【php开源代码栏目提醒】:网学会员在php开源代码频道为大家收集整理了edit_profile.php提供大家参考,希望对大家有所帮助!
<?
/******************************************************************************\
* Copyright (C) 2002 B Squared (b^2) by Josh Sherman <josh@cleancode.org> *
* *
* This script displays the contents for the 'Edit Profile' page. Don't *
* forget the 12 space indent for all content pages. *
* *
* Last modified : September 25th, 2002 (JJS) *
\******************************************************************************/
/* Make sure no one is calling this file directly */
$file_name = "edit_profile.php";
/* Get the negative length of $file_name */
$file_name_length = -(strlen($file_name));
/* Check if the values match, if so, redirect */
if (substr($_SERVER['SCRIPT_NAME'], $file_name_length) == $file_name)
header("Location: ../index.php");
/* Grab the veriables submitted by the form */
$email = GetVars("email");
$old_email = GetVars("old_email");
$location = GetVars("location");
$occupation = GetVars("occupation");
$homepage = GetVars("homepage");
$picture = GetVars("picture");
$interests = GetVars("interests");
$aim = GetVars("aim");
$icq = GetVars("icq");
$yahoo = GetVars("yahoo");
$signature = GetVars("signature");
$include_sig = GetVars("include_sig");
$action = GetVars("action");
$step = GetVars("step");
/* Parse any user input */
CheckVars(&$step, 1);
CheckVars(&$username, 64);
CheckVars(&$password, 64);
CheckVars(&$confirm_password, 64);
CheckVars(&$email, 128);
CheckVars(&$old_email, 128);
CheckVars(&$location, 128);
CheckVars(&$occupation, 64);
CheckVars(&$homepage, 128);
CheckVars(&$picture, 128);
CheckVars(&$interests, 255);
CheckVars(&$aim, 16);
CheckVars(&$icq, 16);
CheckVars(&$yahoo, 32);
CheckVars(&$signature, 255);
CheckVars(&$include_sig, 1);
/* Check that the user isn't trying to mess with the $step variable */
if ( $step == "" || ( $step != 1 && $step != 2 && $step != 3 && $step != 4 ) )
$step = 1;
/* Make sure the user isn't feeding information via the query string, thwart all attempts!! */
if ( ( ( $username == "" || $email == "" ) && ( $step == 3 || $step == 4 ) ) ||
( ( ( $step == 1 && ( $QUERY_STRING != "pid=edit_profile" && $QUERY_STRING != "pid=login" ) ) ) ||
( $step == 2 && $QUERY_STRING != "pid=edit_profile" ) ||
( $step == 3 && $QUERY_STRING != "pid=edit_profile&step=3" ) ||
( $step == 4 && $QUERY_STRING != "pid=edit_profile" ) ) ||
( ( $step != 1 && $step != 2 ) &&
( strlen(trim($username)) == 0 || strlen(trim($email)) == 0 ) ) )
{
echo " <CENTER class=\"error_message\">Malformed request detected!</CENTER><BR>\n";
$step = 1;
}
/* On step 3 we have two choices, determine which step to go to based on the button the user clicks on */
if ($action == "Edit Profile")
$step = 2;
else if ($action == "Submit Profile")
$step = 4;
/* Parse some of the variables to ensure accurate values */
if ( $step == 2 && $homepage == "" )
$homepage = "http://";
if ( $step == 2 && $picture == "" )
$picture = "http://";
/* Strip out html and slashes on step 2 */
if ($step == 2)
{
$username = stripslashes(strip_tags($username));
$password = stripslashes(strip_tags($password));
$email = stripslashes(strip_tags($email));
$location = stripslashes(strip_tags($location));
$occupation = stripslashes(strip_tags($occupation));
$homepage = stripslashes(strip_tags($homepage));
$picture = stripslashes(strip_tags($picture));
$interests = stripslashes(strip_tags($interests));
$aim = stripslashes(strip_tags($aim));
$icq = stripslashes(strip_tags($icq));
$yahoo = stripslashes(strip_tags($yahoo));
$signature = stripslashes(strip_tags($signature));
}
/* Step 3 too ... */
if ($step == 3)
{
$username = stripslashes(strip_tags($username));
$pass
word = stripslashes(strip_tags($password));
$email = stripslashes(strip_tags($email));
$location = stripslashes(strip_tags($location));
$occupation = stripslashes(htmlspecialchars($occupation));
$homepage = stripslashes(strip_tags($homepage));
$picture = stripslashes(strip_tags($picture));
$interests = stripslashes(strip_tags($interests));
$aim = stripslashes(strip_tags($aim));
$icq = stripslashes(strip_tags($icq));
$yahoo = stripslashes(strip_tags($yahoo));
/* Allowing CRs creates issues, this code should resolve them :) */
$signature = strips