Author Topic: Benutzerdaten-Seite aufteilen? (Read 8484 times)

Bommel · « **on:** February 03, 2010, 12:57:46 PM »

Hallo allerseits,

folgende Problemstellung - ich möchte die Seite, in der der Benutzer seine Einstellungen (member_editprofile.html) ändern kann, so aufteilen, dass die allgemeinen Benutzerdaten sowie das Passwort und das Benutzerbild auf getrennten Seiten bearbeitet werden kann. Es soll also für jeden Bereich eine extra Seite vorhanden sein. Hintergrund - das Benutzerkontrollzentrum soll Untermenüs bzw. Links dafür erhalten.

Kann mir bitte jemand dabei behilflich sein die Datei member.php diesbezüglich so auseinander zu klamüsern bzw. umzuschreiben, das die entsprechenden HTML-Seiten mit folgenden Links über die member.php aufgerufen werden können:

Allgemeine Einstellungen = /member.php?action=editprofile
Benutzerbild = /member.php?action=userpicture
Passwort ändern = /member.php?action=changepassword

Welche Dateien müssen bei dieser Abänderung des Benutzerkontrollzentrums noch berücksichtigt werden? Hier mal noch meine derzeitige member.php.

<?php
/**************************************************************************
* *
* 4images - A Web Based Image Gallery Management System *
* ---------------------------------------------------------------- *
* *
* File: member.php *
* Copyright: (C) 2002-2009 Jan Sorgalla *
* Email: jan@4homepages.de *
* Web: http://www.4homepages.de *
* Scriptversion: 1.7.7 *
* *
* Never released without support from: Nicky (http://www.nicky.net) *
* *
**************************************************************************
* *
* Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz- *
* bedingungen (Lizenz.txt) für weitere Informationen. *
* --------------------------------------------------------------- *
* This script is NOT freeware! Please read the Copyright Notice *
* (Licence.txt) for further information. *
* *
*************************************************************************/

$main_template = "member";

define('GET_CACHES', 1);
define('ROOT_PATH', './');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
include(ROOT_PATH.'includes/page_header.php');

//--- Maintenance --------------------------------
$maintenance = $config['maintenance'];
$redirect_url = ROOT_PATH."maintenance.html";
if ($maintenance && $user_info['user_level'] != ADMIN && $user_info['user_level'] != MODERADOR){
 header("Location: ".$site_sess->url($redirect_url, "&"));
 exit;
}
//--- End of Maintenance -------------------------

if ($action == "") {
 $action = "lostpassword";
}
$content = "";
$txt_clickstream = "";

$sendprocess = 0;

if (isset($HTTP_GET_VARS[URL_COMMENT_ID]) || isset($HTTP_POST_VARS[URL_COMMENT_ID])) {
 $comment_id = (isset($HTTP_GET_VARS[URL_COMMENT_ID])) ? intval($HTTP_GET_VARS[URL_COMMENT_ID]) : intval($HTTP_POST_VARS[URL_COMMENT_ID]);
}
else {
 $comment_id = 0;
}

if ($action == "deletecomment") {
 if (!$comment_id || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $sql = "SELECT c.comment_id, c.user_id AS comment_user_id, i.image_id, i.cat_id, i.user_id, i.image_name
 FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
 WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
 $comment_row = $site_db->query_firstrow($sql);
 if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['comment_delete'];

 $sql = "UPDATE ".IMAGES_TABLE."
 SET image_comments = image_comments - 1
 WHERE image_id = ".$comment_row['image_id'];
 $site_db->query($sql);

 if ($comment_row['comment_user_id'] != GUEST) {
 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_comments")." = ".get_user_table_field("", "user_comments")." - 1
 WHERE ".get_user_table_field("", "user_id")." = ".$comment_row['comment_user_id'];
 $site_db->query($sql);
 }

 $sql = "DELETE FROM ".COMMENTS_TABLE."
 WHERE comment_id = $comment_id";
 $result = $site_db->query($sql);
 $msg = ($result) ? $lang['comment_delete_success'] : $lang['comment_delete_error'];
}

if ($action == "removecomment") {
 if (!$comment_id || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
 redirect($url);
 }

 $sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
 FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
 LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
 WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
 $comment_row = $site_db->query_firstrow($sql);
 if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 redirect($url);
 }

 $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['comment_delete'];

 if (isset($comment_row[$user_table_fields['user_name']]) && $comment_row['comment_user_id'] != GUEST) {
 $user_name = $comment_row[$user_table_fields['user_name']];
 }
 else {
 $user_name = $comment_row['comment_user_name'];
 }

 $site_template->register_vars(array(
 "comment_id" => $comment_id,
 "image_name" => format_text($comment_row['image_name']),
 "user_name" => format_text($user_name),
 "comment_headline" => format_text($comment_row['comment_headline'], 0, $config['wordwrap_comments'], 0, 0),
 "comment_text" => format_text($comment_row['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
 "lang_delete_comment" => $lang['comment_delete'],
 "lang_delete_comment_confirm" => $lang['comment_delete_confirm'],
 "lang_image_name" => $lang['image_name'],
 "lang_name" => $lang['name'],
 "lang_headline" => $lang['headline'],
 "lang_comment" => $lang['comment'],
 "lang_submit" => $lang['submit'],
 "lang_reset" => $lang['reset'],
 "lang_yes" => $lang['yes'],
 "lang_no" => $lang['no']
 ));
 $content = $site_template->parse_template("member_deletecomment");
}

if ($action == "updatecomment") {
 if (!$comment_id || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $sql = "SELECT c.comment_id, c.image_id, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
 FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
 LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
 WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
 $comment_row = $site_db->query_firstrow($sql);
 if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['comment_edit'];

 $error = 0;

 $comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
 $comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));

 if ($comment_headline == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['headline']), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }
 if ($comment_text == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['comment']), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }

 if (!$error) {
 $sql = "UPDATE ".COMMENTS_TABLE."
 SET comment_headline = '$comment_headline', comment_text = '$comment_text'
 WHERE comment_id = $comment_id";
 $result = $site_db->query($sql);
 $msg = ($result) ? $lang['comment_edit_success'] : $lang['comment_edit_error'];
 }
 else {
 $action = "editcomment";
 $sendprocess = 1;
 }
}

if ($action == "editcomment") {
 if (!$comment_id || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
 redirect($url);
 }

 $sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
 FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
 LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
 WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
 $comment_row = $site_db->query_firstrow($sql);
 if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 header("Location: ".$site_sess->url($url, "&"));
 exit;
 }

 $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['comment_edit'];

 $comment_headline = (isset($HTTP_POST_VARS['comment_headline'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_headline']))) : $comment_row['comment_headline'];
 $comment_text = (isset($HTTP_POST_VARS['comment_text'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_text']))) : $comment_row['comment_text'];

 if (isset($comment_row[$user_table_fields['user_name']]) && $comment_row['comment_user_id'] != GUEST) {
 $user_name = $comment_row[$user_table_fields['user_name']];
 }
 else {
 $user_name = $comment_row['comment_user_name'];
 }

 $bbcode = "";
 if ($config['bb_comments'] == 1) {
 $site_template->register_vars(array(
 "lang_bbcode" => $lang['bbcode'],
 "lang_tag_prompt" => $lang['tag_prompt'],
 "lang_link_text_prompt" => $lang['link_text_prompt'],
 "lang_link_url_prompt" => $lang['link_url_prompt'],
 "lang_link_email_prompt" => $lang['link_email_prompt'],
 "lang_list_type_prompt" => $lang['list_type_prompt'],
 "lang_list_item_prompt" => $lang['list_item_prompt']
 ));
 $bbcode = $site_template->parse_template("bbcode");
 }

 $site_template->register_vars(array(
 "bbcode" => $bbcode,
 "comment_id" => $comment_id,
 "image_name" => format_text($comment_row['image_name'], 2),
 "user_name" => format_text($user_name, 2),
 "comment_headline" => format_text($comment_headline, 2),
 "comment_text" => format_text($comment_text, 2),
 "lang_edit_comment" => $lang['comment_edit'],
 "lang_image_name" => $lang['image_name'],
 "lang_name" => $lang['name'],
 "lang_headline" => $lang['headline'],
 "lang_comment" => $lang['comment'],
 "lang_submit" => $lang['submit'],
 "lang_reset" => $lang['reset'],
 "lang_yes" => $lang['yes'],
 "lang_no" => $lang['no']
 ));
 $content = $site_template->parse_template("member_editcomment");
}

if ($action == "deleteimage") {
 if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $sql = "SELECT image_id, cat_id, user_id, image_name, image_media_file, image_thumb_file
 FROM ".IMAGES_TABLE."
 WHERE image_id = $image_id";
 $image_row = $site_db->query_firstrow($sql);
 if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = $lang['image_delete'];

 $sql = "DELETE FROM ".IMAGES_TABLE."
 WHERE image_id = $image_id";
 $del_img = $site_db->query($sql);
 $sql2 = "UPDATE ".USERS_TABLE."
 SET user_images = user_images-1
 WHERE user_id = ".$image_row['user_id']."";
 $site_db->query($sql2);

 if (!is_remote($image_row['image_media_file']) && !is_local_file($image_row['image_media_file'])) {
 @unlink(MEDIA_PATH."/".$image_row['cat_id']."/".$image_row['image_media_file']);
 }
 if (!empty($image_row['image_thumb_file']) && !is_remote($image_row['image_thumb_file']) && !is_local_file($image_row['image_thumb_file'])) {
 @unlink(THUMB_PATH."/".$image_row['cat_id']."/".$image_row['image_thumb_file']);
 }

 include(ROOT_PATH.'includes/search_utils.php');
 remove_searchwords($image_id);

 if (!empty($user_table_fields['user_comments'])) {
 $sql = "SELECT user_id
 FROM ".COMMENTS_TABLE."
 WHERE image_id = $image_id";
 $result = $site_db->query($sql);
 $user_id_sql = "";
 while ($row = $site_db->fetch_array($result)) {
 if ($row['user_id'] != GUEST) {
 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_comments")." = ".get_user_table_field("", "user_comments")." - 1
 WHERE ".get_user_table_field("", "user_id")." = ".$row['user_id'];
 $site_db->query($sql);
 }
 }
 }

