-
Notifications
You must be signed in to change notification settings - Fork 1
/
member.php
177 lines (135 loc) · 4.53 KB
/
member.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
<?php
/*
Julien Roger
http://www.julienroger.com
November 20, 2011
Last updated: November 21, 2011
*/
include("includes/db.php");
include("includes/session.php");
session_start();
// Use GET to determine Sphere ID
$member_mid = $_GET['mid'];
// If the user has not logged in
if(!isLoggedIn())
{
$logged_in = 0;
header('Location: index.php?redirect='. basename($_SERVER['PHP_SELF']) . "?mid=" . $member_mid);
die();
}
else
$logged_in = 1;
// Use Session ID/User ID to determine access level
$my_id = $_SESSION['user_id'];
// Sanatize non-hashed stuff
$my_id = mysql_real_escape_string($my_id);
$member_mid = mysql_real_escape_string($member_mid);
// Query for content
$query = "SELECT *\n FROM `users`\n WHERE user_id = $member_mid\n";
// Query for all members
$members_query = "SELECT *\n FROM `users`\n WHERE 1 LIMIT 100";
// Query for a member's spheres
$membersspheres_query = "SELECT sphere_memberships.*, spheres.sphere_id, spheres.sphere_name\n" .
"FROM `sphere_memberships`\n" .
"LEFT OUTER JOIN `spheres` ON sphere_memberships.sphere_id = spheres.sphere_id\n" .
"WHERE user_id = $member_mid AND spheres.type < 2";
if(!empty($member_mid) && is_numeric($member_mid)) {
$result = mysql_query($query) or die(mysql_error());
$memberData = mysql_fetch_array($result);
}
// Build member variables
$member_firstname = stripslashes($memberData['firstname']);
$member_lastname = stripslashes($memberData['lastname']);
$member_joindate = stripslashes($memberData['joindate']);
$member_email = stripslashes($memberData['email']);
$member_birthday = stripslashes($memberData['birthday']);
$member_dir = base64_encode($member_email);
$member_profilepic = stripslashes($memberData['profilepic']);
$member_gender = stripslashes($memberData['gender']);
$member_bio = stripslashes($memberData['bio']);
$member_gendertype = array("Prefer not to say","Male","Female");
$member_pronoun = array("their","his","her");
// Page content follows
include("top-header.php");
?>
<title>Spheres</title>
</head>
<?php
include("top-nav.php");
include("sub-nav.php");
// Profile control
if(!empty($member_mid)) { // Displaying an actual profile
if(empty($memberData)) {
echo "Not a user.";
} else {
?>
<!-- Sphere name -->
<div id="rightmain">
<p><?php echo $member_firstname ?> joined Spheres on <?php echo date("F j, Y", $member_joindate) . " at " . date("g:i a", $member_joindate) ?></p>
<h4><?php echo $member_firstname ?>'s Spheres</h4>
<div id="multiDisplay">
<?php
// Build MySpheres here
$myresult = mysql_query($membersspheres_query);
if(mysql_num_rows($myresult)!=0) {
while ($mySphereData = mysql_fetch_array($myresult, MYSQL_ASSOC)) {
echo "<a href=\"sphere.php?sid=" . $mySphereData['sphere_id'] . "\"><span class=\"mysphere\" title=\"" . stripslashes($mySphereData['sphere_name']) . "\">" . stripslashes($mySphereData['sphere_name']) . "</span></a>\n";
}
} else {
echo "You are not a member of any spheres!";
}
?>
</div>
</div>
<div id="leftmain">
<h3>Welcome to <?php echo $member_firstname ?>'s Profile!</h3>
<?php
if(!empty($memberData['profilepic'])) {
$MemberProPic = urlencode(base64_encode($memberData['email'])) . "/" . $memberData['profilepic'];
} else {
$MemberProPic = "../includes/profile_def.png";
}
echo "<img src=\"/slir/w150-h150-c1:1/assets/" . $MemberProPic . "\" />\n";
?>
<ul>
<li>Name: <?php echo "" . $member_firstname . " " . $member_lastname . ""; ?></li>
<li>Gender: <?php echo "" . $member_gendertype[$member_gender] . ""; ?></li>
<li><?php echo ucfirst($member_pronoun[$member_gender]) ; ?> bio: <?php echo "<p>" . $member_bio . "</p>"; ?></li>
</ul>
</div>
<?php
}
} else { // Displaying member landing page
?>
<div id="main">
<h3>Member page</h3>
<p>Discover members!</p>
<div id="multiDisplay">
<?php
// Build All Members here
$membersresult = mysql_query($members_query) or die(mysql_error());
while ($MemberData = mysql_fetch_array($membersresult, MYSQL_ASSOC)) {
if(!empty($MemberData['profilepic'])) {
$MemberProPic = urlencode(base64_encode($MemberData['email'])) . "/" . $MemberData['profilepic'];
} else {
$MemberProPic = "../includes/profile_def.png";
}
echo "<a href=\"member.php?mid=" . $MemberData['user_id'] . "\" title=\"" . $MemberData['firstname'] . " " . $MemberData['lastname'] . "\">" .
"<span class=\"memberdisplay\">" .
"<img src=\"/slir/w100-h100-c1:1/assets/" . $MemberProPic . "\" />\n".
stripslashes($MemberData['firstname']) .
"</span>" .
"</a>\n";
}
?>
</div>
</div>
<?php
}
?>
<div id="endmain"></div>
<?php
include("sub-footer.php");
include("footer.php");
?>