgcounter++ % == 0) ? 2;
      
$user_images .= "<tr class=\"imagerow".$row_bg_number."\">\n";
    }
    
$user_images .= "<td width=\"".$imgtable_width."\" valign=\"top\">\n";

    
show_image($image_row);
    
$user_images .= $site_template->parse_template("thumbnail_bit");
    
$user_images .= "\n</td>\n";
    
$count++;
    if (
$count == $config['image_cells']) {
      
$user_images .= "</tr>\n";
      
$count 2;
    }
  } 
// end while
  
// End if.

  
if ($count 0)  {
    
$leftover = ($config['image_cells'] - $count);
    if (
$leftover >= 1) {
      for (
$f 0$f $leftover$f++) {
        
$user_images .= "<td width=\"".$imgtable_width."\">\n&nbsp;\n</td>\n";
      }
      
$user_images .= "</tr>\n";
    }
  }
  
$user_images .= "</table>\n";  
// end else

$site_template->register_vars("user_images"$user_images);
unset(
$user_images);
// End user images.


    
	
if (
defined('MEMBER_RATING_ACTIVE') && MEMBER_RATING_ACTIVE == 2) {        
        if (
function_exists('member_rating_check_user') && member_rating_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level'])) {
            
$already_rated member_rating_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level']);
    
        } elseif (
function_exists('member_rating_check_user') && !member_rating_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level'])) {
            
$rating_content "";
            for (
$i MEMBER_RATING_MARK_VALUE$i 2$i--) {
                
$site_template->register_vars("i"$i);
                
$rating_content .= $site_template->parse_template("member_rating_dropdown");            
            }
        }
    }

    
    
    
$sql "
    
    SELECT COUNT(uvp.view_count) AS total_rows
    FROM " 
USERS_VIEWPROFILE_TABLE " uvp
    LEFT JOIN " 
USERS_TABLE " u ON (" get_user_table_field("u.""user_id") . " = uvp.user_id)
    WHERE uvp.other_user_id = " 
$user_id;
    
    
$row $site_db->query_firstrow($sql);
    
$total_views = (isset($row['total_rows'])) ? (int)$row['total_rows'] : 0;

    
    
    
    
    
	

	
$sql "SELECT COUNT(image_id) AS totimg
         FROM "
.IMAGES_TABLE."
         WHERE  user_id = 
$user_id";
 
	
$result $site_db->query($sql); 
	
$row $site_db->fetch_array($result);
	
$uploaded_images $row['totimg'];
	

    
$site_template->register_vars(array(
	
  
"uploaded_imgs" => $uploaded_images,
      
"user_id" => $user_row['user_id'],
    
    
    
    
    
    
    
    
    
    
    
    
    
	
  
"lang_show_user_comments" => $lang['show_user_comments'],
      
"url_show_user_comments" => $site_sess->url(ROOT_PATH."member.php?action=showcomments&user_id=".$user_row['user_id']),
      
"user_name" => (isset($user_row['user_name'])) ? htmlspecialchars($user_row['user_name']) : REPLACE_EMPTY,
	
   
       
"lang_pm" => ($user_info['user_id'] != $user_row['user_id']) ? "<a href=\"".$site_sess->url(ROOT_PATH."pm.php?action=new&user_id=".$user_row['user_id'])."\">".$lang['pm_user_pm_alt']."</a>" ""
      
"user_email" => $user_email,
      
"user_email_save" => $user_email_save,
      
"user_mailform_link" => $user_mailform_link,
      
"user_email_button" => $user_email_button,
      
"user_join_date" => (isset($user_row['user_joindate'])) ? format_date($config['date_format'], $user_row['user_joindate']) : REPLACE_EMPTY,
      
"user_last_action" => (isset($user_row['user_lastaction'])) ? format_date($config['date_format']." ".$config['time_format'], $user_row['user_lastaction']) : REPLACE_EMPTY,
      
"user_homepage" => $user_homepage,"buddy_button" => $buddy_button,
      
//User Pic 
      
"userpic_img" => ($config['userpic'] && $user_row['userpic']) ? ROOT_PATH."data/userpic/".$user_row['userpic'] : ""
//End User Pic
      