 $sql = "DELETE FROM ".COMMENTS_TABLE."
 WHERE image_id = $image_id";
 $del_com = $site_db->query($sql);

 if ($del_img) {
 $msg = $lang['image_delete_success'];
 }
 else {
 $msg = $lang['image_delete_error'];
 }
}

if ($action == "removeimage") {
 if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN)) {
 redirect($url);
 }
 $sql = "SELECT image_id, cat_id, user_id, image_name
 FROM ".IMAGES_TABLE."
 WHERE image_id = $image_id";
 $image_row = $site_db->query_firstrow($sql);
 if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['image_delete'];

 $site_template->register_vars(array(
 "image_id" => $image_id,
 "image_name" => format_text($image_row['image_name'], 2),
 "lang_delete_image" => $lang['image_delete'],
 "lang_delete_image_confirm" => $lang['image_delete_confirm'],
 "lang_submit" => $lang['submit'],
 "lang_reset" => $lang['reset'],
 "lang_yes" => $lang['yes'],
 "lang_no" => $lang['no']
 ));
 $content = $site_template->parse_template("member_deleteimage");
}

if ($action == "updateimage") {
 if (!$image_id || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 }
 $sql = "SELECT image_id, cat_id, user_id, image_name
 FROM ".IMAGES_TABLE."
 WHERE image_id = $image_id";
 $image_row = $site_db->query_firstrow($sql);
 if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['image_edit'];

 $error = 0;

 $image_name = un_htmlspecialchars(trim($HTTP_POST_VARS['image_name']));
 $image_description = un_htmlspecialchars(trim($HTTP_POST_VARS['image_description']));
 $image_keywords = un_htmlspecialchars(trim($HTTP_POST_VARS['image_keywords']));
 $image_keywords = preg_replace("/[\n\r]/is", " ", $image_keywords);
 $image_keywords = str_replace(","," ",$image_keywords);
 $image_keywords = ereg_replace("( ){2,}", " ", $image_keywords);

//#################################### Mod Privat Image ###################################################################
$image_auth_viewimage = $HTTP_POST_VARS['image_auth_viewimage'];
//#################################### Mod Privat Images ###################################################################

 if ($image_name == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['image_name']), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }

 if (!empty($additional_image_fields)) {
 foreach ($additional_image_fields as $key => $val) {
 if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $val[0]), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }
 }
 }

 if (!$error) {
 $additional_sql = "";

 if (isset($HTTP_POST_VARS['image_allow_comments'])) {
 $additional_sql .= ", image_allow_comments = ".intval($HTTP_POST_VARS['image_allow_comments']);
 }

 if (!empty($additional_image_fields)) {
 $table_fields = $site_db->get_table_fields(IMAGES_TABLE);
 foreach ($additional_image_fields as $key => $val) {
 if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
 $additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
 }
 }
 }

//#################################### Mod Privat Image ###################################################################
$sql = "UPDATE ".IMAGES_TABLE."
 SET image_name = '$image_name', image_description = '$image_description', image_keywords = '$image_keywords', image_auth_viewimage = $image_auth_viewimage".$additional_sql."
 WHERE image_id = $image_id";
//#################################### Mod Privat Image ###################################################################

 $result = $site_db->query($sql);
 if ($result) {
 include(ROOT_PATH.'includes/search_utils.php');
 $search_words = array();
 foreach ($search_match_fields as $image_column => $match_column) {
 if (isset($HTTP_POST_VARS[$image_column])) {
 $search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
 }
 }
 remove_searchwords($image_id);
 add_searchwords($image_id, $search_words);
 $msg = $lang['image_edit_success'];
 }
 else {
 $msg = $lang['image_edit_error'];
 }
 }
 else {
 $action = "editimage";
 $sendprocess = 1;
 }
}

if ($action == "editimage") {
 if (!$image_id || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN)) {
 redirect($url);
 }

 $additional_sql = "";
 if (!empty($additional_image_fields)) {
 foreach ($additional_image_fields as $key => $val) {
 $additional_sql .= ", ".$key;
 }
 }
//#################################### Mod Privat Images ###################################################################
 $sql = "SELECT image_id, cat_id, user_id, image_name, image_description, image_keywords, image_allow_comments, image_auth_viewimage".$additional_sql."
 FROM ".IMAGES_TABLE."
 WHERE image_id = $image_id";
//#################################### Mod Privat Images ###################################################################

 $image_row = $site_db->query_firstrow($sql);
 if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
 redirect($url);
 }

 $txt_clickstream = get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
 $txt_clickstream .= $lang['image_edit'];

 $image_name = (isset($HTTP_POST_VARS['image_name'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_name']))) : $image_row['image_name'];
 $image_description = (isset($HTTP_POST_VARS['image_description'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_description']))) : $image_row['image_description'];
 $image_keywords = (isset($HTTP_POST_VARS['image_keywords'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_keywords']))) : $image_row['image_keywords'];
 $image_allow_comments = (isset($HTTP_POST_VARS['image_allow_comments'])) ? intval($HTTP_POST_VARS['image_allow_comments']) : $image_row['image_allow_comments'];
//#################################### Mod Privat Images ###################################################################
$access_array = array(
 AUTH_ALL => $lang['userlevel_all'],
 AUTH_USER => $lang['userlevel_registered'],
 AUTH_ACL => $lang['userlevel_private'],
 AUTH_ADMIN => $lang['userlevel_admins']
);

 $status = (isset($HTTP_POST_VARS['image_auth_viewimage']))? $HTTP_POST_VARS['image_auth_viewimage'] : $image_row['image_auth_viewimage'];
 $access_select = "<td class=\"row1\">\n<select class=\"input\" name=\"image_auth_viewimage\">\n";
 foreach ($access_array as $key => $val) {
 $access_select .= "<option value=\"".$key."\"";
 if ($status == $key) {
 $access_select .= " selected=\"selected\"";
 }
 $access_select .= ">".$val."</option>\n";
 }
 $access_select .= "</select>\n</td>\n</tr>\n";
//#################################### Mod Privat Images ###################################################################

 $site_template->register_vars(array(

//#################################### Mod Privat Images ###################################################################

"access_select" => $access_select,

"auth_viewimage" => $lang['auth_viewimage'],
//#################################### Mod Privat Images ###################################################################

    "image_id" => $image_id,
    "image_name" => format_text($image_name, 2),
    "image_description" => format_text($image_description, 2),
    "image_keywords" => format_text($image_keywords, 2),
    "image_allow_comments_yes" => ($image_allow_comments) ? " checked=\"checked\"" : "",
    "image_allow_comments_no" => (!$image_allow_comments) ? " checked=\"checked\"" : "",
    "lang_edit_image" => $lang['image_edit'],
    "lang_image_name" => $lang['image_name'],
    "lang_description" => $lang['description'],
    "lang_keywords" => $lang['keywords_ext'],
    "lang_allow_comments" => isset($lang['allow_comments']) ? $lang['allow_comments'] : "",
    "lang_submit" => $lang['submit'],
    "lang_reset" => $lang['reset'],
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));

  if (!empty($additional_image_fields)) {
    $additional_field_array = array();
    foreach ($additional_image_fields as $key => $val) {
      if ($val[1] == "radio") {
        $value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : $image_row[$key];
        if ($value == 1) {
          $additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          $additional_field_array[$key.'_no'] = "";
        }
        else {
          $additional_field_array[$key.'_yes'] = "";
          $additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }

elseif ($val[1] == "dropdown") {
 $value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : $image_row[$key];
 $additional_field_array[$key.'_dropdown'] = get_db_fields_dropdown($key, $val, $value);
 }
 else {
 $value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : $image_row[$key];
 }
 $additional_field_array[$key] = $value;
 $additional_field_array['lang_'.$key] = $val[0];
 }
 if (!empty($additional_field_array)) {
 $site_template->register_vars($additional_field_array);
 }
 }
 $content = $site_template->parse_template("member_editimage");
}

if ($action == "uploadimage") {
 if ($cat_id != 0 && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload", $cat_id))) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = "";
 if ($cat_id && isset($cat_cache[$cat_id])) {
 $txt_clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
 }
 $txt_clickstream .= $lang['user_upload'];

 $remote_media_file = format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['remote_media_file'])));
 $remote_thumb_file = format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['remote_thumb_file'])));

 $image_name = un_htmlspecialchars(trim($HTTP_POST_VARS['image_name']));
 $image_description = un_htmlspecialchars(trim($HTTP_POST_VARS['image_description']));
 $image_keywords = un_htmlspecialchars(trim($HTTP_POST_VARS['image_keywords']));
 $image_keywords = preg_replace("/[\n\r]/is", " ", $image_keywords);
 $image_keywords = str_replace(","," ",$image_keywords);
 $image_keywords = ereg_replace("( ){2,}", " ", $image_keywords);

//#################################### Mod Privat Images ###################################################################
 $image_auth_viewimage = $HTTP_POST_VARS['image_auth_viewimage'];
//#################################### Mod Privat Images ###################################################################

 $image_active = (isset($HTTP_POST_VARS['image_active']) && $HTTP_POST_VARS['image_active'] == 0) ? 0 : 1;
 $image_allow_comments = (isset($HTTP_POST_VARS['image_allow_comments']) && $HTTP_POST_VARS['image_allow_comments'] == 0) ? 0 : 1;
 $image_download_url = (isset($HTTP_POST_VARS['image_download_url'])) ? format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['image_download_url']))) : "";

 $captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";

 $direct_upload = (check_permission("auth_directupload", $cat_id)) ? 1 : 0;
 $upload_cat = ($direct_upload) ? $cat_id : 0;

