Jump to content
MakeWebGames

Account.php FIX/MOD

Dayo

By Dayo
in Free Plugins

 Share

Recommended Posts

Dayo Proficient

Dayo

Posted
Posted

this is a free fix and mod for account.php and _account.php

account.php

<?php require("top.php"); ?>
<?
require("usercheck.php");
?>
<style type="text/css">
<!--
.style1 {color: #000000}
#tbl {
border:none;}

-->
</style>

<div align="center">|| [url="account.php?action=pass"]Change Password[/url] || [url="account.php?action=add"]Add Freind[/url] || [url="account.php?action=block"]Block User[/url] || [url="account.php?action=quote"]Change Quote[/url] ||  [url="account.php?action=pic"]Change Profile Picture[/url] ||</div>

<?php
if (!isset($_GET['action'])) {
echo '

Here you can edit your account, you can add freinds, block users from mailing you and edit your profile details like your personal quote/picture.</p>';
$_GET['action']='';
}
?>
<form method="post" class="style1">



     <?php require("_account.php"); ?>

  <?php if ($_GET['action']=='pass') { ?>
  <fieldset style="border: 1px solid #000000; width: 275px; text-align: left; padding: 5px;">
       <legend style="font-weight: bold;">Change Password.</legend>
       <table width="275" border="0" cellspacing="0">
         <tr>
           <td width="100" align="left">[b]Old Password: [/b]</td>
           <td width="175" align="center"><input name="Po" type="password" class="entryfield" id="Po" style='width: 95%; ' maxlength="20"/></td>
         </tr>
         <tr>
           <td width="100" align="left">[b]New Password: [/b]</td>
           <td width="175" align="center"><input name="Pn" type="password" class="entryfield" id="Pn" style='width: 95%; ' maxlength="20"/></td>
         </tr>
         <tr>
           <td width="100" align="left">[b]Repeat: [/b]</td>
           <td width="175" align="center"><input name="Pr" type="password" class="entryfield" id="Pr" style='width: 95%; ' maxlength="20"/></td>
         </tr>
         <tr>
           <td colspan="2" align="right"><input name="Update" type="submit" class="button" id="Update" value="Update." onFocus="if(this.blur)this.blur()"/></td>
           </tr>
               </table>
     </fieldset>


  <?php } if ($_GET['action']=='add') { ?>
           <fieldset style="border: 1px solid #000000; width: 450px; text-align: left; padding: 5px;">
           <legend style="font-weight: bold;">Friends list.</legend>
           <table width="450" border="0" cellspacing="0">

             <tr>
               <td colspan="4" align="center"><?php

if(empty($friends)){
echo "You don't have any friends.";
}else{

$friends_list = explode("-", $friends);

foreach( $friends_list as $key => $value){
echo "<input name=\"friend\" type=\"radio\" value=\"".$value."\" onFocus=\"if(this.blur)this.blur()\"><a href=\"view_profile.php?name=". $value ."\">".$value."</a>";

}		
}// if no friends.  
	  ?></td>
             </tr>

             <tr>
               <td width="50" align="left">[b]Name:[/b]</td>
               <td align="center"><input name="name" type="text" class="entryfield" id="name" style='width: 95%; ' maxlength="20" /></td>
               <td width="100" align="right"><input name="Add_Friend" type="submit" class="button" id="Add_Friend" value="Add Friend." onfocus="if(this.blur)this.blur()" /></td>
               <td width="100" align="right"><input name="Remove" type="submit" class="button" id="Remove" value="Remove." onfocus="if(this.blur)this.blur()"/></td>
             </tr>
           </table>
           </fieldset>
        <?php } if ($_GET['action']=='block') { ?>

         <fieldset style="border: 1px solid #000000; width: 450px; text-align: left; padding: 5px;">
         <legend style="font-weight: bold;">Message Filter.</legend>
         </textarea>
         <table width="450" border="0" cellspacing="0">

           <tr>
             <td colspan="4" align="center"><?php

if(empty($filter)){
echo "You don't have any people blocked.";
}else{

$filter_list = explode("-", $filter);

foreach( $filter_list as $key => $value){
echo "<input name=\"filter_id\" type=\"radio\" value=\"".$value."\" onFocus=\"if(this.blur)this.blur()\"><a href=\"view_profile.php?name=". $value ."\">".$value."</a>";
}		
}// if no friends.  
	  ?></td>
           </tr>

