Can someone please check over my preference page. I seem to have made a few mistakes.
My mistake is something to do with my "Bank Pin" I think
Any helpor tips would be really appreciated thanks.
Here is the file :
<?php
include "globals.php";
switch($_GET['action'])
{
case 'sexchange2': do_sex_change(); break;
case 'sexchange': conf_sex_change(); break;
case 'passchange2': do_pass_change(); break;
case 'passchange':
pass_change();
break;
case 'racechange2':
do_race_change();
break;
case 'racechange':
race_change();
break;
case 'namechange2':
do_name_change();
break;
case 'namechange':
name_change();
break;
case 'picchange2':
do_pic_change();
break;
case 'picchange':
pic_change();
break;
case 'newpropic':
new_propic();
break;
case 'newpropic2':
do_new_propic();
break ;
case 'bankpin': bankpin(); break;
case 'bankpinsub': bankpinsub(); break;
case 'signaturechange2':
do_signature_change(); break;
case 'signaturechange':
signature_change(); break;
case 'smchange2':
do_sm_change();
break;
case 'smchange':
sm_change();
break;
case 'forumchange2':
do_forum_change();
break;
case 'forumchange':
forum_change();
break;
case 'pdetailchange2':
do_pdetail_change();
break;
case 'pdetailchange':
pdetail_change();
break;
default:
prefs_home();
break;
}
function prefs_home()
{
global $db,$ir,$c,$userid,$h;
print "<h3>Preferences</h3>
<a href='preferences.php?action=sexchange'>Sex Change</a><br />
<a href='preferences.php?action=passchange'>Password Change</a><br />
<a href='preferences.php?action=namechange'>Name Change</a><br />
<a href='uploadpic.php'>Display Pic Change</a><br />
<a href='preferences.php?action=racechange'>Race Change</a><br />
<a href='preferences.php?action=smchange'>Status Message Change</a><br />
<a href='uploadpic2.php'>Profile Pic Change</a><br />
<a href='preferences.php?action=signaturechange'>Sig Change</a><br />
<a href='preferences.php?action=forumchange'>Forum Info Change</a><br />";
if($ir['bankpinwanted'] == 1)
{
echo "<a href='preferences.php?action=bankpin'>Bank Pin Change</a><br />";
}
else
{
echo "<a href='bankmanager.php'>Apply for a Bank Pin</a><br />";
}
"<a href='preferences.php?action=pdetailchange'>Personal Detail Change</a><br />";
}
function conf_sex_change()
{
global $ir,$c,$userid,$h;
if($ir['gender'] == "Male") { $g="Female"; } else { $g="Male"; }
print "Are you sure you want to become a $g?<br />
<a href='preferences.php?action=sexchange2'>Yes</a> | <a href='preferences.php'>No</a>";
}
function do_sex_change()
{
global $db,$ir,$c,$userid,$h;
if($ir['gender'] == "Male") { $g="Female"; } else { $g="Male"; }
$sql = sprintf("UPDATE users SET gender = '%s' WHERE (userid = %u)", $g, $userid);
$db->query($sql);
echo sprintf("Success, you are now %s!<br />
<a href='preferences.php'>Back</a>", $g);
}
function pass_change()
{
global $ir,$c,$userid,$h;
print "<h3>Password Change</h3><form action='preferences.php?action=passchange2' method='post'>Current Password: <input type='password' name='oldpw' /><br />
New Password: <input type='password' name='newpw' /><br />
Confirm: <input type='password' name='newpw2' /><br />
<input type='submit' value='Change PW' /></form>";
}
function do_pass_change()
{
global $db,$ir,$c,$userid,$h;
if(md5($_POST['oldpw']) != $ir['userpass'])
{
print "The current password you entered was wrong.<br />
<a href='preferences.php?action=passchange'>> Back</a>";
}
else if($_POST['newpw'] !== $_POST['newpw2'])
{
print "The new passwords you entered did not match!<br />
<a href='preferences.php?action=passchange'>> Back</a>";
}
else
{
$_POST['newpw'] = mysql_real_escape_string(htmlentities($_POST['newpw']));
$db->query("UPDATE users SET userpass=md5('{$_POST['newpw']}') WHERE userid=$userid");
print "Password changed!";
}
}
function name_change()
{
global $ir,$c,$userid,$h;
print "<h3>Name Change</h3>
Please note that you still use the same name to login, this procedure simply changes the name that is displayed. <form action='preferences.php?action=namechange2' method='post'>
