Show Posts

16

Discussion & Troubleshooting / Blank page , member.php problem

« on: January 28, 2011, 02:21:40 PM »

Hi,
hope some one Help ?
my pforblem is Blank page , white and empty ,
i added this mod befor "show images in profile " and when the member had no favorite images it's ok there's no problem but when some one try to add favorite image to his profile he can see the problem in his profile so ?

this's the mod http://www.4homepages.de/forum/index.php?topic=15390.15

and that is my member.php

<?php
/**************************************************************************
*                                                                        *
*                                                                        *
*************************************************************************/
$main_template = "member";

define('GET_CACHES', 1);
define('ROOT_PATH', './');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
include(ROOT_PATH.'includes/page_header.php');

if ($action == "") {
  $action = "lostpassword";
}
$content = "";
$txt_clickstream = "";

$sendprocess = 0;

if (isset($HTTP_GET_VARS[URL_COMMENT_ID]) || isset($HTTP_POST_VARS[URL_COMMENT_ID])) {
  $comment_id = (isset($HTTP_GET_VARS[URL_COMMENT_ID])) ? intval($HTTP_GET_VARS[URL_COMMENT_ID]) : intval($HTTP_POST_VARS[URL_COMMENT_ID]);
}
else {
  $comment_id = 0;
}

if ($action == "deletecomment") {
  if (!$comment_id || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $sql = "SELECT c.comment_id, c.user_id AS comment_user_id, c.response, c.comment_response, i.image_id, i.cat_id, i.user_id, i.image_name
          FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
  $comment_row = $site_db->query_firstrow($sql);
  if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['comment_delete'];

  $sql = "UPDATE ".IMAGES_TABLE."
          SET image_comments = image_comments - 1
          WHERE image_id = ".$comment_row['image_id'];
  $site_db->query($sql);
if ($comment_row['comment_response'] != 0 && $comment_row['response'] != 0) {
    $sql = "UPDATE ".COMMENTS_TABLE."
            SET comment_response = ".$comment_row['comment_response']."
            WHERE comment_response = ".$comment_row['comment_id'];
    $site_db->query($sql);
  }
  elseif ($comment_row['response'] && $comment_row['comment_response'] == 0) {
    $sql = "UPDATE ".COMMENTS_TABLE."
            SET comment_response = 0
            WHERE comment_response = ".$comment_row['comment_id'];
    $site_db->query($sql);
  }
  elseif ($comment_row['comment_response'] && $comment_row['response'] == 0) {
    $response_id = $comment_row['comment_response'];
      while ($response_id != 0) {
        $sql = "SELECT comment_id, user_id, comment_response
                FROM ".COMMENTS_TABLE."
                WHERE comment_id = $response_id";
        $row = $site_db->query_firstrow($sql);
        $response_id = $row['comment_response'];
        $com_id = $row['comment_id'];

        $sql = "DELETE FROM ".COMMENTS_TABLE."
                WHERE comment_id = $com_id";
        $site_db->query($sql);
        update_comment_count($comment_row['image_id'], $row['user_id']);
      }
  }
  if ($comment_row['comment_user_id'] != GUEST) {
    $sql = "UPDATE ".USERS_TABLE."
            SET ".get_user_table_field("", "user_comments")." = ".get_user_table_field("", "user_comments")." - 1
            WHERE ".get_user_table_field("", "user_id")." = ".$comment_row['comment_user_id'];
    $site_db->query($sql);
  }

  $sql = "DELETE FROM ".COMMENTS_TABLE."
          WHERE comment_id = $comment_id";
  $result = $site_db->query($sql);
  $msg = ($result) ? $lang['comment_delete_success'] : $lang['comment_delete_error'];
}

/////////////////////////////////////////////////////////////////
if ($action == "showgb_read")
{
  $update_query = "UPDATE ".USERS_GB_TABLE." SET user_gb_read = NOW() WHERE user_id_gb =".$user_info['user_id']." AND users_gb_id = ".@$_GET['entry'];
  $sql = $site_db->query($update_query);
  $action = "showgb_new";
}
if ($action == "showgb_new")
{
    if ($user_info['user_level'] == GUEST) {
    show_error_page($lang['no_permission']);
    exit;
  }

  if($_GET['user_id'] == "") $id = $user_info[user_id]; else $id = $_GET['user_id'];
  if(isset($id))
  {
   $query = "SELECT user_id, realname FROM ".USERS_TABLE." WHERE user_id = ".$id."";
   $sql = $site_db->query($query);
   $ds = $site_db->fetch_object($sql);
   $realname = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$ds->user_id) . "' target=_self>". format_text(trim(stripslashes($ds->realname)), 2) ."</a>";

   $realname2 = $ds->realname;
  } else {
  $realname = $user_info['realname'];
  $realname2 = $user_info['realname'];
  }
  if(isset($id)) {$abf_id = $id;} else {$abf_id = $user_info['user_id'];}
  $user_gb_own = $lang['user_gb'].$realname2."";
  $query2 = "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_gb = ".$abf_id."";
  $erg = $site_db->query_firstrow($query2);
  if($erg == "0"){$user_gb_entry = $erg.$lang['user_gb_entry'];}
  elseif($erg == "1"){$user_gb_entry = $erg.$lang['user_gb_entrys'];}
  elseif($erg > "1"){$user_gb_entry = $erg.$lang['user_gb_entrys'];}

  $offset = @$_GET['off'];
  if(isset($offset)) {$offset = $_GET['off'];} else {$offset = "0";}
    $gb_query = "SELECT users_gb_id,user_id_gb,user_id_ein,realname_gb,user_gb_text,user_gb_date,DATE_FORMAT(user_gb_date,'%e.%c.%Y') AS user_gb_datum,DATE_FORMAT(user_gb_date,'%H:%i:%s') AS user_gb_uhr, user_id, realname, user_level
                  FROM (".USERS_GB_TABLE." i)
                  LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id_ein)
                  WHERE user_id_gb = ".$abf_id." AND user_gb_read = '0000-00-00 00:00:00'
                  ORDER BY user_gb_date DESC
                  LIMIT $offset, 10";

  $gb_sql = $site_db->query($gb_query);
  while($ds = $site_db->fetch_object($gb_sql))
    {
    if($ds->user_id_ein == $user_info[user_id] AND $ds->user_id != $ds->user_id_gb)
    {
      $user_link_del = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showgb_read&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang['read_shout']."</a>";} else {$user_link_del ="";
}
    if($abf_id == $user_info[user_id])
    {
      $user_gb_delete = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showgb_read&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang['read_shout']."</a> ".$user_link_del;
}
    else {$user_gb_delete = $user_link_del;}

    if ($ds->user_id == "")
    {
      $user = $ds->realname_gb;
      $gb_link = "";
      $gender = "";
    }
    else
    {
      $user = "<b><a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$ds->user_id_ein) . "'>". format_text(trim(stripslashes($ds->realname_gb)), 2) ."</a></b>";
}

    $text = $ds->user_gb_text;

    $gb_time = $ds->user_gb_datum.$lang['user_gb_at'].$ds->user_gb_uhr;
    $level = $ds->user_level;
    if($level == "9") {$level = $lang['level_admin'];}
    elseif($level == "2") {$level = $lang['level_user'];}
    else {$level = "";}

  $site_template->register_vars(array(
    "user" => $user,
    "gb_time" => $gb_time,
    "admin_link" => $user_gb_delete,
    "userpic" => $user_pic,
    "gender" => $gender,
    "level" => $level,
    "text" => format_text($text, $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments'])
    ));

  $gb_entrys .= $site_template->parse_template("user_gb_bit");
  }

  //Pageing
  if($offset == 0) {$vor = $lang['user_gb_prev'];}
  else
  {
    $offset2 = $offset - 10;
    $vor = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showgb_new&user_id=".(int)$abf_id."&off=".$offset2) . "'>".$lang['user_gb_prev']."</a>";
}
  $offset3 = $offset + 10;
  if($offset3 >= $erg ) { $weiter = $lang['user_gb_next'];}
  else {$weiter = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showgb_new&user_id=".(int)$abf_id."&off=".$offset3) . "'>".$lang['user_gb_next']."</a>";}
$gb_pageing = $vor." ".$weiter;

   $site_template->register_vars(array(
    "gb_entrys" => $gb_entrys,
    "user_gb_own" => $user_gb_own,
    "gb_pageing" => $gb_pageing,
    "user_gb_entry" => $user_gb_entry,
    "user_gb_entry_text" => $user_gb_entry_text
  ));

  //Pageing
  if($offset == 0) {$vor = $lang['user_gb_prev'];}
  else
  {
    $offset2 = $offset - 10;
    $vor = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showgb_new&id=".(int)$abf_id."&off=".$offset2) . "'>".$lang['user_gb_prev']."</a>";
}
  $offset3 = $offset + 10;
  if($offset3 >= $erg ) { $weiter = $lang['user_gb_next'];}
  else {$weiter = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showgb_new&id=".(int)$abf_id."&off=".$offset3) . "'>".$lang['user_gb_next']."</a>";}
$gb_pageing = $vor." ".$weiter;

   $site_template->register_vars(array(
    "gb_entrys" => $gb_entrys,
    "user_gb_own" => $user_gb_own,
    "gb_pageing" => $gb_pageing,
    "user_gb_entry" => $user_gb_entry,
    "user_gb_entry_text" => $user_gb_entry_text
  ));
  $txt_clickstream = $lang['user_gb'].$realname;
  $content = $site_template->parse_template("user_gb_showgb");

}

if ($action == "delete_entry")
{
  if(isset($_GET['aktion']))
  {
    if($_GET['aktion'] == $lang['user_gb_delete_yes'])
    {
      $query = "DELETE FROM ".USERS_GB_TABLE." WHERE users_gb_id = ".@$_GET['entry']."";
      $sql = $site_db->query($query);
      $user_gb .= "<meta http-equiv=refresh content=\"0; URL=" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$_GET['user_id']."&msg_del=yes") . "\">";
$txt_clickstream = $lang['user_gb_delete_ok'];
    }
    if($_GET['aktion'] == $lang['user_gb_delete_no'])
    {
      $user_gb .= "<meta http-equiv=refresh content=\"0; URL=" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$_GET['user_id']."&msg_del=no") . "\">";
}
  }
  else
  {
    $txt_clickstream = $lang['user_gb_delete_click'];
  }
    if ($user_info['user_level'] == GUEST)
    {
       show_error_page($lang['no_permission']);
    exit;
    }

    $site_template->register_vars(array(
    "user_gb" => $user_gb,
    "entry" => $_GET['entry'],
    "user_id" => $_GET['user_id'],
    "delete_entry" => $lang['user_gb_delete_quest'],
    "delete_entry_yes" => $lang['user_gb_delete_yes'],
    "delete_entry_no" => $lang['user_gb_delete_no']
    ));
    $content = $site_template->parse_template("user_gb_delete");
}
/////////////////////////////////////////////////////////////////

if ($action == "removecomment") {
  if (!$comment_id || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
    redirect($url);
  }

  $sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.realname AS comment_realname, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "realname")."
          FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
          WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
  $comment_row = $site_db->query_firstrow($sql);
  if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    redirect($url);
  }

  $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['comment_delete'];

  if (isset($comment_row[$user_table_fields['realname']]) && $comment_row['comment_user_id'] != GUEST) {
    $realname = $comment_row[$user_table_fields['realname']];
  }
  else {
    $realname = $comment_row['comment_realname'];
  }

  $site_template->register_vars(array(
    "comment_id" => $comment_id,
    "image_name" => format_text($comment_row['image_name']),
    "realname" => format_text($realname),
    "comment_headline" => format_text($comment_row['comment_headline'], 0, $config['wordwrap_comments'], 0, 0),
    "comment_text" => format_text($comment_row['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
    "lang_delete_comment" => $lang['comment_delete'],
    "lang_delete_comment_confirm" => $lang['comment_delete_confirm'],
    "lang_image_name" => $lang['image_name'],
    "lang_name" => $lang['name'],
    "lang_headline" => $lang['headline'],
    "lang_comment" => $lang['comment'],
    "lang_submit" => $lang['submit'],
    "lang_reset" => $lang['reset'],
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));
  $content = $site_template->parse_template("member_deletecomment");
}

if ($action == "updatecomment") {
  if (!$comment_id || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $sql = "SELECT c.comment_id, c.image_id, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "realname")."
          FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
          WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
  $comment_row = $site_db->query_firstrow($sql);
  if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['comment_edit'];

  $error = 0;

  $comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
  $comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));

  if ($comment_headline == "")  {
    $error = 1;
    $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['headline']), $lang['field_required']);
    $msg .= (($msg != "") ? "<br />" : "").$field_error;
  }
  if ($comment_text == "")  {
    $error = 1;
    $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['comment']), $lang['field_required']);
    $msg .= (($msg != "") ? "<br />" : "").$field_error;
  }

  if (!$error) {
    $sql = "UPDATE ".COMMENTS_TABLE."
            SET comment_headline = '$comment_headline', comment_text = '$comment_text'
            WHERE comment_id = $comment_id";
    $result = $site_db->query($sql);
    // start - go automaticaly back to image after "editcomment"

    $sql = "SELECT image_id
            FROM ".COMMENTS_TABLE."
            WHERE comment_id = $comment_id";
    $id_result = $site_db->query($sql);

$row = $site_db->fetch_array($id_result);

$image_id = $row['image_id'];
// end - go automaticaly back to image after "editcomment"
$msg = ($result) ? $lang['comment_edit_success'] : $lang['comment_edit_error'];
// start - go automaticaly back to image after "editcomment"

header("Refresh: 1; url=".$site_sess->url(ROOT_PATH."details.php?image_id=".$image_id, "&"));
// end - go automaticaly back to image after "editcomment"
  }
  else {
    $action = "editcomment";
    $sendprocess = 1;
  }
}

if ($action == "editcomment") {
  if (!$comment_id || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
    redirect($url);
  }

  $sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.realname AS comment_realname, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "realname")."
          FROM (".COMMENTS_TABLE." c, ".IMAGES_TABLE." i)
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
          WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
  $comment_row = $site_db->query_firstrow($sql);
  if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    header("Location: ".$site_sess->url($url, "&"));
    exit;
  }

  $txt_clickstream = get_category_path($comment_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row['image_id'])."\" class=\"clickstream\">".format_text($comment_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['comment_edit'];

  $comment_headline = (isset($HTTP_POST_VARS['comment_headline'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_headline']))) : $comment_row['comment_headline'];
  $comment_text = (isset($HTTP_POST_VARS['comment_text'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['comment_text']))) : $comment_row['comment_text'];

  if (isset($comment_row[$user_table_fields['realname']]) && $comment_row['comment_user_id'] != GUEST) {
    $realname = $comment_row[$user_table_fields['realname']];
  }
  else {
    $realname = $comment_row['comment_realname'];
  }

  $bbcode = "";
  if ($config['bb_comments'] == 1) {
    $site_template->register_vars(array(
      "lang_bbcode" => $lang['bbcode'],
      "lang_tag_prompt" => $lang['tag_prompt'],
      "lang_link_text_prompt" => $lang['link_text_prompt'],
      "lang_link_url_prompt" => $lang['link_url_prompt'],
      "lang_link_email_prompt" => $lang['link_email_prompt'],
      "lang_list_type_prompt" => $lang['list_type_prompt'],
      "lang_list_item_prompt" => $lang['list_item_prompt']
    ));
    $bbcode = $site_template->parse_template("bbcode");
  }

  $site_template->register_vars(array(
    "bbcode" => $bbcode,
    "comment_id" => $comment_id,
    "image_name" => format_text($comment_row['image_name'], 2),
    "realname" => format_text($realname, 2),
    "comment_headline" => format_text($comment_headline, 2),
    "comment_text" => format_text($comment_text, 2),
    "lang_edit_comment" => $lang['comment_edit'],
    "lang_image_name" => $lang['image_name'],
    "lang_name" => $lang['name'],
    "lang_headline" => $lang['headline'],
    "lang_comment" => $lang['comment'],
    "lang_submit" => $lang['submit'],
    "lang_reset" => $lang['reset'],
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));
  $content = $site_template->parse_template("member_editcomment");
}

if ($action == "deleteimage") {
  if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $sql = "SELECT image_id, cat_id, user_id, image_name, image_media_file, image_thumb_file
          FROM ".IMAGES_TABLE."
          WHERE image_id = $image_id";
  $image_row = $site_db->query_firstrow($sql);
  if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = $lang['image_delete'];

  $sql = "DELETE FROM ".IMAGES_TABLE."
          WHERE image_id = $image_id";
  $del_img = $site_db->query($sql);

  if (!is_remote($image_row['image_media_file']) && !is_local_file($image_row['image_media_file'])) {
    @unlink(MEDIA_PATH."/".$image_row['cat_id']."/".$image_row['image_media_file']);
  }
  if (!empty($image_row['image_thumb_file']) && !is_remote($image_row['image_thumb_file']) && !is_local_file($image_row['image_thumb_file'])) {
    @unlink(THUMB_PATH."/".$image_row['cat_id']."/".$image_row['image_thumb_file']);
  }

  include(ROOT_PATH.'includes/search_utils.php');
  remove_searchwords($image_id);

  if (!empty($user_table_fields['user_comments'])) {
    $sql = "SELECT user_id
            FROM ".COMMENTS_TABLE."
            WHERE image_id = $image_id";
    $result = $site_db->query($sql);
    $user_id_sql = "";
    while ($row = $site_db->fetch_array($result)) {
      if ($row['user_id'] != GUEST) {
        $sql = "UPDATE ".USERS_TABLE."
                SET ".get_user_table_field("", "user_comments")." = ".get_user_table_field("", "user_comments")." - 1
                WHERE ".get_user_table_field("", "user_id")." = ".$row['user_id'];
        $site_db->query($sql);
      }
    }
  }

