$value) {
if (array_key_exists($name, $_REQUEST)) { continue; }
$_REQUEST[$name] = $value;
}
// process form
if (@$_REQUEST['save']) {
// error checking
$errorsAndAlerts = "";
if (!@$_REQUEST['firstname']) { $errorsAndAlerts .= "You must enter your First name! \n"; }
if (!@$_REQUEST['lastname']) { $errorsAndAlerts .= "You must enter your Last name! \n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts .= "You must enter your email! \n"; }
else if(!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com) \n"; }
if (!@$_REQUEST['state']) { $errorsAndAlerts .= "You must select a state! \n"; }
if (!@$_REQUEST['address']) { $errorsAndAlerts .= "You must enter your address! \n"; }
if (!@$_REQUEST['zip']) { $errorsAndAlerts .= "You must enter your zip code! \n"; }
if (!@$_REQUEST['phone']) { $errorsAndAlerts .= "You must enter your phone number! \n"; }
if (!@$_REQUEST['url']) { $errorsAndAlerts .= "You must enter your Website URL! \n"; }
if (!@$_REQUEST['status']) { $errorsAndAlerts .= "You must select your status! \n"; }
if (!@$_REQUEST['brand']) { $errorsAndAlerts .= "You must select one or more camera brand! \n"; }
if (!@$_REQUEST['category']) { $errorsAndAlerts .= "You must select one or more category! \n"; }
// new password checking
if (@$_REQUEST['oldPassword'] || $_REQUEST['newPassword1'] || $_REQUEST['newPassword2']) {
$oldPasswordHash = (@$SETTINGS['advanced']['encryptPasswords']) ? getPasswordDigest(@$_REQUEST['oldPassword']) : @$_REQUEST['oldPassword'];
if (!@$_REQUEST['oldPassword']) { $errorsAndAlerts .= "Please enter a value for: Current Password \n"; }
elseif ($oldPasswordHash != $CURRENT_USER['password']) { $errorsAndAlerts .= "Current password isn't correct! \n"; }
elseif (!@$_REQUEST['newPassword1']) { $errorsAndAlerts .= "Please enter a value for: New Password \n"; }
elseif (!@$_REQUEST['newPassword2']) { $errorsAndAlerts .= "Please enter a value for: Confirm New Password \n"; }
elseif ($_REQUEST['newPassword1'] != $_REQUEST['newPassword2']) { $errorsAndAlerts .= "New passwords don't match! \n"; }
}
// check for duplicate usernames and emails
if (@$_REQUEST['username'] != $CURRENT_USER['username']) {
$count = mysql_count($GLOBALS['WSM_ACCOUNTS_TABLE'], "`username` = '".mysql_escape(@$_REQUEST['username'])."'");
if ($count > 0 && @$_REQUEST['username']) { $errorsAndAlerts .= "That username is already in use, please choose another! \n"; }
}
if (@$_REQUEST['email'] != $CURRENT_USER['email']) {
$count = mysql_count($GLOBALS['WSM_ACCOUNTS_TABLE'], "'".mysql_escape($_REQUEST['email'])."' IN (email, username)");
if ($count > 0) { $errorsAndAlerts .= "That email is already in use, please choose another! \n"; }
}
// upload 'profile_image' if supplied
$uploadFieldName = 'main_image';
$uploadInfo = @$_FILES[$uploadFieldName];
if ($uploadInfo && !$errorsAndAlerts) {
/// attempt to save the upload
$errors = saveUpload('accounts', $uploadFieldName, $CURRENT_USER['num'], null, $uploadInfo, $newUploadNums);
/// check for errors
if ($errors) {
$errorsAndAlerts .= "There was a problem with your upload: $errors \n";
}
else {
/// if the upload was successful, delete any other uploads associated with that record and field (so users only ever have 1 profile image)
global $TABLE_PREFIX;
// create query
$where = mysql_escapef(" WHERE tableName = 'accounts' AND recordNum = ? AND num != ?", $CURRENT_USER['num'], $newUploadNums[0]);
// remove upload files
$query = "SELECT * FROM `{$TABLE_PREFIX}uploads` $where";
$result = mysql_query($query) or die("MySQL Error: ". htmlspecialchars(mysql_error()) . "\n");
while ($row = mysql_fetch_assoc($result)) {
$files = array($row['filePath'], $row['thumbFilePath'], @$row['thumbFilePath2'], @$row['thumbFilePath3'], @$row['thumbFilePath4']);
foreach ($files as $filepath) {