New Name: <input type='text' name='newname' /><br />
<input type='submit' value='Change Name' /></form>";
}
function do_name_change()
{
global $db,$ir,$c,$userid,$h;
// Edited by zero-affect
if($_POST['newname'] == "" || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " || $_POST['newname'] == " " && $_POST['newname'] == " ")
{
$_POST['newname'] = trim($_POST['newname']);
$sql1 = sprintf("SELECT * FROM users WHERE (username = '%s')", $_POST['username']);
$i = $db->query($sql1);
if(mysql_num_rows($i)) { echo 'Username already in use!';$h->endpage(); exit; }
print "You did not enter a new name.<br />
<a href='preferences.php?action=name_change'>> Back</a>";
}
else
{
$_POST['newname'] = trim($_POST['newname']);
$_POST['newname']=str_replace(array("<", ">", "\\\'"), array("<", ">", "&#38;#039;"), $_POST['newname']);
$_POST['newname']=str_replace(array("{", "}", "\\\'"), array("<", ">", "&#38;#039;"), $_POST['newname']);
$_POST['newname']=str_replace(array("eval", "alert", "\\\'"), array(".", ".", "."), $_POST['newname']);
$_POST['newname'] = mysql_real_escape_string(htmlentities($_POST['newname']));
$checkun=$db->num_rows($db->query("SELECT * FROM users WHERE username='{$_POST['newname']}' AND userid!=$userid"));
if($checkun)
{
echo "Username is already in use.";
$h->endpage();
exit;
}
$checkln=$db->num_rows($db->query("SELECT * FROM users WHERE login_name='{$_POST['newname']}' AND userid!=$userid"));
if($checkln)
{
echo "Username is already in use.";
$h->endpage();
exit;
}
$db->query("UPDATE users SET username='{$_POST['newname']}' WHERE userid=$userid");
print "Username changed!";
}
}
function signature_change()
{
global $ir,$c,$userid,$h;
print "<h3>Profile Signature Change</h3>
<form action='preferences.php?action=signaturechange2' method='post'>
New Profile Signature: <br /><textarea rows=30 cols=50 name='newsignature' wrap='virtual' class='input'>{$ir['profileSIG']}</textarea><br /><br />
<input type='submit' value='Change Signature' /></form><br />
<small>> </small><a href='preferences.php'>Back</a>";
}
function do_signature_change()
{
global $db,$ir,$c,$userid,$h;
if($_POST['newsignature'] == "")
{
print "You did not enter a new profile signature.<br />
<small>> </small><a href='preferences.php?action=signaturechange'>Back</a>";
}
else
{
$_POST['newsignature']= mysql_real_escape_string(htmlentities($_POST['newsignature']));
$sig = sprintf("UPDATE users SET profileSIG = '%s' WHERE (userid = %u)", $_POST['newsignature'], $userid);
$db->query($sig);
print "Profile Signature changed!<br />
<small>> </small><a href='preferences.php'>Back</a>";
}
}
function new_propic()
{
global $ir,$c,$userid,$h;
print "<h3>Pic Change</h3>
Please note that this must be externally hosted, <a href='http://imageshack.us'>ImageShack</a> is our recommendation.<br />
Any images that are not 150x150 will be automatically resized <form action='preferences.php?action=newpropic2' method='post'>
New Pic: <input type='text' name='newpic1' value='{$ir['profile_pic']}' /><br />
<input type='submit' value='Change profile pic' /></form>";
}
function do_new_propic()
{
global $db,$ir,$c,$userid,$h;
if($_POST['newpic1'] == "")
{
print "You did not enter a new pic.<br />
<a href='preferences.php?action=newpropic'>> Back</a>";
}
else
{
$_POST['newpic1']=str_replace('\\\'','&#38;#039;', $_POST['newpic1']);
$_POST['newpic1'] = mysql_real_escape_string(htmlentities($_POST['newpic1']));
$pic = sprintf("UPDATE users SET profile_pic = '%s' WHERE (userid = %u)", $_POST['newpic1'], $userid);
$db->query($pic);
print "Pic changed!";
}
}
function race_change()
{
global $ir,$c,$userid,$h;
print "<center><hr width='20%'>Race Change<hr width='20%'><br />
<form action='preferences.php?action=racechange2' method='post'>
<select class=textbox name='race'>
<option value='Vampire'>Vampire</option>
<option value='Zombie'>Zombie</option>
<option value='Criminal'>Criminal</option>
<option value='Pimp'>Pimp</option>
<option value='God'>God</option>
