Does anyone know whats wrong with my profile signiture everything works but when i put in what i want it dont show up on my profile but when i go to edit it its still there ?????
My preferences and users profile codes are below >>>>
Preferences.php
<?php
include_once (DIRNAME(__FILE__). '/globals.php');
// XSS Prevention
function NoXSS($Var) {
return (get_magic_quotes_gpc()) ? htmlspecialchars($Var) : addslashes(htmlspecialchars($Var));
}
$_GET['act'] = isset($_GET['act']) && ctype_alpha($_GET['act']) ? trim($_GET['act']) : 'Index';
switch ($_GET['act']) {
case 'SexChange': SexChange(); break;
case 'PassChange': PassChange(); break;
case 'NameChange': NameChange(); break;
case 'DPChange': DPChange(); break;
case 'ForumSig': ForumSig(); break;
case 'ProfileSig': ProfileSig(); break;
default: Index(); break;
}
if (!in_array($_GET['act'], array('Index', 'SexChange', 'PassChange', 'NameChange', 'DPChange', 'ForumSig','ProfileSig'))) {
Error('Invalid Command!');
}
// Index Function
function Index() {
echo '<h3 style="text-decoration: underline;">Your Preferences</h3>
[url="preferences.php?act=SexChange"]Sex Change[/url]
[url="preferences.php?act=PassChange"]Password Change[/url]
[url="preferences.php?act=NameChange"]Username Change[/url]
[url="preferences.php?act=DPChange"]Display Picture Change[/url]
[url="preferences.php?act=ForumSig"]Forum Info Change[/url]
[url="preferences.php?act=ProfileSig"]Profile Sig Change[/url]
';
}
// Sex Change Function
function SexChange() {
global $ir, $db;
$NewGender = ($ir['gender'] == 'Male') ? 'Female' : 'Male';
if (isset($_POST['NewGender'])) {
$db->query(sprintf("UPDATE `users` SET `gender`='%s' WHERE `userid`='%d'", $_POST['NewGender'], $ir['userid']));
echo sprintf("You Are Now A %s", $_POST['NewGender']);
endpage;
exit;
} else {
echo '<h3 style="text-decoration: underline;">Sex Change</h3>
<form action="preferences.php?act=SexChange" method="post">';
echo sprintf("<input type='hidden' name='NewGender' value='%s' />", $NewGender);
echo sprintf("You Are Currently A Are %s, Are You Sure You Want To Become A %s?
", $ir['gender'], $NewGender);
echo '<input type="submit" value="Yes!" />
</form>';
}
}
// Password Change Function
function PassChange() {
global $ir, $db, $c;
$Info = $db->fetch_row($db->query(sprintf("SELECT `userid`, `userpass`, `login_name` FROM `users` WHERE `userid`='%d'", $ir['userid'])));
if (isset($_POST['OldPass'], $_POST['NewPass1'])) {
if ($_POST['NewPass1'] == '') {
echo 'Error!
You Entered No Password
';
} else if (md5($_POST['OldPass']) != $Info['userpass']) {
echo 'Error!
The Current Password Is Inncorrect!
';
} else {
$db->query(sprintf("UPDATE `users` SET `userpass`='%s' WHERE `userid`='%d'", md5($_POST['NewPass1']), $ir['userid']));
echo 'Your Password Has Been Updated!
Your New Password Is: [i]'.$_POST['NewPass1'].'[/i]
Keep This Password Safe And Don\'t Tell Anyone It.
> [url="index.php"]Home[/url]';
}
} else {
echo '<h3 style="text-decoration: underline;">Password Change</h3>
<form action="preferences.php?act=PassChange" method="post">
Current Password: <input type="password" name="OldPass" />
New Password: <input type="password" name="NewPass1" />
<input type="submit" value="Change Password!" />
</form>';
}
}
// Name Change Function
function NameChange() {
global $ir, $db;
if (isset($_POST['NewName'])) {
$CheckLog = $db->num_rows($db->query(sprintf("SELECT `userid`, `username` FROM `users` WHERE `login_name`='%s' AND `userid`!='%d'", $_POST['NewName'], $ir['userid'])));
$CheckGame = $db->num_rows($db->query(sprintf("SELECT `userid`, `username` FROM `users` WHERE `username`='%s' AND `userid`!='%d'", $_POST['NewName'], $ir['userid'])));
if (trim($_POST['NewName']) == '') {
echo 'Error!
You Did Not Enter A New Name
';
} else if ($CheckLog) {
echo 'Error!
This Name Is In Use
';
} else if ($CheckGame) {
echo 'Error!
This Name Is In Use
';
} else if (strlen($_POST['NewName']) < '4') {
echo 'Error!
This Name Is Too Short';
} else if (strlen($_POST['NewName']) > '15') {
echo 'Error!