"user_homepage_button" => $user_homepage_button,
	
  
"last_user" => $last_user,
      
"lang_last_user" => $lang['last_user'],
      
"user_icq" => $user_icq,
      
"user_icq_button" => $user_icq_button,
      
"user_icq_status" => (isset($user_row['user_icq'])) ? get_icq_status($user_row['user_icq']) : REPLACE_EMPTY,
      
"user_comments" => (isset($user_row['user_comments'])) ? $user_row['user_comments'] : REPLACE_EMPTY,
      
      
      
      
      
"lang_member_viewprofile_from_profile" => $lang['member_viewprofile_from_profile'],
"member_viewprofile_from_profile_total_views" => (isset($total_views)) ? (int)$total_views "",

      
      
      
      
      
"lang_profile_of" => $lang['profile_of'],
	
  
"lang_member_rating_user_rate" => $lang['member_rating_user_rate'],
"already_rated" => (isset($already_rated)) ? trim($already_rated) : "",
"rating_content" => (isset($rating_content) && $user_info['user_id'] != $user_row[$user_table_fields['user_id']]) ? trim($rating_content) : "",

      
"lang_show_user_images" => preg_replace("/".$site_template->start."user_name".$site_template->end."/siU"format_text($user_row['user_name'], 2), $lang['show_user_images']),
      
"url_show_user_images" => $site_sess->url(ROOT_PATH."search.php?search_user=".urlencode($user_row['user_name'])),
      
"lang_join_date" => $lang['join_date'],
      
"lang_last_action" => $lang['last_action'],
      
"lang_comments" => $lang['comments'],
      
"lang_email" => $lang['email'],
      
"lang_homepage" => $lang['homepage'],
      
"lang_icq" => $lang['icq']
    ));

    if (!empty(
$additional_user_fields)) {
      
$additional_field_array = array();
      foreach (
$additional_user_fields as $key => $val) {
        
$additional_field_array[$key] = (!empty($user_row[$key])) ? format_text($user_row[$key], 1) : REPLACE_EMPTY;
        
$additional_field_array['lang_'.$key] = $val[0];
      }
      if (!empty(
$additional_field_array)) {
        
$site_template->register_vars($additional_field_array);
      }
    }
    
$content $site_template->parse_template("member_profile");
  }
  else {
    
$content $lang['invalid_user_id'];
  }
}

//-----------------------------------------------------
//--- Send Password -----------------------------------
//-----------------------------------------------------
if ($action == "sendpassword") {
  
$txt_clickstream $lang['lost_password'];
  
$user_email un_htmlspecialchars(trim($HTTP_POST_VARS['user_email']));

  if (
$user_email != "") {
    
$sql "SELECT ".get_user_table_field("""user_id").get_user_table_field(", ""user_name").get_user_table_field(", ""user_password")."
            FROM "
.USERS_TABLE."
            WHERE "
.get_user_table_field("""user_email")." = '$user_email'";
    if (
$checkuser $site_db->query_firstrow($sql)) {
      
mt_srand((double) microtime() * 1000000);
      
$puddle 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
      
$user_password "";
      for (
$i 0$i 8$i++) {
        
$user_password .= substr($puddle, (mt_rand()%(strlen($puddle))), 1);
      }

      
$sql "UPDATE ".USERS_TABLE."
              SET "
.get_user_table_field("""user_password")." = '".md5($user_password)."'
              WHERE "
.get_user_table_field("""user_id")." = ".$checkuser[$user_table_fields['user_id']];
      
$site_db->query($sql);

      
// Start Emailer
      
include(ROOT_PATH.'includes/email.php');
      
$site_email = new Email();
      
$site_email->set_to($user_email);
      
$site_email->set_subject($lang['send_password_emailsubject']);
      
$site_email->register_vars(array(
        
"user_name" => $checkuser[$user_table_fields['user_name']],
        
"user_password" => stripslashes($user_password),
        
"site_name" => $config['site_name']
      ));
      
$site_email->set_body("lost_password"$config['language_dir']);
      
$site_email->send_email();

      
$msg $lang['send_password_success'];
      
$HTTP_POST_VARS['user_email'] = "";
    }
    else {
      
$msg $lang['invalid_email'];
    }
  }

  
$action "lostpassword";
}

if (
$action == "lostpassword") {
  
$txt_clickstream $lang['lost_password'];
  