  $sql = "DELETE FROM ".COMMENTS_TABLE."
          WHERE image_id = $image_id";
  $del_com = $site_db->query($sql);

  if ($del_img) {
    $msg = $lang['image_delete_success'];
  }
  else {
    $msg = $lang['image_delete_error'];
  }
}

if ($action == "removeimage") {
  if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN)) {
    redirect($url);
  }
  $sql = "SELECT image_id, cat_id, user_id, image_name
          FROM ".IMAGES_TABLE."
          WHERE image_id = $image_id";
  $image_row = $site_db->query_firstrow($sql);
  if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['image_delete'];

  $site_template->register_vars(array(
    "image_id" => $image_id,
    "image_name" => format_text($image_row['image_name'], 2),
    "lang_delete_image" => $lang['image_delete'],
    "lang_delete_image_confirm" => $lang['image_delete_confirm'],
    "lang_submit" => $lang['submit'],
    "lang_reset" => $lang['reset'],
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));
  $content = $site_template->parse_template("member_deleteimage");
}

if ($action == "updateimage") {
  if (!$image_id || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
  }
  $sql = "SELECT image_id, cat_id, user_id, image_name
          FROM ".IMAGES_TABLE."
          WHERE image_id = $image_id";
  $image_row = $site_db->query_firstrow($sql);
  if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['image_edit'];

  $error = 0;

  $image_name = un_htmlspecialchars(trim($HTTP_POST_VARS['image_name']));
  $image_description = un_htmlspecialchars(trim($HTTP_POST_VARS['image_description']));
  $image_keywords = un_htmlspecialchars(trim($HTTP_POST_VARS['image_keywords']));
  $image_keywords = preg_replace("/[\n\r]/is", " ", $image_keywords);
  $image_keywords = str_replace(","," ",$image_keywords);
  $image_keywords = ereg_replace("( ){2,}", " ", $image_keywords);

  if ($image_name == "")  {
    $error = 1;
    $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['image_name']), $lang['field_required']);
    $msg .= (($msg != "") ? "<br />" : "").$field_error;
  }

  if (!empty($additional_image_fields)) {
    foreach ($additional_image_fields as $key => $val) {
      if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
        $error = 1;
        $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $val[0]), $lang['field_required']);
        $msg .= (($msg != "") ? "<br />" : "").$field_error;
      }
    }
  }

  if (!$error) {
    $additional_sql = "";

    if (isset($HTTP_POST_VARS['image_allow_comments'])) {
      $additional_sql .= ", image_allow_comments = ".intval($HTTP_POST_VARS['image_allow_comments']);
    }

    if (!empty($additional_image_fields)) {
      $table_fields = $site_db->get_table_fields(IMAGES_TABLE);
      foreach ($additional_image_fields as $key => $val) {
        if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          $additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }

    $sql = "UPDATE ".IMAGES_TABLE."
            SET image_name = '$image_name', image_description = '$image_description', image_keywords = '$image_keywords'".$additional_sql."
            WHERE image_id = $image_id";
    $result = $site_db->query($sql);
    if ($result) {
      include(ROOT_PATH.'includes/search_utils.php');
      $search_words = array();
      foreach ($search_match_fields as $image_column => $match_column) {
        if (isset($HTTP_POST_VARS[$image_column])) {
          $search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
        }
      }
      remove_searchwords($image_id);
      add_searchwords($image_id, $search_words);
      $msg = $lang['image_edit_success'];

        header("Refresh: 1; url=".$site_sess->url(ROOT_PATH."details.php?image_id=".$image_id, "&")); // refresh after edit MOD
    }
    else {
      $msg = $lang['image_edit_error'];
    }
  }
  else {
    $action = "editimage";
    $sendprocess = 1;
  }
}

if ($action == "editimage") {
  if (!$image_id || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN)) {
    redirect($url);
  }

  $additional_sql = "";
  if (!empty($additional_image_fields)) {
    foreach ($additional_image_fields as $key => $val) {
      $additional_sql .= ", ".$key;
    }
  }
  $sql = "SELECT image_id, cat_id, user_id, image_name, image_description, image_keywords, image_allow_comments".$additional_sql."
          FROM ".IMAGES_TABLE."
          WHERE image_id = $image_id";
  $image_row = $site_db->query_firstrow($sql);
  if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {
    redirect($url);
  }

  $txt_clickstream = get_category_path($image_row['cat_id'], 1).$config['category_separator']."<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id)."\" class=\"clickstream\">".format_text($image_row['image_name'], 2)."</a>".$config['category_separator'];
  $txt_clickstream .= $lang['image_edit'];

  $image_name = (isset($HTTP_POST_VARS['image_name'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_name']))) : $image_row['image_name'];
  $image_description = (isset($HTTP_POST_VARS['image_description'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_description']))) : $image_row['image_description'];
  $image_keywords = (isset($HTTP_POST_VARS['image_keywords'])) ? un_htmlspecialchars(stripslashes(trim($HTTP_POST_VARS['image_keywords']))) : $image_row['image_keywords'];
  $image_allow_comments = (isset($HTTP_POST_VARS['image_allow_comments'])) ? intval($HTTP_POST_VARS['image_allow_comments']) : $image_row['image_allow_comments'];

  $site_template->register_vars(array(
    "image_id" => $image_id,
    "image_name" => format_text($image_name, 2),
    "image_description" => format_text($image_description, 2),
    "image_keywords" => format_text($image_keywords, 2),
    "image_allow_comments_yes" => ($image_allow_comments) ? " checked=\"checked\"" : "",
    "image_allow_comments_no" => (!$image_allow_comments) ? " checked=\"checked\"" : "",
    "lang_edit_image" => $lang['image_edit'],
    "lang_image_name" => $lang['image_name'],
    "lang_description" => $lang['description'],
    "lang_keywords" => $lang['keywords_ext'],
    "lang_allow_comments" => isset($lang['allow_comments']) ? $lang['allow_comments'] : "",
    "lang_submit" => $lang['submit'],
    "lang_reset" => $lang['reset'],
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));

  if (!empty($additional_image_fields)) {
    $additional_field_array = array();
    foreach ($additional_image_fields as $key => $val) {
      if ($val[1] == "radio") {
        $value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : $image_row[$key];
        if ($value == 1) {
          $additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          $additional_field_array[$key.'_no'] = "";
        }
        else {
          $additional_field_array[$key.'_yes'] = "";
          $additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }
      else {
        $value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : $image_row[$key];
      }
      $additional_field_array[$key] = $value;
      $additional_field_array['lang_'.$key] = $val[0];
    }
    if (!empty($additional_field_array)) {
      $site_template->register_vars($additional_field_array);
    }
  }
  $content = $site_template->parse_template("member_editimage");
}

if ($action == "uploadimage") {
  if ($cat_id != 0 && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload", $cat_id))) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = "";
  if ($cat_id && isset($cat_cache[$cat_id])) {
    $txt_clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
  }
  $txt_clickstream .= $lang['user_upload'];

  $remote_media_file = format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['remote_media_file'])));
  $remote_thumb_file = format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['remote_thumb_file'])));

  $image_name = un_htmlspecialchars(trim($HTTP_POST_VARS['image_name']));
  $image_description = un_htmlspecialchars(trim($HTTP_POST_VARS['image_description']));
  $image_keywords = un_htmlspecialchars(trim($HTTP_POST_VARS['image_keywords']));
  $image_keywords = preg_replace("/[\n\r]/is", " ", $image_keywords);
  $image_keywords = str_replace(","," ",$image_keywords);
  $image_keywords = ereg_replace("( ){2,}", " ", $image_keywords);

  $image_active = (isset($HTTP_POST_VARS['image_active']) && $HTTP_POST_VARS['image_active'] == 0) ? 0 : 1;
  $image_allow_comments = (isset($HTTP_POST_VARS['image_allow_comments']) && $HTTP_POST_VARS['image_allow_comments'] == 0) ? 0 : 1;
  $image_download_url = (isset($HTTP_POST_VARS['image_download_url'])) ? format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['image_download_url']))) : "";

  $captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";

  $direct_upload = (check_permission("auth_directupload", $cat_id)) ? 1 : 0;
  $upload_cat = ($direct_upload) ? $cat_id : 0;

  $error = 0;
  $uploaderror = 0;

  if ($cat_id == 0)  {
    $error = 1;
    $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['category']), $lang['field_required']);
    $msg .= (($msg != "") ? "<br />" : "").$field_error;
  }
  if ((empty($HTTP_POST_FILES['media_file']['tmp_name']) || $HTTP_POST_FILES['media_file']['tmp_name'] == "none") && ($remote_media_file == "" || !check_remote_media($remote_media_file))) {
    $error = 1;
    $msg .= (($msg != "") ? "<br />" : "").$lang['image_file_required'];
  }
  if ($image_name == "")  {
    $error = 1;
    $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $lang['image_name']), $lang['field_required']);
    $msg .= (($msg != "") ? "<br />" : "").$field_error;
  }

  if ($captcha_enable_upload && !captcha_validate($captcha)) {
    $msg .= (($msg != "") ? "<br />" : "").$lang['captcha_required'];
    $error = 1;
  }

  if (!empty($additional_image_fields)) {
    foreach ($additional_image_fields as $key => $val) {
      if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
        $error = 1;
        $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $val[0]), $lang['field_required']);
        $msg .= (($msg != "") ? "<br />" : "").$field_error;
      }
    }
  }

  if (!$error) {
    // Start Upload
    include(ROOT_PATH.'includes/upload.php');
    $site_upload = new Upload();

    // Upload Media file
    if (!empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none") {
      $new_name = $site_upload->upload_file("media_file", "media", $upload_cat);
      if (!$new_name) {
        $msg .= (($msg != "") ? "<br />" : "")."<b>".$lang['file_upload_error'].": ".$new_name."</b><br />".$site_upload->get_upload_errors();
        $uploaderror = 1;
      }
    }
    else {
      $new_name = $remote_media_file;
    }

    // Uplad thumb file
    $new_thumb_name = "";
    if (!empty($HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$uploaderror) {
      $new_thumb_name = $site_upload->upload_file("thumb_file", "thumb", $upload_cat, get_basefile($new_name));
      if (!$new_thumb_name) {
        $msg .= (($msg != "") ? "<br />" : "")."<b>".$lang['thumb_upload_error'].": ".$new_thumb_name."</b><br />".$site_upload->get_upload_errors();
        @unlink(MEDIA_TEMP_PATH."/".$new_name);
        $uploaderror = 1;
      }
    }
    elseif (check_remote_thumb($remote_thumb_file)) {
      $new_thumb_name = $remote_thumb_file;
    }
    elseif ($config['auto_thumbnail'] == 1 && !empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none" && !$uploaderror) {
      if ($direct_upload) {
        $src = MEDIA_PATH."/".$cat_id."/".$new_name;
        $dest = THUMB_PATH."/".$cat_id."/".$new_name;
      }
      else {
        $src = MEDIA_TEMP_PATH."/".$new_name;
        $dest = THUMB_TEMP_PATH."/".$new_name;
      }
      $do_create = 0;
      if ($image_info = @getimagesize($src)) {
        if ($image_info[2] == 1 || $image_info[2] == 2 || $image_info[2] == 3) {
          $do_create = 1;
        }
      }
      if ($do_create) {
        require(ROOT_PATH.'includes/image_utils.php');
        $convert_options = init_convert_options();
        if (!$convert_options['convert_error']) {
          $dimension = (intval($config['auto_thumbnail_dimension'])) ? intval($config['auto_thumbnail_dimension']) : 100;
          $resize_type = (intval($config['auto_thumbnail_resize_type'])) ? intval($config['auto_thumbnail_resize_type']) : 1;
          $quality = (intval($config['auto_thumbnail_quality']) && intval($config['auto_thumbnail_quality']) <= 100) ? intval($config['auto_thumbnail_quality']) : 100;

          if (create_thumbnail($src, $dest, $quality, $dimension, $resize_type)) {
            $new_thumb_name = $new_name;
          }
        }
      }
    }

//-------------------------------------------------------------------------------------------
// --- Annotate Images ----------------------------------------------------------------------
//-------------------------------------------------------------------------------------------

if ($config['annotation_use'] && strtolower(get_file_extension($new_name) == jpg)) {
require(ROOT_PATH.'includes/annotate.php');
$ann_realname = ($user_info['realname']);
  if ($direct_upload) { $ann_src = MEDIA_PATH."/".$cat_id."/".$new_name; }
  else { $ann_src = MEDIA_TEMP_PATH."/".$new_name; }
  annotate_image($ann_src);
}

//

//--------------------------------------------
//--------- Auto Image Resizing --------------
//--------------------------------------------
    if ($config['auto_image'] && !$uploaderror)
    {
      if ($direct_upload)
      {
        $src = MEDIA_PATH."/".$cat_id."/".$new_name;
      }
      else
      {
        $src = MEDIA_TEMP_PATH."/".$new_name;
      }
      $do_resize = 0;
      if ($image_info = @getimagesize($src))
      {
        if ($image_info[2] > 0 && $image_info[2] < 4 && $image_info[0] > $config['max_image_width'] || $image_info[1] > $config['max_image_height'])
        {
          if (!function_exists("init_convert_options"))
          {
            require(ROOT_PATH.'includes/image_utils.php');
          }
          $convert_options = init_convert_options();
          if (!$convert_options['convert_error'])
          {
            $quality = intval($config['auto_image_quality']);
            $quality = ($quality >= 0 && $quality <= 100) ? $quality : 85;
            if (!resize_image($src, $quality, $config['max_image_width'], 1, $config['max_image_height']))
            {
              $msg .= (($msg != "") ? "<br />" : "")."<b>".$lang['file_upload_error'].": ".$new_name;
              $uploaderror = 1;
            }
          }
        }
      }
    }
//--- End Auto Image Resizing ----------------

    if (!$uploaderror) {
      $additional_field_sql = "";
      $additional_value_sql = "";
      if (!empty($additional_image_fields)) {
        $table = ($direct_upload) ? IMAGES_TABLE : IMAGES_TEMP_TABLE;
        $table_fields = $site_db->get_table_fields($table);
        foreach ($additional_image_fields as $key => $val) {
          if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
            $additional_field_sql .= ", $key";
            $additional_value_sql .= ", '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
          }
        }
      }

      $current_time = time();
      if ($direct_upload) {
        $sql = "INSERT INTO ".IMAGES_TABLE."
                (cat_id, user_id, image_name, image_description, image_keywords, image_date, image_active, image_media_file, image_thumb_file, image_download_url, image_allow_comments".$additional_field_sql.")
                VALUES
                ($cat_id, ".$user_info['user_id'].", '$image_name', '$image_description', '$image_keywords', $current_time, $image_active, '$new_name', '$new_thumb_name', '$image_download_url', $image_allow_comments".$additional_value_sql.")";
        $result = $site_db->query($sql);
        $image_id = $site_db->get_insert_id();
        if ($result) {
          include(ROOT_PATH.'includes/search_utils.php');
          $search_words = array();
          foreach ($search_match_fields as $image_column => $match_column) {
            if (isset($HTTP_POST_VARS[$image_column])) {
              $search_words[$image_column] = stripslashes($HTTP_POST_VARS[$image_column]);
            }
          }
          add_searchwords($image_id, $search_words);
        }
      }
      else {
        $sql = "INSERT INTO ".IMAGES_TEMP_TABLE."
                (cat_id, user_id, image_name, image_description, image_keywords, image_date, image_media_file, image_thumb_file, image_download_url".$additional_field_sql.")
                VALUES
                ($cat_id, ".$user_info['user_id'].", '$image_name', '$image_description', '$image_keywords', $current_time, '$new_name', '$new_thumb_name', '$image_download_url'".$additional_value_sql.")";
        $result = $site_db->query($sql);
      }

      if ($config['upload_notify'] == 1 && !$direct_upload) {
        include(ROOT_PATH.'includes/email.php');
        $site_email = new Email();

        $config['upload_emails'] = str_replace(" ", "", $config['upload_emails']);
        $emails = explode(",", $config['upload_emails']);

        $validation_url = $script_url."/admin/index.php?goto=".urlencode("validateimages.php?action=validateimages");

        $site_email->set_to($config['site_email']);
        $site_email->set_subject($lang['new_upload_emailsubject']);
        $site_email->register_vars(array(
          "image_name" => stripslashes($image_name),
          "file_name" => $new_name,
          "cat_name" => $cat_cache[$cat_id]['cat_name'],
          "validation_url" => $validation_url,
          "site_name" => $config['site_name']
        ));
        $site_email->set_body("upload_notify", $config['language_dir_default']);
        $site_email->set_bcc($emails);
        $site_email->send_email();
      }

      $msg .= $lang['image_add_success'].": <b>".format_text(stripslashes($image_name))."</b> (".$new_name.")";
      $msg .= (!$direct_upload) ? "<br />".$lang['new_upload_validate_desc'] : "";

