Title: User Profile Comment: View/edit a user's profile.

User Profile

Unknown user. my $action = $query->{action} || 'index'; if ($action eq 'index') { my $user = $query->{user} || ''; if (not length $user) { if ($root->{auth}) { $user = $root->{me}; } } # Check if the user exists. if (&userExists($user)) { # It does. Load their profile. &readUser($user) unless exists $root->{users}->{$user}; my $pro = $root->{users}->{$user}; my $tab = " " x 5; # Begin the page. $root->{content} = "

User Profile: " . ucfirst($user) . "

\n\n"; # Do they have a picture? if (length $pro->{picture} > 0) { $root->{content} .= "

{conf}->{users}->{picmaxwidth}px; " . "overflow: hidden; float: right; text-align: right\">\n" . "

{picture}\" alt=\"$user\">\n" . "

\n"; } $root->{content} .= "Username:
\n" . $tab . "$user
\n" . "Position:
\n" . $tab . "$root->{conf}->{powers}->{$pro->{power}}\n"; # Fill out the optional fields. my $fields = [ 'Basic Information' => '__header__', 'Real Name:' => 'name', 'Age:' => 'age', 'Gender:' => 'sex', 'Location:' => 'location', 'Avatar:' => 'avatar', 'Contact Information' => '__header__', 'AIM ScreenName:' => 'aim', 'MSN Passport:' => 'msn', 'Yahoo! ID:' => 'yim', 'Jabber ID:' => 'jabber', 'ICQ UIN:' => 'icq', 'Website:' => 'www', ]; for (my $i = 0; $i < scalar(@{$fields}); $i += 2) { my $j = $i + 1; my $title = $fields->[$i]; my $var = $fields->[$j]; if ($var eq '__header__') { $root->{content} .= "

$title

" . "\n\n"; } else { $root->{content} .= "$title" . "
\n"; if ($var eq 'avatar') { if (length $pro->{$var}) { $root->{content} .= "$tab

{$var}\" " . "width=\"100\" height=\"100\" alt=\"Avatar\">
\n"; } else { $root->{content} .= $tab . "No information.
\n"; } next; } if (length $pro->{$var} > 0) { if ($pro->{$var} =~ /^(.+?)\@(.+?)$/) { $pro->{$var} = "{$var}\">" . "$pro->{$var}"; } $root->{content} .= $tab . "$pro->{$var}
\n"; } else { $root->{content} .= $tab . "No information." . "
\n"; } } } # Admins can have an "edit" link. if ($root->{auth} == 1 && &isAdmin) { $root->{content} .= "

\n" . "[" . "edit this profile]\n" . "

"; } } } elsif ($action eq 'edit') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my $user = $query->{user} || ''; if (not length $user) { if ($root->{auth}) { $user = $root->{me}; } } # Only an admin can edit somebody else's profile. my $denied = 0; my $pro = {}; if ($root->{auth}) { if ($user ne $root->{me} && not &isAdmin) { $root->{content} = "

Access Denied

\n\n" . "You are not allowed to edit another " . "user's profile."; $denied = 1; } } if (&userExists($user)) { &readUser($user) unless exists $root->{users}->{$user}; $pro = $root->{users}->{$user}; } else { $root->{content} = "

User Not Found

\n\n" . "That user doesn't exist."; $denied = 1; } if (not $denied) { my $ckmale = ''; my $ckfem = ''; if (length $pro->{sex} > 0) { if ($pro->{sex} eq 'male') { $ckmale = ' checked'; } else { $ckfem = ' checked'; } } $root->{content} = "

Edit Profile

\n\n" . "Editing profile for user: $user

\n\n" . "

\n" . "\n" . "\n"; # Admin links. if (&isAdmin) { $root->{content} .= "

Admin Functions

\n\n" . "

" . "Change User Position [currently $root->{conf}->{powers}->{$pro->{power}} (" . "$pro->{power})]
" . "Reset Password
" . "Delete User

\n"; } $root->{content} .= "

Account Information

\n\n" . "Username:
\n" . "\n" . "$user

\n\n" . "Password:
\n" . "********* [change]

\n" . "E-Mail Address:
\n" . "{email}\">

\n\n" . "Time Zone:
\n" . &listTimezones() . "