$user_email = (isset($HTTP_POST_VARS['user_email'])) ? format_text(stripslashes($HTTP_POST_VARS['user_email']), 2) : "";
  
$site_template->register_vars(array(
    
"lang_email" => $lang['email'],
    
"lang_lost_password" => $lang['lost_password'],
    
"lang_lost_password_msg" => $lang['lost_password_msg'],
    
"lang_submit" => $lang['submit'],
    
"user_email" => $user_email,
  ));
  
$content $site_template->parse_template("member_lostpassword");
}

//-----------------------------------------------------
//--- Edit Profile ------------------------------------
//-----------------------------------------------------
$update_process 0;
$new_email_msg "";
if (
$action == "updateprofile") {
  
$txt_clickstream $lang['control_panel'];
  if (
$user_info['user_level'] == GUEST) {
    
show_error_page($lang['no_permission']);
    exit;
  }
  
$user_email = (isset($HTTP_POST_VARS['user_email'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email'])) : "";
  
$user_email2 = (isset($HTTP_POST_VARS['user_email2'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email2'])) : "";
  
$user_homepage = (isset($HTTP_POST_VARS['user_homepage'])) ? format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['user_homepage']))) : "";
  
$user_icq = (isset($HTTP_POST_VARS['user_icq'])) ? ((intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : "") : "";
  
$user_showemail = (isset($HTTP_POST_VARS['user_showemail'])) ? intval($HTTP_POST_VARS['user_showemail']) : 0;
  
$user_allowemails = (isset($HTTP_POST_VARS['user_allowemails'])) ? intval($HTTP_POST_VARS['user_allowemails']) : 0;
  
$user_invisible = (isset($HTTP_POST_VARS['user_invisible'])) ? intval($HTTP_POST_VARS['user_invisible']) : 0;

  
$error 0;
  if (
$user_info['user_email'] != $user_email && $checkuser $site_db->query_firstrow("SELECT ".get_user_table_field("""user_id")." FROM ".USERS_TABLE." WHERE ".get_user_table_field("""user_email")." = '$user_email' AND ".get_user_table_field("""user_id")." <> '".$user_info['user_id']."'")) {
    if (
$checkuser[$user_table_fields['user_id']] != $user_info['user_id']) {
      
$msg .= (($msg != "") ? "<br />" "").$lang['email_exists'];
      
$error 1;
    }
  }
  if (
$user_email != $user_email2) {
    
$msg .= (($msg != "") ? "<br />" "").$lang['update_email_confirm_error'];
    
$error 1;
  }
  if (
$user_email == "" || $user_email2 == "") {
    
$msg .= (($msg != "") ? "<br />" "").$lang['update_email_error'];
    
$error 1;
  }
  if (!
check_email($user_email)) {
    
$msg .= (($msg != "") ? "<br />" "").$lang['invalid_email_format'];
    
$error 1;
  }

  if (!empty(
$additional_user_fields)) {
    foreach (
$additional_user_fields as $key => $val) {
      if (isset(
$HTTP_POST_VARS[$key]) && intval($val[2]) == && trim($HTTP_POST_VARS[$key]) == "") {
        
$error 1;
        
$field_error preg_replace("/".$site_template->start."field_name".$site_template->end."/siU"str_replace(":"""$val[0]), $lang['field_required']);
        
$msg .= (($msg != "") ? "<br />" "").$field_error;
      }
    }
  }













// Upload User Pic 
  
$userpic $userpic_new ""
  if (!
$error && $config['userpic']) 
  { 
    
$userpics_dir ROOT_PATH."data/userpic/"
    if (!empty(
$HTTP_POST_FILES['userpic_file']['tmp_name']) && $HTTP_POST_FILES['userpic_file']['tmp_name'] != "none"
    { 
      if (isset(
$HTTP_COOKIE_VARS['userpic_file']) || isset($HTTP_POST_VARS['userpic_file']) || isset($HTTP_GET_VARS['userpic_file'])) { 
        die(
"Security violation"); 
      } 
      if (!
function_exists("is_uploaded_file")) { 
        function 
is_uploaded_file($file_name) { 
          if (!
$tmp_file = @get_cfg_var('upload_tmp_dir')) { 
            
$tmp_file tempnam('',''); 
            