      $file_extension = get_file_extension($new_name);
      $file = (is_remote($new_name)) ? $new_name : (($direct_upload) ? MEDIA_PATH."/".$cat_id."/".$new_name : MEDIA_TEMP_PATH."/".$new_name);
      $width_height = "";
      if (!is_remote($file) && $imageinfo = @getimagesize($file)) {
        $width_height = " ".$imageinfo[3];
      }
      $media_icon = "<img src=\"".ICON_PATH."/".$file_extension.".gif\" border=\"0\" alt=\"\" />";
      $site_template->register_vars(array(
        "media_src" => $file,
        "media_icon" => $media_icon,
        "image_name" => format_text(stripslashes($image_name)),
        "width_height" => $width_height
      ));
      $media = $site_template->parse_template("media/".$file_extension);
      $content .= "<table border=\"0\" align=\"center\">\n<tr>\n<td>\n".$media."\n</td>\n</tr>\n</table>\n";
    }
    else {
      $action = "uploadform";
      $sendprocess = 1;
    }
  }
  else {
    $action = "uploadform";
    $sendprocess = 1;
  }
}

if ($action == "uploadform") {
  if ($cat_id != 0 && (!isset($cat_cache[$cat_id]) || !check_permission("auth_upload", $cat_id))) {
    show_error_page($lang['no_permission']);
    exit;
  }

  $txt_clickstream = "";
  if ($cat_id && isset($cat_cache[$cat_id])) {
    $txt_clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
  }
  $txt_clickstream .= $lang['user_upload'];

  if (!$sendprocess) {
    $remote_media_file = "";
    $remote_thumb_file = "";
    $image_name = "";
    $image_description = "";
    $image_keywords = "";
    $image_download_url = "";
    $image_allow_comments = 1;
  }

  $site_template->register_vars(array(
    "cat_id" => $cat_id,
    "cat_name" => ($cat_id != 0) ? format_text($cat_cache[$cat_id]['cat_name'], 2) : get_category_dropdown($cat_id),
    "remote_media_file" => format_text(stripslashes($remote_media_file), 2),
    "remote_thumb_file" => format_text(stripslashes($remote_thumb_file), 2),
    "image_name" => format_text(stripslashes($image_name), 2),
    "image_description" => format_text(stripslashes($image_description), 2),
    "image_keywords" => format_text(stripslashes($image_keywords), 2),
    "image_allow_comments_yes" => ($image_allow_comments) ? " checked=\"checked\"" : "",
    "image_allow_comments_no" => (!$image_allow_comments) ? " checked=\"checked\"" : "",
    "image_download_url" => format_text(stripslashes($image_download_url), 2),
    "lang_category" => $lang['category'],
    "lang_user_upload" => $lang['user_upload'],
    "lang_media_file" => $lang['media_file'],
    "lang_thumb_file" => $lang['thumb_file'],
    "lang_allowed_file_types" => $lang['allowed_mediatypes_desc'],
    "allowed_media_types" => str_replace(",",", ",$config['allowed_mediatypes']),
    "allowed_thumb_types" => "jpg, gif, png",
    "lang_max_filesize" => $lang['max_filesize'],
    "lang_max_imagewidth" => $lang['max_imagewidth'],
    "lang_max_imageheight" => $lang['max_imageheight'],
    "max_thumb_filsize" => $config['max_thumb_size']." ".$lang['kb'],
    "max_thumb_imagewidth" => $config['max_thumb_width']." ".$lang['px'],
    "max_thumb_imageheight" => $config['max_thumb_height']." ".$lang['px'],
    "max_media_filsize" => $config['max_media_size']." ".$lang['kb'],
    "max_media_imagewidth" => $config['max_image_width']." ".$lang['px'],
    "max_media_imageheight" => $config['max_image_height']." ".$lang['px'],
    "lang_image_name" => $lang['image_name'],
    "lang_description" => $lang['description'],
    "lang_keywords" => $lang['keywords_ext'],
    "lang_allow_comments" => isset($lang['allow_comments']) ? $lang['allow_comments'] : "",
    "lang_submit" => $lang['submit'],
    "lang_reset" => $lang['reset'],
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no'],
    "lang_captcha" => $lang['captcha'],
    "lang_captcha_desc" => $lang['captcha_desc'],
    "captcha_upload" => (bool)$captcha_enable_upload
  ));

  if (!empty($additional_image_fields)) {
    $additional_field_array = array();
    foreach ($additional_image_fields as $key => $val) {
      if ($val[1] == "radio") {
        $value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : 1;
        if ($value == 1) {
          $additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          $additional_field_array[$key.'_no'] = "";
        }
        else {
          $additional_field_array[$key.'_yes'] = "";
          $additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }
      else {
        $value = (isset($HTTP_POST_VARS[$key])) ? format_text(stripslashes(trim($HTTP_POST_VARS[$key]))) : "";
      }
      $additional_field_array[$key] = $value;
      $additional_field_array['lang_'.$key] = $val[0];
    }
    if (!empty($additional_field_array)) {
      $site_template->register_vars($additional_field_array);
    }
  }
  $content = $site_template->parse_template("member_uploadform");
}

if ($action == "emailuser") {
  $txt_clickstream = $lang['profile'];
  $user_id = (isset($HTTP_POST_VARS[URL_USER_ID])) ? intval($HTTP_POST_VARS[URL_USER_ID]) : GUEST;
  $error = 0;

  if ($user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $subject = stripslashes(trim($HTTP_POST_VARS['subject']));
  $message = stripslashes(trim($HTTP_POST_VARS['message']));

  if ($subject == "" || $message == "") {
    $msg = $lang['lostfield_error'];
    $sendprocess = 1;
    $error = 1;
  }

  if (!$error) {
    if ($user_row = get_user_info($user_id)) {

    if (function_exists('member_viewprofile_check_user')) {
    member_viewprofile_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level']);
}



      if (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 0) {
        $content = $lang['invalid_user_id'];
      }
      else {
        $sender_realname = ($user_info['user_level'] != GUEST) ? (isset($user_info['realname']) ? $user_info['realname'] : $lang['userlevel_user']) : $lang['userlevel_guest'];
        $sender_user_email = ($user_info['user_level'] != GUEST && isset($user_info['user_email'])) ? $user_info['user_email'] : $config['site_email'];

        // Start Emailer
        include(ROOT_PATH.'includes/email.php');
        $site_email = new Email();
        $site_email->set_from($sender_user_email, $sender_user_name);
        $site_email->set_to($user_row['user_email']);
        $site_email->set_subject($subject);
        $site_email->register_vars(array(
          "sender_user_name" => $sender_user_name,
          "sender_user_email" => $sender_user_email,
          "message" => $message,
          "site_name" => $config['site_name']
        ));
        $site_email->set_body("mailform_message", $config['language_dir']);
        $site_email->send_email();
        $msg = $lang['emailuser_success'];
      }
    }
    else {
      $content = $lang['invalid_user_id'];
    }
  }
  else {
    $action = "mailform";
  }
}

if ($action == "mailform") {
  $txt_clickstream = $lang['profile'];
  if (isset($HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
    $user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
    if (!$user_id) {
      $user_id = GUEST;
    }
  }
  else {
    $user_id = GUEST;
  }

  if ($user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
    show_error_page($lang['no_permission']);
    exit;
  }

  if (!$sendprocess) {
    $subject = "";
    $message = "";
  }

  if ($user_row = get_user_info($user_id)) {
    if (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 0) {
      $content = $lang['invalid_user_id'];
    }
    else {
      $site_template->register_vars(array(
        "user_id" => $user_row['user_id'],
        "user_name" => format_text($user_row['user_name'], 2),
        "subject" => format_text($subject, 2),
        "message" => format_text($message, 2),
        "lang_send_email_to" => $lang['send_email_to'],
        "lang_subject" => $lang['subject'],
        "lang_message" => $lang['message'],
        "lang_submit" => $lang['submit'],
        "lang_reset" => $lang['reset']
      ));
      $content = $site_template->parse_template("member_mailform");
    }
  }
  else {
    $content = $lang['invalid_user_id'];
  }
}
//-----------------------------------------------------
//--- Rate user ---------------------------------------
//-----------------------------------------------------
if ($action == "rate_user") {

    if (isset($HTTP_POST_VARS[URL_USER_ID])) {
        $user_id = (isset($HTTP_POST_VARS[URL_USER_ID])) ? intval(trim($HTTP_POST_VARS[URL_USER_ID])) : 0;
        $user_id = preg_replace("/[^0-9]+/i", "", $user_id);
    } else {
        $user_id = 0;
    }

    if (isset($HTTP_POST_VARS['rate_user'])) {
        $rate_user = (isset($HTTP_POST_VARS['rate_user'])) ? intval(trim($HTTP_POST_VARS['rate_user'])) : 0;
        $rate_user = preg_replace("/[^0-9]+/i", "", $rate_user);
    } else {
        $rate_user = 0;
    }

    if (empty($user_id) || empty($rate_user)) {
        redirect($url);
    }

    if (isset($user_id) && !empty($user_id) && $rate_user == "---") {
        redirect("member.php?action=showprofile&" . URL_USER_ID . "=" . $user_id);
    }

    if (isset($user_id) && !empty($user_id) && isset($rate_user) && !empty($rate_user)) {
        if (function_exists('member_rating_insert_rates')) {
            member_rating_insert_rates($user_info['user_id'], $user_id, $user_info['user_level'], $rate_user);
            redirect("member.php?action=showprofile&" . URL_USER_ID . "=" . $user_id);
        }
    } elseif (isset($user_id) && !empty($user_id)) {
        redirect("member.php?action=showprofile&" . URL_USER_ID . "=" . $user_id);

    } else {
        redirect($url);
    }
}

//-----------------------------------------------------
//--- Show Profile ------------------------------------
//-----------------------------------------------------
if ($action == "showprofile") {
  $txt_clickstream = $lang['profile'];
  if (isset($HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
    $user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
    if (!$user_id) {
      $user_id = GUEST;
    }
  }
  else {
    $user_id = GUEST;
  }

//----------------------------------------------------------------------------------
//--- COMENZAR Favoritas en perfil por CCSAKUWEB http://www.myart.es ---------------
//----------------------------------------------------------------------------------
$imgtable_width = ceil(intval($config['image_table_width']) / $config['image_cells']);
if ((substr($config['image_table_width'], -1)) == "%") {
  $imgtable_width .= "%";
}
  $additional_sql = "";
  if (!empty($additional_image_fields)) {
    foreach ($additional_image_fields as $key => $val) {
      $additional_sql .= ", i.".$key;
    }
  }
  if ($user_row = get_user_info($user_id)) {

$sql = "SELECT *
        FROM ".LIGHTBOXES_TABLE."
        WHERE user_id = $user_id";
    $user_favoritos_info = $site_db->query_firstrow($sql);
    $num_rows_all = 0;
    if (!empty($user_favoritos_info['lightbox_image_ids'])) {
    $image_id_sql = str_replace(" ", ",", trim($user_favoritos_info['lightbox_image_ids']));
    $sql = "SELECT COUNT(image_id) AS images
         FROM ".IMAGES_TABLE."
         WHERE image_active = 1 AND image_id IN ($image_id_sql)";
    $result = $site_db->query_firstrow($sql);
    $num_images = $result['images'];

$site_db->free_result();

$num_rows_all = (isset($num_images)) ? $num_images : 0;
$user_total_favorites = $num_rows_all;

$site_template->register_vars("user_total_favorites", $user_total_favorites);

unset($user_total_favorites);

$user_favorites = 3; // Indicar cuantas imagenes favoritas quiere mostrar

$link_arg = $site_sess->url(ROOT_PATH."member.php?action=showprofile&user_id=$user_id");
include(ROOT_PATH.'includes/paging.php');
$getpaging_favorites = new Paging($page, $user_favorites, $num_rows_all, $link_arg);
$offset = $getpaging_favorites->get_offset();
$site_template->register_vars(array(
"paging_favorites" => $getpaging_favorites->get_paging(),
"paging_favorites_stats" => $getpaging_favorites->get_paging_stats()
));

  $sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.", "user_name")."
          FROM (".IMAGES_TABLE." i,  ".CATEGORIES_TABLE." c)
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id)
          WHERE image_active = 1 AND image_id IN ($image_id_sql) AND c.cat_id = i.cat_id AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat", "NOTIN").")
        ORDER BY i.image_date DESC
        LIMIT $offset, $user_favorites";
  $result = $site_db->query($sql);
  $num_rows = $site_db->get_numrows($result);

  $lightbox_lastaction = format_date($config['date_format']." ".$config['time_format'], $user_info['lightbox_lastaction']);
if (empty($user_info['lightbox_lastaction'])) {
  $lightbox_lastaction = "n/a";
}
$site_template->register_vars("lightbox_lastaction", $lightbox_lastaction);
unset($lightbox_lastaction);
}else{

$num_rows = 0;
}

if (!$num_rows)  {
  $user_profile_favorites = "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\"><tr class=\"responses\"><td>";
  $user_profile_favorites .= $lang['lightbox_no_images'];
  $user_profile_favorites .= "</td></tr></table>";
}
else  {
  $user_profile_favorites = "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\">";
  $count = 0;
  $bgcounter = 0;
  while ($image_row = $site_db->fetch_array($result)){
    if ($count == 0) {
      $row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;
      $user_profile_favorites .= "".$row_bg_number."\">\n";
    }
    $user_profile_favorites .= "<td width=\"".$imgtable_width."\" valign=\"top\">\n";

    show_image($image_row, "lightbox");
    $user_profile_favorites .= $site_template->parse_template("thumbnail_bit");
    $user_profile_favorites .= "\n</td>\n";
    $count++;
    if ($count == $config['image_cells']) {
      $user_profile_favorites .= "</tr>\n";
      $count = 0;
    }
  } // fin while

  if ($count > 0)  {
    $leftover = ($config['image_cells'] - $count);
    if ($leftover >= 1) {
      for ($f = 0; $f < $leftover; $f++) {
        $user_profile_favorites .= "<td width=\"".$imgtable_width."\">\n \n</td>\n";
      }
      $user_profile_favorites .= "</tr>\n";
    }
  }
  $user_profile_favorites .= "</table>\n";
} // fin else
$site_template->register_vars("user_profile_favorites", $user_profile_favorites);

unset($user_profile_favorites);

}
//----------------------------------------------------------------------------------
//--- FINALIZAR Favoritas en perfil por CCSAKUWEB http://www.myart.es --------------
//----------------------------------------------------------------------------------

// MOD: User page permission.
if (function_exists('get_page_permission') && !get_page_permission($user_info['user_id'], $user_info['user_level'], $self_url, $action)) {
    show_error_page($lang['no_permission']);
}
// End of MOD: User page permission.

  if ($user_row = get_user_info($user_id)) {
    $user_homepage = (isset($user_row['user_homepage'])) ? format_text(format_url($user_row['user_homepage']), 2) : REPLACE_EMPTY;

    if (!empty($user_homepage) && $user_homepage != REPLACE_EMPTY) {
      $user_homepage_button = "<a href=\"".$user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$user_homepage."\" /></a>";
    }
    else {
      $user_homepage_button = REPLACE_EMPTY;
    }

    if($user_info['user_id'] <> GUEST)
    {
    if($user_info[user_id] <>  $user_row['user_id'])
    {
     $query = "SELECT COUNT(*) FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' AND user_on_id = '".$user_info[user_id]."' ";
     $sql = mysql_query($query);
     $on = mysql_result($sql,0);
     if($on == "0")
     {
       $time = time();
       $query = "INSERT INTO ".LASTUSER_TABLE." (userprofil_id, user_on_id, last_date) VALUES ('".$user_row['user_id']."', '".$user_info[user_id]."', '".$time."') ";
       $sql = mysql_query($query);
     }
     if($on == "1")
     {
       $new_time = time();
       $query = "UPDATE ".LASTUSER_TABLE." SET last_date = '".$new_time."' WHERE userprofil_id = '".$user_row['user_id']."' AND user_on_id = '".$user_info[user_id]."' ";
       $sql = mysql_query($query);
     }
    }
    $limit = 5;  // last visitors IF YOU WANT SHOW MORE THEN 5 CHANGE IT ;)
    $query = "SELECT lastuser_id, userprofil_id, user_on_id, last_date, u.user_id, user_name FROM (".LASTUSER_TABLE." i)
              LEFT JOIN ".USERS_TABLE." u ON (u.user_id) = i.user_on_id
              WHERE userprofil_id = ".$user_row['user_id']." ORDER BY i.last_date DESC LIMIT 0 , ".$limit."";
    $sql = mysql_query($query);

    while($ds = mysql_fetch_object($sql))
    {
      $on_time = date("d.m.Y H:i", $ds->last_date);
      $last_user .= "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$ds->user_id) . "'>". format_text(trim(stripslashes($ds->user_name)), 2)."</a> <small>(".$on_time.")</small> | ";
}

    $query = "SELECT COUNT(*) FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' ";
    $sql = mysql_query($query);
    $on = mysql_result($sql,0);

    if($on > $limit)
    {
      $query = "SELECT * FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' ORDER BY last_date DESC LIMIT ".$limit.", ".$limit." ";
      $sql = mysql_query($query);
      $ds = mysql_fetch_object($sql);