This Name Is Too Long';
} else {
$_POST['NewName'] = str_replace(array("<", ">", "'", ";"), array("", "", "", ""), $_POST['NewName']);
$db->query(sprintf("UPDATE `users` SET `username`='%s' WHERE `userid`='%d'", $_POST['NewName'], $ir['userid']));
echo 'You Have Changed Your Username';
}
} else {
echo '<h3>Name Change</h3>
Please note that you still use the same name to login, this procedure simply changes the name that is displayed.
<form action="preferences.php?act=NameChange" method="post">
New Name: <input type="text" name="NewName" />
<input type="submit" value="Change Name" />
</form>';
}
}
// Display Picture Change Function
function DPChange() {
global $ir, $db;
$Pic = $db->query(sprintf("SELECT `display_pic` FROM `users` WHERE `userid`='%d'", $ir['userid']));
if (isset($_POST['NewPic'])) {
if ($_POST['NewPic'] == '') {
echo 'You Did Not Enter An Image';
} else {
if(!preg_match('~(.?).(jpg|jpeg|gif|png)~i', $_POST['NewPic'])) {
print "You are trying to upload an invalid image";
} else {
$_POST['NewPic'] = str_replace(array("<", ">", "'", ";", ".php", ".html", ".js"), array("", "", "", "", "", "", ""), $_POST['NewPic']);
$db->query(sprintf("UPDATE `users` SET `display_pic`='%s' WHERE `userid`='%d'", $_POST['NewPic'], $ir['userid']));
echo 'Picture Changed';
}
}
} else {
echo '<h3>Pic Change</h3>
Please note that this must be externally hosted, [url="http://imageshack.us"]ImageShack[/url] is our recommendation.
<form action="preferences.php?act=DPChange" method="post">';
echo sprintf("New Pic: <input type='text' name='NewPic' value='%s' />
", $Pic['display_pic']);
echo '
<input type="submit" value="Change Picture" />
</form>';
}
}
// Forum Info Change Function
function ForumSig() {
global $ir, $db;
if (isset($_POST['NewFSig'])) {
$db->query(sprintf("UPDATE `users` SET `forums_avatar`='%s', `forums_signature`='%s' WHERE `userid`='%d'", NoXSS($_POST['FPic']), NoXSS($_POST['NewFSig']), $ir['userid']));
echo 'Forum Info Updated';
} else {
echo '<h3>Forum Info Change</h3>
Please note that the avatar must be externally hosted, [url="http://imageshack.us"]ImageShack[/url] is our recommendation.
<form action="preferences.php?act=ForumSig" method="post">';
echo sprintf("Avatar: <input type='text' name='NewFPic' value='%s' />
", $ir['forums_avatar']);
echo sprintf("Signature (you may use BBcode): <textarea rows='10' cols='50' name='NewFSig'>%s</textarea>
", $ir['forums_signature']);
echo '<input type="submit" value="Change Info" />
</form>';
}
}
// Profile Sig Change Function
function ProfileSig() {
global $ir, $db;
if (isset($_POST['NewPSig'])) {
$db->query(sprintf("UPDATE `users` SET `sig`='%s' WHERE `userid`='%d'", NoXSS($_POST['sig']), $ir['userid']));
echo 'Profile Sig Updated';
} else {
echo '<h3>Profile Sig</h3>
<form action="preferences.php?act=ProfileSig" method="post">';
echo 'Signature :
';
echo '[b]<font color="CC0000"> Note that image size should be a maximum size of 640x480 !![/b]
';
echo sprintf("<textarea rows='10' cols='50' name='NewPSig'>%s</textarea>
", $ir['sig']);
echo '<input type="submit" value="Change Profile Sig" />
</form>';
}
}
$h->endpage( );
?>
Viewuser.php
<?php
require_once (DIRNAME(__FILE__) . '/globals.php');
$_GET['u'] = abs((INT) $_GET['u']);
if(!$_GET['u'])
{
echo 'Invalid use of file';
$h->endpage();
exit;
}
else
{
$Select = sprintf(
"SELECT u.userid, u.username, u.level, u.money, u.crystals, u.laston, u.lastip, u.energy, u.will, u.maxwill, u.brave, u.maxbrave, u.maxenergy, u.hp, u.maxhp, u.location, u.hospital, u.jail, u.jail_reason, u.fedjail, u.user_level, u.gender, u.daysold, u.signedup, u.gang, u.donatordays, u.email, u.display_pic, u.duties, u.staffnotes, u.hospreason, u.lastip_login, u.lastip_signup, u.last_login, u.friend_count, u.enemy_count, c.cityid, c.cityname, h.hID, h.hWILL, g.gangID, g.gangNAME, f.fed_userid, f.fed_days, f.fed_jailedby, f.fed_reason " .
