thats funny when i put islet it messed everything up you tell me to do it and it works ....go figure eh.
now that thats out of the way the uid variable is not working...meaning that the edit page doesn't edit, the user info doesn't show on the edit page, and the link to the logged in user does not work no more!!
what did i change to make it all not work.....i fix one problem and another happened lol love this job!!!
user inc[syntax=php]<?php
//fetches the current logged in users id
function fetch_current_user_id($uid){
$uid = mysql_real_escape_string($uid);
$sql = "SELECT `user_id` FROM `users` WHERE `user_username` = '{$uid}'";
$result = mysql_query($sql);
return mysql_result($result, 0);
}
//check if given username exsists in the database
function user_exists($user){
$user = mysql_real_escape_string($user);
$total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_username` = '{$user}'");
echo mysql_error();
return (mysql_result($total, 0) == '1') ? true : false;
}
//check if the given username and password combinations are valid
function valid_credentials($user, $pass){
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
$total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'");
return (mysql_result($total, 0) == '1') ? true : false;
}
//checks to see is user account is active
function is_active($user){
$user = mysql_real_escape_string($user);
echo mysql_error();
$sql = "SELECT
COUNT(`activations`.`user_id`)
FROM `users`
INNER JOIN `activations`
ON `users`.`user_id` = `activations`.`user_id`
WHERE `users`.`user_username` = '{$user}'";
$result = mysql_query($sql);
echo mysql_error();
return (mysql_result($result, 0) == '0') ? true : false;
}
//acctivates the account related to the given activation code
function activate_account($aid){
$aid = mysql_real_escape_string($aid);
mysql_query("DELETE FROM `activations` WHERE `activation_code` = '{$aid}'");
echo mysql_error();
}
//adds a user to the database
function add_user($user, $email, $pass, $first, $last){
$user = mysql_real_escape_string(htmlentities($user));
$email = mysql_real_escape_string($email);
$pass = sha1($pass);
$first = mysql_real_escape_string(htmlentities($first));
$last = mysql_real_escape_string(htmlentities($last));
$charset = array_flip(array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9')));
$aid =implode('', array_rand($charset, 10));
$body = <<<EMAIL
Thank you for signing up with knowquest. To activate your account, please click the link below:
http://www.jasonmassieportfolio.com/activate.php?aid={$aid}
EMAIL;
mail($email, 'Your new account at Knowquest.com', $body, 'From:
admin@knowquest.com');
mysql_query("INSERT INTO `users` (`user_username`, `user_email`, `user_password`,`user_firstname`,`user_lastname`) VALUES ('{$user}', '{$email}', '{$pass}','{$first}','{$last}')");
echo mysql_error();
$user_id = mysql_insert_id();
mysql_query("INSERT INTO `activations` (`user_id`, `activation_code`) VALUES ({$user_id}, '{$aid}')");
echo mysql_error();
}
//fetches all of the users from the table
function fetch_users(){
$result = mysql_query("SELECT `user_id` AS `id`, `user_username` AS `username` FROM `users`");
$users = array();
while (($row = mysql_fetch_assoc($result)) !== false){
$users[] = $row;
}
return $users;
}
//fetches profile info for given user
function fetch_user_info($uid){
$uid = (int)$uid;
$sql = "SELECT
`user_id` AS `id`,
`user_username` AS `username`,
`user_email` AS `email`,
`user_firstname` AS `firstname`,
`user_lastname` AS `lastname`,
`user_institution` AS `institution`,
`user_about institution` AS `aboutinstitution`,
`user_professional title` AS `professionaltitle`,
`user_professional research` AS `professionalresearch`,
`user_professional website` AS `professionalwebsite`,
`user_personal website` AS `personalwebsite`,
`user_personal email` AS `personalemail`,
`user_professional email` AS `professionalemail`,
`user_about your research` AS `aboutyourresearch`,
`user_about yourself` AS `aboutyourself`,
`user_social media` AS `socialmedia`
FROM `users`
WHERE `user_id` = {$uid}";
$result = mysql_query($sql);
$info = mysql_fetch_assoc($result);
$info['avatar'] = (file_exists("{$GLOBALS['path']}/user_avatars/{$info['id']}.jpg")) ? "core/user_avatars/{$info['id']}.jpg" : "core/user_avatars/default.jpg";
return $info;
}
//updates current user portfolio info
