Topic: Help please - Problem with Profiles

http://www.kntl.co.uk/forum/profile.php?id=3

Try clicking on 'Personal' 'Messaging' 'Personality' etc

I get this error:

Not Found
The requested URL /NEW FILES/profile.php was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
-----
Apache/1.3.37 Server at www.kntl.co.uk Port 80

---

Also, when clicking "Newest registered user:" on the forum index i get:

Not Found
The requested URL /Easy POll 2.0/Easy_Poll_+_2.0/profile.php was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
-----
Apache/1.3.37 Server at www.kntl.co.uk Port 80

All/Any help much appreciated.

Re: Help please - Problem with Profiles

Looks like you made some bad edits, you'll need to undo whatever changes you made wink

Re: Help please - Problem with Profiles

Smartys wrote:

Looks like you made some bad edits, you'll need to undo whatever changes you made wink

If only i knew where we went wrong...

Re: Help please - Problem with Profiles

Work backwards, undo whatever you last did and keep going until the error is gone.
Actually, I might have an idea: when you edited the files locally, I think your editor rewrote the paths when it shouldn't have. You'll have to undo whatever it did wink

Re: Help please - Problem with Profiles

I made the mistake.
What happened was, I was trying to keep the edited files separate to the normal ones, just incase something went wrong.
And when I clicked save in DREAMWEAVER, I saved them in the folder "NEW FILES", and DREAMWEAVER asked me
"UPDATE LINKS?"
And I accidentally clicked yes, so now all the links refer to that folder.
But I have no idea how to revert it, help anyone?

Re: Help please - Problem with Profiles

I think you have to do it by hand unless you have a backup

Re: Help please - Problem with Profiles

OK, but how do I do it by hand?
The file edited was PROFILE.php, I need to change it back to the default link.
How do I do so? hmm

Re: Help please - Problem with Profiles

Open it up, find the messed up links, remove the messed up bits tongue

Re: Help please - Problem with Profiles

You see, that is the problem right there.
I cannot find the messed up links.

Wow this is messed up. sad

10

Re: Help please - Problem with Profiles

post the code here and maybe someone could help youunmess it tongue

Re: Help please - Problem with Profiles

You mean all the code?
PROFILE.php is kinda large. tongue

12

Re: Help please - Problem with Profiles

put it in
and it shoud get a scroll bar shouldnt it hmm

13 (edited by Zimmer92 2006-10-14 15:09)

Re: Help please - Problem with Profiles

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/

//
// Cookie stuff!
//
function check_cookie(&$pun_user)
{
    global $db, $pun_config, $cookie_name, $cookie_seed;

    $now = time();
    $expire = $now + 31536000;    // The cookie expires after a year

    // We assume it's a guest
    $cookie = array('user_id' => 1, 'password_hash' => 'Guest');

    // If a cookie is set, we get the user_id and password hash from it
    if (isset($_COOKIE[$cookie_name]))
        list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]);

    if ($cookie['user_id'] > 1)
    {
        // Check if there's a user with the user ID and password hash from the cookie
        $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.user_id=u.id WHERE u.id='.intval($cookie['user_id'])) or error('Unable to fetch user information', __FILE__, __LINE__, $db->error());
        $pun_user = $db->fetch_assoc($result);

        // If user authorisation failed
        if (!isset($pun_user['id']) || md5($cookie_seed.$pun_user['password']) !== $cookie['password_hash'])
        {
            pun_setcookie(0, random_pass(8), $expire);
            set_default_user();

            return;
        }

        // Set a default language if the user selected language no longer exists
        if (!@file_exists(PUN_ROOT.'lang/'.$pun_user['language']))
            $pun_user['language'] = $pun_config['o_default_lang'];

        // Set a default style if the user selected style no longer exists
        if (!@file_exists(PUN_ROOT.'style/'.$pun_user['style'].'.css'))
            $pun_user['style'] = $pun_config['o_default_style'];

        if (!$pun_user['disp_topics'])
            $pun_user['disp_topics'] = $pun_config['o_disp_topics_default'];
        if (!$pun_user['disp_posts'])
            $pun_user['disp_posts'] = $pun_config['o_disp_posts_default'];

        if ($pun_user['save_pass'] == '0')
            $expire = 0;

        // Define this if you want this visit to affect the online list and the users last visit data
        if (!defined('PUN_QUIET_VISIT'))
        {
            // Update the online list
            if (!$pun_user['logged'])
                $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES('.$pun_user['id'].', \''.$db->escape($pun_user['username']).'\', '.$now.')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
            else
            {
                // Special case: We've timed out, but no other user has browsed the forums since we timed out
                if ($pun_user['logged'] < ($now-$pun_config['o_timeout_visit']))
                {
                    $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
                    $pun_user['last_visit'] = $pun_user['logged'];
                }

                $idle_sql = ($pun_user['idle'] == '1') ? ', idle=0' : '';
                $db->query('UPDATE '.$db->prefix.'online SET logged='.$now.$idle_sql.' WHERE user_id='.$pun_user['id']) or error('Unable to update online list', __FILE__, __LINE__, $db->error());
            }
        }

        $pun_user['is_guest'] = false;
    }
    else
        set_default_user();
}


//
// Fill $pun_user with default values (for guests)
//
function set_default_user()
{
    global $db, $pun_user, $pun_config;

    $remote_addr = get_remote_address();

    // Fetch guest user
    $result = $db->query('SELECT u.*, g.*, o.logged FROM '.$db->prefix.'users AS u INNER JOIN '.$db->prefix.'groups AS g ON u.group_id=g.g_id LEFT JOIN '.$db->prefix.'online AS o ON o.ident=\''.$remote_addr.'\' WHERE u.id=1') or error('Unable to fetch guest information', __FILE__, __LINE__, $db->error());
    if (!$db->num_rows($result))
        exit('Unable to fetch guest information. The table \''.$db->prefix.'users\' must contain an entry with id = 1 that represents anonymous users.');

    $pun_user = $db->fetch_assoc($result);

    // Update online list
    if (!$pun_user['logged'])
        $db->query('INSERT INTO '.$db->prefix.'online (user_id, ident, logged) VALUES(1, \''.$db->escape($remote_addr).'\', '.time().')') or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
    else
        $db->query('UPDATE '.$db->prefix.'online SET logged='.time().' WHERE ident=\''.$db->escape($remote_addr).'\'') or error('Unable to update online list', __FILE__, __LINE__, $db->error());

    $pun_user['disp_topics'] = $pun_config['o_disp_topics_default'];
    $pun_user['disp_posts'] = $pun_config['o_disp_posts_default'];
    $pun_user['timezone'] = $pun_config['o_server_timezone'];
    $pun_user['language'] = $pun_config['o_default_lang'];
    $pun_user['style'] = $pun_config['o_default_style'];
    $pun_user['is_guest'] = true;
}


//
// Set a cookie, PunBB style!
//
function pun_setcookie($user_id, $password_hash, $expire)
{
    global $cookie_name, $cookie_path, $cookie_domain, $cookie_secure, $cookie_seed;

    // Enable sending of a P3P header by removing // from the following line (try this if login is failing in IE6)
//    @header('P3P: CP="CUR ADM"');

    setcookie($cookie_name, serialize(array($user_id, md5($cookie_seed.$password_hash))), $expire, $cookie_path, $cookie_domain, $cookie_secure);
}


//
// Check whether the connecting user is banned (and delete any expired bans while we're at it)
//
function check_bans()
{
    global $db, $pun_config, $lang_common, $pun_user, $pun_bans;

    // Admins aren't affected
    if ($pun_user['g_id'] == PUN_ADMIN || !$pun_bans)
        return;

    // Add a dot at the end of the IP address to prevent banned address 192.168.0.5 from matching e.g. 192.168.0.50
    $user_ip = get_remote_address().'.';
    $bans_altered = false;

    foreach ($pun_bans as $cur_ban)
    {
        // Has this ban expired?
        if ($cur_ban['expire'] != '' && $cur_ban['expire'] <= time())
        {
            $db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$cur_ban['id']) or error('Unable to delete expired ban', __FILE__, __LINE__, $db->error());
            $bans_altered = true;
            continue;
        }

        if ($cur_ban['username'] != '' && !strcasecmp($pun_user['username'], $cur_ban['username']))
        {
            $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($pun_user['username']).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
            message($lang_common['Ban message'].' '.(($cur_ban['expire'] != '') ? $lang_common['Ban message 2'].' '.strtolower(format_time($cur_ban['expire'], true)).'. ' : '').(($cur_ban['message'] != '') ? $lang_common['Ban message 3'].'<br /><br /><strong>'.pun_htmlspecialchars($cur_ban['message']).'</strong><br /><br />' : '<br /><br />').$lang_common['Ban message 4'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
        }

        if ($cur_ban['ip'] != '')
        {
            $cur_ban_ips = explode(' ', $cur_ban['ip']);

            for ($i = 0; $i < count($cur_ban_ips); ++$i)
            {
                $cur_ban_ips[$i] = $cur_ban_ips[$i].'.';

                if (substr($user_ip, 0, strlen($cur_ban_ips[$i])) == $cur_ban_ips[$i])
                {
                    $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($pun_user['username']).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
                    message($lang_common['Ban message'].' '.(($cur_ban['expire'] != '') ? $lang_common['Ban message 2'].' '.strtolower(format_time($cur_ban['expire'], true)).'. ' : '').(($cur_ban['message'] != '') ? $lang_common['Ban message 3'].'<br /><br /><strong>'.pun_htmlspecialchars($cur_ban['message']).'</strong><br /><br />' : '<br /><br />').$lang_common['Ban message 4'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
                }
            }
        }
    }