      $query = "DELETE FROM ".LASTUSER_TABLE." WHERE userprofil_id = '".$user_row['user_id']."' AND last_date <= ".$ds->last_date." ";
      $sql = mysql_query($query);
    }
    }
//-----------------------------------------------------
//--- real name -------------------------------------
//-----------------------------------------------------
    $realname = (isset($user_row['realname'])) ? format_text(format_url($user_row['realname']), 2) : REPLACE_EMPTY;
    if (!empty($realname) && $realname != REPLACE_EMPTY) {
      $realname_button = "<a href=\"".$realname."\" target=\"_blank\"><img src=\"".get_gallery_image("aim.gif")."\" border=\"0\" alt=\"".$realname."\" /></a>";
    }
    else {
      $realname_button = REPLACE_EMPTY;
    }
//-------- end real name---------------------------------------------

    $user_icq = (isset($user_row['user_icq'])) ? $user_row['user_icq'] : REPLACE_EMPTY;
    if (!empty($user_icq) && $user_icq != REPLACE_EMPTY) {
      $user_icq_button = "<a href=\"http://www.icq.com/people/about_me.php?uin=".$user_icq."\" target=\"_blank\"><img src=\"http://status.icq.com/online.gif?icq=".$user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$user_icq."\" /></a>";
    }
    else {
      $user_icq_button = REPLACE_EMPTY;
    }











    /////////////////////////////////////////////////////
  $msg_del = $_GET['msg_del'];
  if($msg_del == "yes") $msg = $lang['user_gb_delete_ok'];
  elseif($msg_del == "no") $msg = $lang['user_gb_delete_not'];
  elseif($msg_del == "") $msg = "";

  if($_GET['user_id'] == "") $id = $user_info[user_id]; else $id = $_GET['user_id'];
  if(isset($id))
  {
   $query = "SELECT user_id, user_name FROM ".USERS_TABLE." WHERE user_id = ".$id."";
   $sql = $site_db->query($query);
   $ds = $site_db->fetch_object($sql);
   $user_name = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$ds->user_id) ."' target=_self>". format_text(trim(stripslashes($ds->user_name)), 2) ."</a>";
$user_name2 = $ds->user_name;
  } else {
  $user_name = $user_info['user_name'];
  $user_name2 = $user_info['user_name'];
  }
  if(isset($id)) {$abf_id = $id;} else {$abf_id = $user_info['user_id'];}
  $user_gb_own = $lang['user_gb'].$user_name2."";
  $query2 = "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_gb = ".$abf_id."";
  $erg = $site_db->query_firstrow($query2);
  if($erg == "0"){$user_gb_entry = $erg.$lang['user_gb_entry'];}
  elseif($erg == "1"){$user_gb_entry = $erg.$lang['user_gb_entrys'];}
  elseif($erg > "1"){$user_gb_entry = $erg.$lang['user_gb_entrys'];}

  $offset = @$_GET['off'];
  if(isset($offset)) {$offset = $_GET['off'];} else {$offset = "0";}
    $gb_query = "SELECT users_gb_id,user_id_gb,user_id_ein,user_name_gb,user_gb_text,user_gb_date,DATE_FORMAT(user_gb_date,'%e.%c.%Y') AS user_gb_datum,DATE_FORMAT(user_gb_date,'%H:%i:%s') AS user_gb_uhr, user_id, user_name, user_level, userpic
                  FROM (".USERS_GB_TABLE." i)
                  LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id_ein)
                  WHERE user_id_gb = ".$abf_id."
                  ORDER BY user_gb_date DESC
                  LIMIT $offset, 10";

  $gb_sql = $site_db->query($gb_query);

  while($ds = $site_db->fetch_object($gb_sql))
    {

    if($ds->user_id_ein == $user_info[user_id] AND $ds->user_id != $ds->user_id_gb)
    {
      $user_link_del = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=delete_entry&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang['delete']."</a>";} else {$user_link_del ="";
}
    if($abf_id == $user_info[user_id])
    {
      $user_gb_delete = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=delete_entry&entry=".$ds->users_gb_id."&user_id=".(int)$ds->user_id_gb) . "'>".$lang[delete]."</a> ".$user_link_del;
}
    else {$user_gb_delete = $user_link_del;}

    if ($ds->user_id == "")
    {
      $user = $ds->user_name_gb;
      $gb_link = "";
      $gender = "";
    }
    else
    {
      $user = "<b><a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$ds->user_id_ein) . "'>". format_text(trim(stripslashes($ds->user_name_gb)), 2) ."</a></b>";
      $gb_link = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".$ds->user_id) . "'\n target=_self><img src='".TEMPLATE_PATH."/images/gb_".$config['language_dir'].".gif' border=0></a>";
}

    $user_pic = (isset($ds->userpic) && !empty($ds->userpic)) ? ROOT_PATH . "data/userpic/" . get_file_name(basename($ds->userpic)) : "";

$text = $ds->user_gb_text;

    $gb_time = $ds->user_gb_datum.$lang['user_gb_at'].$ds->user_gb_uhr;
    $level = $ds->user_level;
    if($level == "9") {$level = $lang['level_admin'];}
    elseif($level == "2") {$level = $lang['level_user'];}
    else {$level = "";}

  $site_template->register_vars(array(
    "user" => $user,
    "gb_time" => $gb_time,
    "admin_link" => $user_gb_delete,
    "userpic" => $user_pic,
    "gender" => $gender,
    "gb_link" => $gb_link,
    "level" => $level,
    "text" => format_text($text, $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments'])
    ));
  $gb_entrys .= $site_template->parse_template("user_gb_bit");
  }

  //Pageing
  if($offset == 0) {$vor = $lang['user_gb_prev'];}
  else
  {
    $offset2 = $offset - 10;
    $vor = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$abf_id."&off=".$offset2) . "'>".$lang['user_gb_prev']."</a>";
}
  $offset3 = $offset + 10;
  if($offset3 >= $erg ) { $weiter = $lang['user_gb_next'];}
  else {$weiter = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$abf_id."&off=".$offset3) . "'>".$lang['user_gb_next']."</a>";}
$gb_pageing = $vor." ".$weiter;

   $site_template->register_vars(array(
    "gb_entrys" => $gb_entrys,
    "user_gb_own" => $user_gb_own,
    "gb_pageing" => $gb_pageing,
    "user_gb_entry" => $user_gb_entry,
    "user_gb_entry_text" => $user_gb_entry_text
  ));

  if($_GET['ent'] == "") $afg = "false"; else $afg = $_GET['ent'];
  if ($_POST['comment_text'] == "" & $_GET['ent'] == "true")
    {
      $msg = $lang['error_no_text'];
      $afg = "false";
    }
  if($afg == "true")
  {
    $text = $_POST['comment_text'];
    if($_POST['user_id'] == $user_info[user_id]) { $a = "NOW()";}
    else {$a = "'0000-00-00 00:00:0'";}
    $query = "INSERT INTO ".USERS_GB_TABLE."
              (user_id_gb, user_id_ein, user_name_gb, user_gb_text, user_gb_date, user_gb_read)
              VALUES
              ('".$_POST['user_id']."', '".$user_info[user_id]."', '".$user_info[user_name]."','".$text."', NOW(), ".$a.")";
    $sql = $site_db->query($query);

    $msg .= "<meta http-equiv=refresh content=\"5; URL=" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$_POST['user_id']) ."\">\n
<fieldset style=border : 1px solid blue><legend style=color: black;><b>".$lang['user_gb_new_ok']."</b>\n
    </legend>\n<table border=0 cellspacing=0 cellpadding=8><tr>\n
    <td><p> ".$lang['user_gb_new_wait']."
    <a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$_POST['user_id'])."'>".$lang['user_gb_new_to']."</a><br></p></td></tr></table></fieldset>";
}
  elseif ($afg == "false")
  {
    $id = $_GET['user_id'];
  }

    if ($config['bb_comments'] == 1) {
    $site_template->register_vars(array(
      "lang_bbcode" => $lang['bbcode'],
      "lang_tag_prompt" => $lang['tag_prompt'],
      "lang_link_text_prompt" => $lang['link_text_prompt'],
      "lang_link_url_prompt" => $lang['link_url_prompt'],
      "lang_link_email_prompt" => $lang['link_email_prompt'],
      "lang_list_type_prompt" => $lang['list_type_prompt'],
      "lang_list_item_prompt" => $lang['list_item_prompt']
    ));
    $bbcode = $site_template->parse_template("bbcode"); }

    $site_template->register_vars(array(
    "user_gb" => $user_gb,
    "bbcode" => $bbcode,
    "head_gb" => $lang['user_gb_new'],
    "button_send" => $lang['submit'],
    "button_reset" => $lang['reset'],
    "gb_id" => $user_id
    ));

    $query = "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_gb = ".$user_row['user_id']."";
    $erg = $site_db->query_firstrow($query);
    $user_gb_ein = $erg;

    $query = "SELECT COUNT(*) FROM ".USERS_GB_TABLE." WHERE user_id_ein = ".$user_row['user_id']."";
    $erg = $site_db->query_firstrow($query);
    $user_gb_ge = $erg;

    $user_gb_link = "<a href='" . $site_sess->url(ROOT_PATH . "member.php?action=showprofile&user_id=".(int)$user_row['user_id']) . "'>".$lang['user_gb_too_gb']. format_text(trim(stripslashes($user_row['user_name'])), 2) ." (".$user_gb_ein.")</a>";
$site_template->register_vars(array(
    "user_gb_ein" => $user_gb_ein,
    "user_gb_ge" => $user_gb_ge,
    "lang_gb_ein" => $lang['user_gb_ein'],
    "lang_user_gb_er" => $lang['user_gb_er'],
    "lang_user_gb_ge" => $lang['user_gb_ge'],
    "user_gb_link" => $user_gb_link
    ));
///////////////////////////////////////////////










    //----------  [MOD] BUDDY  V2 beta ----------
//----------     2007 by eMagix    ----------
//----------   2010 by Sumale.nin  ----------
//----------       Start Code      ----------

if (($user_info['user_level'] != GUEST) && ($user_info['user_id'] != $user_row['user_id'])) {

$buddy_url = $self_url;

$buddy_url .= (!empty($mode)) ? ((strpos($buddy_url, '?') !== false) ? "&" : "?")."mode=".$mode : "";

$buddy_url .= strpos($buddy_url, '?') !== false ? "&" : "?";

// IF USER ALREADY A BUDDY SHOW ALREADY BUDDY TEXT

$buddy_status = check_buddy($user_row['user_id']);

if ($buddy_status == 1) {

$buddy_button = $lang['user_buddy_yes'];

}
// IF USER REQUEST PENDING SHOW PENDING TEXT

elseif ($buddy_status == 0) {

$buddy_button = $lang['user_buddy_pending'];

}

// IF NOT YET BUDDY SHOW BUTTON

elseif ($buddy_status == -1) {

$buddy_url .= "action=addbuddy&id=".$user_row['user_id']."";

$buddy_button = "<a href=\"".$site_sess->url($buddy_url)."\"><img src=\"".get_gallery_image("buddy_no.gif")."\" border=\"0\" alt=\"\" /></a>";

}

else {

$buddy_button = "<img src=\"".get_gallery_image("buddy_off.gif")."\" border=\"0\" alt=\"\" />";

}

$site_template->register_vars("lang_buddy_add", $lang['lang_buddy_add']);

// SHOW YOUR BUDDIES ON YOUR PROFILE

$buddy_sql = "SELECT *

FROM (".USERS_TABLE." u)

INNER JOIN ".USERS_FRIENDSHIP_TABLE." i ON (".get_user_table_field("u.", "user_id")." = i.user_id_primary)

WHERE i.friendship_status =1 AND i.user_id_secondary = ".$user_row['user_id']."

UNION

SELECT *

FROM (".USERS_TABLE." u)

INNER JOIN ".USERS_FRIENDSHIP_TABLE." i1 ON (".get_user_table_field("u.", "user_id")." = i1.user_id_secondary)

WHERE i1.friendship_status =1 AND i1.user_id_primary = ".$user_row['user_id']."

               LIMIT 50"; // NUMBER OF BUDDIES YOU WANT TO SHOW ON YOUR PROFILE

$buddy_result = $site_db->query($buddy_sql);

$num_rows = $site_db->get_numrows($buddy_result);

if (!$num_rows) {

$buddylist = $lang['buddy_no_empty'];

$msg = $lang['buddy_no_empty'];

}

else {

$buddylist ="";

while($ds = mysql_fetch_object($buddy_result)){

$user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/", $ds->user_id, $url_show_profile) : ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$ds->user_id;

$buddylist .= " <a href=\"".$site_sess->url($user_profile_link)."\">".htmlspecialchars($ds->user_name)."</a> ";

}

}
$site_template->register_vars("buddy", $buddylist);

$site_template->register_vars("buddy_msg", $msg);

unset($userlist,$msg);

//----------- END CODE  -----------------






    if (!empty($user_row['user_email']) && (!isset($user_row['user_showemail']) || (isset($user_row['user_showemail']) && $user_row['user_showemail'] == 1))) {
      $user_email = $user_row['user_email'];
      $user_email_save = str_replace("@", " at ", $user_row['user_email']);
      $user_email_save = str_replace(".", " dot ", $user_row['user_email']);
      if (!empty($url_mailform)) {
        $user_mailform_link = $site_sess->url(preg_replace("/{user_id}/", $user_row['user_id'], $url_mailform));
      }
      else {
        $user_mailform_link = $site_sess->url(ROOT_PATH."member.php?action=mailform&".URL_USER_ID."=".$user_row['user_id']);
      }
      $user_email_button = "<a href=\"".$user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$user_email_save."\" /></a>";
    }




    else {
      $user_email = REPLACE_EMPTY;
      $user_email_save = REPLACE_EMPTY;
      $user_mailform_link = REPLACE_EMPTY;
      $user_email_button = REPLACE_EMPTY;
    }

   // User images.//////////////////////////////////////////////
   // User images.//////////////////////////////////////////////
   // User images.//////////////////////////////////////////////
   // User images.//////////////////////////////////////////////
$sql = "SELECT COUNT(i.image_id) as total_images
           FROM " . IMAGES_TABLE . " i
           INNER JOIN " . CATEGORIES_TABLE . " c ON (c.cat_id = i.cat_id)
           INNER JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = i.user_id)
           WHERE i.image_active = 1 AND i.user_id = " . (int)$user_id . " AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat", "NOTIN").")";

$total_images = $site_db->query_firstrow($sql);

$imgtable_width = ceil((intval($config['image_table_width'])) / $config['image_cells']);
if ((substr($config['image_table_width'], -1)) == "%") {
  $imgtable_width .= "%";
}

if ((int)$total_images['total_images'] <= 0)  {
  $user_images = "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\"><tr class=\"imagerow1\"><td>";
  $user_images .= $lang['no_new_images'];
  $user_images .= "</td></tr></table>";
}
else  {
  $user_images = "<table width=\"".$config['image_table_width']."\" border=\"0\" cellpadding=\"".$config['image_table_cellpadding']."\" cellspacing=\"".$config['image_table_cellspacing']."\">";
  $count = 2;
  $bgcounter = 0;

  $num_rows_all = (isset($total_images['total_images']) && (int)$total_images['total_images'] > 0) ? (int)$total_images['total_images'] : 0;
$link_arg = $site_sess->url(ROOT_PATH."member.php?action=showprofile&user_id=" . (int)$user_id);

include(ROOT_PATH.'includes/paging.php');
$getpaging = new Paging($page, $perpage, $num_rows_all, $link_arg);
$offset = $getpaging->get_offset();

$site_template->register_vars(array(
  "paging" => $getpaging->get_paging(),
  "paging_stats" => $getpaging->get_paging_stats()
));

  $sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.", "user_name")."
        FROM ".IMAGES_TABLE." i
        INNER JOIN " . CATEGORIES_TABLE . " c ON (c.cat_id = i.cat_id)
        INNER JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id)
        WHERE i.image_active = 1 AND i.user_id = " . (int)$user_id . " AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat", "NOTIN").")
        ORDER BY i.image_date DESC
        LIMIT " . $offset . ", " . $perpage;

  $result = $site_db->query($sql);
  $num_rows = $site_db->get_numrows($result);

  if ($num_rows > 0) {
  while ($image_row = $site_db->fetch_array($result)){
    if ($count == 2) {
      $row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;
      $user_images .= "<tr class=\"imagerow".$row_bg_number."\">\n";
    }
    $user_images .= "<td width=\"".$imgtable_width."\" valign=\"top\">\n";

    show_image($image_row);
    $user_images .= $site_template->parse_template("thumbnail_bit");
    $user_images .= "\n</td>\n";
    $count++;
    if ($count == $config['image_cells']) {
      $user_images .= "</tr>\n";
      $count = 2;
    }
  } // end while
  } // End if.

  if ($count > 0)  {
    $leftover = ($config['image_cells'] - $count);
    if ($leftover >= 1) {
      for ($f = 0; $f < $leftover; $f++) {
        $user_images .= "<td width=\"".$imgtable_width."\">\n \n</td>\n";
      }
      $user_images .= "</tr>\n";
    }
  }
  $user_images .= "</table>\n";
} // end else

$site_template->register_vars("user_images", $user_images);
unset($user_images);
// End user images.

if (defined('MEMBER_RATING_ACTIVE') && MEMBER_RATING_ACTIVE == 2) {
        if (function_exists('member_rating_check_user') && member_rating_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level'])) {
            $already_rated = member_rating_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level']);

        } elseif (function_exists('member_rating_check_user') && !member_rating_check_user($user_info['user_id'], $user_row[$user_table_fields['user_id']], $user_info['user_level'])) {
            $rating_content = "";
            for ($i = MEMBER_RATING_MARK_VALUE; $i > 2; $i--) {
                $site_template->register_vars("i", $i);
                $rating_content .= $site_template->parse_template("member_rating_dropdown");
            }
        }
    }



