File: /var/www/html/tmpr/..//tmpr/..//tmpr/../tmpr/../v/details.php
<?php
require("./NewsSql.inc.php");
$db = new NewsSQL($dbname);
page_protect();
$rs_settings = mysqli_query($link,"select * from users where catalogid='$_SESSION[euserid]'");
if($_POST['doUpdate'] == 'Update')
{
$rs_pwd = mysqli_query("select pwd from users where catalogid='$_SESSION[euserid]'");
list($old) = mysql_fetch_row($rs_pwd);
if($old == md5($_POST['pwd_old']))
{
$newmd5 = md5(mysql_real_escape_string($_POST['pwd_new']));
mysqli_query("update users set pwd='$newmd5' where catalogid='$_SESSION[euserid]'");
header("Location: step.php?msg=Your new password is updated");
} else
{
header("Location: step.php?msg=Your old password is invalid");
}
}
if($_POST['doSave'] == 'Save')
{
function filter($arr) {
global $link;
return array_map(array($link, 'real_escape_string'), $arr);
}
$_POST = filter($_POST);
mysqli_query("UPDATE users SET
description = '$_POST[description]',
tel = '$_POST[tel]',
fb = '$_POST[fb]',
tw = '$_POST[tw]',
li = '$_POST[li]',
fax = '$_POST[fax]',
website = '$_POST[web]',
category = '$_POST[category]'
WHERE catalogid='$_SESSION[euserid]'
") or die(mysql_error());
header("Location: details.php?msg=Channel+Sucessfully+Saved");
}
?>
<html>
<head>
<title>My Account Settings</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$.validator.addMethod("address", function(value, element) {
return this.optional(element) || /^[a-z0-9\_]+$/i.test(value);
}, "URL must no spaces and can contain only letters, numbers, or underscore.");
$("#regForm").validate();
$("#myform").validate();
$("#pform").validate();
});
</script>
<link href="styles.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style1 {font-size: 10px}
-->
</style>
</head>
<body><?php
include 'header.php';
?>
<table width="1000" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td width="300" valign="top"><?php
include 'navigation.php';
?>
<p> </p>
<p> </p>
<p> </p>
<p> </p></td>
<td width="700" valign="top">
<div class="graycellv3" style="width:800px;">
<br><span id="buttoned2" style="margin-top:10px">My Account Details </span>
<? while ($row_settings = mysql_fetch_array($rs_settings)) {?>
<div style="padding:10px;">
<div class="wa">
<div class="wb">
<div class="wc">
<div class="wd"> <form action="details.php" method="post" name="myform" id="myform">
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="3" class="forms">
<?php /*?><tr>
<td>URL(eziki.com/yourname) <span class="example"></span><br>
<input name="slug" type="text" id="slug" value="<? echo $row_settings['slug']; ?>" size="50"> </td>
</tr> <tr>
<td width="100%"> Channel Name<br> <input name="name" type="text" id="name" value="<? echo $row_settings['catalogname']; ?>" size="50">
<span class="example">Your name or company name</span></td>
</tr><?php */?>
<tr>
<td>Your Bio<br>
<textarea name="description" cols="40" rows="3" id="description"><? echo $row_settings['description']; ?></textarea> </td>
</tr>
<tr> <td>CellPhone<br>
<? echo $row_settings['tel']; ?>
<input name="tel" type="text" id="tel" value="<? echo $row_settings['tel']; ?>" size="50"></td>
</tr>
<tr>
<td>Your Website<br>
<input name="category" type="hidden" id="category" value="2" size="50">
<input name="web" type="text" class="optional defaultInvalid url" id="web" value="<? echo $row_settings['website']; ?>" size="50"></td>
</tr>
<tr>
<td>Facebook Link<br>
<input name="fb" type="text" id="fb" value="<? echo $row_settings['fb']; ?>" size="50"></td>
</tr>
<tr>
<td>Twitter Link<br>
<input name="tw" type="text" id="tw" value="<? echo $row_settings['tw']; ?>" size="50"></td>
</tr>
<?php /*?><tr>
<td>LinkedIn Link<br>
<input name="li" type="text" id="li" value="<? echo $row_settings['li']; ?>" size="50"></td>
</tr>
<?php */?>
<tr>
<td>Advertising <strong>(DO NOT CHANGE!)</strong><br>
<textarea name="f4" disabled cols="50" rows="5" id="f4"><? echo $row_settings['f4']; ?></textarea></td>
</tr>
<tr>
<input name="tel" type="hidden" id="tel" value="<? echo $row_settings['tel']; ?>" size="50">
<input name="fax" type="hidden" id="fax" value="<? echo $row_settings['fax']; ?>" size="50">
<input name="country" type="hidden" disabled id="country" value="<? echo $row_settings['country']; ?>" size="50">
</tr>
</table>
<p align="center">
<input name="doSave" type="submit" id="doSave" class="large ezbutton green" style=" margin-top:2px;border:0px;width:105px; margin-right:5px" value="Save">
</p>
</form></div></div></div></div></div>
<? } ?>
<h3 id="hdr"> </h3>
<p> </p>
<p align="right"> </p></div></td>
</tr>
</table>
</body>
</html>