 $error = 0;
 $uploaderror = 0;

 if ($cat_id == 0) {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['category']), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }
 if ((empty($HTTP_POST_FILES['media_file']['tmp_name']) || $HTTP_POST_FILES['media_file']['tmp_name'] == "none") && ($remote_media_file == "" || !check_remote_media($remote_media_file))) {
 $error = 1;
 $msg .= (($msg != "") ? " " : "").$lang['image_file_required'];
 }
 if ($image_name == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['image_name']), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }

 if ($captcha_enable_upload && !captcha_validate($captcha)) {
 $msg .= (($msg != "") ? " " : "").$lang['captcha_required'];
 $error = 1;
 }

 if (!empty($additional_image_fields)) {
 foreach ($additional_image_fields as $key => $val) {
 if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $val[0]), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }
 }
 }

 if (!$error) {
 // Start Upload
 include(ROOT_PATH.'includes/upload.php');
 $site_upload = new Upload();

 // Upload Media file
 if (!empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none") {
 $new_name = $site_upload->upload_file("media_file", "media", $upload_cat);
 if (!$new_name) {
 $msg .= (($msg != "") ? " " : "")."".$lang['file_upload_error'].": ".$new_name." ".$site_upload->get_upload_errors();
 $uploaderror = 1;
 }
 }
 else {
 $new_name = $remote_media_file;
 }

 // Uplad thumb file
 $new_thumb_name = "";
 if (!empty($HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$uploaderror) {
 $new_thumb_name = $site_upload->upload_file("thumb_file", "thumb", $upload_cat, get_basefile($new_name));
 if (!$new_thumb_name) {
 $msg .= (($msg != "") ? " " : "")."".$lang['thumb_upload_error'].": ".$new_thumb_name." ".$site_upload->get_upload_errors();
 @unlink(MEDIA_TEMP_PATH."/".$new_name);
 $uploaderror = 1;
 }
 }
 elseif (check_remote_thumb($remote_thumb_file)) {
 $new_thumb_name = $remote_thumb_file;
 }
 elseif ($config['auto_thumbnail'] == 1 && !empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none" && !$uploaderror) {
 if ($direct_upload) {
 $src = MEDIA_PATH."/".$cat_id."/".$new_name;
 $dest = THUMB_PATH."/".$cat_id."/".$new_name;
 }
 else {
 $src = MEDIA_TEMP_PATH."/".$new_name;
 $dest = THUMB_TEMP_PATH."/".$new_name;
 }
 $do_create = 0;
 if ($image_info = @getimagesize($src)) {
 if ($image_info[2] == 1 || $image_info[2] == 2 || $image_info[2] == 3) {
 $do_create = 1;
 }
 }
 if ($do_create) {
 require(ROOT_PATH.'includes/image_utils.php');
 $convert_options = init_convert_options();
 if (!$convert_options['convert_error']) {
 $dimension = (intval($config['auto_thumbnail_dimension'])) ? intval($config['auto_thumbnail_dimension']) : 100;
 $resize_type = (intval($config['auto_thumbnail_resize_type'])) ? intval($config['auto_thumbnail_resize_type']) : 1;
 $quality = (intval($config['auto_thumbnail_quality']) && intval($config['auto_thumbnail_quality']) <= 100) ? intval($config['auto_thumbnail_quality']) : 100;

 if (create_thumbnail($src, $dest, $quality, $dimension, $resize_type)) {
 $new_thumb_name = $new_name;
 }
 }
 }
 }

 if (!$uploaderror) {
 $additional_field_sql = "";
 $additional_value_sql = "";
 if (!empty($additional_image_fields)) {
 $table = ($direct_upload) ? IMAGES_TABLE : IMAGES_TEMP_TABLE;
 $table_fields = $site_db->get_table_fields($table);
 foreach ($additional_image_fields as $key => $val) {
 if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
 $additional_field_sql .= ", $key";
 $additional_value_sql .= ", '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
 }
 }
 }

 $current_time = time();
 if ($direct_upload) {

//#################################### Mod Privat Images ###################################################################
$sql = "INSERT INTO ".IMAGES_TABLE."
 (cat_id, user_id, image_name, image_description, image_keywords, image_date, image_active, image_media_file, image_thumb_file, image_download_url, image_allow_comments, image_auth_viewimage".$additional_field_sql.")
 VALUES
 ($cat_id, ".$user_info['user_id'].", '$image_name', '$image_description', '$image_keywords', $current_time, $image_active, '$new_name', '$new_thumb_name', '$image_download_url', $image_allow_comments,$image_auth_viewimage".$additional_value_sql.")";
//#################################### Mod Privat Images ###################################################################

 $result = $site_db->query($sql);
 $image_id = $site_db->get_insert_id();
 if ($result) {

if ($user_info['user_id'] != GUEST) {
 $sql = "UPDATE ".USERS_TABLE."
 SET user_images = user_images+1
 WHERE user_id = ".$user_info['user_id']."";
 $site_db->query($sql);
 }
 include(ROOT_PATH.'includes/search_utils.php');
 $search_words = array();
 foreach ($search_match_fields as $image_column => $match_column) {
 if (isset($HTTP_POST_VARS[$image_column])) {
 $search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
 }
 }
 add_searchwords($image_id, $search_words);
 }
 }
 else {

//#################################### Mod Privat Images ###################################################################
$sql = "INSERT INTO ".IMAGES_TEMP_TABLE."
 (cat_id, user_id, image_name, image_description, image_keywords, image_date, image_media_file, image_thumb_file, image_download_url,image_auth_viewimage".$additional_field_sql.")
 VALUES
 ($cat_id, ".$user_info['user_id'].", '$image_name', '$image_description', '$image_keywords', $current_time, '$new_name', '$new_thumb_name', '$image_download_url','$image_auth_viewimage'".$additional_value_sql.")";
//#################################### Mod Privat Images ###################################################################

 $result = $site_db->query($sql);
 }

 if ($config['upload_notify'] == 1 && !$direct_upload) {
 include(ROOT_PATH.'includes/email.php');
 $site_email = new Email();

 $config['upload_emails'] = str_replace(" ", "", $config['upload_emails']);
 $emails = explode(",", $config['upload_emails']);

 $validation_url = $script_url."/admin/index.php?goto=".urlencode("validateimages.php?action=validateimages");

 $site_email->set_to($config['site_email']);
 $site_email->set_subject($lang['new_upload_emailsubject']);
 $site_email->register_vars(array(
 "image_name" => stripslashes($image_name),
 "file_name" => $new_name,
 "cat_name" => $cat_cache[$cat_id]['cat_name'],
 "validation_url" => $validation_url,
 "site_name" => $config['site_name']
 ));
 $site_email->set_body("upload_notify", $config['language_dir_default']);
 $site_email->set_bcc($emails);
 $site_email->send_email();
 }

 $msg .= $lang['image_add_success'].": ".format_text(stripslashes($image_name))." (".$new_name.")";
 $msg .= (!$direct_upload) ? " ".$lang['new_upload_validate_desc'] : "";

 $file_extension = get_file_extension($new_name);
 $file = (is_remote($new_name)) ? $new_name : (($direct_upload) ? MEDIA_PATH."/".$cat_id."/".$new_name : MEDIA_TEMP_PATH."/".$new_name);
 $width_height = "";
 if (!is_remote($file) && $imageinfo = @getimagesize($file)) {
 $width_height = " ".$imageinfo[3];
 }
 $media_icon = "<img src=\"".ICON_PATH."/".$file_extension.".gif\" border=\"0\" alt=\"\" />";
 $site_template->register_vars(array(
 "media_src" => $file,
 "media_icon" => $media_icon,
 "image_name" => format_text(stripslashes($image_name)),
 "width_height" => $width_height
 ));
 $media = $site_template->parse_template("media/".$file_extension);
 $content .= "<table border=\"0\" align=\"center\">\n<tr>\n<td>\n".$media."\n</td>\n</tr>\n</table>\n";
 }
 else {
 $action = "uploadform";
 $sendprocess = 1;
 }
 }
 else {
 $action = "uploadform";
 $sendprocess = 1;
 }
}

if ($action == "uploadform") {
 if ($cat_id != 0 && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload", $cat_id))) {
 show_error_page($lang['no_permission']);
 exit;
 }

 $txt_clickstream = "";
 if ($cat_id && isset($cat_cache[$cat_id])) {
 $txt_clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
 }
 $txt_clickstream .= $lang['user_upload'];

 if (!$sendprocess) {
 $remote_media_file = "";
 $remote_thumb_file = "";
 $image_name = "";
 $image_description = "";
 $image_keywords = "";
 $image_download_url = "";
 $image_allow_comments = 1;
 }
//#################################### Mod Privat Images ###################################################################
$access_array = array(
 AUTH_ALL => $lang['userlevel_all'],
 AUTH_USER => $lang['userlevel_registered'],
 AUTH_ACL => $lang['userlevel_private'],
 AUTH_ADMIN => $lang['userlevel_admins']
);
 $status = (isset($HTTP_POST_VARS['image_auth_viewimage']))? $HTTP_POST_VARS['image_auth_viewimage'] : $image_row['image_auth_viewimage'];
 $access_select = "<td class=\"row1\">\n<select class=\"input\" name=\"image_auth_viewimage\">\n";
 foreach ($access_array as $key => $val) {
 $access_select .= "<option value=\"".$key."\"";
 if ($status == $key) {
 $access_select .= " selected=\"selected\"";
 }
 $access_select .= ">".$val."</option>\n";
 }
 $access_select .= "</select>\n</td>\n</tr>\n";
//#################################### Mod Privat Images ###################################################################

 $site_template->register_vars(array(

//#################################### Mod Privat Images ###################################################################
 "access_select" => $access_select,
 "auth_viewimage" => $lang['auth_viewimage'],
//#################################### Mod Privat Images ###################################################################