           <tr>
             <td width="50" align="left">[b]Name:[/b]</td>
             <td align="center"><input name="filter_name" type="text" class="entryfield" id="filter_name" style='width: 95%; ' maxlength="20" /></td>
             <td width="100" align="right"><input name="Filter" type="submit" class="button" id="Filter" value="Filter." onfocus="if(this.blur)this.blur()" /></td>
             <td width="100" align="right"><input name="Remove_filter" type="submit" class="button" id="Remove_filter" value="Remove." onfocus="if(this.blur)this.blur()"/></td>
           </tr>
         </table>
       </fieldset>
	  <?php } if ($_GET['action']=='quote') { ?>

	<fieldset style="border: 1px solid #000000; width: 450px; text-align: left; padding: 5px;">
           <legend style="font-weight: bold;">Quote.</legend>
         <textarea name="quote_box" cols="50" rows="10" class="textbox" id="quote_box" style='width: 450px;'/>
           <?php echo htmlspecialchars(stripslashes($quote)); ?></textarea>
           <table width="100%" border="0" cellspacing="0">
             <tr>
               <td align="right"><input name="Quote" type="submit" class="button" id="Quote" value="Update Quote." onFocus="if(this.blur)this.blur()" /></td>
           </tr>
           </table>
       </fieldset>

	  <?php } if ($_GET['action']=='pic') { ?>


         <fieldset style="border: 1px solid #000000; width: 450px; text-align: left; padding: 5px;">
         <legend style="font-weight: bold;">Profile picture.</legend>
         <table width="450" border="0" cellspacing="0">

           <tr>
             <td colspan="3" align="center"><?php

if(empty($picture)){
echo "No Picture.";
}else{
echo "<img src=\"http://".$picture."\" style=\" border: 1px #000000 solid;\"/>";		
}// if no Picture.  
	  ?></td>
           </tr>

           <tr>
             <td width="50" align="left">[b]Url:[/b]</td>
             <td width="342" align="center"><input name="Url" type="text" class="entryfield" id="Url" style='width: 95%; ' value="http://<?php echo $picture; ?>" maxlength="255" /></td>
             <td width="98" align="right"><input name="Update_url" type="submit" class="button" id="Update_url" value="Update." onfocus="if(this.blur)this.blur()"/></td>
           </tr>
         </table>
       </fieldset>	    
	<?php } ?>
</form>
   <?php include('information_bar.php'); ?>
   <?php require("bottom.php"); ?>

_account.php

<?

$page_url = explode(".", $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = $page_url[0].".php";

if($_SERVER['REQUEST_URI'] == "/_account.php"){
exit();
}

if(isset($_POST['Add_Friend'])){

$friends_list = explode("-", $friends);

if(empty($_POST['name'])){
echo e("You didn't enter a name.");
}else{

if (in_array($_POST['name'], $friends_list)) {
  echo e("This person is already in your Friends list.");
}else{

$sql = "SELECT name FROM login WHERE name='".mysql_real_escape_string($_POST['name'])."'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$buddy_name = htmlspecialchars($row->name);

if(empty($buddy_name)){
echo $lang_no_user;
}else{

if(empty($friends)){

$result = mysql_query("UPDATE login SET friends='".mysql_real_escape_string($buddy_name)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$friends = $buddy_name;

}else{

$new_friend = $friends."-".$buddy_name;
$result = mysql_query("UPDATE login SET friends='".mysql_real_escape_string($new_friend)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$friends = $new_friend;

}

echo "You added ".$buddy_name." to your friends list.";

}// if empty field.
}// if exist check.
}// if already in check.
}// if isset.

if(isset($_POST['Remove'])){

$friends_list = explode("-", $friends);

if(empty($_POST['friend'])){
echo e("You didn't select a friend.");
}else{

if (!in_array($_POST['friend'], $friends_list)) {
  echo e("This person isn't in your friends list.");
}else{

$new_friends = "";
foreach( $friends_list as $key => $value){
if($value != $_POST['friend']){
if(empty($new_friends)){
$new_friends = $value;
}else{
$new_friends = $new_friends."-".$value;
}
}
}