\n\n" . "Position:
\n" . "$root->{conf}->{powers}->{$pro->{power}}

\n\n" . "Groups:\n"; foreach my $grp (split(/\,/, $pro->{group})) { $root->{content} .= "
" . ucfirst($grp) . "\n"; } my $avatarCode = ''; if (length $pro->{avatar}) { $avatarCode = "{avatar}\" width=\"100\" height=\"100\" alt=\"Avatar\">"; } else { $avatarCode = "No Avatar Selected"; } $root->{content} .= "

Personal Information

\n\n" . "Real Name:
\n" . "{name}\">

\n" . "Age:
\n" . "{age}\">

\n" . "Gender:
\n" . " " . "male\n" . " " . "female

\n" . "Location:
\n" . "{location}\">

\n" . "Profile Picture:
\n" . "[Add/Modify Picture]

\n\n" . "Personal Avatar:
\n" . "$avatarCode
\n" . "[Add/Modify Avatar]\n\n" . "

Contact Information

\n\n" . "AIM ScreenName:
\n" . "{aim}\">
\n" . "MSN Passport:
\n" . "{msn}\">
\n" . "Yahoo! ID:
\n" . "{yim}\">
\n" . "Jabber ID:
\n" . "{jabber}\">
\n" . "ICQ UIN:
\n" . "{icq}\">
\n" . "Website URL:
\n" . "{www}\">

\n\n" . "\n" . "

\n\n" . "\n"; } } elsif ($action eq 'update') { if (not $root->{auth}) { $root->{content} = "

Access Denied

User Not Found

\n\n" . "That user doesn't exist."; $denied = 1; } if (not $denied) { # Update their profile. my @fields = qw(email name age sex location aim msn yim jabber icq www); foreach my $var (@fields) { $query->{$var} =~ s~&~&~ig; $query->{$var} =~ s~<~<~ig; $query->{$var} =~ s~>~>~ig; $pro->{$var} = $query->{$var}; } $root->{users}->{$user} = $pro; &writeUser($user,%{$pro}); $root->{content} = "

Profile Updated

\n\n" . "Your profile has been updated. " . "" . "View your profile."; } } elsif ($action eq 'passwd') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } $root->{content} = "

Change Password

\n\n" . "\n"; } elsif ($action eq 'chpass') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my $old = md5_hex($query->{old}); my $pw1 = $query->{pw1}; my $pw2 = $query->{pw2}; if ($old ne $root->{users}->{$root->{me}}->{password}) { $root->{content} = "

Error

\n\n" . "Your old password was incorrect."; return 1; } if (length $pw1 < 6) { $root->{content} = "

Weak Password

\n\n" . "Your new password must be at least 6 characters long."; return 1; } if ($pw1 ne $pw2) { $root->{content} = "

Passwords Don't Match

\n\n" . "Your new passwords don't match."; return 1; } my $pass = md5_hex($pw1); $root->{users}->{$root->{me}}->{password} = $pass; &writeUser ($root->{me}, %{$root->{users}->{$root->{me}}}); # Re-login. &doLogin ($root->{me},$pass,'no'); $root->{content} = "

Password Changed

\n\n" . "Your password has been changed."; } elsif ($action eq 'avatar') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my $current = $root->{users}->{$root->{me}}->{avatar} || ''; $root->{content} = "

Personal Avatar

\n\n" . "Current Avatar:
\n"; if (length $current) { $root->{content} .= " $\"Avatar\"$
\n" . "[Remove Avatar]

\n\n"; } else { $root->{content} .= "No Avatar Selected

\n\n"; } $root->{content} .= "

Change Avatar

\n\n" . ""; } elsif ($action eq 'newavatar') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my $fname = $query->{photo}; my $format = ''; # Uploading a picture. if ($fname =~ /\.(jpg|jpeg|jpe)$/i) { $format = 'jpg'; } elsif ($fname =~ /\.gif$/i) { $format = 'gif'; } elsif ($fname =~ /\.png$/i) { $format = 'png'; } else { $root->{content} = "

Unsupported File Type

\n\n" . "Your image must be of a JPEG, PNG, or GIF format."; return 1; } # Get the filehandle. my $handle = $cgi->upload ("photo"); my $binary = ''; while (<$handle>) { $binary .= $_; } # Missing file data? if (length $binary > 102400) { $root->{content} = "