    $sql = "

    SELECT COUNT(uvp.view_count) AS total_rows
    FROM " . USERS_VIEWPROFILE_TABLE . " uvp
    LEFT JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = uvp.user_id)
    WHERE uvp.other_user_id = " . $user_id;

    $row = $site_db->query_firstrow($sql);
    $total_views = (isset($row['total_rows'])) ? (int)$row['total_rows'] : 0;

$sql = "SELECT COUNT(image_id) AS totimg
FROM ".IMAGES_TABLE."
WHERE user_id = $user_id";

$result = $site_db->query($sql);

$row = $site_db->fetch_array($result);

$uploaded_images = $row['totimg'];

$site_template->register_vars(array(

  "uploaded_imgs" => $uploaded_images,
      "user_id" => $user_row['user_id'],

  "lang_show_user_comments" => $lang['show_user_comments'],
      "url_show_user_comments" => $site_sess->url(ROOT_PATH."member.php?action=showcomments&user_id=".$user_row['user_id']),
      "user_name" => (isset($user_row['user_name'])) ? htmlspecialchars($user_row['user_name']) : REPLACE_EMPTY,

       "lang_pm" => ($user_info['user_id'] != $user_row['user_id']) ? "<a href=\"".$site_sess->url(ROOT_PATH."pm.php?action=new&user_id=".$user_row['user_id'])."\">".$lang['pm_user_pm_alt']."</a>" : "",
      "user_email" => $user_email,
      "user_email_save" => $user_email_save,
      "user_mailform_link" => $user_mailform_link,
      "user_email_button" => $user_email_button,
      "user_join_date" => (isset($user_row['user_joindate'])) ? format_date($config['date_format'], $user_row['user_joindate']) : REPLACE_EMPTY,
      "user_last_action" => (isset($user_row['user_lastaction'])) ? format_date($config['date_format']." ".$config['time_format'], $user_row['user_lastaction']) : REPLACE_EMPTY,
      "user_homepage" => $user_homepage,"buddy_button" => $buddy_button,

//User Pic
      "userpic_img" => ($config['userpic'] && $user_row['userpic']) ? ROOT_PATH."data/userpic/".$user_row['userpic'] : "",
//End User Pic
      "user_homepage_button" => $user_homepage_button,

  "last_user" => $last_user,
      "lang_last_user" => $lang['last_user'],
      "user_icq" => $user_icq,
      "user_icq_button" => $user_icq_button,
      "user_icq_status" => (isset($user_row['user_icq'])) ? get_icq_status($user_row['user_icq']) : REPLACE_EMPTY,
      "user_comments" => (isset($user_row['user_comments'])) ? $user_row['user_comments'] : REPLACE_EMPTY,




      "lang_member_viewprofile_from_profile" => $lang['member_viewprofile_from_profile'],
"member_viewprofile_from_profile_total_views" => (isset($total_views)) ? (int)$total_views : "",





      "lang_profile_of" => $lang['profile_of'],

  "lang_member_rating_user_rate" => $lang['member_rating_user_rate'],
"already_rated" => (isset($already_rated)) ? trim($already_rated) : "",
"rating_content" => (isset($rating_content) && $user_info['user_id'] != $user_row[$user_table_fields['user_id']]) ? trim($rating_content) : "",

      "lang_show_user_images" => preg_replace("/".$site_template->start."user_name".$site_template->end."/siU", format_text($user_row['user_name'], 2), $lang['show_user_images']),
      "url_show_user_images" => $site_sess->url(ROOT_PATH."search.php?search_user=".urlencode($user_row['user_name'])),
      "lang_join_date" => $lang['join_date'],
      "lang_last_action" => $lang['last_action'],
      "lang_comments" => $lang['comments'],
      "lang_email" => $lang['email'],
      "lang_homepage" => $lang['homepage'],
      "lang_icq" => $lang['icq']
    ));

    if (!empty($additional_user_fields)) {
      $additional_field_array = array();
      foreach ($additional_user_fields as $key => $val) {
        $additional_field_array[$key] = (!empty($user_row[$key])) ? format_text($user_row[$key], 1) : REPLACE_EMPTY;
        $additional_field_array['lang_'.$key] = $val[0];
      }
      if (!empty($additional_field_array)) {
        $site_template->register_vars($additional_field_array);
      }
    }
    $content = $site_template->parse_template("member_profile");
  }
  else {
    $content = $lang['invalid_user_id'];
  }
}

//-----------------------------------------------------
//--- Send Password -----------------------------------
//-----------------------------------------------------
if ($action == "sendpassword") {
  $txt_clickstream = $lang['lost_password'];
  $user_email = un_htmlspecialchars(trim($HTTP_POST_VARS['user_email']));

  if ($user_email != "") {
    $sql = "SELECT ".get_user_table_field("", "user_id").get_user_table_field(", ", "user_name").get_user_table_field(", ", "user_password")."
            FROM ".USERS_TABLE."
            WHERE ".get_user_table_field("", "user_email")." = '$user_email'";
    if ($checkuser = $site_db->query_firstrow($sql)) {
      mt_srand((double) microtime() * 1000000);
      $puddle = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
      $user_password = "";
      for ($i = 0; $i < 8; $i++) {
        $user_password .= substr($puddle, (mt_rand()%(strlen($puddle))), 1);
      }

      $sql = "UPDATE ".USERS_TABLE."
              SET ".get_user_table_field("", "user_password")." = '".md5($user_password)."'
              WHERE ".get_user_table_field("", "user_id")." = ".$checkuser[$user_table_fields['user_id']];
      $site_db->query($sql);

      // Start Emailer
      include(ROOT_PATH.'includes/email.php');
      $site_email = new Email();
      $site_email->set_to($user_email);
      $site_email->set_subject($lang['send_password_emailsubject']);
      $site_email->register_vars(array(
        "user_name" => $checkuser[$user_table_fields['user_name']],
        "user_password" => stripslashes($user_password),
        "site_name" => $config['site_name']
      ));
      $site_email->set_body("lost_password", $config['language_dir']);
      $site_email->send_email();

      $msg = $lang['send_password_success'];
      $HTTP_POST_VARS['user_email'] = "";
    }
    else {
      $msg = $lang['invalid_email'];
    }
  }

  $action = "lostpassword";
}

if ($action == "lostpassword") {
  $txt_clickstream = $lang['lost_password'];
  $user_email = (isset($HTTP_POST_VARS['user_email'])) ? format_text(stripslashes($HTTP_POST_VARS['user_email']), 2) : "";
  $site_template->register_vars(array(
    "lang_email" => $lang['email'],
    "lang_lost_password" => $lang['lost_password'],
    "lang_lost_password_msg" => $lang['lost_password_msg'],
    "lang_submit" => $lang['submit'],
    "user_email" => $user_email,
  ));
  $content = $site_template->parse_template("member_lostpassword");
}

//-----------------------------------------------------
//--- Edit Profile ------------------------------------
//-----------------------------------------------------
$update_process = 0;
$new_email_msg = "";
if ($action == "updateprofile") {
  $txt_clickstream = $lang['control_panel'];
  if ($user_info['user_level'] == GUEST) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $user_email = (isset($HTTP_POST_VARS['user_email'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email'])) : "";
  $user_email2 = (isset($HTTP_POST_VARS['user_email2'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['user_email2'])) : "";
  $user_homepage = (isset($HTTP_POST_VARS['user_homepage'])) ? format_url(un_htmlspecialchars(trim($HTTP_POST_VARS['user_homepage']))) : "";
  $user_icq = (isset($HTTP_POST_VARS['user_icq'])) ? ((intval(trim($HTTP_POST_VARS['user_icq']))) ? intval(trim($HTTP_POST_VARS['user_icq'])) : "") : "";
  $user_showemail = (isset($HTTP_POST_VARS['user_showemail'])) ? intval($HTTP_POST_VARS['user_showemail']) : 0;
  $user_allowemails = (isset($HTTP_POST_VARS['user_allowemails'])) ? intval($HTTP_POST_VARS['user_allowemails']) : 0;
  $user_invisible = (isset($HTTP_POST_VARS['user_invisible'])) ? intval($HTTP_POST_VARS['user_invisible']) : 0;

  $error = 0;
  if ($user_info['user_email'] != $user_email && $checkuser = $site_db->query_firstrow("SELECT ".get_user_table_field("", "user_id")." FROM ".USERS_TABLE." WHERE ".get_user_table_field("", "user_email")." = '$user_email' AND ".get_user_table_field("", "user_id")." <> '".$user_info['user_id']."'")) {
    if ($checkuser[$user_table_fields['user_id']] != $user_info['user_id']) {
      $msg .= (($msg != "") ? "<br />" : "").$lang['email_exists'];
      $error = 1;
    }
  }
  if ($user_email != $user_email2) {
    $msg .= (($msg != "") ? "<br />" : "").$lang['update_email_confirm_error'];
    $error = 1;
  }
  if ($user_email == "" || $user_email2 == "") {
    $msg .= (($msg != "") ? "<br />" : "").$lang['update_email_error'];
    $error = 1;
  }
  if (!check_email($user_email)) {
    $msg .= (($msg != "") ? "<br />" : "").$lang['invalid_email_format'];
    $error = 1;
  }

  if (!empty($additional_user_fields)) {
    foreach ($additional_user_fields as $key => $val) {
      if (isset($HTTP_POST_VARS[$key]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key]) == "") {
        $error = 1;
        $field_error = preg_replace("/".$site_template->start."field_name".$site_template->end."/siU", str_replace(":", "", $val[0]), $lang['field_required']);
        $msg .= (($msg != "") ? "<br />" : "").$field_error;
      }
    }
  }

// Upload User Pic
  $userpic = $userpic_new = "";
  if (!$error && $config['userpic'])
  {
    $userpics_dir = ROOT_PATH."data/userpic/";
    if (!empty($HTTP_POST_FILES['userpic_file']['tmp_name']) && $HTTP_POST_FILES['userpic_file']['tmp_name'] != "none")
    {
      if (isset($HTTP_COOKIE_VARS['userpic_file']) || isset($HTTP_POST_VARS['userpic_file']) || isset($HTTP_GET_VARS['userpic_file'])) {
        die("Security violation");
      }
      if (!function_exists("is_uploaded_file")) {
        function is_uploaded_file($file_name) {
          if (!$tmp_file = @get_cfg_var('upload_tmp_dir')) {
            $tmp_file = tempnam('','');
            $deleted = @unlink($tmp_file);
            $tmp_file = dirname($tmp_file);
          }
          $tmp_file .= '/'.basename($file_name);
          return (ereg_replace('/+', '/', $tmp_file) == $file_name) ? 1 : 0;
        }

        function move_uploaded_file($file_name, $destination) {
          return (is_uploaded_file($file_name)) ? ((copy($file_name, $destination)) ? 1 : 0) : 0;
        }
      }
      $error = array();
      $mime_types = array(
        "image/jpeg",
        "image/pjpeg",
        "image/gif",
        "image/x-png"
      );
      $extensions = array(
        "jpg",
        "jpeg",
        "gif",
        "png"
      );
      $userpic_ext = strtolower(substr(strrchr($HTTP_POST_FILES['userpic_file']['name'],"."), 1));
      $userpic_mime = $HTTP_POST_FILES['userpic_file']['type'];
      if (!in_array($userpic_mime, $mime_types) || !in_array($userpic_ext, $extensions))
      {
        $error[] = $lang['invalid_file_type']. " (".$userpic_ext.", ".$HTTP_POST_FILES['userpic_file']['type'].")";
      }
      if ($HTTP_POST_FILES['userpic_file']['size'] > $config['userpic_size'] * 1024)
      {
        $error[] = $lang['invalid_file_size'];
      }
      if (empty($error))
      {
        $userpic_name = $user_info['user_id'].".".$userpic_ext;
        $userpic_file = $userpics_dir.$userpic_name;
         if (file_exists($userpic_file))
         {
            unlink($userpic_file);
        }
        if (!move_uploaded_file($HTTP_POST_FILES['userpic_file']['tmp_name'], $userpic_file))
        {
          $error[] = $lang['file_copy_error'];
        }
        else
        {
          @chmod($userpic_file, CHMOD_FILES);
        }
      }
      if (empty($error))
      {
        $userpic = $HTTP_POST_VARS['userpic'] = $userpic_new = $userpic_name;
        if ($user_info['userpic'] != $userpic_name && file_exists($userpics_dir.$user_info['userpic']))
        {
          @unlink($userpics_dir.$user_info['userpic']);
        }
        if (!function_exists(init_convert_options))
        {
          require(ROOT_PATH.'includes/image_utils.php');
        }
        $image_info = getimagesize($userpic_file);
        $convert_options = init_convert_options();
        if (($image_info[0] > $config['userpic_width'] || $image_info[1] > $config['userpic_height']))
        {
          if ($convert_options['convert_error'] || (!$convert_options['convert_error'] && !resize_image($userpic_file, 85, $config['userpic_width'], 1)))
          {
            if ($image_info[0] > $config['userpic_width'])
            {
              $error[] = $lang['invalid_image_width'];
            }
            if ($image_info[1] > $config['userpic_height'])
            {
              $error[] = $lang['invalid_image_height'];
            }
          }
        }
      }
      if (!empty($error))
      {
        $msg .= (($msg != "") ? "<br />" : "")."<b>".$lang['file_upload_error'].": ".$HTTP_POST_FILES['userpic_file']['name']."</b><br />";
        foreach ($error as $val) {
          $msg .= "<b>".$HTTP_POST_FILES['userpic_file']['name'].":</b> ".$val."<br />";
        }
        $HTTP_POST_VARS['userpic'] = $user_info['userpic'];
      }
    }
    else
    {
      if (isset($HTTP_POST_VARS['userpic_del']) && $HTTP_POST_VARS['userpic_del'])
      {
        @unlink($userpics_dir.$user_info['userpic']);
        $HTTP_POST_VARS['userpic'] = $userpic = "";
        $userpic_new = 1;
      }
    }
  }
// End Upload User Pic

  if (!$error && $user_email != $user_info['user_email'] && $user_info['user_level'] != ADMIN && $config['account_activation'] != 0) {
    $activationkey = get_random_key(USERS_TABLE, $user_table_fields['user_activationkey']);

    $sql = "UPDATE ".USERS_TABLE."
            SET ".get_user_table_field("", "user_level")." = ".USER_AWAITING.", ".get_user_table_field("", "user_activationkey")." = '$activationkey'
            WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
    $result = $site_db->query($sql);

    if ($result) {
      $activation_url = $script_url."/register.php?action=activate&activationkey=".$activationkey;

      include(ROOT_PATH.'includes/email.php');
      $site_email = new Email();

      switch($config['account_activation']) {
      case 2:
        $user_details_url = $script_url."/admin/index.php?goto=".urlencode("users.php?action=edituser&user_id=".$user_info['user_id']."&activation=1");
        $email_to = $config['site_email'];
        $email_subject = $lang['admin_activation_emailsubject'];
        $email_template = "admin_activation";
        $new_email_msg = $lang['update_email_instruction_admin'];
        break;
      case 1:
        if ($config['language_dir_default'] != $config['language_dir']) {
          $activation_url .= "&l=".$config['language_dir'];
        }
        $user_details_url = "";
        $email_to = $user_email;
        $email_subject = $lang['update_email_emailsubject'];
        $email_template = "newemail_activation";
        $new_email_msg = $lang['update_email_instruction'];
        break;
      case 0:
      default:
        break;
      }

      if (!empty($email_to)) {
        $site_email->set_to($email_to);
        $site_email->set_subject($email_subject);
        $site_email->register_vars(array(
          "user_details_url" => $user_details_url,
          "activation_url" => $activation_url,
          "user_name" => $user_info['user_name'],
          "site_name" => $config['site_name']
        ));
        $site_email->set_body($email_template, $config['language_dir']);
        $site_email->send_email();
      }
    }
    else {
      $msg = $lang['general_error'];
      $error = 1;
    }
  }

  if (!$error) {
    $additional_sql = "";
    if (!empty($additional_user_fields)) {
      $table_fields = $site_db->get_table_fields(USERS_TABLE);
      foreach ($additional_user_fields as $key => $val) {
        if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          $additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
    }

    $sql = "UPDATE ".USERS_TABLE."
            SET ".get_user_table_field("", "user_email")." = '$user_email', ".get_user_table_field("", "user_showemail")." = $user_showemail, ".get_user_table_field("", "user_allowemails")." = $user_allowemails, ".get_user_table_field("", "user_invisible")." = $user_invisible, ".get_user_table_field("", "user_homepage")." = '$user_homepage', ".get_user_table_field("", "user_icq")." = '$user_icq'".$additional_sql."
            WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
    $site_db->query($sql);

    $msg = $lang['update_profile_success'];
    if (!empty($new_email_msg)) {
      $msg .= "<br />".$new_email_msg;
    }
    $user_info = $site_sess->load_user_info($user_info['user_id']);
  }
  else {
    $update_process = 1;
  }
  $action = "editprofile";
}

if ($action == "updatepassword") {
  $txt_clickstream = $lang['control_panel'];
  if ($user_info['user_level'] == GUEST) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $error = 0;
  $current_user_password = md5(trim($HTTP_POST_VARS['current_user_password']));
  $user_password = trim($HTTP_POST_VARS['user_password']);
  $user_password2 = trim($HTTP_POST_VARS['user_password2']);
  if ($current_user_password != $user_info['user_password']) {
    $msg .= (($msg != "") ? "<br />" : "").$lang['update_password_error'];
    $error = 1;
  }
  if ($user_password != $user_password2 || $user_password == "") {
    $msg .= (($msg != "") ? "<br />" : "").$lang['update_password_confirm_error'];
    $error = 1;
  }
  if (!$error) {
    $sql = "UPDATE ".USERS_TABLE."
            SET ".get_user_table_field("", "user_password")." = '".md5($user_password)."'
            WHERE ".get_user_table_field("", "user_id")." = ".$user_info['user_id'];
    $site_db->query($sql);