    // If we removed any expired bans during our run-through, we need to regenerate the bans cache
    if ($bans_altered)
    {
        require_once PUN_ROOT.'include/cache.php';
        generate_bans_cache();
    }
}


//
// Update "Users online"
//
function update_users_online()
{
    global $db, $pun_config, $pun_user;

    $now = time();

    // Fetch all online list entries that are older than "o_timeout_online"
    $result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Unable to fetch old entries from online list', __FILE__, __LINE__, $db->error());
    while ($cur_user = $db->fetch_assoc($result))
    {
        // If the entry is a guest, delete it
        if ($cur_user['user_id'] == '1')
            $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape($cur_user['ident']).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
        else
        {
            // If the entry is older than "o_timeout_visit", update last_visit for the user in question, then delete him/her from the online list
            if ($cur_user['logged'] < ($now-$pun_config['o_timeout_visit']))
            {
                $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$cur_user['logged'].' WHERE id='.$cur_user['user_id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
                $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$cur_user['user_id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
            }
            else if ($cur_user['idle'] == '0')
                $db->query('UPDATE '.$db->prefix.'online SET idle=1 WHERE user_id='.$cur_user['user_id']) or error('Unable to insert into online list', __FILE__, __LINE__, $db->error());
        }
    }
}


//
// Generate the "navigator" that appears at the top of every page
//
function generate_navlinks()
{
    global $pun_config, $lang_common, $pun_user;

    // Index and Userlist should always be displayed
    $links[] = '<li id="navindex"><a href="http://www.kntl.co.uk/forum/index.php">'.$lang_common['Index'].'</a>';
    if ($pun_user['g_search'] == '1')
            $links[] = '<li id="navsearch"><a href="http://www.kntl.co.uk/forum/search.php">'.$lang_common['Search'].'</a>';
    $links[] = '<li id="navuserlist"><a href="http://www.kntl.co.uk/forum/userlist.php">'.$lang_common['User list'].'</a>';

    if ($pun_config['o_rules'] == '1')
        $links[] = '<li id="navrules"><a href="http://www.kntl.co.uk/forum/misc.php?action=rules">'.$lang_common['Rules'].'</a>';

    if ($pun_user['is_guest'])
    {

        $links[] = '<li id="navregister"><a href="http://www.kntl.co.uk/forum/register.php">'.$lang_common['Register'].'</a>';
        $links[] = '<li id="navlogin"><a href="http://www.kntl.co.uk/forum/login.php">'.$lang_common['Login'].'</a>';

        $info = $lang_common['Not logged in'];
    }
    else
    {
        if ($pun_user['g_id'] > PUN_MOD)
        {
        
        if ($pun_config['o_rules'] == '1')
        $links[] = '<li id="navrules"><a href="http://www.kntl.co.uk/forum/misc.php?action=rules">'.$lang_common['Rules'].'</a>';
        

            $links[] = '<li id="navprofile"><a href="http://www.kntl.co.uk/forum/profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';
            require(PUN_ROOT.'include/pms/functions_navlinks.php');
            $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>';
        }
        else
        {
            $links[] = '<li id="navprofile"><a href="http://www.kntl.co.uk/forum/profile.php?id='.$pun_user['id'].'">'.$lang_common['Profile'].'</a>';
            $links[] = '<li id="navadmin"><a href="http://www.kntl.co.uk/forum/admin_index.php">'.$lang_common['Admin'].'</a>';
            require(PUN_ROOT.'include/pms/functions_navlinks.php');
            $links[] = '<li id="navlogout"><a href="login.php?action=out&id='.$pun_user['id'].'">'.$lang_common['Logout'].'</a>';
        }
    }

    // Are there any additional navlinks we should insert into the array before imploding it?
    if ($pun_config['o_additional_navlinks'] != '')
    {
        if (preg_match_all('#([0-9]+)\s*=\s*(.*?)\n#s', $pun_config['o_additional_navlinks']."\n", $extra_links))
        {
            // Insert any additional links into the $links array (at the correct index)
            for ($i = 0; $i < count($extra_links[1]); ++$i)
                array_splice($links, $extra_links[1][$i], 0, array('<li id="navextra'.($i + 1).'">'.$extra_links[2][$i]));
        }
    }

    return '<ul>'."\n\t\t\t\t".implode($lang_common['Link separator'].'</li>'."\n\t\t\t\t", $links).'</li>'."\n\t\t\t".'</ul>';
}


//
// Display the profile navigation menu
//
function generate_profile_menu($page = '')
{
    global $lang_profile, $pun_config, $pun_user, $id;

?>
<div id="profile" class="block2col">
    <div class="blockmenu">
        <h2><span><?php echo $lang_profile['Profile menu'] ?></span></h2>
        <div class="box">
            <div class="inbox">
                <ul>
                    <li<?php if ($page == 'essentials') echo ' class="isactive"'; ?>><a href="profile.php?section=essentials&id=<?php echo $id ?>"><?php echo $lang_profile['Section essentials'] ?></a></li>
                    <li<?php if ($page == 'personal') echo ' class="isactive"'; ?>><a href="profile.php?section=personal&id=<?php echo $id ?>"><?php echo $lang_profile['Section personal'] ?></a></li>
                    <li<?php if ($page == 'messaging') echo ' class="isactive"'; ?>><a href="profile.php?section=messaging&id=<?php echo $id ?>"><?php echo $lang_profile['Section messaging'] ?></a></li>
                    <li<?php if ($page == 'personality') echo ' class="isactive"'; ?>><a href="profile.php?section=personality&id=<?php echo $id ?>"><?php echo $lang_profile['Section personality'] ?></a></li>
                    <li<?php if ($page == 'display') echo ' class="isactive"'; ?>><a href="profile.php?section=display&id=<?php echo $id ?>"><?php echo $lang_profile['Section display'] ?></a></li>
                    <li<?php if ($page == 'privacy') echo ' class="isactive"'; ?>><a href="profile.php?section=privacy&id=<?php echo $id ?>"><?php echo $lang_profile['Section privacy'] ?></a></li>
<?php if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '1')): ?>                    <li<?php if ($page == 'admin') echo ' class="isactive"'; ?>><a href="profile.php?section=admin&id=<?php echo $id ?>"><?php echo $lang_profile['Section admin'] ?></a></li>
<?php endif; ?>                </ul>
            </div>
        </div>
    </div>
<?php

}


//
// Update posts, topics, last_post, last_post_id and last_poster for a forum (redirect topics are not included)
//
function update_forum($forum_id)
{
    global $db;

    $result = $db->query('SELECT COUNT(id), SUM(num_replies) FROM '.$db->prefix.'topics WHERE moved_to IS NULL AND forum_id='.$forum_id) or error('Unable to fetch forum topic count', __FILE__, __LINE__, $db->error());
    list($num_topics, $num_posts) = $db->fetch_row($result);

    $num_posts = $num_posts + $num_topics;        // $num_posts is only the sum of all replies (we have to add the topic posts)

    $result = $db->query('SELECT last_post, last_post_id, last_poster FROM '.$db->prefix.'topics WHERE forum_id='.$forum_id.' AND moved_to IS NULL ORDER BY last_post DESC LIMIT 1') or error('Unable to fetch last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
    if ($db->num_rows($result))        // There are topics in the forum
    {
        list($last_post, $last_post_id, $last_poster) = $db->fetch_row($result);

        $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
    }
    else    // There are no topics
        $db->query('UPDATE '.$db->prefix.'forums SET num_topics=0, num_posts=0, last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error());
}


//
// Delete a topic and all of it's posts
//
function delete_topic($topic_id)
{
    global $db;

    // Delete the topic and any redirect topics
    $db->query('DELETE FROM '.$db->prefix.'topics WHERE id='.$topic_id.' OR moved_to='.$topic_id) or error('Unable to delete topic', __FILE__, __LINE__, $db->error());

    // Create a list of the post ID's in this topic
    $post_ids = '';
    $result = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
    while ($row = $db->fetch_row($result)) {
        $post_ids .= ($post_ids != '') ? ','.$row[0] : $row[0];
        delete_images($row[0]);
    }

    // Make sure we have a list of post ID's
    if ($post_ids != '')
    {
        strip_search_index($post_ids);

