Jump to content

Recommended Posts

This is the full code of the page:

 

<?php

// File: $Id: user.php 19273 2006-06-22 19:05:48Z markwest $

// ----------------------------------------------------------------------

// PostNuke Content Management System

// Copyright © 2001 by the PostNuke Development Team.

// http://www.postnuke.com/

// ----------------------------------------------------------------------

// Based on:

// PHP-NUKE Web Portal System - http://phpnuke.org/

// Thatware - http://thatware.org/

// ----------------------------------------------------------------------

// LICENSE

 

// This program is free software; you can redistribute it and/or

// modify it under the terms of the GNU General Public License (GPL)

// as published by the Free Software Foundation; either version 2

// of the License, or (at your option) any later version.

 

// This program is distributed in the hope that it will be useful,

// but WITHOUT ANY WARRANTY; without even the implied warranty of

// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

// GNU General Public License for more details.

 

// To read the license please visit http://www.gnu.org/copyleft/gpl.html

// ----------------------------------------------------------------------

// Original Author of file:

// Purpose of file:

// ----------------------------------------------------------------------

 

if (!defined('LOADED_AS_MODULE')) {

  die ('You can\'t access this file directly...');

}

 

$ModName = basename(dirname(__FILE__));

modules_get_language();

 

function user_user_userinfo()

{

    $dbconn =& pnDBGetConn(true);

    $pntable =& pnDBGetTables();

 

    $uname = pnVarCleanFromInput('uname');

    include 'header.php';

 

    // some input checking

  if (!pnSecAuthAction(0, 'UserInfo::', '::', ACCESS_READ)) {

        echo _PERMISSIONSNOAUTH;

        include 'footer.php';

        exit;

  }

 

    if ( empty($uname) || stristr($uname,'&') || preg_match("/[[:space:]]/", $uname) || strip_tags($uname) != $uname) {

        echo _MODARGSERROR;

        include 'footer.php';

        exit;

    }

    // End of check

 

    $column = &$pntable['users_column'];

    $sql = "SELECT $column[femail] AS femail,

          $column AS url,

          $column[bio] AS bio,

          $column[user_avatar] AS user_avatar,

          $column[user_icq] AS user_icq,

          $column[user_aim] AS user_aim,

          $column[user_yim] AS user_yim,

          $column[user_msnm] AS user_msnm,

          $column[user_from] AS user_from,

          $column[user_occ] AS user_occ,

          $column[user_intrest] AS user_intrest,

          $column[user_sig] AS user_sig,

          $column[uid] AS pn_uid,

          $column[pass] AS pass FROM $pntable[users] WHERE $column[uname]='" . pnVarPrepForStore($uname) . "'";

    $result =& $dbconn->Execute($sql);

    $userinfo = $result->GetRowAssoc(false);

 

    OpenTable();

 

    echo '<h2>' . pnVarPrepForDisplay($uname) . '</h2>';

    if ((!$result->EOF) && ($userinfo['url'] || $userinfo['femail'] || $userinfo['bio'] || $userinfo['user_avatar'] || $userinfo['user_icq'] || $userinfo['user_aim'] || $userinfo['user_yim'] || $userinfo['user_msnm'] || $userinfo['user_from'] || $userinfo['user_occ'] || $userinfo['user_intrest'] || $userinfo['user_sig'] || $userinfo['pn_uid'])) {

        echo '<div style="text-align:center">';

        $userinfo['user_sig'] = nl2br($userinfo['user_sig']);

        if ($userinfo['user_avatar']) {

            echo '<img src="images/avatar/'.pnVarPrepForDisplay($userinfo['user_avatar']).'" alt="" /><br />'."\n";

        }

    echo _REGISTEREDUSER." ".pnVarPrepForDisplay($userinfo['pn_uid']).'<br />'."\n";

        if ($userinfo['url']) {

            echo _MYHOMEPAGE . ' <a href="'.pnVarPrepForDisplay($userinfo['url']).'">' . pnVarPrepForDisplay($userinfo['url']) . '</a><br />'."\n";

        }

        if ($userinfo['femail']) {

            echo _MYEMAIL . ' <a href="mailto:'.pnVarPrepForDisplay($userinfo['femail']).'">' . pnVarPrepForDisplay($userinfo['femail']) . '</a><br />'."\n";

        }

        if ($userinfo['user_icq']) {

            echo _ICQ . ': ' . pnVarPrepForDisplay($userinfo['user_icq']) . '<br />'."\n";

        }

        if ($userinfo['user_aim']) {

            echo _AIM . ': ' . pnVarPrepForDisplay($userinfo['user_aim']) . '<br />'."\n";

        }

        if ($userinfo['user_yim']) {

            echo _YIM . ': ' . pnVarPrepForDisplay($userinfo['user_yim']) . '<br />'."\n";