$deleted = @unlink($tmp_file); 
            
$tmp_file dirname($tmp_file); 
          } 
          
$tmp_file .= '/'.basename($file_name); 
          return (
ereg_replace('/+''/'$tmp_file) == $file_name) ? 0
        } 
      
        function 
move_uploaded_file($file_name$destination) { 
          return (
is_uploaded_file($file_name)) ? ((copy($file_name$destination)) ? 0) : 0
        } 
      } 
      
$error = array(); 
      
$mime_types = array( 
        
"image/jpeg"
        
"image/pjpeg"
        
"image/gif"
        
"image/x-png" 
      
); 
      
$extensions = array( 
        
"jpg"
        
"jpeg"
        
"gif"
        
"png" 
      
); 
      
$userpic_ext strtolower(substr(strrchr($HTTP_POST_FILES['userpic_file']['name'],"."), 1)); 
      
$userpic_mime $HTTP_POST_FILES['userpic_file']['type']; 
      if (!
in_array($userpic_mime$mime_types) || !in_array($userpic_ext$extensions)) 
      { 
        
$error[] = $lang['invalid_file_type']. " (".$userpic_ext.", ".$HTTP_POST_FILES['userpic_file']['type'].")"
      } 
      if (
$HTTP_POST_FILES['userpic_file']['size'] > $config['userpic_size'] * 1024
      { 
        
$error[] = $lang['invalid_file_size']; 
      } 
      if (empty(
$error)) 
      { 
        
$userpic_name $user_info['user_id'].".".$userpic_ext
        
$userpic_file $userpics_dir.$userpic_name
         if (
file_exists($userpic_file)) 
         { 
            
unlink($userpic_file); 
        } 
        if (!
move_uploaded_file($HTTP_POST_FILES['userpic_file']['tmp_name'], $userpic_file)) 
        { 
          
$error[] = $lang['file_copy_error']; 
        } 
        else 
        { 
          @
chmod($userpic_fileCHMOD_FILES); 
        } 
      } 
      if (empty(
$error)) 
      { 
        
$userpic $HTTP_POST_VARS['userpic'] = $userpic_new $userpic_name
        if (
$user_info['userpic'] != $userpic_name && file_exists($userpics_dir.$user_info['userpic'])) 
        { 
          @
unlink($userpics_dir.$user_info['userpic']); 
        } 
        if (!
function_exists(init_convert_options)) 
        { 
          require(
ROOT_PATH.'includes/image_utils.php'); 
        } 
        
$image_info getimagesize($userpic_file); 
        
$convert_options init_convert_options(); 
        if ((
$image_info[0] > $config['userpic_width'] || $image_info[1] > $config['userpic_height'])) 
        { 
          if (
$convert_options['convert_error'] || (!$convert_options['convert_error'] && !resize_image($userpic_file85$config['userpic_width'], 1))) 
          { 
            if (
$image_info[0] > $config['userpic_width']) 
            { 
              
$error[] = $lang['invalid_image_width']; 
            } 
            if (
$image_info[1] > $config['userpic_height']) 
            { 
              
$error[] = $lang['invalid_image_height']; 
            } 
          } 
        } 
      } 
      if (!empty(
$error)) 
      { 
        
$msg .= (($msg != "") ? "<br />" "")."<b>".$lang['file_upload_error'].": ".$HTTP_POST_FILES['userpic_file']['name']."</b><br />"
        foreach (
$error as $val) { 
          
$msg .= "<b>".$HTTP_POST_FILES['userpic_file']['name'].":</b> ".$val."<br />"
        } 
        
$HTTP_POST_VARS['userpic'] = $user_info['userpic']; 
      } 
    } 
    else 
    { 
      if (isset(
$HTTP_POST_VARS['userpic_del']) && $HTTP_POST_VARS['userpic_del']) 
      { 
        @
unlink($userpics_dir.$user_info['userpic']); 
        
$HTTP_POST_VARS['userpic'] = $userpic ""
        
$userpic_new 1
      } 
    } 
  } 
// End Upload User Pic



















  
if (!$error && $user_email != $user_info['user_email'] && $user_info['user_level'] != ADMIN && $config['account_activation'] != 0) {
    
$activationkey get_random_key(USERS_TABLE$user_table_fields['user_activationkey']);

