EVOLUTION-MANAGER
Edit File: get-credits.php
<?php /* UserCake Version: 2.0.2 http://usercake.com */ require_once("models/config.php"); if (!securePage($_SERVER['PHP_SELF'])){die();} //Prevent the user visiting the logged in page if he is not logged in if(!isUserLoggedIn()) { header("Location: ".$baseurl."login.php"); die(); } $userdetails = fetchUserDetails($loggedInUser->username); if(!empty($_POST)) { $errors = array(); $successes = array(); //$password = $_POST["password"]; $password_new = $_POST["passwordc"]; $password_confirm = $_POST["passwordcheck"]; $displayname = $_POST["displayname"]; $phone = $_POST["phone"]; //$img = $_FILES["img"]; Not required $email = $_POST["email"]; $errors = array(); //Perform some validation //Feel free to edit / change as required //Confirm the hashes match before updating a users password //$entered_pass = generateHash($password,$loggedInUser->hash_pw); /*if (trim($password) == ""){ $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD"); } else if($entered_pass != $loggedInUser->hash_pw) { //No match $errors[] = lang("ACCOUNT_PASSWORD_INVALID"); }*/ if($email != $loggedInUser->email) { if(trim($email) == "") { $errors[] = lang("ACCOUNT_SPECIFY_EMAIL"); } else if(!isValidEmail($email)) { $errors[] = lang("ACCOUNT_INVALID_EMAIL"); } else if(emailExists($email)) { $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email)); } //End data validation if(count($errors) == 0) { $loggedInUser->updateEmail($email); $successes[] = lang("ACCOUNT_EMAIL_UPDATED"); } } if($displayname != $loggedInUser->displayname) { if(trim($displayname) != "") { if(count($errors) == 0) { $loggedInUser->updateDisplayName($displayname); $successes[] = lang("ACCOUNT_DISPLAYNAME_UPDATED"); } } } if($phone != $userdetails["phone"]) { if(trim($phone) != "") { if(count($errors) == 0) { $loggedInUser->updatePhone($phone); $successes[] = lang("ACCOUNT_PHONE_UPDATED"); } } } if(isset($_FILES['img']) && is_uploaded_file($_FILES['img']["tmp_name"])){ //image upload $allowedExts = array("gif", "jpeg", "jpg", "png"); $temp = explode(".", $_FILES["img"]["name"]); $extension = end($temp); if ((($_FILES["img"]["type"] == "image/gif") || ($_FILES["img"]["type"] == "image/jpeg") || ($_FILES["img"]["type"] == "image/jpg") || ($_FILES["img"]["type"] == "image/pjpeg") || ($_FILES["img"]["type"] == "image/x-png") || ($_FILES["img"]["type"] == "image/png")) && ($_FILES["img"]["size"] < 1040000) && in_array($extension, $allowedExts)) { if ($_FILES["img"]["error"] > 0){ $errors[] = $_FILES["img"]["error"]; }else{ /*echo "Upload: " . $_FILES["img"]["name"] . "<br>"; echo "Type: " . $_FILES["img"]["type"] . "<br>"; echo "Size: " . ($_FILES["img"]["size"] / 1024) . " KB<br>"; echo "Temp file: " . $_FILES["img"]["tmp_name"] . "<br>";*/ $img_url = $loggedInUser->username.$_FILES["img"]["name"]; if(move_uploaded_file($_FILES["img"]["tmp_name"],"img/users/".$img_url)) $successes[] ="Profile image updated successfully."; else $errors[] = "Profile image upload error, please try later."; //echo "Stored in: " . "img/users/" . $loggedInUser->username; $loggedInUser->updateImg($img_url); } } else{ $errors[] = "Invalid file selected as profile image. Please select a proper image."; } } /*if($img != $userdetails["img"]) { if(trim($img) != "") { if(count($errors) == 0) { $loggedInUser->updateImg($img); $successes[] = lang("ACCOUNT_IMG_UPDATED"); } } }*/ if ($password_new != "" OR $password_confirm != "") { if(trim($password_new) == "") { $errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD"); } else if(trim($password_confirm) == "") { $errors[] = lang("ACCOUNT_SPECIFY_CONFIRM_PASSWORD"); } else if(minMaxRange(4,50,$password_new)) { $errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH",array(4,50)); } else if($password_new != $password_confirm) { $errors[] = lang("ACCOUNT_PASS_MISMATCH"); } //End data validation if(count($errors) == 0) { //Also prevent updating if someone attempts to update with the same password $entered_pass_new = generateHash($password_new,$loggedInUser->hash_pw); if($entered_pass_new == $loggedInUser->hash_pw) { //Don't update, this fool is trying to update with the same password ¬¬ $errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE"); } else { //This function will create the new hash and update the hash_pw property. $loggedInUser->updatePassword($password_new); $successes[] = lang("ACCOUNT_PASSWORD_UPDATED"); } } } if(count($errors) == 0 AND count($successes) == 0){ $errors[] = lang("NOTHING_TO_UPDATE"); } } $userdetails = fetchUserDetails($loggedInUser->username); require_once('header.php'); require_once('home-nav.php'); ?> <div class="container-fluid"> <div class="row-fluid"> <? echo " <h2>User Settings</h2> <div id='left-nav'>"; include("left-nav.php"); echo " </div> <div id='accountDetails'>"; echo resultBlock($errors,$successes); echo " <div id='regbox'> <h3>Get Credits</h3> <form enctype='multipart/form-data' name='getCredits' action='".$_SERVER['PHP_SELF']."' method='post' class='form-horizontal'> <div class='control-group'> <label class='control-label' for='radios'>How many credits would you like?</label> <div class='controls'> <label class='radio' for='radios-0'><input type='radio' name='radios' id='radios-0' value='20' checked='checked'>20 credits for $20</label> <label class='radio' for='radios-1'><input type='radio' name='radios' id='radios-1' value='40'>40 credits for $40</label> <label class='radio' for='radios-2'><input type='radio' name='radios' id='radios-2' value='40'>50 credits for $50</label> <label class='radio' for='radios-3'><input type='radio' name='radios' id='radios-3' value='100'>100 credits for $100</label> <label class='radio' for='radios-4'><input type='radio' name='radios' id='radios-4' value='custom'><input type='text' name='creditAmt' id='creditAmt' value='' class='input-small'/> credits for $<span id='calcPrice'></span></label> </div> <div class='controls'> </div> </div> <img src='".$baseurl."img/gateway.png' alt=''/> </form> </div> </div>";?> <script> </script> <?php require_once("footer.php"); ?>