        }

        if ($userinfo['user_msnm']) {

            echo _MSNM . ': ' . pnVarPrepForDisplay($userinfo['user_msnm']) . '<br />'."\n";

        }

        if ($userinfo['user_from']) {

            echo _LOCATION . ': ' . pnVarPrepForDisplay($userinfo['user_from']) . '<br />'."\n";

        }

        if ($userinfo['user_occ']) {

            echo _OCCUPATION . ': ' . pnVarPrepForDisplay($userinfo['user_occ']) . '<br />'."\n";

        }

        if ($userinfo['user_intrest']) {

            echo _INTERESTS . ': ' . pnVarPrepForDisplay($userinfo['user_intrest']) . '<br />'."\n";

        }

        if ($userinfo['user_sig']) {

            echo '<br />' . _SIGNATURE . ":<br />" . pnVarPrepHTMLDisplay($userinfo['user_sig']) . '<br />'."\n";

        }

        if ($userinfo['bio']) {

            echo '<br />' . _EXTRAINFO . ":<br />" . pnVarPrepForDisplay($userinfo['bio']) . '<br />'."\n";

        }

 

    $activetime = time() - (pnConfigGetVar('secinactivemins') * 60);

    $userhack = "SELECT pn_uid

          FROM ".$pntable['session_info']."

          WHERE pn_uid = '$userinfo[pn_uid]'

          AND pn_lastused > '".pnVarPrepForStore($activetime)."'";

    $userresult =& $dbconn->Execute($userhack);

    $online_state = $userresult->GetRowAssoc(false);

    if (isset($online_state['pn_uid'])) {

      $online = _ONLINE;

    } else {

      $online = _OFFLINE;

    }

    echo '<br />'._USERSTATUS.': '.pnVarPrepForDisplay($online).'<br />'."\n";

 

        if (pnModAvailable('Messages')) {

            echo "<br />[ <a href=\"".pnModURL('Messages', 'user', 'compose', array('uname' => $uname)) ."\">" . _USENDPRIVATEMSG . " " . pnVarPrepForDisplay($uname) . "</a> ]<br />\n";

        }

    if (pnModAvailable('Comments')) {

      echo '<br />';

        user_main_last10com($uname);

        echo '<br />';

    }

    if (pnModAvailable('News')) {

      echo '<br />';

        user_main_last10submit($uname);

    }

        echo '</div>';

    } else {

        echo '<div style="text-align:center">' . _NOINFOFOR . ' ' . pnVarPrepForDisplay($uname) . '</div>';

    }

    CloseTable();

 

    include('footer.php');

}

 

function user_user_login()

{

    list($uname,

        $pass,

        $url,

        $rememberme) = pnVarCleanFromInput('uname',

        'pass',

        'url',

        'rememberme');

    if (!isset($rememberme)) {

        $rememberme = '';

    }

    access_user_login($uname, $pass, $url, $rememberme);

}

 

function user_user_getlogin()

{

    // Check if stop var is numeric

    if ((isset($GLOBALS['stop']) && !empty($GLOBALS['stop']) && !is_numeric($GLOBALS['stop']))) {

        include 'header.php';

        echo _MODARGSERROR;

        unset($GLOBALS['stop']);

        include 'footer.php';

        exit;

    }

    // End of check

    if ($GLOBALS['stop']) {

    user_user_loginscreen(_LOGININCOR);

    } else {

      include 'header.php';

      OpenTable();

      echo '<h1>' . _USERREGLOGIN . '</h1>';

      CloseTable();

 

    OpenTable();

        echo '<h2>'._SELECTOPTION.'</h2>';

        echo '<ul>';

        echo '<li><a href="user.php?op=loginscreen&module=User">'._LOGINSITE . '</a></li>';

        // if admin do not allow register

        if (pnConfigGetVar('reg_allowreg')) {

            // age will not be checked, if $pnconfig['minage'] is set to 0 in config.php

            if (pnConfigGetVar('minage') == 0) {

                echo '<li><a href="user.php?op=register&module=NewUser">'._REGISTER.'</a></li>';

            } else {

                echo '<li><a href="user.php?op=check_age&module=NewUser">'._REGISTER.'</a></li>';

            }

        } else {

            echo '<li><strong>'._NOTALLOWREG.'</strong><br />'._REASONS.'<br />    ' . pnVarPrepForDisplay(pnConfigGetVar('reg_noregreasons')) . '</li>';

        }

 

        echo '<li><a href="user.php?op=lostpassscreen&module=LostPassword">'._RETRIEVEPASS.'</a></li>';

        echo '</ul>';

      CloseTable();

    include ('footer.php');

    }

 

}

 

function user_main_last10com($uname)