    
$sql "UPDATE ".USERS_TABLE."
            SET "
.get_user_table_field("""user_level")." = ".USER_AWAITING.", ".get_user_table_field("""user_activationkey")." = '$activationkey'
            WHERE "
.get_user_table_field("""user_id")." = ".$user_info['user_id'];
    
$result $site_db->query($sql);

    if (
$result) {
      
$activation_url $script_url."/register.php?action=activate&activationkey=".$activationkey;

      include(
ROOT_PATH.'includes/email.php');
      
$site_email = new Email();

      switch(
$config['account_activation']) {
      case 
2:
        
$user_details_url $script_url."/admin/index.php?goto=".urlencode("users.php?action=edituser&user_id=".$user_info['user_id']."&activation=1");
        
$email_to $config['site_email'];
        
$email_subject $lang['admin_activation_emailsubject'];
        
$email_template "admin_activation";
        
$new_email_msg $lang['update_email_instruction_admin'];
        break;
      case 
1:
        if (
$config['language_dir_default'] != $config['language_dir']) {
          
$activation_url .= "&l=".$config['language_dir'];
        }
        
$user_details_url "";
        
$email_to $user_email;
        
$email_subject $lang['update_email_emailsubject'];
        
$email_template "newemail_activation";
        
$new_email_msg $lang['update_email_instruction'];
        break;
      case 
0:
      default:
        break;
      }

      if (!empty(
$email_to)) {
        
$site_email->set_to($email_to);
        
$site_email->set_subject($email_subject);
        
$site_email->register_vars(array(
          
"user_details_url" => $user_details_url,
          
"activation_url" => $activation_url,
          
"user_name" => $user_info['user_name'],
          
"site_name" => $config['site_name']
        ));
        
$site_email->set_body($email_template$config['language_dir']);
        
$site_email->send_email();
      }
    }
    else {
      
$msg $lang['general_error'];
      
$error 1;
    }
  }

  if (!
$error) {
    
$additional_sql "";
    if (!empty(
$additional_user_fields)) {
      
$table_fields $site_db->get_table_fields(USERS_TABLE);
      foreach (
$additional_user_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          
$additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }

    
$sql "UPDATE ".USERS_TABLE."
            SET "
.get_user_table_field("""user_email")." = '$user_email', ".get_user_table_field("""user_showemail")." = $user_showemail, ".get_user_table_field("""user_allowemails")." = $user_allowemails, ".get_user_table_field("""user_invisible")." = $user_invisible, ".get_user_table_field("""user_homepage")." = '$user_homepage', ".get_user_table_field("""user_icq")." = '$user_icq'".$additional_sql."
            WHERE "
.get_user_table_field("""user_id")." = ".$user_info['user_id'];
    
$site_db->query($sql);

    
$msg $lang['update_profile_success'];
    if (!empty(
$new_email_msg)) {
      
$msg .= "<br />".$new_email_msg;
    }
    
$user_info $site_sess->load_user_info($user_info['user_id']);
  }
  else {
    
$update_process 1;
  }
  
$action "editprofile";
}

if (
$action == "updatepassword") {
  
$txt_clickstream $lang['control_panel'];
  if (
$user_info['user_level'] == GUEST) {
    
show_error_page($lang['no_permission']);
    exit;
  }
  
$error 0;
  
$current_user_password md5(trim($HTTP_POST_VARS['current_user_password']));
  
$user_password trim($HTTP_POST_VARS['user_password']);
  
$user_password2 trim($HTTP_POST_VARS['user_password2']);
  if (
$current_user_password != $user_info['user_password']) {
    
$msg .= (($msg != "") ? "<br />" "").$lang['update_password_error'];
    
$error 1;
  }
  if (
$user_password != $user_password2 || $user_password == "") {
    
$msg .= (($msg != "") ? "<br />" "").$lang['update_password_confirm_error'];
    
$error 1;
  }
  if (!
$error) {
    
$sql "UPDATE ".USERS_TABLE."
            SET "
.get_user_table_field("""user_password")." = '".md5($user_password)."'
            WHERE "
.get_user_table_field("""user_id")." = ".$user_info['user_id'];
    
$site_db->query($sql);

    
$msg $lang['update_password_success'];
    