if (!$filepath || !file_exists($filepath) || @unlink($filepath)) { continue; }
//$error = "Unable to remove file '" .htmlspecialchars($filepath). "'\n\n";
//$error .= "Please ask your server administrator to check permissions on that file and directory.\n\n";
//$error .= "The PHP error message was: $php_errormsg\n";
//die($error);
}
}
if (is_resource($result)) { mysql_free_result($result); }
// remove upload records
mysql_query("DELETE FROM `{$TABLE_PREFIX}uploads` $where") or die("MySQL Error: ". htmlspecialchars(mysql_error()) . "\n");
}
}
// update user
if (!$errorsAndAlerts) {
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields are added later)
if (@$_REQUEST['newPassword2']) { $CURRENT_USER['password'] = $_REQUEST['newPassword2']; } // update password
// update password if needed
$password = @$_REQUEST['newPassword2'] ? @$_REQUEST['newPassword2'] : $CURRENT_USER['password'];
if (@$SETTINGS['advanced']['encryptPasswords']) { $passwordHash = getPasswordDigest($password); }
else { $passwordHash = $password; }
//
$query = "UPDATE `{$TABLE_PREFIX}" . @$GLOBALS['WSM_ACCOUNTS_TABLE'] . "` SET
firstname = '".mysql_escape( $_REQUEST['firstname'] )."',
lastname = '".mysql_escape( $_REQUEST['lastname'] )."',
email = '".mysql_escape( $_REQUEST['email'] )."',
username = '".mysql_escape( $_REQUEST['email'] )."',
password = '".mysql_escape( $passwordHash )."',
state = '".mysql_escape( $_REQUEST['state'] )."',
address = '".mysql_escape( $_REQUEST['address'] )."',
zip = '".mysql_escape( $_REQUEST['zip'] )."',
phone = '".mysql_escape( $_REQUEST['phone'] )."',
website_title = '".mysql_escape( $_REQUEST['website_title'] )."',
url = '".mysql_escape( $_REQUEST['url'] )."',
status = '".mysql_escape( $_REQUEST['status'] )."',
brand = '".mysql_escape( $_REQUEST['brand'] )."',
degital_or_film = '".mysql_escape( $_REQUEST['degital_or_film'] )."',
category = '".mysql_escape( $_REQUEST['category'] )."',
bio = '".mysql_escape( $_REQUEST['bio'] )."',
premium = '".mysql_escape( $_REQUEST['premium'] )."',
mail_magazine = '".intval( @$_REQUEST['mail_magazine'] )."',
news_letter = '".intval( @$_REQUEST['news_letter'] )."',
updatedByUserNum = '".mysql_escape( $CURRENT_USER['num'] )."',
updatedDate = NOW()
WHERE num = '".mysql_escape( $CURRENT_USER['num'] )."'";
mysql_query($query) or die("MySQL Error: \n". htmlspecialchars(mysql_error()) . "\n");
$userNum = mysql_insert_id();
// on success
unset($_REQUEST['oldPassword'], $_REQUEST['newPassword1'], $_REQUEST['newPassword2']); // clear password fields
$errorsAndAlerts = "Thanks, we've updated your profile!";
}
}
// delete account
if (@$_POST['deleteAccount']) {
if ($CURRENT_USER['isAdmin']) { die("Error: Deleting admin accounts is not permitted!"); }
// delete uploads
$GLOBALS['tableName'] = $GLOBALS['WSM_ACCOUNTS_TABLE'];
eraseRecordsUploads( $CURRENT_USER['num'] );
// delete account
$query = mysql_escapef("DELETE FROM `{$TABLE_PREFIX}accounts` WHERE num = ?", $CURRENT_USER['num']);
mysql_query($query) or die("MySQL Error: \n". htmlspecialchars(mysql_error()) . "\n");
// redirect to login
websiteLogin_redirectToLogin();
}
?>
Sample Edit Profile Page
(*)are required entry.
You can always come back to edit or update your portfolio, but once the 'Update' button is pressed, the changes you've made will reflect your portfolio papge so be sure you have entered the right information.
The only fields that will appear on your portfolio page is your
-First Name
-Last Name
-State
-Website Title
-Website URL
-Category
-Biography
and
-Photograph Images
Here is a demo page of a portfolio page.
Regular Member Page
Premium Member Page
Delete Account
If you want to delete your account you can do so here.
Please note that all data will be lost and this is irreversible.