function set_profile_info($institution, $aboutinstitution, $professionaltitle, $professionalresearch, $professionalwebsite, $personalwebsite, $personalemail, $professionalemail, $aboutyourresearch, $aboutyourself, $socialmedia, $avatar){
$institution = mysql_real_escape_string(htmlentities($institution));
$aboutinstitution = mysql_real_escape_string(nl2br(htmlentities($aboutinstitution)));
$professionaltitle = mysql_real_escape_string(htmlentities($professionaltitle));
$professionalresearch = mysql_real_escape_string(htmlentities($professionalresearch));
$professionalwebsite = mysql_real_escape_string(htmlentities($professionalwebsite));
$personalwebsite = mysql_real_escape_string(htmlentities($personalwebsite));
$personalemail = mysql_real_escape_string(htmlentities($personalemail));
$professionalemail = mysql_real_escape_string(htmlentities($professionalemail));
$aboutyourresearch = mysql_real_escape_string(nl2br(htmlentities($aboutyourresearch)));
$aboutyourself = mysql_real_escape_string(nl2br(htmlentities($aboutyourself)));
$socialmedia = mysql_real_escape_string(htmlentities($socialmedia));
if (file_exists($avatar)){
$src_size = getimagesize($avatar);
if ($src_size['mime'] === 'image/jpeg'){
$src_img = imagecreatefromjpeg($avatar);
}else if ($src_size['mime'] === 'image/png'){
$src_img = imagecreatefrompng($avatar);
}else if ($src_size['mime'] === 'image/gif'){
$src_img = imagecreatefromgif($avatar);
}else{
$src_img = false;
}
if ($src_img !== false){
$thumb_width = 300;
if ($src_size[0] <= $thumb_width){
$thumb = $src_img;
}else{
$new_size[0] = $thumb_width;
$new_size[1] = ($src_size[1] / $src_size[0]) * $thumb_width;
$thumb = imagecreatetruecolor($new_size[0], $new_size[1]);
imagecopyresampled($thumb, $src_img, 0, 0, 0, 0, $new_size[0], $new_size[1], $src_size[0], $src_size[1]);
}
imagejpeg($thumb, "{$GLOBALS['path']}/user_avatars/{$_SESSION['uid']}.jpg");
}
}
$sql = "UPDATE `users` SET
`user_institution` = '{$institution}',
`user_about institution` = '{$aboutinstitution}',
`user_professional title` = '{$professionaltitle}',
`user_professional research` = '{$professionalresearch}',
`user_professional website` = '{$professionalwebsite}',
`user_personal website` = '{$personalwebsite}',
`user_personal email` = '{$personalemail}',
`user_professional email` = '{$professionalemail}',
`user_about your research` = '{$aboutyourresearch}',
`user_about yourself` = '{$aboutyourself}',
`user_social media` = '{$socialmedia}'
WHERE `user_id` = {$_SESSION['uid']}";
mysql_query($sql);
}
?>[/syntax]
init.inc[syntax=php]<?php
session_start ();
mysql_connect("phplogin113.db.8811650.hostedresource.com","","");
mysql_select_db("phplogin113");
$path = dirname(__FILE__);
include ("{$path}/init/user.inc.php");
if (isset($_COOKIE['username'], $_COOKIE['password']) && isset($_SESSION['username']) === false){
if (valid_credentials($_COOKIE['username'], $_COOKIE['password'])){
$_SESSION['username'] = htmlentities($_COOKIE['username']);
setcookie('username', $_COOKIE['username'], time() + 604800);
setcookie('password', $_COOKIE['password'], time() + 604800);
}
}
if(isset($_SESSION['uid'])){
$_SESSION['uid'] = fetch_current_user_id($_SESSION['uid']);
}
?>[/syntax]
Edit[syntax=php]<?php
include ("core/init.inc.php");
if (isset($_POST['institution'], $_POST['aboutinstitution'], $_POST['professionaltitle'], $_POST['professionalresearch'], $_POST['professionalwebsite'], $_POST['personalwebsite'], $_POST['personalemail'], $_POST['professionalemail'], $_POST['aboutyourresearch'], $_POST['aboutyourself'], $_POST['socialmedia'])){
$errors = array();
if (filter_var($_POST['personalemail'], FILTER_VALIDATE_EMAIL) === false){
$errors[] = 'The email address you entered is not valid.';
}
if (filter_var($_POST['professionalemail'], FILTER_VALIDATE_EMAIL) === false){
$errors[] = 'The email address you entered is not valid.';
}
if (empty($_FILES['avatar']['tmp_name']) === false){
$file_ext = end(explode('.', $_FILES['avatar']['name']));
if (in_array(strtolower($file_ext), array('jpg', 'jpeg', 'png', 'gif')) === false){
$errors[] = 'your Picture id must be an image';
}
}
if (empty($errors)){