 "cat_id" => $cat_id,
 "cat_name" => ($cat_id != 0) ? format_text($cat_cache[$cat_id]['cat_name'], 2) : get_category_dropdown($cat_id),
 "remote_media_file" => format_text(stripslashes($remote_media_file), 2),
 "remote_thumb_file" => format_text(stripslashes($remote_thumb_file), 2),
 "image_name" => format_text(stripslashes($image_name), 2),
 "image_description" => format_text(stripslashes($image_description), 2),
 "image_keywords" => format_text(stripslashes($image_keywords), 2),
 "image_allow_comments_yes" => ($image_allow_comments) ? " checked=\"checked\"" : "",
 "image_allow_comments_no" => (!$image_allow_comments) ? " checked=\"checked\"" : "",
 "image_download_url" => format_text(stripslashes($image_download_url), 2),
 "lang_category" => $lang['category'],
 "lang_user_upload" => $lang['user_upload'],
 "lang_media_file" => $lang['media_file'],
 "lang_thumb_file" => $lang['thumb_file'],
 "lang_allowed_file_types" => $lang['allowed_mediatypes_desc'],
 "allowed_media_types" => str_replace(",",", ",$config['allowed_mediatypes']),
 "allowed_thumb_types" => "jpg, gif, png",
 "lang_max_filesize" => $lang['max_filesize'],
 "lang_max_imagewidth" => $lang['max_imagewidth'],
 "lang_max_imageheight" => $lang['max_imageheight'],
 "max_thumb_filsize" => $config['max_thumb_size']." ".$lang['kb'],
 "max_thumb_imagewidth" => $config['max_thumb_width']." ".$lang['px'],
 "max_thumb_imageheight" => $config['max_thumb_height']." ".$lang['px'],
 "max_media_filsize" => $config['max_media_size']." ".$lang['kb'],
 "max_media_imagewidth" => $config['max_image_width']." ".$lang['px'],
 "max_media_imageheight" => $config['max_image_height']." ".$lang['px'],
 "lang_image_name" => $lang['image_name'],
 "lang_description" => $lang['description'],
 "lang_keywords" => $lang['keywords_ext'],
 "lang_allow_comments" => isset($lang['allow_comments']) ? $lang['allow_comments'] : "",
 "lang_submit" => $lang['submit'],
 "lang_reset" => $lang['reset'],
 "lang_yes" => $lang['yes'],
 "lang_no" => $lang['no'],
 "lang_captcha" => $lang['captcha'],
 "lang_captcha_desc" => $lang['captcha_desc'],
 "captcha_upload" => (bool)$captcha_enable_upload
 ));

 if (!empty($additional_image_fields)) {
 $additional_field_array = array();
 foreach ($additional_image_fields as $key => $val) {
 if ($val[1] == "radio") {
 $value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : 1;
 if ($value == 1) {
 $additional_field_array[$key.'_yes'] = " checked=\"checked\"";
 $additional_field_array[$key.'_no'] = "";
 }
 else {
 $additional_field_array[$key.'_yes'] = "";
 $additional_field_array[$key.'_no'] = " checked=\"checked\"";
 }
 }
 else {
 $value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : "";
 }
 $additional_field_array[$key] = $value;
 $additional_field_array['lang_'.$key] = $val[0];
 }
 if (!empty($additional_field_array)) {
 $site_template->register_vars($additional_field_array);
 }
 }
 $content = $site_template->parse_template("member_uploadform");
}

if ($action == "emailuser") {
 $txt_clickstream = $lang['profile'];
 $user_id = (isset($HTTP_POST_VARS[URL_USER_ID])) ? intval($HTTP_POST_VARS[URL_USER_ID]) : GUEST;
 $error = 0;

 if ($user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $subject = stripslashes(trim($HTTP_POST_VARS['subject']));
 $message = stripslashes(trim($HTTP_POST_VARS['message']));

 if ($subject == "" || $message == "") {
 $msg = $lang['lostfield_error'];
 $sendprocess = 1;
 $error = 1;
 }

 if (!$error) {
 if (($user_info['user_level'] == ADMIN || !$site_db->query_firstrow("SELECT id FROM ".BAN_TABLE." WHERE type = ".BAN_USERID." AND user_id = ".$user_id." AND (NOT expire OR expire > ".time().") LIMIT 1")) && $user_row = get_user_info($user_id)) {
 if (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 0) {
 $content = $lang['invalid_user_id'];
 }
 else {
 $sender_user_name = ($user_info['user_level'] != GUEST) ? (isset($user_info['user_name']) ? $user_info['user_name'] : $lang['userlevel_user']) : $lang['userlevel_guest'];
 $sender_user_email = ($user_info['user_level'] != GUEST && isset($user_info['user_email'])) ? $user_info['user_email'] : $config['site_email'];

 // Start Emailer
 include(ROOT_PATH.'includes/email.php');
 $site_email = new Email();
 $site_email->set_from($sender_user_email, $sender_user_name);
 $site_email->set_to($user_row['user_email']);
 $site_email->set_subject($subject);
 $site_email->register_vars(array(
 "sender_user_name" => $sender_user_name,
 "sender_user_email" => $sender_user_email,
 "message" => $message,
 "site_name" => $config['site_name']
 ));
 $site_email->set_body("mailform_message", $config['language_dir']);
 $site_email->send_email();
 $msg = $lang['emailuser_success'];
 }
 }
 else {
 $content = $lang['invalid_user_id'];
 }
 }
 else {
 $action = "mailform";
 }
}

if ($action == "mailform") {
 $txt_clickstream = $lang['profile'];
 if (isset($HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
 $user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
 if (!$user_id) {
 $user_id = GUEST;
 }
 }
 else {
 $user_id = GUEST;
 }

 if ($user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
 show_error_page($lang['no_permission']);
 exit;
 }

 if (!$sendprocess) {
 $subject = "";
 $message = "";
 }

 if ($user_row = get_user_info($user_id)) {
 if (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 0) {
 $content = $lang['invalid_user_id'];
 }
 else {
 $site_template->register_vars(array(
 "user_id" => $user_row['user_id'],
 "user_name" => format_text($user_row['user_name'], 2),
 "subject" => format_text($subject, 2),
 "message" => format_text($message, 2),
 "lang_send_email_to" => $lang['send_email_to'],
 "lang_subject" => $lang['subject'],
 "lang_message" => $lang['message'],
 "lang_submit" => $lang['submit'],
 "lang_reset" => $lang['reset']
 ));
 $content = $site_template->parse_template("member_mailform");
 }
 }
 else {
 $content = $lang['invalid_user_id'];
 }
}

//-----------------------------------------------------
//--- Show Profile ------------------------------------
//-----------------------------------------------------
if ($action == "showprofile") {
 $txt_clickstream = $lang['profile'];
 if (isset($HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
 $user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
 if (!$user_id) {
 $user_id = GUEST;
 }
 }
 else {
 $user_id = GUEST;
 }

// Update Profile Hits
if ($user_info['user_level'] != ADMIN && $user_info['user_id'] != $user_id) {
 $sql = "UPDATE ".USERS_TABLE."
 SET profile_hits = profile_hits + 1
 WHERE user_id = $user_id";
 $site_db->query($sql);
}
// End Update Profile Hits

 if ($user_row = get_user_info($user_id)) {
 $user_homepage = (isset($user_row['user_homepage'])) ? format_text(format_url($user_row['user_homepage']), 2) : REPLACE_EMPTY;
 if (!empty($user_homepage) && $user_homepage != REPLACE_EMPTY) {
 $user_homepage_button = "<a href=\"".$user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$user_homepage."\" /></a>";
 }
 else {
 $user_homepage_button = REPLACE_EMPTY;
 }
 $user_msn = (isset($user_row['user_msn'])) ? format_text(format_url($user_row['user_msn']), 2) : REPLACE_EMPTY;
 if (!empty($user_msn) && $user_msn != REPLACE_EMPTY) {
 $user_msn_button = "<a href=\"".$user_msn."\" target=\"_blank\"><img src=\"".get_gallery_image("msn.gif")."\" border=\"0\" alt=\"".$user_msn."\" /></a>";
 }
 else {
 $user_msn_button = REPLACE_EMPTY;
 }

$user_aim = (isset($user_row['user_aim'])) ? format_text(format_url($user_row['user_aim']), 2) : REPLACE_EMPTY;
 if (!empty($user_aim) && $user_aim != REPLACE_EMPTY) {
 $user_aim_button = "<a href=\"".$user_aim."\" target=\"_blank\"><img src=\"".get_gallery_image("aim.gif")."\" border=\"0\" alt=\"".$user_aim."\" /></a>";
 }
 else {
 $user_aim_button = REPLACE_EMPTY;
 }

$user_yahoo = (isset($user_row['user_yahoo'])) ? format_text(format_url($user_row['user_yahoo']), 2) : REPLACE_EMPTY;
 if (!empty($user_yahoo) && $user_yahoo != REPLACE_EMPTY) {
 $user_yahoo_button = "<a href=\"".$user_yahoo."\" target=\"_blank\"><img src=\"".get_gallery_image("yahoo.gif")."\" border=\"0\" alt=\"".$user_yahoo."\" /></a>";
 }
 else {
 $user_yahoo_button = REPLACE_EMPTY;
 }
 $user_icq = (isset($user_row['user_icq'])) ? $user_row['user_icq'] : REPLACE_EMPTY;
 if (!empty($user_icq) && $user_icq != REPLACE_EMPTY) {
 $user_icq_button = "<a href=\"http://www.icq.com/people/about_me.php?uin=".$user_icq."\" target=\"_blank\"><img src=\"http://status.icq.com/online.gif?icq=".$user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$user_icq."\" /></a>";
 }
 else {
 $user_icq_button = REPLACE_EMPTY;
 }
//---[MOD] BUDDY V.1.0.0 beta ------------
//----2007 by eMagix for 4images gallery --
//----------- START CODE -----------------

if (($user_info['user_level'] != GUEST) && ($user_info['user_id'] != $user_row['user_id'])) {

$buddy_url = $self_url;

$buddy_url .= (!empty($mode)) ? ((strpos($buddy_url, '?') !== false) ? "&" : "?")."mode=".$mode : "";

$buddy_url .= strpos($buddy_url, '?') !== false ? "&" : "?";

// IF USER ALREADY A BUDDY SHOW ALREADY BUDDY TEXT

$buddy_status = check_buddy($user_row['user_id']);

if ($buddy_status == 1) {

$buddy_button = $lang['user_buddy_yes'];

}
// IF USER REQUEST PENDING SHOW PENDING TEXT

elseif ($buddy_status == 0) {

$buddy_button = $lang['user_buddy_pending'];

}

// IF NOT YET BUDDY SHOW BUTTON

elseif ($buddy_status == -1) {

$buddy_url .= "action=addbuddy&id=".$user_row['user_id']."";

$buddy_button = "<a href=\"".$site_sess->url($buddy_url)."\"><img src=\"".get_gallery_image("buddy_no.gif")."\" border=\"0\" alt=\"\" /></a>";

}

else {

$buddy_button = "<img src=\"".get_gallery_image("buddy_off.gif")."\" border=\"0\" alt=\"\" />";

}

$site_template->register_vars("lang_buddy_add", $lang['lang_buddy_add']);

// SHOW YOUR BUDDIES ON YOUR PROFILE

$buddy_sql = "SELECT *

FROM (".USERS_TABLE." u)

INNER JOIN ".USERS_FRIENDSHIP_TABLE." i ON (".get_user_table_field("u.", "user_id")." = i.user_id_primary)

WHERE i.friendship_status =1 AND i.user_id_secondary = ".$user_row['user_id']."