{

    $dbconn =& pnDBGetConn(true);

    $pntable =& pnDBGetTables();

    $column1 = &$pntable['comments_column'];

    $column2 = &$pntable['stories_column'];

 

    /**

    * Fetch active laguage

    */

    if (pnConfigGetVar('multilingual') == 1) {

        $querylang = "AND (" . $column2['alanguage'] . "='" . pnVarPrepForStore(pnUserGetLang()) . "' OR " . $column2['alanguage'] . "='') ";

    } else {

        $querylang = '';

    }

 

    /**

    * Build up SQL

    */

    $query = "SELECT " . $column1['tid'] . ", " . $column1['sid'] . ", " . $column1['subject'] . " " . "FROM " . $pntable['comments'] . ", " . $pntable['stories'] . " " . "WHERE (" . $column1['name'] . "='" . pnVarPrepForStore($uname) . "' AND " . $column1['sid'] . "=" . $column2['sid'] . ") " . $querylang . "ORDER BY " . $column1['sid'] . " DESC";

 

    /**

    * Make limited select

    */

    $result = $dbconn->SelectLimit($query, 10, 0);

 

    /**

    * Do output

    */

    OpenTable();

    echo '<h2>' . _LAST10COMMENTS . ' ' . pnVarPrepForDisplay($uname) . ':</h2>';

    echo '<ul>';

    while (list($tid, $sid, $subject) = $result->fields) {

        $result->MoveNext();

        echo '<li><a href="index.php?name=News&file=article&thold=-1&mode=flat&order=0&sid='

            .pnVarPrepForDisplay($sid).'#'.pnVarPrepForDisplay($tid).'">' . pnVarPrepForDisplay($subject) . '</a></li>';

    }

    echo '</ul>';

    CloseTable();

}

 

function user_main_last10submit($uname)

{

    $pntable =& pnDBGetTables();

    $dbconn =& pnDBGetConn(true);

    $column = &$pntable['stories_column'];

 

    /**

    * Fetch active laguage

    */

    if (pnConfigGetVar('multilingual') == 1) {

        $querylang = "AND (" . $column['alanguage'] . "='" . pnVarPrepForStore(pnUserGetLang()) . "' OR " . $column['alanguage'] . "='') ";

    } else {

        $querylang = '';

    }

 

    /**

    * Build up SQL

    */

    $query = "SELECT " . $column['sid'] . ", " . $column['title'] . " " . "FROM " . $pntable['stories'] . " " . "WHERE " . $column['informant'] . "='" . pnVarPrepForStore($uname) . "' " . $querylang . "ORDER BY " . $column['sid'] . " DESC";

 

    /**

    * Make limited select

    */

    $result = $dbconn->SelectLimit($query, 10, 0);

 

    /**

    * Do output

    */

    OpenTable();

    echo '<h2>' . _LAST10SUBMISSIONS . ' ' . pnVarPrepForDisplay($uname) . ':</h2>';

    echo '<ul>';

    while (list($sid, $title) = $result->fields) {

        $result->MoveNext();

        If (!$title) {

            $title = '- no Title -' ;

        }

        echo '<li><a href="index.php?name=News&file=article&sid='.pnVarPrepForDisplay($sid).'">' . pnVarPrepForDisplay(pnVarCensor($title)) . '</a></li>';

    }

    echo '</ul>';

    CloseTable();

}

 

/**

* View main user page

*

**/

function user_user_main()

{

    include 'header.php';

    if (pnUserLoggedIn()) {

        user_menu_draw();

        $uname = pnUserGetVar('uname');

        if (pnModAvailable('Comments')) {

            user_main_last10com($uname);

        }

        if (pnModAvailable('News')) {

            user_main_last10submit($uname);

        }

    } else {

        echo _PERMISSIONSNOAUTH;

    }

    include 'footer.php';

}

 

function user_user_loginscreen()

{

 

    if (pnUserLoggedIn()) {

        pnRedirect('user.php');

    }

 

    include 'header.php';

    $statusmsg = pnGetStatusMsg();

    if ($statusmsg != '') {

      OpenTable();

      echo '<div class="pn-statusmsg">'.$statusmsg.'</div>';

      CloseTable();

    }

    OpenTable();

    echo '<h1>' . _USERLOGIN . '</h1>'."\n";

    echo '<h2 style="color: red;">' . _COOKIEHINTFORLOGIN . '</h2>';

    CloseTable();

    OpenTable();

    echo '<form action="user.php" method="post"><div>'."\n"

    . '<table border="0">'."\n"

    . '<tr>'."\n"

    . '<td><label for="uname_mod_user">' . _NICKNAME . '</label>: </td>'."\n"

    . '<td><input type="text" name="uname" id="uname_mod_user" size="26" maxlength="25" tabindex="0" /></td>'