        // Delete posts in topic
        $db->query('DELETE FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Unable to delete posts', __FILE__, __LINE__, $db->error());
    }

    // Delete any subscriptions for this topic
    $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE topic_id='.$topic_id) or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());
}


//
// Delete a single post
//
function delete_post($post_id, $topic_id)
{
    global $db;

    $result = $db->query('SELECT id, poster, posted FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id.' ORDER BY id DESC LIMIT 2') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
    list($last_id, ,) = $db->fetch_row($result);
    list($second_last_id, $second_poster, $second_posted) = $db->fetch_row($result);

    // Delete the post
    $db->query('DELETE FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to delete post', __FILE__, __LINE__, $db->error());
    delete_images($post_id);

    strip_search_index($post_id);

    // Count number of replies in the topic
    $result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'posts WHERE topic_id='.$topic_id) or error('Unable to fetch post count for topic', __FILE__, __LINE__, $db->error());
    $num_replies = $db->result($result, 0) - 1;

    // If the message we deleted is the most recent in the topic (at the end of the topic)
    if ($last_id == $post_id)
    {
        // If there is a $second_last_id there is more than 1 reply to the topic
        if (!empty($second_last_id))
            $db->query('UPDATE '.$db->prefix.'topics SET last_post='.$second_posted.', last_post_id='.$second_last_id.', last_poster=\''.$db->escape($second_poster).'\', num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
        else
            // We deleted the only reply, so now last_post/last_post_id/last_poster is posted/id/poster from the topic itself
            $db->query('UPDATE '.$db->prefix.'topics SET last_post=posted, last_post_id=id, last_poster=poster, num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
    }
    else
        // Otherwise we just decrement the reply counter
        $db->query('UPDATE '.$db->prefix.'topics SET num_replies='.$num_replies.' WHERE id='.$topic_id) or error('Unable to update topic', __FILE__, __LINE__, $db->error());
}


//
// Replace censored words in $text
//
function censor_words($text)
{
    global $db;
    static $search_for, $replace_with;

    // If not already built in a previous call, build an array of censor words and their replacement text
    if (!isset($search_for))
    {
        $result = $db->query('SELECT search_for, replace_with FROM '.$db->prefix.'censoring') or error('Unable to fetch censor word list', __FILE__, __LINE__, $db->error());
        $num_words = $db->num_rows($result);

        $search_for = array();
        for ($i = 0; $i < $num_words; ++$i)
        {
            list($search_for[$i], $replace_with[$i]) = $db->fetch_row($result);
            $search_for[$i] = '/\b('.str_replace('\*', '\w*?', preg_quote($search_for[$i], '/')).')\b/i';
        }
    }

    if (!empty($search_for))
        $text = substr(preg_replace($search_for, $replace_with, ' '.$text.' '), 1, -1);

    return $text;
}


//
// Determines the correct title for $user
// $user must contain the elements 'username', 'title', 'posts', 'g_id' and 'g_user_title'
//
function get_title($user)
{
    global $db, $pun_config, $pun_bans, $lang_common;
    static $ban_list, $pun_ranks;

    // If not already built in a previous call, build an array of lowercase banned usernames
    if (empty($ban_list))
    {
        $ban_list = array();

        foreach ($pun_bans as $cur_ban)
            $ban_list[] = strtolower($cur_ban['username']);
    }

    // If not already loaded in a previous call, load the cached ranks
    if ($pun_config['o_ranks'] == '1' && empty($pun_ranks))
    {
        @include PUN_ROOT.'cache/cache_ranks.php';
        if (!defined('PUN_RANKS_LOADED'))
        {
            require_once PUN_ROOT.'include/cache.php';
            generate_ranks_cache();
            require PUN_ROOT.'cache/cache_ranks.php';
        }
    }

    // If the user has a custom title
    if ($user['title'] != '')
        $user_title = pun_htmlspecialchars($user['title']);
    // If the user is banned
    else if (in_array(strtolower($user['username']), $ban_list))
        $user_title = $lang_common['Banned'];
    // If the user group has a default user title
    else if ($user['g_user_title'] != '')
        $user_title = pun_htmlspecialchars($user['g_user_title']);
    // If the user is a guest
    else if ($user['g_id'] == PUN_GUEST)
        $user_title = $lang_common['Guest'];
    else
    {
        // Are there any ranks?
        if ($pun_config['o_ranks'] == '1' && !empty($pun_ranks))
        {
            @reset($pun_ranks);
            while (list(, $cur_rank) = @each($pun_ranks))
            {
                if (intval($user['num_posts']) >= $cur_rank['min_posts'])
                    $user_title = pun_htmlspecialchars($cur_rank['rank']);
            }
        }

        // If the user didn't "reach" any rank (or if ranks are disabled), we assign the default
        if (!isset($user_title))
            $user_title = $lang_common['Member'];
    }

    return $user_title;
}


//
// Generate a string with numbered links (for multipage scripts)
//
function paginate($num_pages, $cur_page, $link_to)
{
    $pages = array();
    $link_to_all = false;

    // If $cur_page == -1, we link to all pages (used in viewforum.php)
    if ($cur_page == -1)
    {
        $cur_page = 1;
        $link_to_all = true;
    }

    if ($num_pages <= 1)
        $pages = array('<strong>1</strong>');
    else
    {
        if ($cur_page > 3)
        {
            $pages[] = '<a href="'.$link_to.'&p=1">1</a>';

            if ($cur_page != 4)
                $pages[] = '…';
        }

        // Don't ask me how the following works. It just does, OK? :-)
        for ($current = $cur_page - 2, $stop = $cur_page + 3; $current < $stop; ++$current)
        {
            if ($current < 1 || $current > $num_pages)
                continue;
            else if ($current != $cur_page || $link_to_all)
                $pages[] = '<a href="'.$link_to.'&p='.$current.'">'.$current.'</a>';
            else
                $pages[] = '<strong>'.$current.'</strong>';
        }

        if ($cur_page <= ($num_pages-3))
        {
            if ($cur_page != ($num_pages-3))
                $pages[] = '…';

            $pages[] = '<a href="'.$link_to.'&p='.$num_pages.'">'.$num_pages.'</a>';
        }
    }

    return implode(' ', $pages);
}


//
// Display a message
//
function message($message, $no_back_link = false)
{
    global $db, $lang_common, $pun_config, $pun_start, $tpl_main;

    if (!defined('PUN_HEADER'))
    {
        global $pun_user;

        $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Info'];
        require PUN_ROOT.'header.php';
    }

?>

<div id="msg" class="block">
    <h2><span><?php echo $lang_common['Info'] ?></span></h2>
    <div class="box">
        <div class="inbox">
        <p><?php echo $message ?></p>
<?php if (!$no_back_link): ?>        <p><a href="javascript: history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
<?php endif; ?>        </div>
    </div>
</div>
<?php

    require PUN_ROOT.'footer.php';
}


//
// Format a time string according to $time_format and timezones
//
function format_time($timestamp, $date_only = false)
{
    global $pun_config, $lang_common, $pun_user;

    if ($timestamp == '')
        return $lang_common['Never'];

    $diff = ($pun_user['timezone'] - $pun_config['o_server_timezone']) * 3600;
    $timestamp += $diff;
    $now = time();

    $date = date($pun_config['o_date_format'], $timestamp);
    $today = date($pun_config['o_date_format'], $now+$diff);
    $yesterday = date($pun_config['o_date_format'], $now+$diff-86400);

    if ($date == $today)
        $date = $lang_common['Today'];
    else if ($date == $yesterday)
        $date = $lang_common['Yesterday'];

    if (!$date_only)
        return $date.' '.date($pun_config['o_time_format'], $timestamp);
    else
        return $date;
}


//
// If we are running pre PHP 4.3.0, we add our own implementation of file_get_contents
//
if (!function_exists('file_get_contents'))
{
    function file_get_contents($filename, $use_include_path = 0)
    {
        $data = '';

        if ($fh = fopen($filename, 'rb', $use_include_path))
        {
            $data = fread($fh, filesize($filename));
            fclose($fh);
        }

        return $data;
    }
}


//
// Make sure that HTTP_REFERER matches $pun_config['o_base_url']/$script
//
function confirm_referrer($script)
{
    global $pun_config, $lang_common;

    if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/'.$script, '#').'#i', str_replace('www.', '', (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''))))
        message($lang_common['Bad referrer']);
}


//
// Generate a random password of length $len
//
function random_pass($len)
{
    $chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';

    $password = '';
    for ($i = 0; $i < $len; ++$i)
        $password .= substr($chars, (mt_rand() % strlen($chars)), 1);

    return $password;
}


//
// Compute a hash of $str
// Uses sha1() if available. If not, SHA1 through mhash() if available. If not, fall back on md5().
//
function pun_hash($str)
{
    if (function_exists('sha1'))    // Only in PHP 4.3.0+
        return sha1($str);
    else if (function_exists('mhash'))    // Only if Mhash library is loaded
        return bin2hex(mhash(MHASH_SHA1, $str));
    else
        return md5($str);
}