    $msg = $lang['update_password_success'];
    $user_info = $site_sess->load_user_info($user_info['user_id']);
  }
  $action = "editprofile";
}

if ($action == "editprofile") {
  $txt_clickstream = $lang['control_panel'];
  if ($user_info['user_level'] == GUEST) {
    show_error_page($lang['no_permission']);
    exit;
  }
  $user_name = $user_info['user_name'];
  if (!$update_process) {
    $user_email = $user_info['user_email'];
    $user_email2 = $user_info['user_email'];
    $user_showemail = $user_info['user_showemail'];
    $user_allowemails = $user_info['user_allowemails'];
    $user_invisible = $user_info['user_invisible'];
    $user_homepage = $user_info['user_homepage'];
    $user_icq = $user_info['user_icq'];
  }

  if ($user_showemail == 1) {
    $user_showemail_yes = " checked=\"checked\"";
    $user_showemail_no = "";
  }
  else {
    $user_showemail_yes = "";
    $user_showemail_no = " checked=\"checked\"";
  }
  if ($user_allowemails == 1) {
    $user_allowemails_yes = " checked=\"checked\"";
    $user_allowemails_no = "";
  }
  else {
    $user_allowemails_yes = "";
    $user_allowemails_no = " checked=\"checked\"";
  }
  if ($user_invisible == 1) {
    $user_invisible_yes = " checked=\"checked\"";
    $user_invisible_no = "";
  }
  else {
    $user_invisible_yes = "";
    $user_invisible_no = " checked=\"checked\"";
  }

  $edit_profile_msg = $lang['edit_profile_msg'];
  if ($config['account_activation'] == 1 && $user_info['user_level'] != ADMIN) {
    $edit_profile_msg .= $lang['edit_profile_email_msg'];
  }
  if ($config['account_activation'] == 2 && $user_info['user_level'] != ADMIN) {
    $edit_profile_msg .= $lang['edit_profile_email_msg_admin'];
  }

  $site_template->register_vars(array(
    "user_name" => format_text(stripslashes($user_name), 2),
    "user_email" => format_text(stripslashes($user_email), 2),
    "user_email2" => format_text(stripslashes($user_email2), 2),
    "user_homepage" => format_text(stripslashes($user_homepage), 2),
    "user_icq" => $user_icq,

    //User Pic
    "userpic_allowed" => $config['userpic'],
    "userpic_img" => ($user_info['userpic']) ? ROOT_PATH."data/userpic/".$user_info['userpic'] : "",
    "lang_userpic_del" => $lang['userpic_del'],
    "lang_userpic_upload" => preg_replace("/".$site_template->start."userpic_max_size".$site_template->end."/siU", $config['userpic_size']." ".$lang['kb'], preg_replace("/".$site_template->start."userpic_max_width".$site_template->end."/siU", $config['userpic_width'], preg_replace("/".$site_template->start."userpic_max_height".$site_template->end."/siU", $config['userpic_height'], $lang['userpic_upload']))),
    "userpic_max_width" => $config['userpic_width'],
    "userpic_max_height" => $config['userpic_height'],
    "userpic_max_size" => $config['userpic_size']." ".$lang['kb'],
//End User Pic

    "user_showemail_yes" => $user_showemail_yes,
    "user_showemail_no" => $user_showemail_no,
    "user_allowemails_yes" => $user_allowemails_yes,
    "user_allowemails_no" => $user_allowemails_no,
    "user_invisible_yes" => $user_invisible_yes,
    "user_invisible_no" => $user_invisible_no,
    "lang_profile_of" => $lang['profile_of'],
    "lang_email" => $lang['email'],
    "lang_email_confirm" => $lang['email_confirm'],
    "lang_show_email" => $lang['show_email'],
    "lang_allow_emails" => $lang['allow_emails'],
    "lang_invisible" => $lang['invisible'],
    "lang_optional_infos" => $lang['optional_infos'],
    "lang_homepage" => $lang['homepage'],
    "lang_icq" => $lang['icq'],
    "lang_save" => $lang['save'],
    "lang_reset" => $lang['reset'],
    "lang_change_password" => $lang['change_password'],
    "lang_old_password" => $lang['old_password'],
    "lang_new_password" => $lang['new_password'],
    "lang_new_password_confirm" => $lang['new_password_confirm'],
    "lang_edit_profile_msg" => $edit_profile_msg,
    "lang_yes" => $lang['yes'],
    "lang_no" => $lang['no']
  ));

  if (!empty($additional_user_fields)) {
    $additional_field_array = array();
    foreach ($additional_user_fields as $key => $val) {
      if ($val[1] == "radio") {
        $value = (isset($HTTP_POST_VARS[$key])) ? intval($HTTP_POST_VARS[$key]) : intval($user_info[$key]);
        if ($value == 1) {
          $additional_field_array[$key.'_yes'] = " checked=\"checked\"";
          $additional_field_array[$key.'_no'] = "";
        }
        else {
          $additional_field_array[$key.'_yes'] = "";
          $additional_field_array[$key.'_no'] = " checked=\"checked\"";
        }
      }
      else {
        $value = (isset($HTTP_POST_VARS[$key])) ? format_text(trim($HTTP_POST_VARS[$key]), 2) : $user_info[$key];
      }
      $additional_field_array[$key] = $value;
      $additional_field_array['lang_'.$key] = $val[0];
    }
    if (!empty($additional_field_array)) {
      $site_template->register_vars($additional_field_array);
    }
  }

  $content = $site_template->parse_template("member_editprofile");
  if (!empty($new_email_msg)) {
    $site_sess->logout($user_info['user_id']);
  }
}

//-----------------------------------------------------
//---Show Member Comments-------------------------------
//-----------------------------------------------------

if ($action == "showcomments") {

  if (isset($HTTP_GET_VARS[URL_USER_ID]) || isset($HTTP_POST_VARS[URL_USER_ID])) {
    $user_id = (isset($HTTP_GET_VARS[URL_USER_ID])) ? intval($HTTP_GET_VARS[URL_USER_ID]) : intval($HTTP_POST_VARS[URL_USER_ID]);
    if (!$user_id) {
      $user_id = GUEST;
    }
  }
  else {
    $user_id = GUEST;
  }

    $additional_sql = "";
      $table_fields = $site_db->get_table_fields(USERS_TABLE);
      foreach ($additional_user_fields as $key => $val) {
        if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
          $additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
        }
      }
  $sql = "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date".get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email").get_user_table_field(", u.", "user_showemail").get_user_table_field(", u.", "user_invisible").get_user_table_field(", u.", "user_joindate").get_user_table_field(", u.", "user_lastaction").get_user_table_field(", u.", "user_comments").get_user_table_field(", u.", "user_homepage").get_user_table_field(", u.", "user_icq").$additional_sql."
          FROM ".COMMENTS_TABLE." c
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
          WHERE c.user_id = $user_id
          ORDER BY c.comment_date DESC, c.image_id ASC";
  $result = $site_db->query($sql);
  $comment_row = array();
  while ($row = $site_db->fetch_array($result)) {
    $comment_row[] = $row;
  }
  $site_db->free_result($result);
  $num_comments = sizeof($comment_row);
  if (!$num_comments) {
    $comments = "".$lang['member_no_comments']."";
  }
  else {
    $comments = "";
    $bgcounter = 0;

$comments ="";

$current = "";
for ($i = 0; $i < $num_comments; $i++) {

  $image_id = $comment_row[$i]['image_id'];
      $sql = "SELECT i.image_id, i.cat_id, i.image_name, c.cat_name, i.image_media_file, i.image_thumb_file, i.image_allow_comments
            FROM (".IMAGES_TABLE." i,  ".CATEGORIES_TABLE." c)
            LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id)
            WHERE i.image_id = $image_id AND c.cat_id = i.cat_id";
      $image_row = $site_db->query_firstrow($sql);
      $cat_id = (isset($image_row['cat_id'])) ? $image_row['cat_id'] : 0;

$image_allow_comments = (check_permission("auth_readcomment", $cat_id)) ? $image_row['image_allow_comments'] : 0;
if ($image_allow_comments == 1){

if ($current != $comment_row[$i]['image_id']) {

$comments .= ($i == 0) ? "" : "";

$same = 1;

}else{

$same = 0;

  }
      $row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;

      $comment_user_name = htmlspecialchars($comment_row[$i]['comment_user_name']);
      $comment_user_info = $lang['userlevel_guest'];

      $comment_user_id = $comment_row[$i]['user_id'];

  $user_row_comment = get_user_info($comment_user_id);
      if (isset($comment_row[$i][$user_table_fields['user_name']]) && $comment_user_id != GUEST) {
        $comment_user_name = htmlspecialchars($comment_row[$i][$user_table_fields['user_name']]);

        $comment_user_info .= "<br />";
      }

      $comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";

      $admin_links = "";
      if ($user_info['user_level'] == ADMIN) {
        $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&comment_id=".$comment_row[$i]['comment_id']))."\" target=\"admin_edit\">".$lang['edit']."</a> ";
        $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&comment_id=".$comment_row[$i]['comment_id']))."\" target=\"admin_edit\">".$lang['delete']."</a>";
      }
      elseif ($is_image_owner) {
        $admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a> ";
        $admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";
      }

$show_link = (!check_permission("auth_viewcat", $cat_id) || !check_permission("auth_viewimage", $cat_id)) ? 0 : 1;
$site_template->register_vars(array(

"comment_image" => ($same) ? get_thumbnail_code($image_row['image_media_file'], $image_row['image_thumb_file'], $image_row['image_id'], $image_row['cat_id'], $image_row['image_name'], $mode, $show_link, 0, 1) : "",

"comment_image_name" => (!$show_link) ? $image_row['image_name'] : "<a href=\"".$site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$comment_row[$i]['image_id'].((!empty($mode)) ? "&mode=".$mode : ""))."\">".$image_row['image_name']."</a>",

"comment_cat_name" => (!check_permission("auth_viewcat", $cat_id)) ? $image_row['cat_name'] : "<a href=\"".$site_sess->url(ROOT_PATH."categories.php?".URL_CAT_ID."=".$cat_id)."\" class=\"smalltext\">".$image_row['cat_name']."</a>",
        "comment_id" => $comment_row[$i]['comment_id'],
        "comment_user_id" => $comment_user_id,
        "comment_user_name" => $comment_user_name,
        "comment_user_info" => $comment_user_info,
        "comment_user_ip" => $comment_user_ip,
        "comment_headline" => format_text($comment_row[$i]['comment_headline'], 0, $config['wordwrap_comments'], 0, 0),
        "comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
        "comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),
        "row_bg_number" => $row_bg_number,
        "admin_links" => $admin_links
      ));
      $comments .= $site_template->parse_template("member_comment_bit");

  $current = $comment_row[$i]['image_id'];
}
    } // end while
  } //end else
  $comments .= "</TABLE>\n</TD>\n</TR>\n</TABLE>\n";
  $content = $comments;
  $txt_clickstream = $lang['member_comments'].(($user_id == GUEST) ? $lang['userlevel_guest'] : '<a href="' . (!empty($url_show_profile) ? str_replace("{user_id}", $user_id, $url_show_profile) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&" . URL_USER_ID . "=" . $user_id)) . '">' . $comment_user_name . '</a>');
}
//---End Member Comments----

//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------
$clickstream = "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'].$txt_clickstream."</span>";

//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(
  "content" => $content,
  "msg" => $msg,
  "clickstream" => $clickstream,
  "lang_control_panel" => $lang['control_panel']
));
$site_template->print_template($site_template->parse_template($main_template));
include(ROOT_PATH.'includes/page_footer.php');
?>

17

Mods & Plugins (Releases & Support) / blank profile page when i add fave with show user images in profile Help ?

« on: January 27, 2011, 11:16:27 PM »

hello
last time i added show user images in profile but there's problem when any user have no favorite images in lightbox it's ok he can see his profile , but when he try to add favorite he can't see his profile it looks like blan page "white page ",>
i mean his profile appears like white page and all users can see his page is blank not only him ! ^-^

this mode link http://www.4homepages.de/forum/index.php?topic=15390.0

and this my member.php
action is
member.php?action=showprofile&user_id=

<?php
/**************************************************************************
*                                                                        *
*    4images - A Web Based Image Gallery Management System               *
*    ----------------------------------------------------------------    *
*                                                                        *
*             File: details.php                                          *
*        Copyright: (C) 2002-2009 Jan Sorgalla                           *
*            Email: jan@4homepages.de                                    *
*              Web: http://www.4homepages.de                             *
*    Scriptversion: 1.7.7                                                *
*                                                                        *
*    Never released without support from: Nicky (http://www.nicky.net)   *
*                                                                        *
**************************************************************************
*                                                                        *
*    Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz-       *
*    bedingungen (Lizenz.txt) für weitere Informationen.                 *
*    ---------------------------------------------------------------     *
*    This script is NOT freeware! Please read the Copyright Notice       *
*    (Licence.txt) for further information.                              *
*                                                                        *
*************************************************************************/

$main_template = 'details';

define('GET_CACHES', 1);
define('ROOT_PATH', './');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
include(ROOT_PATH.'includes/page_header.php');

if (!$image_id) {
    redirect($url);
}

$additional_sql = "";

if (!empty($additional_user_fields)) {
  foreach ($additional_user_fields as $key => $val) {
    $additional_sql .= ", u.".$key;
  }
}

if (!empty($additional_image_fields)) {
  foreach ($additional_image_fields as $key => $val) {
    $additional_sql .= ", i.".$key;
  }
}

$sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_newfield, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email")."
        FROM (".IMAGES_TABLE." i,  ".CATEGORIES_TABLE." c)
        LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id)
        WHERE i.image_id = $image_id AND i.image_active = 1 AND c.cat_id = i.cat_id";
$image_row = $site_db->query_firstrow($sql);
$cat_id = (isset($image_row['cat_id'])) ? $image_row['cat_id'] : 0;
$is_image_owner = ($image_row['user_id'] > USER_AWAITING && $user_info['user_id'] == $image_row['user_id']) ? 1 : 0;

if (!check_permission("auth_viewcat", $cat_id) || !check_permission("auth_viewimage", $cat_id) || !$image_row) {
  redirect($url);
}

$random_cat_image = (defined("SHOW_RANDOM_IMAGE") && SHOW_RANDOM_IMAGE == 0) ? "" : get_random_image($cat_id);
$site_template->register_vars("random_cat_image", $random_cat_image);
unset($random_cat_image);

//-----------------------------------------------------
//--- Show Image --------------------------------------
//-----------------------------------------------------

$image_allow_comments = (check_permission("auth_readcomment", $cat_id)) ? $image_row['image_allow_comments'] : 0;
$image_name = format_text($image_row['image_name'], 2);
show_image($image_row, $mode, 0, 1);

    //--- SEO variables -------------------------------

    $meta_keywords  = !empty($image_row['image_keywords']) ? implode(", ", explode(" ", $image_row['image_keywords'])) : "";
    $meta_description = !empty($image_row['image_description']) ? strip_tags($image_row['image_description']) . ". " : "";

    $site_template->register_vars(array(
            "detail_meta_description"   => $meta_description,
            "detail_meta_keywords"      => $meta_keywords,
            "prepend_head_title"        => $image_name . " - ",
//User Pic
    "userpic" => $user_pic,
//End User Pic
            ));

$in_mode = 0;

$sql = "";
if ($mode == "lightbox") {
  if (!empty($user_info['lightbox_image_ids'])) {
    $image_id_sql = str_replace(" ", ", ", trim($user_info['lightbox_image_ids']));
    $sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
            FROM ".IMAGES_TABLE."
            WHERE image_active = 1 AND image_id IN ($image_id_sql) AND (cat_id NOT IN (".get_auth_cat_sql("auth_viewimage", "NOTIN").", ".get_auth_cat_sql("auth_viewcat", "NOTIN")."))          ORDER BY image_sticky DESC, ".$config['image_order']." ".$config['image_sort'].", image_id ".$config['image_sort'];
    $in_mode = 1;
  }
}
elseif ($mode == "search") {
  if (!isset($session_info['searchid']) || empty($session_info['searchid'])) {
    $session_info['search_id'] = $site_sess->get_session_var("search_id");
  }

  if (!empty($session_info['search_id'])) {
    $search_id = unserialize($session_info['search_id']);
  }