<option value='Cop'>Cop</option>
<option value='Creature'>Creature</option>
<option value='Hooker'>Hooker</option>
<option value='Goth'>Goth</option>
<option value='Thief'>Thief</option>
<option value='Hacker'>Hacker</option>
<option value='Chippendale'>Chippendale </option>
<option value='Stripper'>Stripper</option>
<option value='Go Go Dancer'>Go Go Dancer</option>
<option value='Unknown' SELECTED>Unknown</option>
</Select>
<input class='textbox' type='submit' value='Change Race' />
</form>";
}
function do_race_change()
{
global $db,$ir,$c,$userid,$h;
$db->query("UPDATE users SET race='{$_POST['race']}' WHERE userid=$userid");
print "You Have Changed your Race Type!<br />
<a href='preferences.php'>Back</a>";
}
function forum_change()
{
global $ir,$c,$userid,$h;
print "<h3>Forum Info Change</h3>
Please note that the avatar must be externally hosted, <a href='http://imageshack.us'>ImageShack</a> is our recommendation.<br />
Any avatars that are not 100x100 will be automatically resized <form action='preferences.php?action=forumchange2' method='post'><br>
<table style='border-style:solid;border-width:1px;border-color:#303030;' cellpadding='5'>
<tr>
<td bgcolor='#606060'>Avatar:</td>
<td bgcolor='#404040'><input type='text' name='forums_avatar' value='{$ir['forums_avatar']}' /></td>
</tr>
<tr>
<td bgcolor='#606060'>Signature (you may use BBcode):</td>
<td bgcolor='#404040'><textarea rows=10 cols=50 name='forums_signature'>{$ir['forums_signature']}</textarea></td>
</tr>
<tr colspan='2' bgcolor='#404040'>
<td colspan='2'>
<input type='submit' value='Change Info' /></td>
</tr>
</table></form>";
}
function do_forum_change()
{
global $db,$ir,$c,$userid,$h;
$url=$_POST['forums_avatar'];
if(substr($url, -1)!="g" && substr($url, -1)!="G" && substr($url, -1)!="F" && substr($url, -1)!="f")
{
print"You need to supply a real image.<br><a href='preferences.php?action=forumchange'>> Back</a>";
die("");
}
if (preg_match("/.jpg/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.jpeg/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.gif/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.JPG/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.JPEG/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.GIF/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.PNG/", $url) || preg_match("/.php/", $url))
{
}
else if(preg_match("/.png/", $url) || preg_match("/.php/", $url))
{
}
else
{
print"You need to supply a real image.<br><a href='preferences.php?action=forumchange'>> Back</a>";
include"int2.php";
die("");
}
//As you can see below used mysql_real... and htmlentities!
$_POST['forums_avatar']=mysql_real_escape_string(htmlentities($_POST['forums_avatar']));
$_POST['forums_signature']=mysql_real_escape_string(htmlentities($_POST['forums_signature']));
// Secure method
$for = sprintf("UPDATE users SET forums_avatar = '%s', forums_signature= '%s' WHERE (userid = %u)", $_POST['forums_avatar'], $_POST['forums_signature'], $userid);
$db->query($for);
print "Forum Info changed!";
}
function sm_change()
{
global $ir,$c,$userid,$h;
print "<h3>Status Message Change Change</h3>
Here, you can change your status message that will be shown on your profile. <form action='preferences.php?action=smchange2' method='post'>
Status Message: <input type='text' name='sm' /><br />
<input type='submit' value='Change Status Message' /></form>";
}
function do_sm_change()
{
global $db,$ir,$c,$userid,$h;
if($_POST['sm'] == "")
{
print "You did not enter a new status message.<br />
<a href='preferences.php?action=smchange'>> Back</a>";
}
else
{
$_POST['sm']=str_replace(array("<", ">", "\\\'"), array("<", ">", "&#38;#039;"), $_POST['sm']);
$_POST['sm']=mysql_real_escape_string(htmlentities($_POST['sm']));
$db->query("UPDATE users SET sm='{$_POST['sm']}' WHERE userid=$userid");
print "Status Message Changed!";
}
}
function pdetail_change()
{
global $db,$userid;
echo "<h3>Personal Details Change</h3>";
$pd=$db->query("SELECT * FROM pdetails WHERE userid=$userid");