//
// Try to determine the correct remote IP-address
//
function get_remote_address()
{
    return $_SERVER['REMOTE_ADDR'];
}


//
// Equivalent to htmlspecialchars(), but allows &#[0-9]+ (for unicode)
//
function pun_htmlspecialchars($str)
{
    $str = preg_replace('/&(?!#[0-9]+;)/s', '&', $str);
    $str = str_replace(array('<', '>', '"'), array('<', '>', '"'), $str);

    return $str;
}


//
// Equivalent to strlen(), but counts &#[0-9]+ as one character (for unicode)
//
function pun_strlen($str)
{
    return strlen(preg_replace('/&#([0-9]+);/', '!', $str));
}


//
// Convert \r\n and \r to \n
//
function pun_linebreaks($str)
{
    return str_replace("\r", "\n", str_replace("\r\n", "\n", $str));
}


//
// A more aggressive version of trim()
//
function pun_trim($str)
{
    global $lang_common;

    if (strpos($lang_common['lang_encoding'], '8859') !== false)
    {
        $fishy_chars = array(chr(0x81), chr(0x8D), chr(0x8F), chr(0x90), chr(0x9D), chr(0xA0));
        return trim(str_replace($fishy_chars, ' ', $str));
    }
    else
        return trim($str);
}


//
// Display a message when board is in maintenance mode
//
function maintenance_message()
{
    global $db, $pun_config, $lang_common, $pun_user;

    // Deal with newlines, tabs and multiple spaces
    $pattern = array("\t", '  ', '  ');
    $replace = array('    ', '  ', '  ');
    $message = str_replace($pattern, $replace, $pun_config['o_maintenance_message']);


    // Load the maintenance template
    $tpl_maint = trim(file_get_contents(PUN_ROOT.'include/template/maintenance.tpl'));


    // START SUBST - <pun_content_direction>
    $tpl_maint = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_maint);
    // END SUBST - <pun_content_direction>


    // START SUBST - <pun_char_encoding>
    $tpl_maint = str_replace('<pun_char_encoding>', $lang_common['lang_encoding'], $tpl_maint);
    // END SUBST - <pun_char_encoding>


    // START SUBST - <pun_head>
    ob_start();

?>
<title><?php echo pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Maintenance'] ?></title>
<link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" />
<?php

    $tpl_temp = trim(ob_get_contents());
    $tpl_maint = str_replace('<pun_head>', $tpl_temp, $tpl_maint);
    ob_end_clean();
    // END SUBST - <pun_head>


    // START SUBST - <pun_maint_heading>
    $tpl_maint = str_replace('<pun_maint_heading>', $lang_common['Maintenance'], $tpl_maint);
    // END SUBST - <pun_maint_heading>


    // START SUBST - <pun_maint_message>
    $tpl_maint = str_replace('<pun_maint_message>', $message, $tpl_maint);
    // END SUBST - <pun_maint_message>


    // End the transaction
    $db->end_transaction();


    // START SUBST - <pun_include "*">
    while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_maint, $cur_include))
    {
        if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
            error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template maintenance.tpl. There is no such file in folder /include/user/');

        ob_start();
        include PUN_ROOT.'include/user/'.$cur_include[1];
        $tpl_temp = ob_get_contents();
        $tpl_maint = str_replace($cur_include[0], $tpl_temp, $tpl_maint);
        ob_end_clean();
    }
    // END SUBST - <pun_include "*">


    // Close the db connection (and free up any result data)
    $db->close();

    exit($tpl_maint);
}


//
// Display $message and redirect user to $destination_url
//
function redirect($destination_url, $message)
{
    global $db, $pun_config, $lang_common, $pun_user;

    if ($destination_url == '')
        $destination_url = 'index.php';

    // If the delay is 0 seconds, we might as well skip the redirect all together
    if ($pun_config['o_redirect_delay'] == '0')
        header('Location: '.str_replace('&', '&', $destination_url));


    // Load the redirect template
    $tpl_redir = trim(file_get_contents(PUN_ROOT.'include/template/redirect.tpl'));


    // START SUBST - <pun_content_direction>
    $tpl_redir = str_replace('<pun_content_direction>', $lang_common['lang_direction'], $tpl_redir);
    // END SUBST - <pun_content_direction>


    // START SUBST - <pun_char_encoding>
    $tpl_redir = str_replace('<pun_char_encoding>', $lang_common['lang_encoding'], $tpl_redir);
    // END SUBST - <pun_char_encoding>


    // START SUBST - <pun_head>
    ob_start();

?>
<meta http-equiv="refresh" content="<?php echo $pun_config['o_redirect_delay'] ?>;URL=<?php echo str_replace(array('<', '>', '"'), array('<', '>', '"'), $destination_url) ?>" />
<title><?php echo pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Redirecting'] ?></title>
<link rel="stylesheet" type="text/css" href="style/<?php echo $pun_user['style'].'.css' ?>" />
<?php

    $tpl_temp = trim(ob_get_contents());
    $tpl_redir = str_replace('<pun_head>', $tpl_temp, $tpl_redir);
    ob_end_clean();
    // END SUBST - <pun_head>


    // START SUBST - <pun_redir_heading>
    $tpl_redir = str_replace('<pun_redir_heading>', $lang_common['Redirecting'], $tpl_redir);
    // END SUBST - <pun_redir_heading>


    // START SUBST - <pun_redir_text>
    $tpl_temp = $message.'<br /><br />'.'<a href="'.$destination_url.'">'.$lang_common['Click redirect'].'</a>';
    $tpl_redir = str_replace('<pun_redir_text>', $tpl_temp, $tpl_redir);
    // END SUBST - <pun_redir_text>


    // START SUBST - <pun_footer>
    ob_start();

    // End the transaction
    $db->end_transaction();

    // Display executed queries (if enabled)
    if (defined('PUN_SHOW_QUERIES'))
        display_saved_queries();

    $tpl_temp = trim(ob_get_contents());
    $tpl_redir = str_replace('<pun_footer>', $tpl_temp, $tpl_redir);
    ob_end_clean();
    // END SUBST - <pun_footer>


    // START SUBST - <pun_include "*">
    while (preg_match('#<pun_include "([^/\\\\]*?)">#', $tpl_redir, $cur_include))
    {
        if (!file_exists(PUN_ROOT.'include/user/'.$cur_include[1]))
            error('Unable to process user include <pun_include "'.htmlspecialchars($cur_include[1]).'"> from template redirect.tpl. There is no such file in folder /include/user/');

        ob_start();
        include PUN_ROOT.'include/user/'.$cur_include[1];
        $tpl_temp = ob_get_contents();
        $tpl_redir = str_replace($cur_include[0], $tpl_temp, $tpl_redir);
        ob_end_clean();
    }
    // END SUBST - <pun_include "*">


    // Close the db connection (and free up any result data)
    $db->close();

    exit($tpl_redir);
}


//
// Display a simple error message
//
function error($message, $file, $line, $db_error = false)
{
    global $pun_config;

    // Set a default title if the script failed before $pun_config could be populated
    if (empty($pun_config))
        $pun_config['o_board_title'] = 'PunBB';

    // Empty output buffer and stop buffering
    @ob_end_clean();

    // "Restart" output buffering if we are using ob_gzhandler (since the gzip header is already sent)
    if (!empty($pun_config['o_gzip']) && extension_loaded('zlib') && (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false || strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'deflate') !== false))
        ob_start('ob_gzhandler');

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title><?php echo pun_htmlspecialchars($pun_config['o_board_title']) ?> / Error</title>
<style type="text/css">
<!--
BODY {MARGIN: 10% 20% auto 20%; font: 10px Verdana, Arial, Helvetica, sans-serif}
#errorbox {BORDER: 1px solid #B84623}
H2 {MARGIN: 0; COLOR: #FFFFFF; BACKGROUND-COLOR: #B84623; FONT-SIZE: 1.1em; PADDING: 5px 4px}
#errorbox DIV {PADDING: 6px 5px; BACKGROUND-COLOR: #F1F1F1}
-->
</style>
</head>
<body>

<div id="errorbox">
    <h2>An error was encountered</h2>
    <div>
<?php

    if (defined('PUN_DEBUG'))
    {
        echo "\t\t".'<strong>File:</strong> '.$file.'<br />'."\n\t\t".'<strong>Line:</strong> '.$line.'<br /><br />'."\n\t\t".'<strong>PunBB reported</strong>: '.$message."\n";

        if ($db_error)
        {
            echo "\t\t".'<br /><br /><strong>Database reported:</strong> '.pun_htmlspecialchars($db_error['error_msg']).(($db_error['error_no']) ? ' (Errno: '.$db_error['error_no'].')' : '')."\n";

            if ($db_error['error_sql'] != '')
                echo "\t\t".'<br /><br /><strong>Failed query:</strong> '.pun_htmlspecialchars($db_error['error_sql'])."\n";
        }
    }
    else
        echo "\t\t".'Error: <strong>'.$message.'.</strong>'."\n";