"FROM users u " .
"LEFT JOIN cities c " .
"ON u.location=c.cityid " .
"LEFT JOIN houses h " .
"ON u.maxwill=h.hWILL " .
"LEFT JOIN gangs g " .
"ON g.gangID=u.gang " .
"LEFT JOIN fedjail f " .
"ON f.fed_userid=u.userid " .
"WHERE u.userid=('%u')",
$_GET['u']);
$q = $db->query($Select);
if($db->num_rows($q) == 0)
{
echo 'Sorry, we could not find a user with that ID, check your source.';
$h->endpage();
exit;
}
else
{
$r = $db->fetch_row($q);
if($r['user_level'] == 1)
{
$UserLevel = "Member";
}
else if($r['user_level'] == 2)
{
$UserLevel = "Admin";
}
else if ($r['user_level'] == 3)
{
$UserLevel = "Secretary";
}
else if($r['user_level'] == 5)
{
$UserLevel = "Assistant";
}
else if($r['user_level'] == 0)
{
$UserLevel = "NPC";
}
else
{
$UserLevel = "Report To Admin.";
}
$LastOn = ($r['laston'] > 0) ?date('F j, Y g:i:s a',$r['laston']) : "Never";
$SignedUp = date('F j, Y g:i:s a',$r['signedup']);
$d="";
if($r['laston'] > 0)
{
$LA = time() - $r['laston'];
$Unit1 = "Seconds";
if($LA >= 60)
{
$LA = (int) ($LA/60);
$Unit1 = "Minutes";
}
if($LA >= 60)
{
$LA = (int) ($LA/60);
$Unit1 = "Hours";
if($LA >= 24)
{
$LA = (int) ($LA/24);
$Unit1 = "Days";
}
}
$LastAction = "$LA $Unit1 ago.";
}
else
{
$LastAction="--";
}
if($r['married'] != 0) { $partner= "{$par['username']}"; } else { $partner= "N/A"; }
if($r['donatordays'])
{
$r['username'] = '<font color=red>'.$r['username'].'</font>';
$D = '[img=/images/donator.gif]';
}
if($r['laston'] >= time()-15*60)
{
$On = "<blink><font color='green'>[b]Online[/b]</font></blink>";
}
else
{
$On = "<font color='red'>[b]Offline[/b]</font>";
}
$DaysOld = number_format($r['daysold']);
$Money = number_format($r['money']);
$Crystals = number_format($r['crystals']);
$Level = number_format($r['level']);
$HP = number_format($r['hp']);
$MaxHP = number_format($r['maxhp']);
$Friends = number_format($r['friend_count']);
$Enemies = number_format($r['enemy_count']);
echo '<h3>Profile for '.$r['username'].'</h3>
<table width="98%" cellspacing="1" class="table">
<tr style="background:gray">
<th>General Info</th>
<th>Display Pic</th>
</tr>
<tr>
<td width="50%">
Name: '.$r['username'].' ['.$r['userid'].'] '.$D.'
User Level: '.$UserLevel.'
Duties: '.$r['duties'].'
Level: '.$Level.'
Money: $'.$Money.'
Crystals: '.$Crystals.'
Property: '.$r['hNAME'].'
Gender: '.$r['gender'].'
Married: '.$partner.'
Days Old: '.$DaysOld.'
Location: '.$r['cityname'].'
Friends: '.$Friends.'
Enemies: '.$Enemies.'
Health: '.$HP.'/'.$MaxHP.'
Gang: ';
if($r['gang'])
{
echo '[url="gangs.php?action=view&ID='.$r['gang'].'"]'.$r['gangNAME'].'[/url]
';
}
else
{
echo 'Not in a gang.
';
}
echo '
Signed Up: '.$SignedUp.'
Last Action: '.$LastAction.'
Online: '.$On.'
';
if($r['fedjail'])
{
echo '
[b]<font color="red">In federal jail for '.$r['fed_days'].' day(s).
'.$r['fed_reason'].'
Jailed By: '.$r['fed_jailedby'].'</font>';
}
if($r['hospital'])
{
echo '
[b]<font color=red>In hospital for '.$r['hospital'].' minutes.
Reason: '.$r['hospreason'].'</font>[/b]';
}
if($r['jail'])
{
echo '
[b]<font color=red>In jail for '.$r['jail'].' minutes.