set_profile_info($_POST['institution'], $_POST['aboutinstitution'], $_POST['professionaltitle'], $_POST['professionalresearch'], $_POST['professionalwebsite'], $_POST['personalwebsite'], $_POST['personalemail'], $_POST['professionalemail'], $_POST['aboutyourresearch'], $_POST['aboutyourself'], $_POST['socialmedia'], (empty($_FILES['avatar']['tmp_name'])) ? false : $_FILES['avatar']['tmp_name']);
}
$user_info = array(
'institution' => htmlentities($_POST['institution']),
'aboutinstitution' => htmlentities($_POST['aboutinstitution']),
'professionaltitle' => htmlentities($_POST['professionaltitle']),
'professionalresearch' => htmlentities($_POST['professionalresearch']),
'professionalwebsite' => htmlentities($_POST['professionalwebsite']),
'personalwebsite' => htmlentities($_POST['personalwebsite']),
'personalemail' => htmlentities($_POST['personalemail']),
'professionalemail' => htmlentities($_POST['professionalemail']),
'aboutyourresearch' => htmlentities($_POST['aboutyourresearch']),
'aboutyourself' => htmlentities($_POST['aboutyourself']),
'socialmedia' => htmlentities($_POST['socialmedia'])
);
}else{
$user_info = fetch_user_info($_SESSION['uid']);
}
?>
<h5><b><?php echo $_SESSION['username']; ?></b> <?php echo "<a href='logout.php'>Logout</a>";?> |<a href="Edit.php"> <?php echo "<a href='member1.php?uid={$_SESSION['uid']}'>Your Research</a>"; ?></a> |<a href="protected.php"> To Do List</a> | <a href="Edit.php">Edit Portfolio</a> | <a href="blog_posts.php">Post Research</a> | <a href="search_posts.php">Viral Search</a> </a><a href="search_posts.php"></a>| Prof. Finder | <a href="user_lists.php">User List</a></h5>
<?php
if (isset($errors) === false){
echo 'Click update to edit your portfolio.';
}else if (empty($errors)){
echo 'Your portfolio has been updated';
}else{
echo '<ul><li>', implode('</li><li>', $errors), '</li></ul>';
}
?>
<form action="" method="post" enctype="multipart/form-data">
<table width="100%" border="0">
<tr>
<td width="23%"><label for='institution'>Institution:</label></td>
<td width="77%"><input type="text" name="institution" id="institution" value="<?php echo $user_info['institution']; ?>"></td>
</tr>
<tr>
<td><label for='aboutinstituition'>About Instituition:</label></td>
<td><textarea name="aboutinstitution" id="aboutinstitution" rows="15" cols="50"><?php echo strip_tags($user_info['aboutinstitution']); ?></textarea></td>
</tr>
<tr>
<td><label for='professionaltitle'>Professional Title:</label></td>
<td><input type="text" name="professionaltitle" id="professionaltitle" value="<?php echo $user_info['professionaltitle']; ?>"></td>
</tr>
<tr>
<td><label for='professionalresearch'>Professional Research:</label></td>
<td><input type="text" name="professionalresearch" id="professionalresearch" value="<?php echo $user_info['professionalresearch']; ?>"></td>
</tr>
<tr>
<td><label for='professionalwebsite:'>Professional Website:</label></td>
<td><input type="text" name="professionalwebsite" id="professionalwebsite" value="<?php echo $user_info['professionalwebsite']; ?>"></td>
</tr>
<tr>
<td width="23%"><label for='personalwebsite'>Personal Website:</label></td>
<td width="77%"><input type="text" name="personalwebsite" id="personalwebsite" value="<?php echo $user_info['personalwebsite']; ?>"></td>
</tr>
<tr>
<td><label for='personalemail'>personal Email:</label></td>
<td><input type="text" name="personalemail"id="personalemail" value="<?php echo $user_info['personalemail']; ?>"></td>
</tr>
<tr>
<td><label for='professionalemail'>Professional Email:</label></td>
<td><input type="text" name="professionalemail" id="professionalemail" value="<?php echo $user_info['professionalemail']; ?>"></td>
</tr>
<tr>
<td><label for='aboutyourresearch'>About your Research:</label></td>
<td><textarea name="aboutyourresearch" id="aboutyourresearch" rows="15" cols="50"><?php echo strip_tags($user_info['aboutyourresearch']); ?></textarea></td>
</tr>
<tr>
<td><label for='aboutyourself'>Autobiography:</label></td>
<td><textarea name="aboutyourself" id="aboutyourself" rows="15" cols="50"><?php echo strip_tags($user_info['aboutyourself']); ?></textarea></td>
</tr>
<tr>
<td><label for='socialmedia'>Social Networking:</label></td>
<td><input type="text" name="socialmedia" id="socialmedia" value="<?php echo $user_info['socialmedia']; ?>"></td>
</tr>
<tr>
<td><label for='avatar'>Picture Id:</label></td>
<td><input type="file" name="avatar" id="avatar" value=""/></td>
</tr>
</table>
<h6><br>
<br>
<input type="submit" value="Update">
</h6>
</form>[/syntax]