?>
    </div>
</div>

</body>
</html>
<?php

    // If a database connection was established (before this error) we close it
    if ($db_error)
        $GLOBALS['db']->close();

    exit;
}

// DEBUG FUNCTIONS BELOW

//
// Display executed queries (if enabled)
//
function display_saved_queries()
{
    global $db, $lang_common;

    // Get the queries so that we can print them out
    $saved_queries = $db->get_saved_queries();

?>

<div id="debug" class="blocktable">
    <h2><span><?php echo $lang_common['Debug table'] ?></span></h2>
    <div class="box">
        <div class="inbox">
            <table cellspacing="0">
            <thead>
                <tr>
                    <th class="tcl" scope="col">Time (s)</th>
                    <th class="tcr" scope="col">Query</th>
                </tr>
            </thead>
            <tbody>
<?php

    $query_time_total = 0.0;
    while (list(, $cur_query) = @each($saved_queries))
    {
        $query_time_total += $cur_query[1];

?>
                <tr>
                    <td class="tcl"><?php echo ($cur_query[1] != 0) ? $cur_query[1] : ' ' ?></td>
                    <td class="tcr"><?php echo pun_htmlspecialchars($cur_query[0]) ?></td>
                </tr>
<?php

    }

?>
                <tr>
                    <td class="tcl" colspan="2">Total query time: <?php echo $query_time_total ?> s</td>
                </tr>
            </tbody>
            </table>
        </div>
    </div>
</div>
<?php

}


//
// Unset any variables instantiated as a result of register_globals being enabled
//
function unregister_globals()
{
    // Prevent script.php?GLOBALS[foo]=bar
    if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS']))
        exit('I\'ll have a steak sandwich and... a steak sandwich.');
    
    // Variables that shouldn't be unset
    $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');

    // Remove elements in $GLOBALS that are present in any of the superglobals
    $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
    foreach ($input as $k => $v)
    {
        if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))
            unset($GLOBALS[$k]);
    }
}


//
// Dump contents of variable(s)
//
function dump()
{
    echo '<pre>';

    $num_args = func_num_args();

    for ($i = 0; $i < $num_args; ++$i)
    {
        print_r(func_get_arg($i));
        echo "\n\n";
    }

    echo '</pre>';
    exit;
}

FUNCTIONS.PHP

Edit - it must be this file, no? Because it contains all the PROFILE links.

14

Re: Help please - Problem with Profiles

are you sure in profile.php nothing has been added befor the ?section links?

Re: Help please - Problem with Profiles

TOP PART OF PROFILE

<?php
/***********************************************************************

  Copyright (C) 2002-2005  Rickard Andersson (rickard@punbb.org)

  This file is part of PunBB.

  PunBB is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.

  PunBB is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston,
  MA  02111-1307  USA

************************************************************************/


define('PUN_ROOT', './');
require PUN_ROOT.'include/common.php';
require PUN_ROOT.'lang/'.$pun_user['language'].'/calendar.php';
require PUN_ROOT.'include/image_upload/image_upload.php';

$action = isset($_GET['action']) ? $_GET['action'] : null;
$section = isset($_GET['section']) ? $_GET['section'] : null;
$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
if ($id < 2)
    message($lang_common['Bad request']);

if ($pun_user['g_read_board'] == '0' && ($action != 'change_pass' || !isset($_GET['key'])))
    message($lang_common['No view']);

// Load the profile.php/register.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/prof_reg.php';

// Load the profile.php language file
require PUN_ROOT.'lang/'.$pun_user['language'].'/profile.php';


if ($action == 'change_pass')
{
    if (isset($_GET['key']))
    {
        // If the user is already logged in we shouldn't be here :)
        if (!$pun_user['is_guest'])
        {
            header('Location: index.php');
            exit;
        }

        $key = $_GET['key'];

        $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch new password', __FILE__, __LINE__, $db->error());
        list($new_password_hash, $new_password_key) = $db->fetch_row($result);

        if ($key == '' || $key != $new_password_key)
            message($lang_profile['Pass key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
        else
        {
            $db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\', activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());

            message($lang_profile['Pass updated'], true);
        }
    }

    // Make sure we are allowed to change this users password
    if ($pun_user['id'] != $id)
    {
        if ($pun_user['g_id'] > PUN_MOD)    // A regular user trying to change another users password?
            message($lang_common['No permission']);
        else if ($pun_user['g_id'] == PUN_MOD)    // A moderator trying to change a users password?
        {
            $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
            if (!$db->num_rows($result))
                message($lang_common['Bad request']);

            if ($pun_config['p_mod_edit_users'] == '0' || $pun_config['p_mod_change_passwords'] == '0' || $db->result($result) < PUN_GUEST)
                message($lang_common['No permission']);
        }
    }

    if (isset($_POST['form_sent']))
    {
        $old_password = isset($_POST['req_old_password']) ? trim($_POST['req_old_password']) : '';
        $new_password1 = trim($_POST['req_new_password1']);
        $new_password2 = trim($_POST['req_new_password2']);

        if ($new_password1 != $new_password2)
            message($lang_prof_reg['Pass not match']);
        if (strlen($new_password1) < 4)
            message($lang_prof_reg['Pass too short']);

        $result = $db->query('SELECT password, save_pass FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch password', __FILE__, __LINE__, $db->error());
        list($db_password_hash, $save_pass) = $db->fetch_row($result);

        $authorized = false;

        if (!empty($db_password_hash))
        {
            $sha1_in_db = (strlen($db_password_hash) == 40) ? true : false;
            $sha1_available = (function_exists('sha1') || function_exists('mhash')) ? true : false;

            $old_password_hash = pun_hash($old_password);    // This could result in either an SHA-1 or an MD5 hash

            if (($sha1_in_db && $sha1_available && $db_password_hash == $old_password_hash) ||
                (!$sha1_in_db && $db_password_hash == md5($old_password)) ||
                $pun_user['g_id'] < PUN_GUEST)
                $authorized = true;
        }

        if (!$authorized)
            message($lang_profile['Wrong pass']);

        $new_password_hash = pun_hash($new_password1);

        $db->query('UPDATE '.$db->prefix.'users SET password=\''.$new_password_hash.'\' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());

        if ($pun_user['id'] == $id)
        {
            $expire = ($save_pass == '1') ? time() + 31536000 : 0;
            pun_setcookie($pun_user['id'], $new_password_hash, $expire);
        }

        redirect('http://www.kntl.co.uk/forum/profile.php?section=essentials&id='.$id, $lang_profile['Pass updated redirect']);
    }

    $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
    $required_fields = array('req_old_password' => $lang_profile['Old pass'], 'req_new_password1' => $lang_profile['New pass'], 'req_new_password2' => $lang_profile['Confirm new pass']);
    $focus_element = array('change_pass', (($pun_user['g_id'] > PUN_MOD) ? 'req_old_password' : 'req_new_password1'));
    require PUN_ROOT.'header.php';

?>
<div class="blockform">
    <h2><span><?php echo $lang_profile['Change pass'] ?></span></h2>
    <div class="box">
        <form id="change_pass" method="post" action="profile.php?action=change_pass&id=<?php echo $id ?>" onsubmit="return process_form(this)">
            <div class="inform">
                <input type="hidden" name="form_sent" value="1" />
                <fieldset>
                    <legend><?php echo $lang_profile['Change pass legend'] ?></legend>
                    <div class="infldset">
<?php if ($pun_user['g_id'] > PUN_MOD): ?>                        <label><strong><?php echo $lang_profile['Old pass'] ?></strong><br />
                        <input type="password" name="req_old_password" size="16" maxlength="16" /><br /></label>
<?php endif; ?>                        <label class="conl"><strong><?php echo $lang_profile['New pass'] ?></strong><br />
                        <input type="password" name="req_new_password1" size="16" maxlength="16" /><br /></label>
                        <label class="conl"><strong><?php echo $lang_profile['Confirm new pass'] ?></strong><br />
                        <input type="password" name="req_new_password2" size="16" maxlength="16" /><br /></label>
                        <div class="clearb"></div>
                    </div>
                </fieldset>
            </div>
            <p><input type="submit" name="update" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
        </form>
    </div>
</div>
<?php

    require PUN_ROOT.'footer.php';
}


else if ($action == 'change_email')
{
    // Make sure we are allowed to change this users e-mail
    if ($pun_user['id'] != $id)
    {
        if ($pun_user['g_id'] > PUN_MOD)    // A regular user trying to change another users e-mail?
            message($lang_common['No permission']);
        else if ($pun_user['g_id'] == PUN_MOD)    // A moderator trying to change a users e-mail?
        {
            $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
            if (!$db->num_rows($result))
                message($lang_common['Bad request']);

            if ($pun_config['p_mod_edit_users'] == '0' || $db->result($result) < PUN_GUEST)
                message($lang_common['No permission']);
        }
    }

    if (isset($_GET['key']))
    {
        $key = $_GET['key'];