  $sql_where_query = "";

  if (!empty($search_id['image_ids'])) {
    $sql_where_query .= "AND image_id IN (".$search_id['image_ids'].") ";
  }

  if (!empty($search_id['user_ids'])) {
    $sql_where_query .= "AND user_id IN (".$search_id['user_ids'].") ";
  }

  if (!empty($search_id['search_new_images']) && $search_id['search_new_images'] == 1) {
    $new_cutoff = time() - 60 * 60 * 24 * $config['new_cutoff'];
    $sql_where_query .= "AND image_date >= $new_cutoff ";
  }

  if (!empty($search_id['search_cat']) && $search_id['search_cat'] != 0) {
    $cat_id_sql = 0;
    if (check_permission("auth_viewcat", $search_id['search_cat'])) {
      $sub_cat_ids = get_subcat_ids($search_id['search_cat'], $search_id['search_cat'], $cat_parent_cache);
      $cat_id_sql .= ", ".$search_id['search_cat'];
      if (!empty($sub_cat_ids[$search_id['search_cat']])) {
        foreach ($sub_cat_ids[$search_id['search_cat']] as $val) {
          if (check_permission("auth_viewcat", $val)) {
            $cat_id_sql .= ", ".$val;
          }
        }
      }
    }
    $cat_id_sql = $cat_id_sql !== 0 ? "AND cat_id IN ($cat_id_sql)" : "";
  }
  else {
    $cat_id_sql = get_auth_cat_sql("auth_viewcat", "NOTIN");
    $cat_id_sql = $cat_id_sql !== 0 ? "AND cat_id NOT IN (".$cat_id_sql.")" : "";
  }

  if (!empty($sql_where_query)) {
    $sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
            FROM ".IMAGES_TABLE."
            WHERE image_active = 1
            $sql_where_query
            $cat_id_sql
            ORDER BY ".$config['image_order']." ".$config['image_sort'].", image_id ".$config['image_sort'];
    $in_mode = 1;
  }
}
if (!$in_mode || empty($sql)) {
  $sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
          FROM ".IMAGES_TABLE."
          WHERE image_active = 1 AND cat_id = $cat_id
          ORDER BY ".$config['image_order']." ".$config['image_sort'].", image_id ".$config['image_sort'];
}
$result = $site_db->query($sql);

$image_id_cache = array();
$next_prev_cache = array();
$break = 0;
$prev_id = 0;
while($row = $site_db->fetch_array($result)) {
  $image_id_cache[] = $row['image_id'];
  $next_prev_cache[$row['image_id']] = $row;
  if ($break) {
    break;
  }
  if ($prev_id == $image_id) {
    $break = 1;
  }
  $prev_id = $row['image_id'];
}
$site_db->free_result();

if (!function_exists("array_search")) {
  function array_search($needle, $haystack) {
    $match = false;
    foreach ($haystack as $key => $value) {
      if ($value == $needle) {
        $match = $key;
      }
    }
    return $match;
  }
}

$act_key = array_search($image_id, $image_id_cache);
$next_image_id = (isset($image_id_cache[$act_key + 1])) ? $image_id_cache[$act_key + 1] : 0;
$prev_image_id = (isset($image_id_cache[$act_key - 1])) ? $image_id_cache[$act_key - 1] : 0;
unset($image_id_cache);

// Get next and previous image
if (!empty($next_prev_cache[$next_image_id])) {
  $next_image_name = format_text($next_prev_cache[$next_image_id]['image_name'], 2);
  $next_image_url = $site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$next_image_id.((!empty($mode)) ? "&mode=".$mode : ""));
  if (!get_file_path($next_prev_cache[$next_image_id]['image_media_file'], "media", $next_prev_cache[$next_image_id]['cat_id'], 0, 0)) {
    $next_image_file = ICON_PATH."/404.gif";
  }
  else {
    $next_image_file = get_file_path($next_prev_cache[$next_image_id]['image_media_file'], "media", $next_prev_cache[$next_image_id]['cat_id'], 0, 1);
  }
  if (!get_file_path($next_prev_cache[$next_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$next_image_id]['cat_id'], 0, 0)) {
    $next_thumb_file = ICON_PATH."/".get_file_extension($next_prev_cache[$next_image_id]['image_media_file']).".gif";
  }
  else {
    $next_thumb_file = get_file_path($next_prev_cache[$next_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$next_image_id]['cat_id'], 0, 1);
  }
}
else {
  $next_image_name = REPLACE_EMPTY;
  $next_image_url = REPLACE_EMPTY;
  $next_image_file = REPLACE_EMPTY;
  $next_thumb_file = REPLACE_EMPTY;
}

if (!empty($next_prev_cache[$prev_image_id])) {
  $prev_image_name = format_text($next_prev_cache[$prev_image_id]['image_name'], 2);
  $prev_image_url = $site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$prev_image_id.((!empty($mode)) ? "&mode=".$mode : ""));
  if (!get_file_path($next_prev_cache[$prev_image_id]['image_media_file'], "media", $next_prev_cache[$prev_image_id]['cat_id'], 0, 0)) {
    $prev_image_file = ICON_PATH."/404.gif";
  }
  else {
    $prev_image_file = get_file_path($next_prev_cache[$prev_image_id]['image_media_file'], "media", $next_prev_cache[$prev_image_id]['cat_id'], 0, 1);
  }
  if (!get_file_path($next_prev_cache[$prev_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$prev_image_id]['cat_id'], 0, 0)) {
    $prev_thumb_file = ICON_PATH."/".get_file_extension($next_prev_cache[$prev_image_id]['image_media_file']).".gif";
  }
  else {
    $prev_thumb_file = get_file_path($next_prev_cache[$prev_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$prev_image_id]['cat_id'], 0, 1);
  }
}
else {
  $prev_image_name = REPLACE_EMPTY;
  $prev_image_url = REPLACE_EMPTY;
  $prev_image_file = REPLACE_EMPTY;
  $prev_thumb_file = REPLACE_EMPTY;
}

$site_template->register_vars(array(
  "next_image_id" => $next_image_id,
  "next_image_name" => $next_image_name,
  "next_image_url" => $next_image_url,
  "next_image_file" => $next_image_file,
  "next_thumb_file" => $next_thumb_file,
  "prev_image_id" => $prev_image_id,
  "prev_image_name" => $prev_image_name,
  "prev_image_url" => $prev_image_url,
  "prev_image_file" => $prev_image_file,
  "prev_thumb_file" => $prev_thumb_file
));
unset($next_prev_cache);

//-----------------------------------------------------
//--- Save Comment ------------------------------------
//-----------------------------------------------------

$error = 0;
if ($action == "postcomment" && isset($HTTP_POST_VARS[URL_ID])) {
  $id = intval($HTTP_POST_VARS[URL_ID]);
  $sql = "SELECT cat_id, image_allow_comments
          FROM ".IMAGES_TABLE."
          WHERE image_id = $id";
  $row = $site_db->query_firstrow($sql);

  if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
    $msg = $lang['comments_deactivated'];
  }
  else {
    $user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['user_name']));
    $comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
    $comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));

$response_to = (isset($HTTP_POST_VARS['response_to'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['response_to'])) : "";

    $captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";

    // Flood Check
    $sql = "SELECT comment_ip, comment_date
            FROM ".COMMENTS_TABLE."
            WHERE image_id = $id
            ORDER BY comment_date DESC
            LIMIT 1";
    $spam_row = $site_db->query_firstrow($sql);
    $spamtime = $spam_row['comment_date'] + 180;

    if ($session_info['session_ip'] == $spam_row['comment_ip'] && time() <= $spamtime && $user_info['user_level'] != ADMIN)  {
      $msg .= (($msg != "") ? "<br />" : "").$lang['spamming'];
      $error = 1;
    }

    $user_name_field = get_user_table_field("", "user_name");
    if (!empty($user_name_field)) {
      if ($site_db->not_empty("SELECT $user_name_field FROM ".USERS_TABLE." WHERE $user_name_field = '".strtolower($user_name)."' AND ".get_user_table_field("", "user_id")." <> '".$user_info['user_id']."'")) {
        $msg .= (($msg != "") ? "<br />" : "").$lang['username_exists'];
        $error = 1;
      }
    }
    if ($user_name == "")  {
      $msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
      $error = 1;
    }
    /*
if ($comment_headline == "")  {
  $msg .= (($msg != "") ? "<br />" : "").$lang['headline_required'];
  $error = 1;
}
*/
    if ($comment_text == "")  {
      $msg .= (($msg != "") ? "<br />" : "").$lang['comment_required'];
      $error = 1;
    }

    if ($captcha_enable_comments && !captcha_validate($captcha)) {
      $msg .= (($msg != "") ? "<br />" : "").$lang['captcha_required'];
      $error = 1;
    }

    if (!$error)  {
      if ($response_to) {
        $response = 1;
      } else {$response = 0;}
      $sql = "INSERT INTO ".COMMENTS_TABLE."
              (image_id, user_id, user_name, comment_headline, comment_text, comment_ip, comment_date, response)
              VALUES
              ($id, ".$user_info['user_id'].", '$user_name', '$comment_headline', '$comment_text', '".$session_info['session_ip']."', ".time().", '$response')";
      $site_db->query($sql);
      $commentid = $site_db->get_insert_id();
      update_comment_count($id, $user_info['user_id']);

$sql = "SELECT 'user_id', 'image_thumb_file', 'cat_id' FROM ".IMAGES_TABLE." WHERE image_id = $id";

$user_id = $site_db->query($sql);

$user_id = $image_row['user_id'];

if ($image_row['user_id'] != $user_info['user_id']) {

$image_url = $script_url."/details.php?".URL_IMAGE_ID."=".$id."";

$image_name_url = "[url=http://".$image_url."]".$image_name."[/url]";

if (!empty($image_row['image_thumb_file'])) {

$cat_id = $image_row['cat_id'];

$image_thumb_file = $image_row['image_thumb_file'];

$thumb = $site_sess->url(ROOT_PATH."data/thumbnails/".$cat_id."/".$image_thumb_file);

$thumb = "[url=http://".$image_url."][img]http://".$thumb."[/img][/url]";

} else {

$thumb = "";

}

$pm_from = 0; //Hier bitte die user_id vom Absender angeben

$pm_type = 5;

$pm_bbcode = 1;

$pm_smiles = 1;

$pm_sig = "-- \n Mit freundlichen Grüßen, \n euer Picsforfree.de Team";

$pm_message = "Das folgende Bild hat ein Kommentar von ".$user_name." erhalten: \n\n [B]Bild:[/B] ".$image_name_url."\n".$thumb." \n\n [B]Überschrift:[/B] ".$comment_headline." \n [B]Kommentar:[/B] ".$comment_text."\n\n".$pm_sig;

$pm_subject = "\"".$image_name."\" hat ein Kommentar von ".$user_name." erhalten";

$sql = "INSERT INTO ".PM_TABLE."

(pm_date, pm_to, pm_from, pm_subject, pm_type, pm_text, pm_bbcode, pm_html, pm_ip, pm_smiles)

VALUES

('".time()."', $user_id, $pm_from, '".$pm_subject."', $pm_type, '".$pm_message."', $pm_bbcode, 0, '".$session_info['session_ip']."', $pm_smiles)";

$result = $site_db->query($sql);

}
      $msg = $lang['comment_success'];

      if ($response_to) {
        $sql = "UPDATE ".COMMENTS_TABLE."
                SET comment_response = '$commentid'
                WHERE comment_id = $response_to";
        $site_db->query($sql);
      }
    }
  }
  unset($row);
  unset($spam_row);
}

//-----------------------------------------------------
//--- Show Comments -----------------------------------
//-----------------------------------------------------
if ($image_allow_comments == 1) {
  $site_template->register_vars(array(
      "has_rss"   => true,
      "rss_title" => "RSS Feed: ".$image_name." (".str_replace(':', '', $lang['comments']).")",
      "rss_url"   => $script_url."/rss.php?action=comments&".URL_IMAGE_ID."=".$image_id
  ));




  $additional_sql = "";
  if (!empty($additional_user_fields)) {
    $table_fields = $site_db->get_table_fields(USERS_TABLE);
    foreach ($additional_user_fields as $key => $val) {
      if (isset($table_fields[$key])) {
        $additional_sql .= ", u.$key";
      }
    }
  }
  $sql = "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS comment_user_name,u.admin_text, c.comment_response, c.response, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date".get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email").get_user_table_field(", u.", "user_showemail").get_user_table_field(", u.", "user_invisible").get_user_table_field(", u.", "user_joindate").get_user_table_field(", u.", "user_lastaction").get_user_table_field(", u.", "user_comments").get_user_table_field(", u.", "user_homepage").get_user_table_field(", u.", "user_icq").get_user_table_field(", u.", "user_id").$additional_sql."
  , u.userpic
          FROM ".COMMENTS_TABLE." c
          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
          WHERE c.image_id = $image_id AND c.response = 0
          ORDER BY c.comment_date ASC";
  $result = $site_db->query($sql);

  $comment_row = array();
  while ($row = $site_db->fetch_array($result)) {
    $comment_row[] = $row;
  }
  $site_db->free_result($result);
  $num_comments = sizeof($comment_row);

  if (!$num_comments) {
    $comments = "<tr><td class=\"commentrow1\" colspan=\"2\">".$lang['no_comments']."</td></tr>";
  }
  else {
    $comments = "";
    $bgcounter = 0;
    for ($i = 0; $i < $num_comments; $i++) {
      $row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;

      $comment_user_email = "";
      $comment_user_email_save = "";
      $comment_user_mailform_link = "";
      $comment_user_email_button = "";
      $comment_user_homepage_button = "";
      $comment_user_icq_button = "";
      $comment_user_profile_button = "";
      $comment_user_status_img = REPLACE_EMPTY;
      $comment_user_name = format_text($comment_row[$i]['comment_user_name'], 2);
      $comment_user_info = $lang['userlevel_guest'];

  $comment_headline = format_text($comment_row[$i]['comment_headline'], 0, $config['wordwrap_comments'], 0, 0);

      $comment_user_id = $comment_row[$i]['user_id'];

      if (isset($comment_row[$i][$user_table_fields['user_name']]) && $comment_user_id != GUEST) {
        $comment_user_name = format_text($comment_row[$i][$user_table_fields['user_name']], 2);

        $comment_user_profile_link = !empty($url_show_profile) ? $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_show_profile)) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$comment_user_id);
        $comment_user_profile_button = "<a href=\"".$comment_user_profile_link."\"><img src=\"".get_gallery_image("profile.gif")."\" border=\"0\" alt=\"".$comment_user_name."\" /></a>";



         // Commentusername mit Profil verlinken
        $comment_user_name = "<a href=\"".$comment_user_profile_link."\">".$comment_user_name."</a>";





        $comment_user_status_img = ($comment_row[$i][$user_table_fields['user_lastaction']] >= (time() - 300) && ((isset($comment_row[$i][$user_table_fields['user_invisible']]) && $comment_row[$i][$user_table_fields['user_invisible']] == 0) || $user_info['user_level'] == ADMIN)) ? "<img src=\"".get_gallery_image("user_online.gif")."\" border=\"0\" alt=\"Online\" />" : "<img src=\"".get_gallery_image("user_offline.gif")."\" border=\"0\" alt=\"Offline\" />";

        $comment_user_homepage = (isset($comment_row[$i][$user_table_fields['user_homepage']])) ? format_url($comment_row[$i][$user_table_fields['user_homepage']]) : "";
        if (!empty($comment_user_homepage)) {
          $comment_user_homepage_button = "<a href=\"".$comment_user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$comment_user_homepage."\" /></a>";
        }

        $comment_user_icq = (isset($comment_row[$i][$user_table_fields['user_icq']])) ? format_text($comment_row[$i][$user_table_fields['user_icq']]) : "";
        if (!empty($comment_user_icq)) {
          $comment_user_icq_button = "<a href=\"http://www.icq.com/people/about_me.php?uin=".$comment_user_icq."\" target=\"_blank\"><img src=\"http://status.icq.com/online.gif?icq=".$comment_user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$comment_user_icq."\" /></a>";
        }

        if (!empty($comment_row[$i][$user_table_fields['user_email']]) && (!isset($comment_row[$i][$user_table_fields['user_showemail']]) || (isset($comment_row[$i][$user_table_fields['user_showemail']]) && $comment_row[$i][$user_table_fields['user_showemail']] == 1))) {
          $comment_user_email = format_text($comment_row[$i][$user_table_fields['user_email']]);
          $comment_user_email_save = format_text(str_replace("@", " at ", $comment_row[$i][$user_table_fields['user_email']]));
          if (!empty($url_mailform)) {
            $comment_user_mailform_link = $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_mailform));
          }
          else {
            $comment_user_mailform_link = $site_sess->url(ROOT_PATH."member.php?action=mailform&".URL_USER_ID."=".$comment_user_id);
          }
          $comment_user_email_button = "<a href=\"".$comment_user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$comment_user_email_save."\" /></a>";
        }

//----------  [MOD] BUDDY  V2 beta ----------
//----------     2007 by eMagix    ----------
//----------   2010 by Sumale.nin  ----------
//----------       Start Code      ----------

if (($user_info['user_level'] != GUEST) && ($user_info['user_id'] != $comment_user_id)) {

$buddy_url = $self_url;

$buddy_url .= (!empty($mode)) ? ((strpos($buddy_url, '?') !== false) ? "&" : "?")."mode=".$mode : "";

$buddy_url .= strpos($buddy_url, '?') !== false ? "&" : "?";

// IF USER ALREADY A BUDDY SHOW ALREADY BUDDY TEXT

$buddy_status = check_buddy($comment_user_id);

if ($buddy_status == 1) {

$buddy_button = $lang['user_buddy_yes'];

}

// IF USER REQUEST PENDING SHOW PENDING TEXT

elseif ($buddy_status == 0) {

$buddy_button = $lang['user_buddy_pending'];

}

// IF NOT YET BUDDY SHOW BUTTON

elseif ($buddy_status == -1) {

$buddy_url .= "action=addbuddy&id=".$comment_user_id."";