$p=$db->fetch_row($pd);
echo "<form action='preferences.php?action=pdetailchange2' method='post'>
First Name: <input type='text' name='fistname' value='{$p['first']}' /><br />
Last Name: <input type='text' name='lastname' value='{$p['last']}' /><br />
Age: <input type='text' name='age' value='{$p['age']}' /><br />
Aim Of The Game: <input type='text' name='aog' value='{$p['aog']}' /><br />
Msn: <input type='text' name='msn' value='{$p['msn']}' /><br />
Aim: <input type='text' name='aim' value='{$p['aim']}' /><br />
Aol: <input type='text' name='aol' value='{$p['aol']}' /><br />
Yahoo: <input type='text' name='yahoo' value='{$p['yahoo']}' /><br />
Personal Details: <select name='pdetails' type='dropdown'>
<option value='ON'>On
<option value='OFF'>Off</select><br />
<input type='submit' value='Update' /></form>";
}
function do_pdetail_change()
{
global $db,$userid;
$pd=$db->query("SELECT * FROM pdetails WHERE userid=$userid");
$p=$db->fetch_row($pd);
$_POST['fistname']=mysql_real_escape_string(htmlentities($_POST['fistname']));
$_POST['lastname']=mysql_real_escape_string(htmlentities($_POST['lastname']));
$_POST['age']=abs(@intval($_POST['age']));
$_POST['aog']=mysql_real_escape_string(htmlentities($_POST['aog']));
$_POST['msn']=mysql_real_escape_string(htmlentities($_POST['msn']));
$_POST['aim']=mysql_real_escape_string(htmlentities($_POST['aim']));
$_POST['aol']=mysql_real_escape_string(htmlentities($_POST['aol']));
$_POST['yahoo']=mysql_real_escape_string(htmlentities($_POST['yahoo']));
$_POST['pdetails']=mysql_real_escape_string(htmlentities($_POST['pdetails']));
$p = sprintf("UPDATE pdetails SET first = '%s', last = '%s', age = '%s', aog = '%s', msn = '%s', aim = '%s', aol = '%s', yahoo = '%s', personal = '%s' WHERE (userid = %u)", $_POST['fistname'], $_POST['lastname'], $_POST['age'], $_POST['aog'], $_POST['msn'], $_POST['aim'], $_POST['aol'], $_POST['yahoo'], $_POST['pdetails'], $userid);
echo "Personal Details Changed!";
}
$h->endpage();
<?php
function bankpin()
{
global $ir;
if($ir['pin_locked'] >= 3)
{
echo "You have attempted to enter your pin incorrectly 3 times.<br />
You will need to request a new pin from the <a href='bankmanager.php'>Bank Manager</a>";
$h->endpage();
exit;
}
echo "
<h3>Bank PIN Change</h3>
<form action='preferences.php?action=bankpinsub' method='post'>
<table class='table' width='50%'>
<tr>
<th>Name</th>
<th>Entry</th>
</tr>
<tr>
<td class='tdcenter'>Current PIN</td>
<td class='tdcenter'><input type='password' name='oldpin' maxlength='4' class='tdcenter' /></td>
</tr>
<tr>
<td class='tdcenter'>New PIN</td>
<td class='tdcenter'><input type='password' name='newpin' maxlength='4' class='tdcenter' /></td>
</tr>
<tr>
<td class='tdcenter'>Confirm PIN</td>
<td class='tdcenter'><input type='password' name='newpin2' maxlength='4' class='tdcenter' /></td>
</tr>
<tr>
<td colspan='100%'><input type='submit' value='Change PIN' /></td>
</tr>
</table>
</form>";
}
function bankpinsub()
{
global $db,$ir,$c,$userid,$h;
if($ir['pin_locked'] >= 3)
{
echo "You have attempted to enter your pin incorrectly 3 times.<br />
You will need to request a new pin from the <a href='bankmanager.php'>Bank Manager</a>";
$h->endpage();
exit;
}
if(empty($_POST['oldpin']))
{
echo "You didn't enter your old PIN";
$h->endpage();
exit;
}
if(empty($_POST['newpin']))
{
echo "You didn't enter a new PIN";
$h->endpage();
exit;
}
if(empty($_POST['newpin2']))
{
echo "You didn't confirm your new PIN";
$h->endpage();
exit;
}
if($_POST['oldpin'] != $ir['bankpin'])
{
print "The current PIN you entered was wrong.<br />
<a href='preferences.php?action=bankpin'>> Back</a>";
$h->endpage();
exit;
}
if($_POST['newpin'] !== $_POST['newpin2'])
{
print "The new PINs you entered did not match!<br />
<a href='preferences.php?action=bankpin'>> Back</a>";
$h->endpage();
exit;
}
$sql = sprintf("UPDATE users SET bankpin = '%s' WHERE (userid = %u)", @intval($_POST['newpin']), $userid);
$db->query($sql);
print "Bank PIN changed!";
}
?>