UNION

SELECT *

FROM (".USERS_TABLE." u)

INNER JOIN ".USERS_FRIENDSHIP_TABLE." i1 ON (".get_user_table_field("u.", "user_id")." = i1.user_id_secondary)

WHERE i1.friendship_status =1 AND i1.user_id_primary = ".$user_row['user_id']."

               LIMIT 50"; // NUMBER OF BUDDIES YOU WANT TO SHOW ON YOUR PROFILE

$buddy_result = $site_db->query($buddy_sql);

$num_rows = $site_db->get_numrows($buddy_result);

if (!$num_rows) {

$buddylist = $lang['buddy_no_empty'];

$msg = $lang['buddy_no_empty'];

}

else {

$buddylist ="";

while($ds = mysql_fetch_object($buddy_result)){

$user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/", $ds->user_id, $url_show_profile) : ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$ds->user_id;

$buddylist .= " <a href=\"".$site_sess->url($user_profile_link)."\">".htmlspecialchars($ds->user_name)."</a> ";

}

}
$site_template->register_vars("buddy", $buddylist);

$site_template->register_vars("buddy_msg", $msg);

unset($userlist,$msg);

//----------- END CODE -----------------

 if (!empty($user_row['user_email']) && (!isset($user_row['user_showemail']) || (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 1))) {
 $user_email = $user_row['user_email'];
 $user_email_save = str_replace("@", " at ", $user_row['user_email']);
 $user_email_save = str_replace(".", " dot ", $user_row['user_email']);
 if (!empty($url_mailform)) {
 $user_mailform_link = $site_sess->url(preg_replace("/{user_id}/", $user_row['user_id'], $url_mailform));
 }
 else {
 $user_mailform_link = $site_sess->url(ROOT_PATH."member.php?action=mailform&".URL_USER_ID."=".$user_row['user_id']);
 }
 $user_email_button = "<a href=\"".$user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$user_email_save."\" /></a>";
 }
 else {
 $user_email = REPLACE_EMPTY;
 $user_email_save = REPLACE_EMPTY;
 $user_mailform_link = REPLACE_EMPTY;
 $user_email_button = REPLACE_EMPTY;
 }

$sql = "SELECT COUNT(image_id) AS totimg
FROM ".IMAGES_TABLE."
WHERE user_id = $user_id";

$result = $site_db->query($sql);

$row = $site_db->fetch_array($result);

$uploaded_images = $row['totimg'];

    // Birthday Mod
    $user_birthday = (isset($user_row[$user_table_fields['birthday']])) ? $user_row[$user_table_fields['birthday']] : REPLACE_EMPTY;
    if (!empty($user_birthday) && $user_birthday != REPLACE_EMPTY  && $user_row[$user_table_fields['birthday']] != "0000-00-00") {

           $birthday = explode("-",$user_row[$user_table_fields['birthday']]);
           $user_birthday = $birthday[2].".".$lang['months'][sprintf("%02d",$birthday[1])];
           $user_birthday .= ($birthday[0]!="0000") ? " ".$birthday[0]."" : "";

           // Show Age in Profile
           if (($config['birthday_show_profile_age'] == 1) && ($age = calc_age ($user_row[$user_table_fields['birthday']]))) {
                $user_birthday .= " ($age)";
           }

           // Show Birthdaycountdown in Profile
           if ($config['birthday_profile_countdown'] == 1 && $b_cdown = calc_countdown ($user_row[$user_table_fields['birthday']]))  {

                $site_template->register_vars(array(
                     "lang_birthday_cdown" => $lang['birthday_cdown'],
                     "cdown_days" => $b_cdown['days'],
                     "cdown_hours" => $b_cdown['hours'],
                     "cdown_minutes" => $b_cdown['minutes'],
                     "lang_days" => $lang['days'],
                     "lang_hours" => $lang['hours'],
                     "lang_minutes" => $lang['minutes']
                ));
           }
          // End Show Birthdaycountdown in Profile

    }
    else {
      $user_birthday = REPLACE_EMPTY;
    }
    // Birthday Mod

$rank_commentator = get_rank($user_row['user_comments'], "commentator");
 $rank_photographer = get_rank($user_row['user_images'], "photographer");

 $site_template->register_vars(array(
 "lang_avatar" => $lang['avatar'],
 "user_avatar_current" => ($config['avatar_use']) ? "<img src=\"".TEMPLATE_PATH."/avatars/".(($user_row['user_avatar'] == "") ? "blank.gif" : $user_row['user_avatar'])."\" name=\"icons\" border=\"0\" alt=\"\">" : "",
 "uploaded_imgs" => $uploaded_images,

  "user_id" => $user_row['user_id'],
      "user_name" => (isset($user_row['user_name'])) ? htmlspecialchars($user_row['user_name']) : REPLACE_EMPTY,
      "lang_rank" => $lang['rank'],

  "lang_uploaded_user_img" => $lang['uploaded_user_img'],
      "rank_commentator" => $rank_commentator,
      "rank_photographer" => $rank_photographer,

  "user_birthday" => $user_birthday,
      "user_email" => $user_email,
      "user_email_save" => $user_email_save,
      "user_mailform_link" => $user_mailform_link,
      "user_email_button" => $user_email_button,
      "user_join_date" => (isset($user_row['user_joindate'])) ? format_date($config['date_format'], $user_row['user_joindate']) : REPLACE_EMPTY,
      "user_last_action" => (isset($user_row['user_lastaction'])) ? format_date($config['date_format']." ".$config['time_format'], $user_row['user_lastaction']) : REPLACE_EMPTY,
      "user_homepage" => $user_homepage,

"buddy_button" => $buddy_button,

// BUDDY MOD – DISPLAY BUDDY BUTTON ON YOUR PROFILE
 "user_homepage_button" => $user_homepage_button,
 "user_icq" => $user_icq,
 "user_icq_button" => $user_icq_button,
 "user_icq_status" => (isset($user_row['user_icq'])) ? get_icq_status($user_row['user_icq']) : REPLACE_EMPTY,
 "user_comments" => (isset($user_row['user_comments'])) ? $user_row['user_comments'] : REPLACE_EMPTY,
 "lang_profile_of" => $lang['profile_of'],
 "lang_show_user_images" => preg_replace("/".$site_template->start."user_name".$site_template->end."/siU", format_text($user_row['user_name'], 2), $lang['show_user_images']),
 "url_show_user_images" => $site_sess->url(ROOT_PATH."search.php?search_user=".urlencode($user_row['user_name'])),
 "lang_join_date" => $lang['join_date'],
 "lang_last_action" => $lang['last_action'],
 "lang_comments" => $lang['comments'],
 "lang_email" => $lang['email'],
 "lang_homepage" => $lang['homepage'],
 "lang_icq" => $lang['icq']
 ));

 if (!empty($additional_user_fields)) {
 $additional_field_array = array();
 foreach ($additional_user_fields as $key => $val) {
 $additional_field_array[$key] = (!empty($user_row[$key])) ? format_text($user_row[$key], 1) : REPLACE_EMPTY;
 $additional_field_array['lang_'.$key] = $val[0];
 }
 if (!empty($additional_field_array)) {
 $site_template->register_vars($additional_field_array);
 }
 }
 $content = $site_template->parse_template("member_profile");
 }
 else {
 $content = $lang['invalid_user_id'];
 }
}

//-----------------------------------------------------
//--- Send Password -----------------------------------
//-----------------------------------------------------
if ($action == "sendpassword") {
 $txt_clickstream = $lang['lost_password'];
 $user_email = un_htmlspecialchars(trim($HTTP_POST_VARS['user_email']));

 if ($user_email != "") {
 $sql = "SELECT ".get_user_table_field("", "user_id").get_user_table_field(", ", "user_name").get_user_table_field(", ", "user_password")."
 FROM ".USERS_TABLE."
 WHERE ".get_user_table_field("", "user_email")." = '$user_email'";
 if ($checkuser = $site_db->query_firstrow($sql)) {
 mt_srand((double) microtime() * 1000000);
 $puddle = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
 $user_password = "";
 for ($i = 0; $i < 8; $i++) {
 $user_password .= substr($puddle, (mt_rand()%(strlen($puddle))), 1);
 }

 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_password")." = '".md5($user_password)."'
 WHERE ".get_user_table_field("", "user_id")." = ".$checkuser[$user_table_fields['user_id']];
 $site_db->query($sql);

 // Start Emailer
 include(ROOT_PATH.'includes/email.php');
 $site_email = new Email();
 $site_email->set_to($user_email);
 $site_email->set_subject($lang['send_password_emailsubject']);
 $site_email->register_vars(array(
 "user_name" => $checkuser[$user_table_fields['user_name']],
 "user_password" => stripslashes($user_password),
 "site_name" => $config['site_name']
 ));
 $site_email->set_body("lost_password", $config['language_dir']);
 $site_email->send_email();