        $result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
        list($new_email, $new_email_key) = $db->fetch_row($result);

        if ($key != $new_email_key)
            message($lang_profile['E-mail key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
        else
        {
            $db->query('UPDATE '.$db->prefix.'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id='.$id) or error('Unable to update e-mail address', __FILE__, __LINE__, $db->error());

            message($lang_profile['E-mail updated'], true);
        }
    }
    else if (isset($_POST['form_sent']))
    {
        if (pun_hash($_POST['req_password']) !== $pun_user['password'])
            message($lang_profile['Wrong pass']);

        require PUN_ROOT.'include/email.php';

        // Validate the email-address
        $new_email = strtolower(trim($_POST['req_new_email']));
        if (!is_valid_email($new_email))
            message($lang_common['Invalid e-mail']);

        // Check it it's a banned e-mail address
        if (is_banned_email($new_email))
        {
            if ($pun_config['p_allow_banned_email'] == '0')
                message($lang_prof_reg['Banned e-mail']);
            else if ($pun_config['o_mailing_list'] != '')
            {
                $mail_subject = 'Alert - Banned e-mail detected';
                $mail_message = 'User \''.$pun_user['username'].'\' changed to banned e-mail address: '.$new_email."\n\n".'User profile: '.$pun_config['o_base_url'].'/profile.php?id='.$id."\n\n".'-- '."\n".'Forum Mailer'."\n".'(Do not reply to this message)';

                pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
            }
        }

        // Check if someone else already has registered with that e-mail address
        $result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($new_email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
        if ($db->num_rows($result))
        {
            if ($pun_config['p_allow_dupe_email'] == '0')
                message($lang_prof_reg['Dupe e-mail']);
            else if ($pun_config['o_mailing_list'] != '')
            {
                while ($cur_dupe = $db->fetch_assoc($result))
                    $dupe_list[] = $cur_dupe['username'];

                $mail_subject = 'Alert - Duplicate e-mail detected';
                $mail_message = 'User \''.$pun_user['username'].'\' changed to an e-mail address that also belongs to: '.implode(', ', $dupe_list)."\n\n".'User profile: '.$pun_config['o_base_url'].'/profile.php?id='.$id."\n\n".'-- '."\n".'Forum Mailer'."\n".'(Do not reply to this message)';

                pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
            }
        }


        $new_email_key = random_pass(8);

        $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.$db->escape($new_email).'\', activate_key=\''.$new_email_key.'\' WHERE id='.$id) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());

        // Load the "activate e-mail" template
        $mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_email.tpl'));

        // The first row contains the subject
        $first_crlf = strpos($mail_tpl, "\n");
        $mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
        $mail_message = trim(substr($mail_tpl, $first_crlf));

        $mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
        $mail_message = str_replace('<base_url>', $pun_config['o_base_url'], $mail_message);
        $mail_message = str_replace('<activation_url>', $pun_config['o_base_url'].'/profile.php?action=change_email&id='.$id.'&key='.$new_email_key, $mail_message);
        $mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);

        pun_mail($new_email, $mail_subject, $mail_message);

        message($lang_profile['Activate e-mail sent'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.', true);
    }

    $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
    $required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']);
    $focus_element = array('change_email', 'req_new_email');
    require PUN_ROOT.'header.php';

?>
<div class="blockform">
    <h2><span><?php echo $lang_profile['Change e-mail'] ?></span></h2>
    <div class="box">
        <form id="change_email" method="post" action="profile.php?action=change_email&id=<?php echo $id ?>" id="change_email" onsubmit="return process_form(this)">
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_profile['E-mail legend'] ?></legend>
                    <div class="infldset">
                        <input type="hidden" name="form_sent" value="1" />
                        <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label>
                        <label><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" /><br /></label>
                        <p><?php echo $lang_profile['E-mail instructions'] ?></p>
                    </div>
                </fieldset>
            </div>
            <p><input type="submit" name="new_email" value="<?php echo $lang_common['Submit'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
        </form>
    </div>
</div>
<?php

    require PUN_ROOT.'footer.php';
}


else if ($action == 'upload_avatar' || $action == 'upload_avatar2')
{
    if ($pun_config['o_avatars'] == '0')
        message($lang_profile['Avatars disabled']);

    if ($pun_user['id'] != $id && $pun_user['g_id'] > PUN_MOD)
        message($lang_common['No permission']);

    if (isset($_POST['form_sent']))
    {
        if (!isset($_FILES['req_file']))
            message($lang_profile['No file']);
            
        $uploaded_file = $_FILES['req_file'];

        // Make sure the upload went smooth
        if (isset($uploaded_file['error']))
        {
            switch ($uploaded_file['error'])
            {
                case 1:    // UPLOAD_ERR_INI_SIZE
                case 2:    // UPLOAD_ERR_FORM_SIZE
                    message($lang_profile['Too large ini']);
                    break;

                case 3:    // UPLOAD_ERR_PARTIAL
                    message($lang_profile['Partial upload']);
                    break;

                case 4:    // UPLOAD_ERR_NO_FILE
                    message($lang_profile['No file']);
                    break;

                case 6:    // UPLOAD_ERR_NO_TMP_DIR
                    message($lang_profile['No tmp directory']);
                    break;

                default:
                    // No error occured, but was something actually uploaded?
                    if ($uploaded_file['size'] == 0)
                        message($lang_profile['No file']);
                    break;
            }
        }

        if (is_uploaded_file($uploaded_file['tmp_name']))
        {
            $allowed_types = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/png', 'image/x-png');
            if (!in_array($uploaded_file['type'], $allowed_types))
                message($lang_profile['Bad type']);

            // Make sure the file isn't too big
            if ($uploaded_file['size'] > $pun_config['o_avatars_size'])
                message($lang_profile['Too large'].' '.$pun_config['o_avatars_size'].' '.$lang_profile['bytes'].'.');

            // Determine type
            $extensions = null;
            if ($uploaded_file['type'] == 'image/gif')
                $extensions = array('.gif', '.jpg', '.png');
            else if ($uploaded_file['type'] == 'image/jpeg' || $uploaded_file['type'] == 'image/pjpeg')
                $extensions = array('.jpg', '.gif', '.png');
            else
                $extensions = array('.png', '.gif', '.jpg');

            // Move the file to the avatar directory. We do this before checking the width/height to circumvent open_basedir restrictions.
            if (!@move_uploaded_file($uploaded_file['tmp_name'], $pun_config['o_avatars_dir'].'/'.$id.'.tmp'))
                message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');

            // Now check the width/height
            list($width, $height, $type,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
            if (empty($width) || empty($height) || $width > $pun_config['o_avatars_width'] || $height > $pun_config['o_avatars_height'])
            {
                @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
                message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');
            }
            else if ($type == 1 && $uploaded_file['type'] != 'image/gif')    // Prevent dodgy uploads
            {
                @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
                message($lang_profile['Bad type']);
            }            

            // Delete any old avatars and put the new one in place
            @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);
            @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[1]);
            @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[2]);
            @rename($pun_config['o_avatars_dir'].'/'.$id.'.tmp', $pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);
            @chmod($pun_config['o_avatars_dir'].'/'.$id.$extensions[0], 0644);
        }
        else
            message($lang_profile['Unknown failure']);

        // Enable use_avatar (seems sane since the user just uploaded an avatar)
        $db->query('UPDATE '.$db->prefix.'users SET use_avatar=1 WHERE id='.$id) or error('Unable to update avatar state', __FILE__, __LINE__, $db->error());

        redirect('http://www.kntl.co.uk/forum/profile.php?section=personality&id='.$id, $lang_profile['Avatar upload redirect']);
    }

    $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
    $required_fields = array('req_file' => $lang_profile['File']);
    $focus_element = array('upload_avatar', 'req_file');
    require PUN_ROOT.'header.php';

?>
<div class="blockform">
    <h2><span><?php echo $lang_profile['Upload avatar'] ?></span></h2>
    <div class="box">
        <form id="upload_avatar" method="post" enctype="multipart/form-data" action="profile.php?action=upload_avatar2&id=<?php echo $id ?>" onsubmit="return process_form(this)">
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_profile['Upload avatar legend'] ?></legend>
                    <div class="infldset">
                        <input type="hidden" name="form_sent" value="1" />
                        <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $pun_config['o_avatars_size'] ?>" />
                        <label><strong><?php echo $lang_profile['File'] ?></strong><br /><input name="req_file" type="file" size="40" /><br /></label>
                        <p><?php echo $lang_profile['Avatar desc'].' '.$pun_config['o_avatars_width'].' x '.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].' '.$lang_common['and'].' '.$pun_config['o_avatars_size'].' '.$lang_profile['bytes'].' ('.ceil($pun_config['o_avatars_size'] / 1024) ?> KB).</p>
                    </div>
                </fieldset>
            </div>
            <p><input type="submit" name="upload" value="<?php echo $lang_profile['Upload'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
        </form>
    </div>
</div>
<?php

    require PUN_ROOT.'footer.php';
}


else if ($action == 'delete_avatar')
{
    if ($pun_user['id'] != $id && $pun_user['g_id'] > PUN_MOD)
        message($lang_common['No permission']);

    confirm_referrer('profile.php');