Uploaded File Too Large

\n\n" . "Your avatar's file size must be under 100 KB."; return 1; } if (length $binary == 0) { $root->{content} = "

No Image Data

\n\n" . "The image you uploaded was empty."; return 1; } # Write it to a temporary file. open (WRITE, ">$root->{conf}->{site}->{public}/avatars/user_$root->{me}.$format"); binmode WRITE; print WRITE $binary; close (WRITE); # Load GD to analyze and possible scale down the image. use GD; my $original = undef; if ($format eq 'jpg') { $original = GD::Image->newFromJpeg ("$root->{conf}->{site}->{public}/avatars/user_$root->{me}.jpg"); } elsif ($format eq 'gif') { $original = GD::Image->newFromGif ("$root->{conf}->{site}->{public}/avatars/user_$root->{me}.gif"); } else { $original = GD::Image->newFromPng ("$root->{conf}->{site}->{public}/avatars/user_$root->{me}.png"); } my $width = $original->width; my $height = $original->height; # The dimensions must be exactly 100x100 pixels. if ($width != 100 || $height != 100) { # Unlink the image. unlink ("$root->{conf}->{site}->{public}/avatars/user_$root->{me}.$format"); $root->{content} = "

Invalid Avatar Size

\n\n" . "Your avatar must be 100x100 pixels in size."; return 1; } else { # Good. Save it. $root->{users}->{$root->{me}}->{avatar} = "$root->{conf}->{site}->{public}/avatars/user_$root->{me}.$format"; # Write their profile. &writeUser($root->{me}, %{$root->{users}->{$root->{me}}}); $root->{content} = "

Avatar Uploaded

\n\n" . "Your avatar has been uploaded successfully. " . "" . "View your avatar."; } } elsif ($action eq 'delavatar') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my @notes = (); # Removing our avatar. foreach (qw(jpg jpeg jpe gif png)) { if (-f "$root->{conf}->{site}->{public}/avatars/user_$root->{me}.$_") { unlink ("$root->{conf}->{site}->{public}/avatars/user_$root->{me}.$_"); push (@notes,"Deleted $root->{conf}->{site}->{public}/avatars/user_$root->{me}.$_"); } } # Unset the picture. $root->{users}->{$root->{me}}->{avatar} = ''; push (@notes,"Unset avatar variable"); # Write the profile. &writeUser($root->{me}, %{$root->{users}->{$root->{me}}}); push (@notes,"Wrote profile information"); $root->{content} = "

Unset Avatar

\n\n" . "Your personal avatar has been removed. The following actions were " . "performed:\n\n" . "

" . join("
",@notes) . "

\n\n" . "Back to avatar manager"; } elsif ($action eq 'picture') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my $current = $root->{users}->{$root->{me}}->{picture}; my $maxsize = int($root->{conf}->{users}->{picmaxsize} / 1024); $root->{content} = "

Profile Picture

\n\n" . "Current Picture:\n"; if (length $current) { $root->{content} .= "

{conf}->{users}->{picmaxwidth}px; " . "overflow: hidden; border: 1px dashed #000000; padding: 5px\">\n" . " $\"Your$ \n" . "

\n" . "[Remove Picture]

\n\n"; } else { $root->{content} .= "
No picture uploaded.

\n\n"; } $root->{content} .= "

Change Picture

\n\n" . ""; } elsif ($action eq 'newpic') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my $source = $query->{source}; my $http = $query->{http}; my $fname = $query->{photo}; if ($source !~ /^(http|upload)$/) { $root->{content} = "

Unknown Image Source

\n\n" . "Your image source can be either HTTP or file upload."; return 1; } if ($source eq 'http') { # This one's simple--just set their profile picture to this URL. if ($http =~ /^(http|https|ftp):\/\//i) { $root->{users}->{$root->{me}}->{picture} = $http; &writeUser($root->{me}, %{$root->{users}->{$root->{me}}}); $root->{content} = "

Picture Set

\n\n" . "Your off-site picture has been defined. " . "" . "See your profile picture."; return 1; } else { $root->{content} = "