$result = mysql_query("UPDATE login SET friends='".mysql_real_escape_string($new_friends)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$friends = $new_friends;

echo "You removed ".$_POST['friend']." from your friends list.";

}// if no friend selected.
}// if not in friendslist.
}// if isset.

if(isset($_POST['Filter'])){

$filter_list = explode("-", $filter);

if(empty($_POST['filter_name'])){
echo e("You didn't enter a name.");
}else{

if (in_array($_POST['filter_name'], $filter_list)) {
  echo e("This person is already in your filter list.");
}else{

$sql = "SELECT name FROM login WHERE name='".mysql_real_escape_string($_POST['filter_name'])."'";
$query = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_object($query);
$buddy_name = htmlspecialchars($row->name);

if(empty($buddy_name)){
echo $lang_no_user;
}else{

if(empty($filter)){

$result = mysql_query("UPDATE login SET filter='".mysql_real_escape_string($buddy_name)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$filter = $buddy_name;

}else{

$new_filter = $filter."-".$buddy_name;
$result = mysql_query("UPDATE login SET filter='".mysql_real_escape_string($new_filter)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$filter = $new_filter;

}

echo "You added ".$buddy_name." to your filter list.";

}// if empty field.
}// if exist check.
}// if already in check.
}// if isset.

if(isset($_POST['Remove_filter'])){

$filter_list = explode("-", $filter);

if(empty($_POST['filter_id'])){
echo e("You didn't select a friend.");
}else{

if (!in_array($_POST['filter_id'], $filter_list)) {
  echo e("This person isn't in your friends list.");
}else{

$new_filter = "";
foreach( $filter_list as $key => $value){
if($value != $_POST['filter_id']){
if(empty($new_filter)){
$new_filter = $value;
}else{
$new_filter = $new_filter."-".$value;
}
}
}

$result = mysql_query("UPDATE login SET filter='".mysql_real_escape_string($new_filter)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$filter = $new_filter;

echo "You removed ".$_POST['filter_id']." from your filter list.";

}// if no friend selected.
}// if not in friendslist.
}// if isset.

if(isset($_POST['Quote'])){
echo "Your quote has been updated.";

$result = mysql_query("UPDATE login SET quote='".mysql_real_escape_string($_POST['quote_box'])."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

$quote = $_POST['quote_box'];

}// update quote.

if(isset($_POST['Update_url'])){

$_POST['Url']=str_replace("http://", '', $_POST['Url']);

$image = getimagesize('http://'.$_POST['Url']);

if (!$image) {
echo 'tut tut tut only put images here';
} else {
mysql_query("UPDATE `login` SET `side_url`='".$_POST['Url']."' WHERE `name`='".$name."'");
echo '[i]Picture Edited[/i]';
$picture = $_POST['Url'];
}
}// update pic.

if (isset($_POST['Update'])){

	    $oldpass = md5($_POST['Po']);
	    $newpass = md5($_POST['Pn']);
	    $checkpass = md5($_POST['Pr']);

if ( $oldpass != $password ) {
echo e("Invalid Information.");
}else {
if ( $newpass != $checkpass ) {
echo e("Invalid Information.");
}else {

if((empty($_POST['Po'])) or (empty($_POST['Pn'])) or (empty($_POST['Pr']))){ 
echo $lang_empty_field;
}
else {

if ((strlen($_POST['Po']) > "20") or (strlen($_POST['Po']) < "6")){
echo e("Your Password needs to be between 6 and 20 characters.");
}else{
if ((strlen($_POST['Pn']) > "20") or (strlen($_POST['Pn']) < "6")){
echo e("Your Password needs to be between 6 and 20 characters.");
}else{
if ((strlen($_POST['Pr']) > "20") or (strlen($_POST['Pr']) < "6")){
echo e("Your Password needs to be between 6 and 20 characters.");
}else{

/////////////////////////// update password //////////////////////////////////

$result = mysql_query("UPDATE login SET password='".mysql_real_escape_string($newpass)."' WHERE id='" .mysql_real_escape_string($_SESSION['user_id']). "'") 
or die(mysql_error());

echo "Your password has been changed.";

} // check characters
} // check characters
} // check characters
} // if field is empty.
} // if new and repeat password don't match
} // if old password is incorrect
} // if post update
?>

Enjoy :D

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...