    @unlink($pun_config['o_avatars_dir'].'/'.$id.'.jpg');
    @unlink($pun_config['o_avatars_dir'].'/'.$id.'.png');
    @unlink($pun_config['o_avatars_dir'].'/'.$id.'.gif');

    // Disable use_avatar
    $db->query('UPDATE '.$db->prefix.'users SET use_avatar=0 WHERE id='.$id) or error('Unable to update avatar state', __FILE__, __LINE__, $db->error());

    redirect('profile.php?section=personality&id='.$id, $lang_profile['Avatar deleted redirect']);
}


else if (isset($_POST['update_group_membership']))
{
    if ($pun_user['g_id'] > PUN_ADMIN)
        message($lang_common['No permission']);

    confirm_referrer('profile.php');

    $new_group_id = intval($_POST['group_id']);

    $db->query('UPDATE '.$db->prefix.'users SET group_id='.$new_group_id.' WHERE id='.$id) or error('Unable to change user group', __FILE__, __LINE__, $db->error());

    // If the user was a moderator or an administrator, we remove him/her from the moderator list in all forums as well
    if ($new_group_id > PUN_MOD)
    {
        $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());

        while ($cur_forum = $db->fetch_assoc($result))
        {
            $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();

            if (in_array($id, $cur_moderators))
            {
                $username = array_search($id, $cur_moderators);
                unset($cur_moderators[$username]);
                $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';

                $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
            }
        }
    }

    redirect('profile.php?section=admin&id='.$id, $lang_profile['Group membership redirect']);
}

else if (isset($_POST['update_forums']))
{
    if ($pun_user['g_id'] > PUN_ADMIN)
        message($lang_common['No permission']);

    confirm_referrer('profile.php');

    // Get the username of the user we are processing
    $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
    $username = $db->result($result);

    $moderator_in = (isset($_POST['moderator_in'])) ? array_keys($_POST['moderator_in']) : array();

    // Loop through all forums
    $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());

    while ($cur_forum = $db->fetch_assoc($result))
    {
        $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();
        // If the user should have moderator access (and he/she doesn't already have it)
        if (in_array($cur_forum['id'], $moderator_in) && !in_array($id, $cur_moderators))
        {
            $cur_moderators[$username] = $id;
            ksort($cur_moderators);

            $db->query('UPDATE '.$db->prefix.'forums SET moderators=\''.$db->escape(serialize($cur_moderators)).'\' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
        }
        // If the user shouldn't have moderator access (and he/she already has it)
        else if (!in_array($cur_forum['id'], $moderator_in) && in_array($id, $cur_moderators))
        {
            unset($cur_moderators[$username]);
            $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';

            $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
        }
    }

    redirect('profile.php?section=admin&id='.$id, $lang_profile['Update forums redirect']);
}


else if (isset($_POST['ban']))
{
    if ($pun_user['g_id'] > PUN_MOD || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '0'))
        message($lang_common['No permission']);

    redirect('admin_bans.php?add_ban='.$id, $lang_profile['Ban redirect']);
}


else if (isset($_POST['delete_user']) || isset($_POST['delete_user_comply']))
{
    if ($pun_user['g_id'] > PUN_ADMIN)
        message($lang_common['No permission']);

    confirm_referrer('profile.php');

    // Get the username and group of the user we are deleting
    $result = $db->query('SELECT group_id, username FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
    list($group_id, $username) = $db->fetch_row($result);

    if ($group_id == PUN_ADMIN)
        message('Administrators cannot be deleted. In order to delete this user, you must first move him/her to a different user group.');

    if (isset($_POST['delete_user_comply']))
    {
        // If the user is a moderator or an administrator, we remove him/her from the moderator list in all forums as well
        if ($group_id < PUN_GUEST)
        {
            $result = $db->query('SELECT id, moderators FROM '.$db->prefix.'forums') or error('Unable to fetch forum list', __FILE__, __LINE__, $db->error());

            while ($cur_forum = $db->fetch_assoc($result))
            {
                $cur_moderators = ($cur_forum['moderators'] != '') ? unserialize($cur_forum['moderators']) : array();

                if (in_array($id, $cur_moderators))
                {
                    unset($cur_moderators[$username]);
                    $cur_moderators = (!empty($cur_moderators)) ? '\''.$db->escape(serialize($cur_moderators)).'\'' : 'NULL';

                    $db->query('UPDATE '.$db->prefix.'forums SET moderators='.$cur_moderators.' WHERE id='.$cur_forum['id']) or error('Unable to update forum', __FILE__, __LINE__, $db->error());
                }
            }
        }

        // Delete any subscriptions
        $db->query('DELETE FROM '.$db->prefix.'subscriptions WHERE user_id='.$id) or error('Unable to delete subscriptions', __FILE__, __LINE__, $db->error());

        // Remove him/her from the online list (if they happen to be logged in)
        $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$id) or error('Unable to remove user from online list', __FILE__, __LINE__, $db->error());

        // Should we delete all posts made by this user?
        if (isset($_POST['delete_posts']))
        {
            require PUN_ROOT.'include/search_idx.php';
            @set_time_limit(0);

            // Find all posts made by this user
            $result = $db->query('SELECT p.id, p.topic_id, t.forum_id FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id WHERE p.poster_id='.$id) or error('Unable to fetch posts', __FILE__, __LINE__, $db->error());
            if ($db->num_rows($result))
            {
                while ($cur_post = $db->fetch_assoc($result))
                {
                    // Determine whether this post is the "topic post" or not
                    $result2 = $db->query('SELECT id FROM '.$db->prefix.'posts WHERE topic_id='.$cur_post['topic_id'].' ORDER BY posted LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());

                    if ($db->result($result2) == $cur_post['id'])
                        delete_topic($cur_post['topic_id']);
                    else
                        delete_post($cur_post['id'], $cur_post['topic_id']);

                    update_forum($cur_post['forum_id']);
                }
            }
        }
        else
            // Set all his/her posts to guest
            $db->query('UPDATE '.$db->prefix.'posts SET poster_id=1 WHERE poster_id='.$id) or error('Unable to update posts', __FILE__, __LINE__, $db->error());

        // Delete the user
        $db->query('DELETE FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to delete user', __FILE__, __LINE__, $db->error());
        
        require(PUN_ROOT.'include/pms/profile_delete.php');
        
        redirect('index.php', $lang_profile['User delete redirect']);
    }

    $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
    require PUN_ROOT.'header.php';

?>
<div class="blockform">
    <h2><span><?php echo $lang_profile['Confirm delete user'] ?></span></h2>
    <div class="box">
        <form id="confirm_del_user" method="post" action="profile.php?id=<?php echo $id ?>">
            <div class="inform">
                <fieldset>
                    <legend><?php echo $lang_profile['Confirm delete legend'] ?></legend>
                    <div class="infldset">
                        <p><?php echo $lang_profile['Confirmation info'].' '.pun_htmlspecialchars($username).'.' ?></p>
                        <div class="rbox">
                            <label><input type="checkbox" name="delete_posts" value="1" checked="checked" /><?php echo $lang_profile['Delete posts'] ?><br /></label>
                        </div>
                        <p class="warntext"><strong><?php echo $lang_profile['Delete warning'] ?></strong></p>
                    </div>
                </fieldset>
            </div>
            <p><input type="submit" name="delete_user_comply" value="<?php echo $lang_profile['Delete'] ?>" /><a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
        </form>
    </div>
</div>
<?php

    require PUN_ROOT.'footer.php';
}


else if (isset($_POST['form_sent']))
{
    // Fetch the user group of the user we are editing
    $result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
    if (!$db->num_rows($result))
        message($lang_common['Bad request']);

    $group_id = $db->result($result);

    if ($pun_user['id'] != $id &&
        ($pun_user['g_id'] > PUN_MOD ||
        ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_edit_users'] == '0') ||
        ($pun_user['g_id'] == PUN_MOD && $group_id < PUN_GUEST)))
        message($lang_common['No permission']);

    if ($pun_user['g_id'] < PUN_GUEST)
        confirm_referrer('profile.php');

    // Extract allowed elements from $_POST['form']
    function extract_elements($allowed_elements)
    {
        $form = array();

        while (list($key, $value) = @each($_POST['form']))
        {
            if (in_array($key, $allowed_elements))
                $form[$key] = $value;
        }

        return $form;
    }

    $username_updated = false;

    // Validate input depending on section
    switch ($section)
    {
        case 'essentials':
        {
            $form = extract_elements(array('timezone', 'language'));

            if ($pun_user['g_id'] < PUN_GUEST)
            {
                $form['admin_note'] = trim($_POST['admin_note']);