Unsupported Protocol

\n\n" . "Your off-site picture URL must begin with a proper " . "http:// prefix (most standard web protocols are " . "supported)."; } } else { # Get the max size in kilobytes. my $maxsize = int($root->{conf}->{users}->{picmaxsize} / 1024); my $format = ''; # Uploading a picture. if ($fname =~ /\.(jpg|jpeg|jpe)$/i) { $format = 'jpg'; } elsif ($fname =~ /\.gif$/i) { $format = 'gif'; } elsif ($fname =~ /\.png$/i) { $format = 'png'; } else { $root->{content} = "

Unsupported File Type

\n\n" . "Your image must be of a JPEG, PNG, or GIF format."; return 1; } # Get the filehandle. my $handle = $cgi->upload ("photo"); my $binary = ''; while (<$handle>) { $binary .= $_; } # File too big? if (length $binary > $root->{conf}->{users}->{picmaxsize}) { $root->{content} = "

File Too Big

\n\n" . "Your profile picture must be less than $maxsize KB."; return 1; } if (length $binary == 0) { $root->{content} = "

No Image Data

\n\n" . "The image you uploaded was empty."; return 1; } # Write it to a temporary file. open (WRITE, ">$root->{conf}->{site}->{public}/pictures/$root->{me}.$format"); binmode WRITE; print WRITE $binary; close (WRITE); # Load GD to analyze and possible scale down the image. use GD; my $original = undef; if ($format eq 'jpg') { $original = GD::Image->newFromJpeg ("$root->{conf}->{site}->{public}/pictures/$root->{me}.jpg"); } elsif ($format eq 'gif') { $original = GD::Image->newFromGif ("$root->{conf}->{site}->{public}/pictures/$root->{me}.gif"); } else { $original = GD::Image->newFromPng ("$root->{conf}->{site}->{public}/pictures/$root->{me}.png"); } my $width = $original->width; my $height = $original->height; # Too wide? if ($width > $root->{conf}->{users}->{picmaxwidth}) { # Yes. We need to scale it down. my $ratio = $root->{conf}->{users}->{picmaxwidth} / $width; my $newHeight = int($height * $ratio); my $newWidth = $root->{conf}->{users}->{picmaxwidth}; # Scale. my $newpic = GD::Image->new ($newWidth,$newHeight,1); $newpic->copyResized ( $original, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height, ); # Rewrite the file. if ($format ne 'jpg') { # If the original wasn't a JPG, delete it. unlink ("$root->{conf}->{site}->{public}/pictures/$root->{me}.$format"); } open (WRITE, ">$root->{conf}->{site}->{public}/pictures/$root->{me}.jpg"); binmode WRITE; print WRITE $newpic->jpeg(100); close (WRITE); # Point to the jpg file. $root->{users}->{$root->{me}}->{picture} = "$root->{conf}->{site}->{public}/pictures/$root->{me}.jpg"; } else { # It's small enough as it is. Don't need to mess with it. $root->{users}->{$root->{me}}->{picture} = "$root->{conf}->{site}->{public}/pictures/$root->{me}.$format"; } # Write their profile. &writeUser($root->{me}, %{$root->{users}->{$root->{me}}}); $root->{content} = "

Picture Uploaded

\n\n" . "Your picture has been uploaded successfully. " . "" . "View your picture."; } } elsif ($action eq 'delpic') { if (not $root->{auth}) { $root->{content} = "

Access Denied

\n\n" . "You must be logged in to do that!\n\n" . ""; return 1; } my @notes = (); # Removing our picture. foreach (qw(jpg jpeg jpe gif png)) { if (-f "$root->{conf}->{site}->{public}/pictures/$root->{me}.$_") { unlink ("$root->{conf}->{site}->{public}/pictures/$root->{me}.$_"); push (@notes,"Deleted $root->{conf}->{site}->{public}/pictures/$root->{me}.$_"); } } # Unset the picture. $root->{users}->{$root->{me}}->{picture} = ''; push (@notes,"Unset profile picture"); # Write the profile. &writeUser($root->{me}, %{$root->{users}->{$root->{me}}}); push (@notes,"Wrote profile information"); $root->{content} = "

Unset Picture

\n\n" . "Your profile picture has been removed. The following actions were " . "performed:\n\n" . "

" . join("
",@notes) . "

\n\n" . "Back to picture manager"; }