$user_info $site_sess->load_user_info($user_info['user_id']);
  }
  
$action "editprofile";
}

if (
$action == "editprofile") {
  
$txt_clickstream $lang['control_panel'];
  if (
$user_info['user_level'] == GUEST) {
    
show_error_page($lang['no_permission']);
    exit;
  }
  
$user_name $user_info['user_name'];
  if (!
$update_process) {
    
$user_email $user_info['user_email'];
    
$user_email2 $user_info['user_email'];
    
$user_showemail $user_info['user_showemail'];
    
$user_allowemails $user_info['user_allowemails'];
    
$user_invisible $user_info['user_invisible'];
    
$user_homepage $user_info['user_homepage'];
    
$user_icq $user_info['user_icq'];
  }

  if (
$user_showemail == 1) {
    
$user_showemail_yes " checked=\"checked\"";
    
$user_showemail_no "";
  }
  else {
    
$user_showemail_yes "";
    
$user_showemail_no " checked=\"checked\"";
  }
  if (
$user_allowemails == 1) {
    
$user_allowemails_yes " checked=\"checked\"";
    
$user_allowemails_no "";
  }
  else {
    
$user_allowemails_yes "";
    
$user_allowemails_no " checked=\"checked\"";
  }
  if (
$user_invisible == 1) {
    
$user_invisible_yes " checked=\"checked\"";
    
$user_invisible_no "";
  }
  else {
    
$user_invisible_yes "";
    
$user_invisible_no " checked=\"checked\"";
  }

  
$edit_profile_msg $lang['edit_profile_msg'];
  if (
$config['account_activation'] == && $user_info['user_level'] != ADMIN) {
    
$edit_profile_msg .= $lang['edit_profile_email_msg'];
  }
  if (
$config['account_activation'] == && $user_info['user_level'] != ADMIN) {
    
$edit_profile_msg .= $lang['edit_profile_email_msg_admin'];
  }

  
$site_template->register_vars(array(
    
"user_name" => format_text(stripslashes($user_name), 2),
    
"user_email" => format_text(stripslashes($user_email), 2),
    
"user_email2" => format_text(stripslashes($user_email2), 2),
    
"user_homepage" => format_text(stripslashes($user_homepage), 2),
    
"user_icq" => $user_icq,
    
    
//User Pic 
    
"userpic_allowed" => $config['userpic'], 
    
"userpic_img" => ($user_info['userpic']) ? ROOT_PATH."data/userpic/".$user_info['userpic'] : ""
    
"lang_userpic_del" => $lang['userpic_del'], 
    
"lang_userpic_upload" => preg_replace("/".$site_template->start."userpic_max_size".$site_template->end."/siU"$config['userpic_size']."&nbsp;".$lang['kb'], preg_replace("/".$site_template->start."userpic_max_width".$site_template->end."/siU"$config['userpic_width'], preg_replace("/".$site_template->start."userpic_max_height".$site_template->end."/siU"$config['userpic_height'], $lang['userpic_upload']))), 
    
"userpic_max_width" => $config['userpic_width'], 
    
"userpic_max_height" => $config['userpic_height'], 
    
"userpic_max_size" => $config['userpic_size']."&nbsp;".$lang['kb'], 
//End User Pic
    
    
"user_showemail_yes" => $user_showemail_yes,
    
"user_showemail_no" => $user_showemail_no,
    
"user_allowemails_yes" => $user_allowemails_yes,
    
"user_allowemails_no" => $user_allowemails_no,
    
"user_invisible_yes" => $user_invisible_yes,
    
"user_invisible_no" => $user_invisible_no,
    
"lang_profile_of" => $lang['profile_of'],
    
"lang_email" => $lang['email'],
    
"lang_email_confirm" => $lang['email_confirm'],
    
"lang_show_email" => $lang['show_email'],
    
"lang_allow_emails" => $lang['allow_emails'],
    
"lang_invisible" => $lang['invisible'],
    
"lang_optional_infos" => $lang['optional_infos'],
    
"lang_homepage" => $lang['homepage'],
    
"lang_icq" => $lang['icq'],
    
"lang_save" => $lang['save'],
    
"lang_reset" => $lang['reset'],
    
"lang_change_password" => $lang['change_password'],
    
"lang_old_password" => $lang['old_password'],
    
"lang_new_password" => $lang['new_password'],
    
"lang_new_password_confirm" => $lang['new_password_confirm'],
    
"lang_edit_profile_msg" => $edit_profile_msg,
    
"lang_yes" => $lang['yes'],
    
"lang_no" => $lang['no']
  ));

  if (!empty(
$additional_user_fields)) {
    
$additional_field_array = array();
    foreach (
$additional_user_fields as $key => $val) {
      if (
$val[1] == "radio") {
        