                // Are we allowed to change usernames?
                if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_rename_users'] == '1'))
                {
                    $form['username'] = trim($_POST['req_username']);
                    $old_username = trim($_POST['old_username']);

                    if (strlen($form['username']) < 2)
                        message($lang_prof_reg['Username too short']);
                    else if (pun_strlen($form['username']) > 25)    // This usually doesn't happen since the form element only accepts 25 characters
                        message($lang_common['Bad request']);
                    else if (!strcasecmp($form['username'], 'Guest') || !strcasecmp($form['username'], $lang_common['Guest']))
                        message($lang_prof_reg['Username guest']);
                    else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $form['username']))
                        message($lang_prof_reg['Username IP']);
                    else if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $form['username']))
                        message($lang_prof_reg['Username BBCode']);

                    // Check that the username is not already registered
                    $result = $db->query('SELECT 1 FROM '.$db->prefix.'users WHERE username=\''.$db->escape($form['username']).'\' AND id!='.$id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
                    if ($db->num_rows($result))
                        message($lang_profile['Dupe username']);

                    if ($form['username'] != $old_username)
                        $username_updated = true;
                }

                // We only allow administrators to update the post count
                if ($pun_user['g_id'] == PUN_ADMIN)
                    $form['num_posts'] = intval($_POST['num_posts']);
            }

            if ($pun_config['o_regs_verify'] == '0' || $pun_user['g_id'] < PUN_GUEST)
            {
                require PUN_ROOT.'include/email.php';

                // Validate the email-address
                $form['email'] = strtolower(trim($_POST['req_email']));
                if (!is_valid_email($form['email']))
                    message($lang_common['Invalid e-mail']);
            }

            // Make sure we got a valid language string
            if (isset($form['language']))
            {
                $form['language'] = preg_replace('#[\.\\\/]#', '', $form['language']);
                if (!file_exists(PUN_ROOT.'lang/'.$form['language'].'/common.php'))
                        message($lang_common['Bad request']);
            }

            break;
        }

        case 'personal':
        {
            $form = extract_elements(array('realname', 'url', 'location'));

            if ($pun_user['g_id'] == PUN_ADMIN)
                $form['title'] = trim($_POST['title']);
            else if ($pun_user['g_set_title'] == '1')
            {
                $form['title'] = trim($_POST['title']);

                if ($form['title'] != '')
                {
                    // A list of words that the title may not contain
                    // If the language is English, there will be some duplicates, but it's not the end of the world
                    $forbidden = array('Member', 'Moderator', 'Administrator', 'Banned', 'Guest', $lang_common['Member'], $lang_common['Moderator'], $lang_common['Administrator'], $lang_common['Banned'], $lang_common['Guest']);

                    if (in_array($form['title'], $forbidden))
                        message($lang_profile['Forbidden title']);
                }
            }

            // Add http:// if the URL doesn't contain it already
            if ($form['url'] != '' && !stristr($form['url'], 'http://'))
                $form['url'] = 'http://'.$form['url'];

            break;
        }

        case 'messaging':
        {
            $form = extract_elements(array('jabber', 'icq', 'msn', 'aim', 'yahoo'));

            // If the ICQ UIN contains anything other than digits it's invalid
            if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq']))
                message($lang_prof_reg['Bad ICQ']);

            break;
        }

        case 'personality':
        {
            $form = extract_elements(array('use_avatar'));

            // Clean up signature from POST
            $form['signature'] = pun_linebreaks(trim($_POST['signature']));

            // Validate signature
            if (pun_strlen($form['signature']) > $pun_config['p_sig_length'])
                message($lang_prof_reg['Sig too long'].' '.$pun_config['p_sig_length'].' '.$lang_prof_reg['characters'].'.');
            else if (substr_count($form['signature'], "\n") > ($pun_config['p_sig_lines']-1))
                message($lang_prof_reg['Sig too many lines'].' '.$pun_config['p_sig_lines'].' '.$lang_prof_reg['lines'].'.');
            else if ($form['signature'] && $pun_config['p_sig_all_caps'] == '0' && strtoupper($form['signature']) == $form['signature'] && $pun_user['g_id'] > PUN_MOD)
                $form['signature'] = ucwords(strtolower($form['signature']));

            // Validate BBCode syntax
            if ($pun_config['p_sig_bbcode'] == '1' && strpos($form['signature'], '[') !== false && strpos($form['signature'], ']') !== false)
            {
                require PUN_ROOT.'include/parser.php';
                $form['signature'] = preparse_bbcode($form['signature'], $foo, true);
            }

            if (!isset($form['use_avatar']) || $form['use_avatar'] != '1') $form['use_avatar'] = '0';

            break;
        }

        case 'display':
        {
            $form = extract_elements(array('disp_topics', 'disp_posts', 'show_smilies', 'show_img', 'show_img_sig', 'show_avatars', 'show_sig', 'style'));

Re: Help please - Problem with Profiles

See code for index, profile and functions.php here: http://www.kntl.co.uk/files/forumphps/

If anyone thinks that they can help and needs to see more code, just say so.

Re: Help please - Problem with Profiles

index.php

FIND

<dd><?php echo $lang_index['Newest user'] ?>: <a href="../../Easy POll 2.0/Easy_Poll_+_2.0/profile.php?id=<?php echo $stats['last_user']['id'] ?>"><?php echo pun_htmlspecialchars($stats['last_user']['username']) ?></a></dd>

REPLACE WITH

<dd><?php echo $lang_index['Newest user'] ?>: <a href="profile.php?id=<?php echo $stats['last_user']['id'] ?>"><?php echo pun_htmlspecialchars($stats['last_user']['username']) ?></a></dd>

Re: Help please - Problem with Profiles

functions.php
FIND

                    <li<?php if ($page == 'essentials') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=essentials&id=<?php echo $id ?>"><?php echo $lang_profile['Section essentials'] ?></a></li>
                    <li<?php if ($page == 'personal') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=personal&id=<?php echo $id ?>"><?php echo $lang_profile['Section personal'] ?></a></li>
                    <li<?php if ($page == 'messaging') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=messaging&id=<?php echo $id ?>"><?php echo $lang_profile['Section messaging'] ?></a></li>
                    <li<?php if ($page == 'personality') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=personality&id=<?php echo $id ?>"><?php echo $lang_profile['Section personality'] ?></a></li>
                    <li<?php if ($page == 'display') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=display&id=<?php echo $id ?>"><?php echo $lang_profile['Section display'] ?></a></li>
                    <li<?php if ($page == 'privacy') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=privacy&id=<?php echo $id ?>"><?php echo $lang_profile['Section privacy'] ?></a></li>
<?php if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '1')): ?>                    <li<?php if ($page == 'admin') echo ' class="isactive"'; ?>><a href="../NEW FILES/profile.php?section=admin&id=<?php echo $id ?>"><?php echo $lang_profile['Section admin'] ?></a></li>

REPLACE WITH

                    <li<?php if ($page == 'essentials') echo ' class="isactive"'; ?>><a href="profile.php?section=essentials&id=<?php echo $id ?>"><?php echo $lang_profile['Section essentials'] ?></a></li>
                    <li<?php if ($page == 'personal') echo ' class="isactive"'; ?>><a href="profile.php?section=personal&id=<?php echo $id ?>"><?php echo $lang_profile['Section personal'] ?></a></li>
                    <li<?php if ($page == 'messaging') echo ' class="isactive"'; ?>><a href="profile.php?section=messaging&id=<?php echo $id ?>"><?php echo $lang_profile['Section messaging'] ?></a></li>
                    <li<?php if ($page == 'personality') echo ' class="isactive"'; ?>><a href="profile.php?section=personality&id=<?php echo $id ?>"><?php echo $lang_profile['Section personality'] ?></a></li>
                    <li<?php if ($page == 'display') echo ' class="isactive"'; ?>><a href="profile.php?section=display&id=<?php echo $id ?>"><?php echo $lang_profile['Section display'] ?></a></li>
                    <li<?php if ($page == 'privacy') echo ' class="isactive"'; ?>><a href="profile.php?section=privacy&id=<?php echo $id ?>"><?php echo $lang_profile['Section privacy'] ?></a></li>
<?php if ($pun_user['g_id'] == PUN_ADMIN || ($pun_user['g_id'] == PUN_MOD && $pun_config['p_mod_ban_users'] == '1')): ?>                    <li<?php if ($page == 'admin') echo ' class="isactive"'; ?>><a href="profile.php?section=admin&id=<?php echo $id ?>"><?php echo $lang_profile['Section admin'] ?></a></li>

19 (edited by Zimmer92 2006-10-14 16:28)

Re: Help please - Problem with Profiles

Nope , still has not fixed the problem.
The PROBLEM is INSIDE the PROFILE.php when you enter it on the forums, when you try and access "Personality" for exmaple.
The URL is this
http://www.kntl.co.uk/NEW%20FILES/profi … y&id=2

hmm

But I cannot seem to find this error.

EDIT- found it

Re: Help please - Problem with Profiles

Yay, fixed.