$buddy_button = "<a href=\"".$site_sess->url($buddy_url)."\"><img src=\"".get_gallery_image("buddy_no.gif")."\" border=\"0\" alt=\"\" /></a>";

}

else {

// BUDDY BUTTON DISABLED

            if ($user_info['user_level'] != GUEST && $user_info['user_id'] == $comment_user_id)
        {
          $buddy_button = "";
        }
        else
        {
          $buddy_button = "<img src=\"".get_gallery_image("buddy_off.gif")."\" border=\"0\" alt=\"\" />";
        }

  }
//----------- END CODE  -----------------

        if (!isset($comment_row[$i][$user_table_fields['user_level']]) || (isset($comment_row[$i][$user_table_fields['user_level']]) && $comment_row[$i][$user_table_fields['user_level']] == USER)) {
          $comment_user_info = $lang['userlevel_user'];
        }
        elseif ($comment_row[$i][$user_table_fields['user_level']] == ADMIN) {
          $comment_user_info = $lang['userlevel_admin'];
        }

        $comment_user_info .= "<br />";
        $comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_joindate']])) ? "<br />".$lang['join_date']." ".format_date($config['date_format'], $comment_row[$i][$user_table_fields['user_joindate']]) : "";
        $comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_comments']])) ? "<br />".$lang['comments']." ".$comment_row[$i][$user_table_fields['user_comments']] : "";
      }

      $comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";

      $admin_links = "";
      if ($user_info['user_level'] == ADMIN) {
        $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['edit']."</a>";
        $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['delete']."</a>";
      }
          elseif ($is_image_owner && $user_info['user_id'] == $comment_user_id) {

        $admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a> ";
        $admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";
      }$responses = "";
    $response_comment_id = "";
      if ($comment_row[$i]['comment_response'] != 0) {
        $bg_number = $bgcounter;
        $response_bg = ($bg_number++ % 2 == 0) ? 1 : 2;
        $responses .= "<br /><table class=\"reply\" width=\"90%\" align=\"center\" cellpadding=\"5\" cellspacing=\"0\" >\n";

        $response_row['comment_response'] = $comment_row[$i]['comment_response'];
        while ($response_row['comment_response'] != 0) {
          $sql = "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS response_user_name, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date, c.comment_response".get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name")."
                  FROM ".COMMENTS_TABLE." c
                  LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
                  WHERE c.comment_id = ".$response_row['comment_response'];
          $response_row = $site_db->query_firstrow($sql);

          $response_user_name = format_text($response_row['response_user_name'], 2);
          $response_user_info = $lang['userlevel_guest'];
          $response_user_id = $response_row['user_id'];
          $response_date = format_date($config['date_format']." ".$config['time_format'], $response_row['comment_date']);
          $response_text = format_text($response_row['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']);
          $response_comment_id = $response_row['comment_id'];

          if (isset($response_row[$user_table_fields['user_name']]) && $response_user_id != GUEST) {
            $response_user_profile_link = !empty($url_show_profile) ? $site_sess->url(preg_replace("/{user_id}/", $response_user_id, $url_show_profile)) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$response_user_id);
            $response_user_name = "<a href=\"".$response_user_profile_link."\">".format_text($response_row[$user_table_fields['user_name']], 2)."</a>";

            if (!isset($response_row[$user_table_fields['user_level']]) || (isset($response_row[$user_table_fields['user_level']]) && $response_row[$user_table_fields['user_level']] == USER)) {
              $response_user_info = $lang['userlevel_user'];
            }
            elseif ($response_row[$user_table_fields['user_level']] == ADMIN) {
              $response_user_info = $lang['userlevel_admin'];
            }
          }

          $response_user_ip = ($user_info['user_level'] == ADMIN) ? $response_row['comment_ip'] : "";

          $response_admin_links = "";
          if ($user_info['user_level'] == ADMIN) {
            $response_admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&comment_id=".$response_row['comment_id']))."\" target=\"_blank\">".$lang['edit']."</a> ";
            $response_admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&comment_id=".$response_row['comment_id']))."\" target=\"_blank\">".$lang['delete']."</a>";
          }
          elseif ($is_image_owner) {
            $response_admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&".URL_COMMENT_ID."=".$response_row['comment_id'])."\">".$lang['edit']."</a> ";
            $response_admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&".URL_COMMENT_ID."=".$response_row['comment_id'])."\">".$lang['delete']."</a>";
          }
          $responses .= "<tr class=\"reply-bit2\">\n<a name=\"comment".$response_comment_id."\"></a>\n<td class=\"commentrow".$response_bg."\">\n";
          $responses .= "<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n";
          $responses .= "<tr>\n<td><b>".$lang['response'].$response_user_name."</b> (".$response_user_info.")</td>\n";
          $responses .= "<td class=\"date-reply\">".$response_date."</td>\n</tr>\n";
          $responses .= "<tr>\n<td colspan=\"2\"><hr>\n".$response_text."</td>\n</tr>\n";
          $responses .= "<tr>\n<td>".$response_user_ip."</td>\n";
          $responses .= "<td align=\"right\">".$response_admin_links."</td>\n</tr>\n";
          $responses .= "</table>\n</td>\n</tr>\n</div>";

          $response_bg = ($bg_number++ % 2 == 0) ? 1 : 2;
        }

        $responses .= "</table>\n";
      }

      $response_to_id = "";
      if ($response_comment_id) {
        $response_to_id .= $response_comment_id;
      } else {
        $response_to_id .= $comment_row[$i]['comment_id'];
      }

      $site_template->register_vars(array(
        "comment_id" => $comment_row[$i]['comment_id'],

        "comment_user_pm" => ($config['pm'] && $comment_row[$i]['user_id']  != GUEST && $user_info['user_level'] > GUEST && $user_info['user_id'] != $comment_row[$i]['user_id']) ? "<a href=\"".$site_sess->url(ROOT_PATH."pm.php?action=quote&mode=comment&id=".$comment_row[$i]['comment_id']."&user_id=".$comment_row[$i]['user_id'])."\" /><img src=\"".get_gallery_image("pm.gif")."\" border=\"0\" alt=\"".$lang['pm_user_pm_alt']."\" /></div></a>" : "",
        "comment_user_id" => $comment_user_id,
        "comment_user_status_img" => $comment_user_status_img,
        "comment_user_name" => $comment_user_name,
        "comment_user_info" => $comment_user_info,
        "comment_user_profile_button" => $comment_user_profile_button,
        "comment_user_email" => $comment_user_email,
        "comment_user_email_save" => $comment_user_email_save,
        "comment_user_mailform_link" => $comment_user_mailform_link,
        "comment_user_email_button" => $comment_user_email_button,
        "comment_user_homepage_button" => $comment_user_homepage_button,
        "comment_user_icq_button" => $comment_user_icq_button,
        "comment_user_ip" => $comment_user_ip,
                "comment_userpic" => ($config['userpic'] && $comment_row[$i]['userpic']) ? ROOT_PATH."data/userpic/".$comment_row[$i]['userpic'] : "",
        "comment_headline" => $comment_headline,
        "responses" => $responses,
        "response_to_id" => $response_to_id,
        "lang_post_response" => $lang['post_response'],
        "comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
        "comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),

"buddy_button" => $buddy_button,

// BUDDY MOD BY EMAGIX - REFRESH BY SUMALE.NIN
        "row_bg_number" => $row_bg_number,
        "admin_links" => $admin_links
      ));
      $comments .= $site_template->parse_template("comment_bit");
    } // end while
  } //end else
  $site_template->register_vars("comments", $comments);
  unset($comments);

  //-----------------------------------------------------
  //--- BBCode & Form -----------------------------------
  //-----------------------------------------------------
  $allow_posting = check_permission("auth_postcomment", $cat_id);
  $bbcode = "";
  if ($config['bb_comments'] == 1 && $allow_posting) {
    $site_template->register_vars(array(
      "lang_bbcode" => $lang['bbcode'],
      "lang_tag_prompt" => $lang['tag_prompt'],
      "lang_link_text_prompt" => $lang['link_text_prompt'],
      "lang_link_url_prompt" => $lang['link_url_prompt'],
      "lang_link_email_prompt" => $lang['link_email_prompt'],
      "lang_list_type_prompt" => $lang['list_type_prompt'],
      "lang_list_item_prompt" => $lang['list_item_prompt']
    ));
    $bbcode = $site_template->parse_template("bbcode");
  }

  if (!$allow_posting) {
    $comment_form = "";
  }
  else {
    $user_name = (isset($HTTP_POST_VARS['user_name']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['user_name'])), 2) : (($user_info['user_level'] != GUEST) ? format_text($user_info['user_name'], 2) : "");
    $comment_headline = (isset($HTTP_POST_VARS['comment_headline']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_headline'])), 2) : "";
    $comment_text = (isset($HTTP_POST_VARS['comment_text']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_text'])), 2) : "";

$response_to = (isset($HTTP_POST_VARS['response_to']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['response_to'])), 2) : "";

    $site_template->register_vars(array(
      "bbcode" => $bbcode,
      "user_name" => $user_name,
      "comment_headline" => $comment_headline,
      "comment_text" => $comment_text,"response_to" => $response_to,
      "lang_clear" => $lang['clear'],
      "lang_clear_desc" => $lang['clear_desc'],
      "lang_post_comment" => $lang['post_comment'],
      "lang_name" => $lang['name'],
      "lang_headline" => $lang['headline'],
      "lang_comment" => $lang['comment'],
      "lang_captcha" => $lang['captcha'],
      "lang_captcha_desc" => $lang['captcha_desc'],
      "captcha_comments" => (bool)$captcha_enable_comments
    ));
    $comment_form = $site_template->parse_template("comment_form");
  }
  $site_template->register_vars("comment_form", $comment_form);
  unset($comment_form);
} // end if allow_comments

// Admin Links
$admin_links = "";
if ($user_info['user_level'] == ADMIN) {
  $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("images.php?action=editimage&image_id=".$image_id))."\" target=\"_blank\">".$lang['edit']."</a> ";
  $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("images.php?action=removeimage&image_id=".$image_id))."\" target=\"_blank\">w".$lang['delete']."</a>";
}
elseif ($is_image_owner) {
  $admin_links .= ($config['user_edit_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['edit']."</a> ";
  $admin_links .= ($config['user_delete_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removeimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['delete']."</a>";
}
$site_template->register_vars("admin_links", $admin_links);

// Update Hits
if ($user_info['user_level'] != ADMIN) {
  $sql = "UPDATE ".IMAGES_TABLE."
          SET image_hits = image_hits + 1
          WHERE image_id = $image_id";
  $site_db->query($sql);
}

//-----------------------------------------------------
//---Clickstream---------------------------------------
//-----------------------------------------------------
$clickstream = "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'];

if ($mode == "lightbox" && $in_mode) {
  $page_url = "";
if (preg_match("/".URL_PAGE."=([0-9]+)/", $url, $regs)) {
    if (!empty($regs[1]) && $regs[1] != 1) {
      $page_url = "?".URL_PAGE."=".$regs[1];
    }
  }
  $clickstream .= "<a href=\"".$site_sess->url(ROOT_PATH."lightbox.php".$page_url)."\" class=\"clickstream\">".$lang['lightbox']."</a>".$config['category_separator'];
}
elseif ($mode == "search" && $in_mode) {
  $page_url = "";
  if (preg_match("/".URL_PAGE."=([0-9]+)/", $url, $regs)) {
    if (!empty($regs[1]) && $regs[1] != 1) {
      $page_url = "&".URL_PAGE."=".$regs[1];
    }
  }
  $clickstream .= "<a href=\"".$site_sess->url(ROOT_PATH."search.php?show_result=1".$page_url)."\" class=\"clickstream\">".$lang['search']."</a>".$config['category_separator'];
}
else {
  $clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
}
$clickstream .= $image_name."</span>";

$sql = "SELECT l.lightbox_image_ids, u.user_id, l.user_id".get_user_table_field(", u.", "user_name")."

FROM (".LIGHTBOXES_TABLE." l, ".USERS_TABLE." u)

WHERE l.lightbox_image_ids LIKE '%$image_id%' AND u.user_id=l.user_id";

$result = $site_db->query($sql);
  $lightbox_row = array();
  while ($row = $site_db->fetch_array($result)) {
    $lightbox_row[] = $row;
  }
  $site_db->free_result($result);
  $num_rows = sizeof($lightbox_row);

if ($num_rows) {
for ($i = 0; $i < $num_rows; $i++) {

$lightbox_list .= "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=showprofile&".URL_USER_ID."=".$lightbox_row[$i]['user_id'])."\">".$lightbox_row[$i]['user_name']."</a>";

if ($i+1 != $num_rows) {

$lightbox_list .= ", ";

}

}

//-----------------------------------------------------
//--- Print Out ---------------------------------------
//-----------------------------------------------------
$site_template->register_vars(array(

"lightbox_list" => $lightbox_list,
  "msg" => $msg,
  "clickstream" => $clickstream,
  "lang_category" => $lang['category'],
  "lang_added_by" => $lang['added_by'],
  "lang_description" => $lang['description'],
  "lang_keywords" => $lang['keywords'],
  "lang_date" => $lang['date'],
  "lang_hits" => $lang['hits'],
  "lang_downloads" => $lang['downloads'],
  "lang_rating" => $lang['rating'],
  "lang_votes" => $lang['votes'],
  "lang_author" => $lang['author'],
  "lang_comment" => $lang['comment'],
  "lang_prev_image" => $lang['prev_image'],
  "lang_next_image" => $lang['next_image'],
  "lang_file_size" => $lang['file_size']
));

//-----------------------------------------------------
//--- [MOD] Ajax Star Rating --------------by Bash-T---
//START------------------------------------------------
$site_template->register_vars(array(

"ajax_rating_labels_0" => $lang['ajax_rating_labels'][0],

"ajax_rating_labels_1" => $lang['ajax_rating_labels'][1],

"ajax_rating_labels_2" => $lang['ajax_rating_labels'][2],

"ajax_rating_labels_3" => $lang['ajax_rating_labels'][3],

"ajax_rating_labels_4" => $lang['ajax_rating_labels'][4],

"ajax_rating_labels_5" => $lang['ajax_rating_labels'][5],

"ajax_rating_messages_0" => $lang['ajax_rating_messages'][0],

"ajax_rating_messages_1" => $lang['ajax_rating_messages'][1],

"ajax_rating_messages_2" => $lang['ajax_rating_messages'][2],

"ajax_rating_messages_3" => $lang['ajax_rating_messages'][3],

"ajax_rating_points" => $lang['ajax_rating_points']
));
//-----------------------------------------------------
//--- [MOD] Ajax Star Rating --------------by Bash-T---
//--------------------------------------------------END

$site_template->print_template($site_template->parse_template($main_template));
include(ROOT_PATH.'includes/page_footer.php');
?>

-----------------------
Edit :1
---------------------

i think i found why is that problem but i can't show images when i solve it ,

WHERE i.image_active = 1 AND i.user_id = " . (int)$user_id . " AND i.cat_id NOT IN (".get_auth_cat_sql("auth_viewcat", "NOTIN").")";

in
WHERE i.image_active = 1 when i change it to 0 the problem is gone but the mod doesn't work

------------------
Edit:2
------------------

i think i found the problem is with this mode

http://www.4homepages.de/forum/index.php?topic=17452.0

when i add both of modes show images mod doesn't work and appear blank page

please help ?

18

Error Messages / Fehlermeldungen / Re: Warning: session_start(): open(

« on: January 27, 2011, 05:38:08 PM »

thanks V@no

19

Mods & Plugins (Requests & Discussions) / shortcut of users :4images&yousername:

« on: January 24, 2011, 05:51:00 AM »

Hello~

i have an idea is that :
i want to show user's avatar with profile link when any user write :4imageswassimo: wassimo is the user name is it possible ?
in whole script ?

just like Smiles shortcut system

(: etc...

20

Mods & Plugins (Requests & Discussions) / Re: user pic in profile comments + patch download file

« on: January 22, 2011, 01:50:16 PM »

Thanks alot
what about USERpic in comments in profile ?

21

Mods & Plugins (Requests & Discussions) / user pic in profile comments + patch download file

« on: January 21, 2011, 03:07:39 AM »

Hello
iHope some one Help me with this question ~!

I need to display Userpic's In profile comment ,
when some one goin to make comment in ur profile so the avatar should be appeared ?

and other Question please ?

there's 2 upload forms in member_upload.html
so i would like to change it lil bit

media_file : any one can upload image with pic size < auto resizer and in details.ph can see big size

Thumb_file : any one can pach file <uncoercive and show in details page

else Can be Edited by user and Amin ~!

please any one can ?

22

Mods & Plugins (Releases & Support) / Re: [MOD] Floating Guest Message < Jquery >

« on: July 31, 2010, 07:51:55 AM »

merci mon ami

4images Forum & Community

News:

Messages - wassimo

Discussion & Troubleshooting / Blank page , member.php problem

Mods & Plugins (Releases & Support) / blank profile page when i add fave with show user images in profile Help ?

Error Messages / Fehlermeldungen / Re: Warning: session_start(): open(

Mods & Plugins (Requests & Discussions) / shortcut of users :4images&yousername:

Mods & Plugins (Requests & Discussions) / Re: user pic in profile comments + patch download file

Mods & Plugins (Requests & Discussions) / user pic in profile comments + patch download file

Mods & Plugins (Releases & Support) / Re: [MOD] Floating Guest Message < Jquery >