$value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : intval($user_info[$key]);
        if (
$value == 1) {
          
$additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          
$additional_field_array[$key.'_no'] = "";
        }
        else {
          
$additional_field_array[$key.'_yes'] = "";
          
$additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }
      else {
        
$value = (isset($HTTP_POST_VARS[$key])) ? format_text(trim($HTTP_POST_VARS[$key]), 2) : $user_info[$key];
      }
      
$additional_field_array[$key] = $value;
      
$additional_field_array['lang_'.$key] = $val[0];
    }
    if (!empty(
$additional_field_array)) {
      
$site_template->register_vars($additional_field_array);
    }
  }

  
$content $site_template->parse_template("member_editprofile");
  if (!empty(
$new_email_msg)) {
    
$site_sess->logout($user_info['user_id']);
  }
}

















//-----------------------------------------------------
//---Show Member Comments-------------------------------
//-----------------------------------------------------

if ($action == "showcomments") {

  if (isset(
$HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
    
$user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
    if (!
$user_id) {
      
$user_id GUEST;
    }
  }
  else {
    
$user_id GUEST;
  }

    
$additional_sql "";
      
$table_fields $site_db->get_table_fields(USERS_TABLE);
      foreach (
$additional_user_fields as $key => $val) {
        if (isset(
$HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          
$additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
  
$sql "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date".get_user_table_field(", u.""user_level").get_user_table_field(", u.""user_name").get_user_table_field(", u.""user_email").get_user_table_field(", u.""user_showemail").get_user_table_field(", u.""user_invisible").get_user_table_field(", u.""user_joindate").get_user_table_field(", u.""user_lastaction").get_user_table_field(", u.""user_comments").get_user_table_field(", u.""user_homepage").get_user_table_field(", u.""user_icq").$additional_sql."
          FROM "
.COMMENTS_TABLE." c
          LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = c.user_id)
          WHERE c.user_id = 
$user_id
          ORDER BY c.comment_date DESC, c.image_id ASC"
;
  
$result $site_db->query($sql);
  
$comment_row = array();
  while (
$row $site_db->fetch_array($result)) {
    
$comment_row[] = $row;
  }
  
$site_db->free_result($result);
  
$num_comments sizeof($comment_row);
  if (!
$num_comments) {
    
$comments "".$lang['member_no_comments']."";
  }
  else {
    
$comments "";
    
$bgcounter 0;
	
$comments ="";
	
$current "";
    for (
$i 0$i $num_comments$i++) {
	
  
$image_id $comment_row[$i]['image_id']; 
      
$sql "SELECT i.image_id, i.cat_id, i.image_name, c.cat_name, i.image_media_file, i.image_thumb_file, i.image_allow_comments
            FROM ("
.IMAGES_TABLE." i,  ".CATEGORIES_TABLE." c) 
            LEFT JOIN "
.USERS_TABLE." u ON (".get_user_table_field("u.""user_id")." = i.user_id) 
            WHERE i.image_id = 
$image_id AND c.cat_id = i.cat_id"
      
$image_row $site_db->query_firstrow($sql); 
      
$cat_id = (isset($image_row['cat_id'])) ? $image_row['cat_id'] : 0
	
  
$image_allow_comments = (check_permission("auth_readcomment"$cat_id)) ? $image_row['image_allow_comments'] : 0;
     if (
$image_allow_comments == 1){ 
	
  if (
$current != $comment_row[$i]['image_id']) {
	
	
$comments .= ($i == 0) ? "" "";
	
	
$same 1;
	
  }else{
	
	
$same 0;
	
  }
      
$row_bg_number = ($bgcounter++ % == 0) ? 2;

      
$comment_user_name htmlspecialchars($comment_row[$i]['comment_user_name']);
      