    . '</tr>'."\n"

    . '<tr>'."\n"

    . '<td><label for="pass_mod_user">' . _PASSWORD . "</label>: </td>\n"

    . '<td><input type="password" name="pass" id="pass_mod_user" size="21" maxlength="20" tabindex="0" /></td>'."\n"

    . '</tr>'."\n";

    if (pnConfigGetVar('seclevel') != 'High') {

        echo '<tr>'."\n"

      .'<td><label for="rememberme_mod_user">' . _REMEMBERME . '</label>: </td>'."\n"

      .'<td><input type="checkbox" name="rememberme" id="rememberme_mod_user" tabindex="0" /></td>'."\n"

      .'</tr>'."\n";

    }

    echo '</table>'."\n"

    . '<input type="hidden" name="url" value="' . pnVarPrepForDisplay(pnServerGetVar('HTTP_REFERER')) . '" />'."\n";

    echo '<input type="hidden" name="module" value="User" />' . "\n"

    . '<input type="hidden" name="op" value="Login" />' . "\n"

    . '<input type="submit" value="' . _LOGIN . '" />' . "\n";

    echo '</div></form>'."\n";

    CloseTable();

 

    include 'footer.php';

}

 

function user_user_logout($var)

{

    pnUserLogOut();

 

    redirect_index(_YOUARELOGGEDOUT);

}

 

?>

 

 

I want the form to check that the field 'location' has been entered for the new registered user?

 

I require the code snippit to add to this form it already checks the username and email successfully

 

Thanks

first,

use the insert code button

. it's annoying to scroll through all of that text when i want to get to the bottom and when you use the code button you get syntax highlighting.  very nice for someone trying to troubleshoot your code.

 

now, as for your problem,

if (!isset (<<name of the location form field>>)) {blah blah blah;}
else {blah blah blah;}

you use the above code to make sure that something is set in the form field.

 

Deepest apologises for not placing the code in the code button.

 

First time round I could not find it.

 

# :-) button

 

Thanks for the pointer, so I am assuming the code goes some where here

 

  // some input checking
     if (!pnSecAuthAction(0, 'UserInfo::', '::', ACCESS_READ)) {
        echo _PERMISSIONSNOAUTH;
        include 'footer.php';
        exit;
     }

    if ( empty($uname) || stristr($uname,'&') || preg_match("/[[:space:]]/", $uname) || strip_tags($uname) != $uname) {
        echo _MODARGSERROR;
        include 'footer.php';
        exit;
    }
    // End of check

 

 

I'm not sure about your code,  If I were to duplicate the above and edit the dummy variables it could work? But,  I have a sneeky feeling the above maybe incorrect too, because there is a function that checks the username entered against the database to see if the username already exists. The error message is referenced to the language file _MODARGSERROR

 

Back to your code, I know that I am not requesting validation here just that something is typed into this field

 

 

What about this code:

if (eregi ("^([[:alpha:]]|-|')+$", $HTTP_POST_VARS[location])) {
$location = TRUE;
} else {
$location = false;
$message[] = "Please enter a valid location.";
}

 

Which  also checks for a apostrophe. getting a bit distracted

 

if (!isset (<<name of the location form field>>)) {blah blah blah;}
else {blah blah blah;}


 

How about this example:

if (isset($HTTP_POST_VARS[submit])){

 

 

Or maybe I'm barking up the wrong tree

 

 

if (!isset (<<user_from>>)) {blah blah blah;}
else {Please type your location;}

 

or

   if (!pnSecAuthAction(0, 'user_from::', '::', ACCESS_READ)) {
        echo _PERMISSIONSNOAUTH;
        include 'footer.php';
        exit;
     }

 

Deepest apologises for not placing the code in the code button.

 

not a problem, it happens to everyone. 

 

the idea of "validating" a location is kinda iffy, just because people live everywhere.  something that you could do is just have a drop down country menu listing "all" of the countries.  then you wouldnt have to do any validation, just check to make sure that it is filled.  i am not sure if that is something that you were thinking of or if you are doing more local stuff, where you would need a list of cities...

 

i am pretty new to php, so i dont know much about the codes that you posted...sorry.

 

hope that i helped! if i didnt, could you please say that i did...for my self esteem's sake? just kidding.

The first part of the code checks the username input into the form field.

 

I understand that if empty of anything it prints/displays an error message refering to the language file. If a username is typed and it matches in the database field it prints/displays "username already taken."

If the username does not match it is accepted and goes onto the next form field.

 

This is the complexities with postnuke

 

I need even if I use a drop down menu list that a selection has been made.

 

I am wondering If I duplicate this code and modify by adding $location and user_from

 

this should in some way do the same as username.

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.