 $msg = $lang['send_password_success'];
 $HTTP_POST_VARS['user_email'] = "";
 }
 else {
 $msg = $lang['invalid_email'];
 }
 }

 $action = "lostpassword";
}

if ($action == "lostpassword") {
 $txt_clickstream = $lang['lost_password'];
 $user_email = (isset($HTTP_POST_VARS['user_email'])) ? format_text(stripslashes($HTTP_POST_VARS['user_email']), 2) : "";
 $site_template->register_vars(array(
 "lang_email" => $lang['email'],
 "lang_lost_password" => $lang['lost_password'],
 "lang_lost_password_msg" => $lang['lost_password_msg'],
 "lang_submit" => $lang['submit'],
 "user_email" => $user_email,
 ));
 $content = $site_template->parse_template("member_lostpassword");
}

//-----------------------------------------------------
//--- Edit Profile ------------------------------------
//-----------------------------------------------------
$update_process = 0;
$new_email_msg = "";
if ($action == "updateprofile") {
 $txt_clickstream = $lang['control_panel'];
 if ($user_info['user_level'] == GUEST) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $user_email = (isset($HTTP_POST_VARS['user_email'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email'])) : "";
 $user_email2 = (isset($HTTP_POST_VARS['user_email2'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email2'])) : "";
 $user_homepage = (isset($HTTP_POST_VARS['user_homepage'])) ? format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['user_homepage']))) : "";
 $user_icq = (isset($HTTP_POST_VARS['user_icq'])) ? ((intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : "") : "";
 $user_showemail = (isset($HTTP_POST_VARS['user_showemail'])) ? intval($HTTP_POST_VARS['user_showemail']) : 0;
 $user_allowemails = (isset($HTTP_POST_VARS['user_allowemails'])) ? intval($HTTP_POST_VARS['user_allowemails']) : 0;
 $user_invisible = (isset($HTTP_POST_VARS['user_invisible'])) ? intval($HTTP_POST_VARS['user_invisible']) : 0;
 $user_birthday_day = (isset($HTTP_POST_VARS['user_birthday_day'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_birthday_day'])) : "";
 $user_birthday_month = (isset($HTTP_POST_VARS['user_birthday_month'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_birthday_month'])) : "";
 $user_birthday_year = (isset($HTTP_POST_VARS['user_birthday_year'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_birthday_year'])) : "";

 $error = 0;
 if (!$user_birthday = check_birthday($user_birthday_day,$user_birthday_month,$user_birthday_year,$config['birthday_required'])) {
 $msg .= (($msg != "") ? " " : "").$lang['birthday_error'];
 $error = 1;
 }
 if ($user_info['user_email'] != $user_email && $checkuser = $site_db->query_firstrow("SELECT ".get_user_table_field("", "user_id")." FROM ".USERS_TABLE." WHERE ".get_user_table_field("", "user_email")." = '$user_email' AND ".get_user_table_field("", "user_id")." <> '".$user_info['user_id']."'")) {
 if ($checkuser[$user_table_fields['user_id']] != $user_info['user_id']) {
 $msg .= (($msg != "") ? " " : "").$lang['email_exists'];
 $error = 1;
 }
 }
 if ($user_email != $user_email2) {
 $msg .= (($msg != "") ? " " : "").$lang['update_email_confirm_error'];
 $error = 1;
 }
 if ($user_email == "" || $user_email2 == "") {
 $msg .= (($msg != "") ? " " : "").$lang['update_email_error'];
 $error = 1;
 }
 if (!check_email($user_email)) {
 $msg .= (($msg != "") ? " " : "").$lang['invalid_email_format'];
 $error = 1;
 }

 if (!empty($additional_user_fields)) {
 foreach ($additional_user_fields as $key => $val) {
 if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
 $error = 1;
 $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $val[0]), $lang['field_required']);
 $msg .= (($msg != "") ? " " : "").$field_error;
 }
 }
 }

 if (!$error && $user_email != $user_info['user_email'] && $user_info['user_level'] != ADMIN && $config['account_activation'] != 0) {
 $activationkey = get_random_key(USERS_TABLE, $user_table_fields['user_activationkey']);

 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_level")." = ".USER_AWAITING.", ".get_user_table_field("", "user_activationkey")." = '$activationkey'
 WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
 $result = $site_db->query($sql);

 if ($result) {
 $activation_url = $script_url."/register.php?action=activate&activationkey=".$activationkey;

 include(ROOT_PATH.'includes/email.php');
 $site_email = new Email();

 switch($config['account_activation']) {
 case 2:
 $user_details_url = $script_url."/admin/index.php?goto=".urlencode("users.php?action=edituser&user_id=".$user_info['user_id']."&activation=1");
 $email_to = $config['site_email'];
 $email_subject = $lang['admin_activation_emailsubject'];
 $email_template = "admin_activation";
 $new_email_msg = $lang['update_email_instruction_admin'];
 break;
 case 1:
 if ($config['language_dir_default'] != $config['language_dir']) {
 $activation_url .= "&l=".$config['language_dir'];
 }
 $user_details_url = "";
 $email_to = $user_email;
 $email_subject = $lang['update_email_emailsubject'];
 $email_template = "newemail_activation";
 $new_email_msg = $lang['update_email_instruction'];
 break;
 case 0:
 default:
 break;
 }

 if (!empty($email_to)) {
 $site_email->set_to($email_to);
 $site_email->set_subject($email_subject);
 $site_email->register_vars(array(
 "user_details_url" => $user_details_url,
 "activation_url" => $activation_url,
 "user_name" => $user_info['user_name'],
 "site_name" => $config['site_name']
 ));
 $site_email->set_body($email_template, $config['language_dir']);
 $site_email->send_email();
 }
 }
 else {
 $msg = $lang['general_error'];
 $error = 1;
 }
 }
// Upload Avatar file
 if (!$error) {
 if (!empty($HTTP_POST_FILES['avatar_file']['tmp_name']) && $HTTP_POST_FILES['avatar_file']['tmp_name'] != "none") {
 include(ROOT_PATH.'includes/upload.php');
 $site_upload = new Upload();
 $new_name = $site_upload->upload_file("avatar_file", "avatar", $config['template_dir'], $user_info['user_id']);
 if (!$new_name) {
 $msg .= (($msg != "") ? " " : "")."".$lang['file_upload_error'].": ".$new_name." ".$site_upload->get_upload_errors();
 $error = 1;
 }else{
 $HTTP_POST_VARS['user_avatar'] = "users/".$new_name;
 $avatars_dir = TEMPLATE_DIR."/".$config['template_dir']."/avatars/users/";
 $dir = opendir($avatars_dir);
 $contents = array();
 while ($contents[] = readdir($dir)){;}
 closedir($dir);
 foreach ($contents as $line){
 $filename = substr($line,0,(strlen($line)-strlen(strrchr($line,"."))));
 $extension = substr(strrchr($line,"."), 1);
 $filename2 = substr($new_name,0,(strlen($new_name)-strlen(strrchr($new_name,"."))));
 $extension2 = substr(strrchr($new_name,"."), 1);
 if ($filename == $filename2 && $extension != $extension2) {
 unlink($avatars_dir.$line);
 }
 }

 }
 }
 }
// End Avatar file

 if (!$error) {
 $additional_sql = "";
 if (!empty($additional_user_fields)) {
 $table_fields = $site_db->get_table_fields(USERS_TABLE);
 foreach ($additional_user_fields as $key => $val) {
 if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
 $additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
 }
 }
 }

// Birthday Mod
 $additional_sql .= ", ".get_user_table_field("", "birthday")." = '$user_birthday'";

 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_email")." = '$user_email', ".get_user_table_field("", "user_showemail")." = $user_showemail, ".get_user_table_field("", "user_allowemails")." = $user_allowemails, ".get_user_table_field("", "user_invisible")." = $user_invisible, ".get_user_table_field("", "user_homepage")." = '$user_homepage', ".get_user_table_field("", "user_icq")." = '$user_icq'".$additional_sql."
 WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
 $site_db->query($sql);

 $msg = $lang['update_profile_success'];
 if (!empty($new_email_msg)) {
 $msg .= " ".$new_email_msg;
 }
 $user_info = $site_sess->load_user_info($user_info['user_id']);
 }
 else {
 $update_process = 1;
 }
 $action = "editprofile";
}

if ($action == "updatepassword") {
 $txt_clickstream = $lang['control_panel'];
 if ($user_info['user_level'] == GUEST) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $error = 0;
 $current_user_password = md5(trim($HTTP_POST_VARS['current_user_password']));
 $user_password = trim($HTTP_POST_VARS['user_password']);
 $user_password2 = trim($HTTP_POST_VARS['user_password2']);
 if ($current_user_password != $user_info['user_password']) {
 $msg .= (($msg != "") ? " " : "").$lang['update_password_error'];
 $error = 1;
 }
 if ($user_password != $user_password2 || $user_password == "") {
 $msg .= (($msg != "") ? " " : "").$lang['update_password_confirm_error'];
 $error = 1;
 }
 if (!$error) {
 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_password")." = '".md5($user_password)."'
 WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
 $site_db->query($sql);

 $msg = $lang['update_password_success'];
 $user_info = $site_sess->load_user_info($user_info['user_id']);
 }
 $action = "editprofile";
}

if ($action == "editprofile") {
 $txt_clickstream = $lang['control_panel'];
 if ($user_info['user_level'] == GUEST) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $user_name = $user_info['user_name'];
 if (!$update_process) {
 $user_email = $user_info['user_email'];
 $user_email2 = $user_info['user_email'];
 $user_showemail = $user_info['user_showemail'];
 $user_allowemails = $user_info['user_allowemails'];
 $user_invisible = $user_info['user_invisible'];
 $user_homepage = $user_info['user_homepage'];
 $user_icq = $user_info['user_icq'];

$user_avatar = $user_info['user_avatar'];
 $birthday = explode("-",$user_info['birthday']);
 $user_birthday_day = $birthday[2];
 $user_birthday_month = $birthday[1];
 $user_birthday_year = $birthday[0];
 }