$comment_user_info $lang['userlevel_guest'];

      
$comment_user_id $comment_row[$i]['user_id'];
	
  
$user_row_comment get_user_info($comment_user_id);
      if (isset(
$comment_row[$i][$user_table_fields['user_name']]) && $comment_user_id != GUEST) {
        
$comment_user_name htmlspecialchars($comment_row[$i][$user_table_fields['user_name']]);

        
$comment_user_info .= "<br />";
      }

      
$comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";

      
$admin_links "";
      if (
$user_info['user_level'] == ADMIN) {
        
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&amp;comment_id=".$comment_row[$i]['comment_id']))."\" target=\"admin_edit\">".$lang['edit']."</a>&nbsp;";
        
$admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&amp;comment_id=".$comment_row[$i]['comment_id']))."\" target=\"admin_edit\">".$lang['delete']."</a>";
      }
      elseif (
$is_image_owner) {
        
$admin_links .= ($config['user_edit_comments'] != 1) ? "" "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&amp;".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a>&nbsp;";
        
$admin_links .= ($config['user_delete_comments'] != 1) ? "" "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&amp;".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";
      }
	
  
$show_link = (!check_permission("auth_viewcat"$cat_id) || !check_permission("auth_viewimage"$cat_id)) ? 1;
      
$site_template->register_vars(array(
	
	
"comment_image" => ($same) ? get_thumbnail_code($image_row['image_media_file'], $image_row['image_thumb_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode$show_link01) : "",
	
	
"comment_image_name" => (!$show_link) ? $image_row['image_name'] : "<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row[$i]['image_id'].((!empty($mode)) ? "&amp;mode=".$mode ""))."\">".$image_row['image_name']."</a>"
	
	
"comment_cat_name" => (!check_permission("auth_viewcat"$cat_id)) ? $image_row['cat_name'] : "<a href=\"".$site_sess->url(ROOT_PATH."categories.php?".URL_CAT_ID."=".$cat_id)."\" class=\"smalltext\">".$image_row['cat_name']."</a>",
        
"comment_id" => $comment_row[$i]['comment_id'],
        
"comment_user_id" => $comment_user_id,
        
"comment_user_name" => $comment_user_name,
        
"comment_user_info" => $comment_user_info,
        
"comment_user_ip" => $comment_user_ip,
        
"comment_headline" => format_text($comment_row[$i]['comment_headline'], 0$config['wordwrap_comments'], 00),
        
"comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
        
"comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),
        
"row_bg_number" => $row_bg_number,
        
"admin_links" => $admin_links
      
));
      
$comments .= $site_template->parse_template("member_comment_bit");

	
  
$current $comment_row[$i]['image_id'];
}
    } 
// end while
  
//end else
  
$comments .= "</TABLE>\n</TD>\n</TR>\n</TABLE>\n";
  
$content $comments;
  
$txt_clickstream $lang['member_comments'].(($user_id == GUEST) ? $lang['userlevel_guest'] : '<a href="' . (!empty($url_show_profile) ? str_replace("{user_id}"$user_id$url_show_profile) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&amp;" URL_USER_ID "=" $user_id)) . '">' $comment_user_name '</a>');
}
//---End Member Comments----














//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------
$clickstream "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'].$txt_clickstream."</span>";

//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
  
"content" => $content,
  
"msg" => $msg,
  
"clickstream" => $clickstream,
  
"lang_control_panel" => $lang['control_panel']
));
$site_template->print_template($site_template->parse_template($main_template));
include(
ROOT_PATH.'includes/page_footer.php');
?>

3
Hello~

i have an idea is that :
i want to show user's avatar with profile link  when any  user write  :4imageswassimo:   wassimo is the user name is it possible ?
in whole script ?

just like Smiles shortcut system  :D  (: etc...

4
Hello
iHope some one  Help me with this question ~!


I need to display Userpic's In profile comment ,
when some one goin to make comment in ur profile so the avatar should be appeared ?


and other Question please ?



there's 2 upload forms in member_upload.html
so i would like to change it lil bit


media_file : any one can upload image with pic size < auto resizer  and in details.ph can see big size

Thumb_file : any one can pach file <uncoercive and show in details page


else Can  be Edited  by user and Amin ~! :lol: please any one can ?

Pages: [1]