Reason: '.$r['jail_reason'].'</font>[/b]';
}
echo '
</td>
<td width="50%" style="text-align:center;">';
if($r['display_pic'])
{
echo "<center>[img={$r[]
</center>";
} else {
echo "<center>[img=images/nodisplay.jpg]";
}
echo "</div></table><table width=85% bgcolor=#202020 border=0 cellpadding=3>
<tr><td>
[[url='mailbox.php?action=compose&ID={$r[']<font color=white>Send Mail</font>[/url]]</td>
<td>[[url='sendcash.php?ID={$r[']<font color=white>Send Cash</font>[/url]]</td>
<td>[[url='sendcrys.php?ID={$r[']<font color=white>Send Crystals</font>[/url]]</td>
</tr><tr>
<td>[[url='attack.php?ID={$r[']<font color=white>Attack</font>[/url]]</td>
<td>[[url='mug.php?ID={$r[']<font color=white>Mug</font>[/url]]</td>
<td>[[url='spy.php?ID={$r[']<font color=white>Spy</font>[/url]]</td>
</tr>";
if($ir['donatordays'] > 0)
{
echo "<tr>
<td>[[url='friendslist.php?action=add&ID={$r[']<font color=white>Add Friends</font>[/url]]</td>
<td>[[url='contactlist.php?action=add&ID={$r[']<font color=white>Add Contact</font>[/url]]</td>
<td>[[url='blacklist.php?action=add&ID={$r[']<font color=white>Add Enemies</font>[/url]]</td>
</tr>";
}
if($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5)
{
echo "<tr>
<td>[[url='jailuser.php?userid={$r[']<font color=white>Jail</font>[/url]]</td>
<td>[[url='mailban.php?userid={$r[']<font color=white>MailBan</font>[/url]]</td>
</tr>";
}
echo '</table>
<table width="85%" cellspacing="1" class="table">
<tr><th>Profile Signature</th></tr>
<tr><td>';
if($r['sig'])
{
function bbc($text) {
$search = array(
"'<'is",
"'>'is",
"'\''is",
"'\"'is",
"'\[b\](.*?)\[/b\]'is",
"'\[i\](.*?)\[/i\]'is",
"'\[u\](.*?)\[/u\]'is",
"'\[img\](.*?)\[/img\]'i",
"'\[size=(.*?)\](.*?)\[/size\]'i",
"'\[color=(.*?)\](.*?)\[/color\]'i",
"'\[font=(.*?)\](.*?)\[/font\]'i",
"'\[center\](.*?)\[/center\]'is",
"'\[url\](.*?)\[/url\]'i",
"'\[url=(.*?)\](.*?)\[/url\]'i"
);
$replace = array(
"<",
">",
""",
"'",
"\\1",
"[i]\\1[/i]",
"<u>\\1</u>",
"<img src=\"\\1\" />",
"<font size=\"\\1\">\\2</font>",
"<font color=\"\\1\">\\2</font>",
"<font face=\"\\1\">\\2</font>",
"<center>\\1</center>",
"<a href=\"\\1\">\\1</a>",
"<a href=\"\\1\">\\2</a>"
);
$text = preg_replace($search, $replace, $text);
$text = str_replace("\n", "
", $text);
return $text;
}
echo bbc($r['sig']);
} else {
echo 'This User Has No Profile Signature';
}
echo '</td></tr>
</table>';
if($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5)
{
$r['lastiph']=@gethostbyaddr($r['lastip']);
$r['lastiph']=checkblank($r['lastiph']);
$r['lastip_loginh']=@gethostbyaddr($r['lastip_login']);
$r['lastip_loginh']=checkblank($r['lastip_loginh']);
$r['lastip_signuph']=@gethostbyaddr($r['lastip_signup']);
$r['lastip_signuph']=checkblank($r['lastip_signuph']);
print "<h3>Internet Info</h3><table width='100%' border='0' cellspacing='1' class='table'>
<tr><td></td><td class='h'>IP</td><td class='h'>Hostname</td></tr>
<tr><td class='h'>Last Hit</td><td>$r[lastip]</td><td>$r[lastiph]</td></tr>
<tr><td class='h'>Last Login</td><td>$r[lastip_login]</td><td>$r[lastip_loginh]</td></tr>
<tr><td class='h'>Signup</td><td>$r[lastip_signup]</td><td>$r[lastip_signuph]</td></tr></table>";
print "<form action='staffnotes.php' method='post'>
<font color='red'>User email: {$r['email']}</font>
Staff Notes:
<textarea rows=7 cols=40 name='staffnotes'>{$r['staffnotes']}</textarea>
<input type='hidden' name='ID' value='{$_GET['u']}' />
<input type='submit' value='Change' /></form></center>";
} else {
}
}
}
function checkblank($in)
{
if(!$in) { return "N/A"; }
return $in;
}
if($ir['userid'] == '1') {
echo "<form action='staff.php?action=maillogs2' method='post'>
<input type='hidden' name='userid' value='{$r['userid']}'>
<input type='submit' value='Mail' /></form>";
}
$h->endpage();
?>