 $birthday_day_options = "<option value=\"\">--</option>\n";
 $birthday_month_options = "<option value=\"\">--</option>\n";

 for ($i=1;$i<=31;$i++){
 $birthday_day_options .= "<option value=\"".sprintf("%02d",$i)."\"".(($i == $user_birthday_day) ? "selected" : "").">".$i."</option>\n";

 }
 for ($i=1;$i<=12;$i++){ //getmonth($i)
 $birthday_month_options .= "<option value=\"".sprintf("%02d",$i)."\"".(($i == $user_birthday_month) ? "selected" : "").">".$lang['months'][sprintf("%02d",$i)]."</option>\n";
 }

 if ($user_showemail == 1) {
 $user_showemail_yes = " checked=\"checked\"";
 $user_showemail_no = "";
 }
 else {
 $user_showemail_yes = "";
 $user_showemail_no = " checked=\"checked\"";
 }
 if ($user_allowemails == 1) {
 $user_allowemails_yes = " checked=\"checked\"";
 $user_allowemails_no = "";
 }
 else {
 $user_allowemails_yes = "";
 $user_allowemails_no = " checked=\"checked\"";
 }
 if ($user_invisible == 1) {
 $user_invisible_yes = " checked=\"checked\"";
 $user_invisible_no = "";
 }
 else {
 $user_invisible_yes = "";
 $user_invisible_no = " checked=\"checked\"";
 }

 $edit_profile_msg = $lang['edit_profile_msg'];
 if ($config['account_activation'] == 1 && $user_info['user_level'] != ADMIN) {
 $edit_profile_msg .= $lang['edit_profile_email_msg'];
 }
 if ($config['account_activation'] == 2 && $user_info['user_level'] != ADMIN) {
 $edit_profile_msg .= $lang['edit_profile_email_msg_admin'];
 }

//-----------------------
//------ Avatar ---------
//-----------------------
 if ($config['avatar_use']){
 $images = "";
 $checked = ($user_avatar == "blank.gif" || $user_avatar == "") ? " selected" : "";
 $images .= "\n<option value=\"blank.gif\"$checked>none</option>\n";
 $dir = opendir(TEMPLATE_PATH."/avatars/users/");
 $contents = array();
 while ($contents[] = readdir($dir)){;}
 closedir($dir);
 natcasesort ($contents);
 foreach ($contents as $line){
 $filename = substr($line,0,(strlen($line)-strlen(strrchr($line,"."))));
 if ($filename == $user_info['user_id']) {
 $checked = (stristr($user_avatar, "users/")) ? " selected" : "";
 $images .= "\n<option value=\"users/$line\"$checked>".$lang['custom']."</option>\n";
 }
 }
 $dir = opendir(TEMPLATE_PATH."/avatars/");
 $contents = array();
 while ($contents[] = readdir($dir)){;}
 closedir($dir);
 natcasesort ($contents);
 $checked = "";
 foreach ($contents as $line){
 $filename = substr($line,0,(strlen($line)-strlen(strrchr($line,"."))));
 $extension = substr(strrchr($line,"."), 1);
 $checked = "";
 if ($line == $user_avatar) { $checked = " selected"; }
 if (strcasecmp($extension,"gif")==0 || strcasecmp($extension,"jpg")==0 || strcasecmp($extension,"jpeg")==0 || strcasecmp($extension,"png")==0 ){
 if ($line != "blank.gif") {
 $filename = str_replace("_", " ", $filename);
 $images .= "<option value=\"$line\"$checked>$filename</option>\n";
 }
 }
 }
 }
//----------------------
//----- End Avatar -----
//----------------------

 $site_template->register_vars(array(
 "lang_avatar" => $lang['avatar'],
 "lang_avatar_file" => $lang['avatar_file'],
 "lang_avatar_dim" => $lang['avatar_max_dim']." ".$config['avatar_width']."x".$config['avatar_height'].$lang['px'],
 "lang_avatar_select" => $lang['avatar_select'],
 "user_avatar_images" => $images,
 "user_avatar_current" => ($config['avatar_use']) ? "<img src=\"".TEMPLATE_PATH."/avatars/".(($user_avatar == "") ? "blank.gif" : $user_avatar)."\" name=\"icons\" border=\"0\" alt=\"\">" : "",
 "lang_or" => $lang['or'],
 "user_avatar_file" => $config['avatar_user_custom'],
 "user_name" => htmlspecialchars(stripslashes($user_name)),
 "user_email" => format_text(stripslashes($user_email), 2),
 "user_email2" => format_text(stripslashes($user_email2), 2),
 "user_homepage" => format_text(stripslashes($user_homepage), 2),
 "birthday_day_options" => $birthday_day_options,
 "birthday_month_options" => $birthday_month_options,
 "user_birthday_year" => $user_birthday_year,
 "lang_day" => $lang['day'],
 "lang_month" => $lang['month'],
 "lang_year" => $lang['year'],

    "user_icq" => $user_icq,
    "user_showemail_yes" => $user_showemail_yes,
    "user_showemail_no" => $user_showemail_no,
    "user_allowemails_yes" => $user_allowemails_yes,
    "user_allowemails_no" => $user_allowemails_no,
    "user_invisible_yes" => $user_invisible_yes,
    "user_invisible_no" => $user_invisible_no,
    "lang_profile_of" => $lang['profile_of'],
    "lang_email" => $lang['email'],
    "lang_email_confirm" => $lang['email_confirm'],
    "lang_show_email" => $lang['show_email'],
    "lang_allow_emails" => $lang['allow_emails'],
    "lang_invisible" => $lang['invisible'],
    "lang_optional_infos" => $lang['optional_infos'],
    "lang_homepage" => $lang['homepage'],
    "profile_hits1" => ($user_row['profile_hits']),

"lang_icq" => $lang['icq'],
    "lang_save" => $lang['save'],
    "lang_reset" => $lang['reset'],
    "lang_change_password" => $lang['change_password'],
    "lang_old_password" => $lang['old_password'],
    "lang_new_password" => $lang['new_password'],
    "lang_new_password_confirm" => $lang['new_password_confirm'],
    "lang_edit_profile_msg" => $edit_profile_msg,
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));

  if (!empty($additional_user_fields)) {
    $additional_field_array = array();
    foreach ($additional_user_fields as $key => $val) {
      if ($val[1] == "radio") {
        $value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : intval($user_info[$key]);
        if ($value == 1) {
          $additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          $additional_field_array[$key.'_no'] = "";
        }
        else {
          $additional_field_array[$key.'_yes'] = "";
          $additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }

elseif ($val[1] == "dropdown") {
 $value = (isset($HTTP_POST_VARS[$key])) ? format_text(trim($HTTP_POST_VARS[$key]), 2) : $user_info[$key];
 $additional_field_array[$key.'_dropdown'] = get_db_fields_dropdown($key, $val, $value);
 }
 else {
 $value = (isset($HTTP_POST_VARS[$key])) ? format_text(trim($HTTP_POST_VARS[$key]), 2) : $user_info[$key];
 }
 $additional_field_array[$key] = $value;
 $additional_field_array['lang_'.$key] = $val[0];
 }
 if (!empty($additional_field_array)) {
 $site_template->register_vars($additional_field_array);
 }
 }

 $content = $site_template->parse_template("member_editprofile");
 if (!empty($new_email_msg)) {
 $site_sess->logout($user_info['user_id']);
 }
}

//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------
$clickstream = "<a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'].$txt_clickstream."";

//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
 "content" => $content,
 "msg" => $msg,
 "clickstream" => $clickstream,
 "lang_control_panel" => $lang['control_panel']
));
$site_template->print_template($site_template->parse_template($main_template));
include(ROOT_PATH.'includes/page_footer.php');
?>

Besten Dank im Voraus für eure Hilfe.

Freundliche Grüße, Bommel

Jan-Lukas · « **Reply #1 on:** February 03, 2010, 04:38:28 PM »

Quote from: Bommel on January 10, 2010, 09:53:59 PM

Meine Galerie ist nur ein rein privates System, mithilfe der ich meine Familie, Verwandschaft usw. mit unseren Fotos versorge. Dann gibts hoffentlich endlich Ruhe.

Wow, ist aber eine anspruchsvolle Familie

noch 2 Triebwerke, und das Teil kann fliegen *gg*

Aber die Idee, ist nicht schlecht.

LG Harald

Rembrandt · « **Reply #2 on:** February 03, 2010, 07:57:33 PM »

Quote from: Bommel on February 03, 2010, 12:57:46 PM

...
Welche Dateien müssen bei dieser Abänderung des Benutzerkontrollzentrums noch berücksichtigt werden? ...

ja so kleine änderunge ziehen immer einen rattenschwanz hinterher, so:
suche in der lang/main.php:

$lang['edit_profile_msg'] = "Hier können Sie Ihr persönliches Profil und Ihre Passwort ändern.";

ersetze es mit:

$lang['edit_profile_msg'] = "Hier können Sie Ihr persönliches Profil ändern.";
$lang['edit_password_msg'] = "Hier können Sie Ihr persönliches Passwort ändern.";

suche in der root/member.php im abschnitt: if ($action == "updatepassword")

}
  $action = "editprofile";
}

ersetze es mit:

}
  $action = "editpassword";
}

suche:

//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------

füge darüber ein:

if ($action == "editpassword") {
  $txt_clickstream = $lang['control_panel'];
  if ($user_info['user_level'] == GUEST) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $user_name = $user_info['user_name'];
  $site_template->register_vars(array(
    "user_name" => format_text(stripslashes($user_name), 2),
    "lang_save" => $lang['save'],
    "lang_reset" => $lang['reset'],
    "lang_change_password" => $lang['change_password'],
    "lang_old_password" => $lang['old_password'],
    "lang_new_password" => $lang['new_password'],
    "lang_new_password_confirm" => $lang['new_password_confirm'],
   "lang_edit_password_msg" => $lang['edit_password_msg']
  ));
$content = $site_template->parse_template("member_editpassword");
  if (!empty($new_email_msg)) {
    $site_sess->logout($user_info['user_id']);
  }
}

erstelle eine neue html datei mit dem namen " member_editpassword.html" und speicher sie in deinem template ab:

Code: [Select]

{lang_edit_password_msg}<br />
<a href="./member.php?action=editprofile" >zurück</a>
<form method="post" action="{url_member}">
  <table width="100%" border="0" cellspacing="0" cellpadding="1">
    <tr> 
      <td valign="top" class="head1"> 
        <table width="100%" border="0" cellpadding="4" cellspacing="0">
          <tr> 
            <td colspan="2" valign="top" class="head1">{lang_change_password}</td>
          </tr>
          <tr> 
            <td class="row1"><b>{lang_old_password}</b></td>
            <td class="row1"><input type="password" name="current_user_password" size="30" class="input" /></td>
          </tr>
          <tr> 
            <td class="row2"><b>{lang_new_password}</b></td>
            <td class="row2"><input type="password" name="user_password" size="30" class="input" /></td>
          </tr>
          <tr> 
            <td class="row1"><b>{lang_new_password_confirm}</b></td>
            <td class="row1"><input type="password" name="user_password2" size="30" class="input" /></td>
          </tr>
        </table>
      </td>
    </tr>
  </table>
  <input type="hidden" name="action" value="updatepassword" />
  <p align="center"> 
    <input type="submit" value="{lang_change_password}" class="button" />
    <input type="reset" value="{lang_reset}" class="button" />
  </p>
</form>

in der templates/member_editprofile.html, füge nach:

Code: [Select]

{lang_edit_profile_msg} das ein:

Code: [Select]

<a href="./member.php?action=editpassword" >{lang_change_password}</a>
in der templates/member_editprofile.html suche:

Code: [Select]

<form method="post" action="{url_member}">
  <table width="100%" border="0" cellspacing="0" cellpadding="1">
    <tr> 
      <td valign="top" class="head1"> 
        <table width="100%" border="0" cellpadding="4" cellspacing="0">
          <tr> 
            <td colspan="2" valign="top" class="head1">{lang_change_password}</td>
          </tr>
          <tr> 
            <td class="row1"><b>{lang_old_password}</b></td>
            <td class="row1"><input type="password" name="current_user_password" size="30" class="input" /></td>
          </tr>
          <tr> 
            <td class="row2"><b>{lang_new_password}</b></td>
            <td class="row2"><input type="password" name="user_password" size="30" class="input" /></td>
          </tr>
          <tr> 
            <td class="row1"><b>{lang_new_password_confirm}</b></td>
            <td class="row1"><input type="password" name="user_password2" size="30" class="input" /></td>
          </tr>
        </table>
      </td>
    </tr>
  </table>
  <input type="hidden" name="action" value="updatepassword" />
  <p align="center"> 
    <input type="submit" value="{lang_change_password}" class="button" />
    <input type="reset" value="{lang_reset}" class="button" />
  </p>
</form>

und lösche es oder kommentiere es mittels dieser zeichen aus 

so ich hoffe ich habe nichts vergessen.

mfg Andi

Bommel · « **Reply #3 on:** February 04, 2010, 02:16:59 AM »

Hallo allerseits,

Quote from: Jan-Lukas on February 03, 2010, 04:38:28 PM

...Wow, ist aber eine anspruchsvolle Familie
...Aber die Idee, ist nicht schlecht.

Mmmh... ich glaube, dass ich eher dieser anspruchsvolle Mensch bin. Für meine Sippschaft sind eher nur die Fotos interessant. Mir ist es aber leid, immer jede Anfrage einzeln befriedigen zu müssen.

Diese Idee stammt nicht von mir. Ich habe sie auf dieser Seite von Icecream gesehen: http://icecreamtest.ic.funpic.de/gallery/index.php. Allerdings muss man dafür dort registriert sein. Icecream hat diverse Seiten dort ins Benutzerkontrollzentrum hineingelegt. Der Klick auf "Kontrollzentrum" bringt dann dieses Menü (siehe Anhang) zum Vorschein.

Genau das möchte ich ebenso machen, damit ich meine Galerie auch oben und auf der linken Seite von diversen Links befreien kann. Diese Links können ohne weiteres in das Benutzerkontrollzentrum gelegt werden.

@ Rembrandt

Vielen Dank für die Beschreibung, ich führe mir das gleich eben mal zu Gemüte und hoffe, dass ich dich nicht mit noch mehr Fragen löchern muss.

Freundliche Grüße, Bommel

Nachtrag:

So, ich habe mal deine Erklärung umgesetzt. Bei der Umsetzung bin ich auf das Problem gestoßen, dass der Code:

}
 $action = "editprofile";
}

zweimal in der member.php existiert. Also habe ich mir beide Bereiche angeschaut und mich dann entschieden, den Code in diesem Bereich abzuändern:

if ($action == "updatepassword") {
 $txt_clickstream = $lang['control_panel'];
 if ($user_info['user_level'] == GUEST) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $error = 0;
 $current_user_password = md5(trim($HTTP_POST_VARS['current_user_password']));
 $user_password = trim($HTTP_POST_VARS['user_password']);
 $user_password2 = trim($HTTP_POST_VARS['user_password2']);
 if ($current_user_password != $user_info['user_password']) {
 $msg .= (($msg != "") ? " " : "").$lang['update_password_error'];
 $error = 1;
 }
 if ($user_password != $user_password2 || $user_password == "") {
 $msg .= (($msg != "") ? " " : "").$lang['update_password_confirm_error'];
 $error = 1;
 }
 if (!$error) {
 $sql = "UPDATE ".USERS_TABLE."
 SET ".get_user_table_field("", "user_password")." = '".md5($user_password)."'
 WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
 $site_db->query($sql);

 $msg = $lang['update_password_success'];
 $user_info = $site_sess->load_user_info($user_info['user_id']);
 }
 $action = "editpassword";
}

Den Rest der Änderungen habe ich dann teilweise auf die bei mir vorliegende Situation angepasst. So z.B. die Umsetzung für Clickstream:

 $txt_clickstream = "<a href=\"".$site_sess->url(ROOT_PATH."user_cp.php")."\" class=\"clickstream\">".$lang["user_cp"]."</a>".$config['category_separator'].$lang['changepassword'];

da ja das Menü "Passwort ändern" jetzt ein Untermenü vom Kontrollzentrum ist.

Den Code:

if ($action == "editpassword") {
 $txt_clickstream = $lang['control_panel'];
 if ($user_info['user_level'] == GUEST) {
 show_error_page($lang['no_permission']);
 exit;
 }
 $user_name = $user_info['user_name'];
 $site_template->register_vars(array(
 "user_name" => format_text(stripslashes($user_name), 2),
 "lang_save" => $lang['save'],
 "lang_reset" => $lang['reset'],
 "lang_change_password" => $lang['change_password'],
 "lang_old_password" => $lang['old_password'],
 "lang_new_password" => $lang['new_password'],
 "lang_new_password_confirm" => $lang['new_password_confirm'],
 "lang_edit_password_msg" => $lang['edit_password_msg']
 ));
$content = $site_template->parse_template("member_editpassword");
 if (!empty($new_email_msg)) {
 $site_sess->logout($user_info['user_id']);
 }
}

habe ich nicht wie beschrieben über den Eintrag "Clickstream" sondern direkt im Anschluss an den oben aufgeführten Bereich angehängt.

Was die Änderungen für den Bereich "Benutzerbild ändern" anbelangt, das führe ich später durch. Hier muss ich erst einmal die vorliegende MOD "Avatar v2.01" von v@no wegen der MOD "YaSt - Yet another Statistic Tool - Statistic Mod v1.01" von Icecream gegen die MOD "Member personal photo v1.1.2 by V@no (2008-12-11)" austauschen, damit ich in dem Statistiktool auch die Benutzerbilder einblenden kann. Eine Änderung der vorliegenden MOD in der member.php und auch allgemein wegen der Anzeige der Benutzerbilder traue ich mir noch nicht zu. Damit befasse ich mich dann später.

@ Rembrandt... Vielen Dank noch einmal für die verständliche Beschreibung.

Freundliche Grüße, Bommel

Bommel · « **Reply #4 on:** February 05, 2010, 03:47:02 PM »

Quote from: Rembrandt on February 03, 2010, 07:57:33 PM

...ja so kleine änderunge ziehen immer einen rattenschwanz hinterher...

Im wahrsten Sinne dieses Wortes - ich habe jetzt alle Anpassungen durchgeführt und das war nicht gerade wenig.

Aber es funktioniert.

Das werde ich mir für die Zukunft merken.

Sunny C. · « **Reply #5 on:** February 06, 2010, 11:26:46 PM »

Eine Anleitung wie du das gemacht hast, kannst du aber auf Grund der Länge nicht so schnell online stellen oder

Bommel · « **Reply #6 on:** February 07, 2010, 04:17:19 AM »

Hallo Sumale.nin,

ich denke, das nicht die Länge dass Problem darstellt. Vielmehr ist es die Tatsache, dass ich im Grunde genommen kein Profi bin. Aber vielleicht sollte ich mal diesen Schritt wagen und es einfach machen. Immer im Vertrauen darauf, dass hier Profis ein Auge darauf haben und im Falle von Fehlern die Keule schwingen.

Habe etwas Geduld, ich bemühe mich.

Sunny C. · « **Reply #7 on:** February 26, 2010, 08:33:59 PM »

Ich freue mich schon auf die Anleitung

4images Forum & Community

News:

Author Topic: Benutzerdaten-Seite aufteilen? (Read 8484 times)

Bommel

Benutzerdaten-Seite aufteilen?

Jan-Lukas

Re: Benutzerdaten-Seite aufteilen?

Rembrandt

Re: Benutzerdaten-Seite aufteilen?

Bommel

Re: Benutzerdaten-Seite aufteilen?

Bommel

Re: Benutzerdaten-Seite aufteilen?

Sunny C.

Re: Benutzerdaten-Seite aufteilen?

Bommel

Re: Benutzerdaten-Seite aufteilen?

Sunny C.

Re: Benutzerdaten-Seite aufteilen?