Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tag: 1.2
Fetching contributors…

Cannot retrieve contributors at this time

file 118 lines (102 sloc) 2.841 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118
<?php

function isValidEmail($email)
{
$pattern = "/^[\w\.=-]+@[\w\.-]+\.[\w]{2,3}$/";

if (preg_match($pattern,$email) == 1)
{
return true;
}
else
{
return false;
}
}


function urlfilesize($url,$thereturn)
{
if (substr($url,0,4)=='http')
{
$x = array_change_key_case(get_headers($url, 1),CASE_LOWER);
$x = $x['content-length'];
}
else
{
$x = @filesize($url);
}
if (!$thereturn)
{
return $x;
}
elseif ($thereturn == 'mb')
{
return round($x / (1024*1024),2);
}
elseif ($thereturn == 'kb')
{
return round($x / (1024),0);
}
}

include_once("class.User.php");
session_start();

if (strlen(trim(stripslashes($_POST['password']))) < 3)
{
header("Location: editUser.php?userId=".$_SESSION['user']->getUserId()."&error=2");
exit();
}
if (!isValidEmail(trim(stripslashes($_POST['email']))))
{
header("Location: editUser.php?userId=".$_SESSION['user']->getUserId()."&error=1");
exit();
}

$sigStr = stripslashes($_POST['sig']);
$sigStr = str_replace("\n","",$sigStr);
$sigStr = str_replace("\r\n","",$sigStr);
$sigStr = str_replace("\r","",$sigStr);

preg_match_all("/<img.*? \/>/",$sigStr,$matches);

foreach ($matches[0] as $match)
{
$url = substr(substr(strstr($match,'src="'),5),0,strpos(substr(strstr($match,'src="'),5),'"'));
if (@urlfilesize($url,"kb") <= 200)
{
$imgDimensions = @getimagesize($url);

if ($imgDimensions[0] > 600 || $imgDimensions[1] > 600 || $imgDimensions == false)
{
$sigStr = str_replace($match,"",$sigStr);
}
}
else
{
$sigStr = str_replace($match,"",$sigStr);
}
}

$sigStr = strip_tags($sigStr,'<p><br><b><i><u><strong><em><li><ul><ol><img><table><tr><td><hr><font><span><sub><sup><tbody><blockquote>');

if ($_POST['hideEmail'] == 'yes')
{
$hideEmail = 1;
}
else
{
$hideEmail = 0;
}

if (@urlfilesize($_POST['avatar'],"kb") <= 100)
{
$imgDimensions = @getimagesize($_POST['avatar']);
if ($imgDimensions[0] <= 70 && $imgDimensions[1] <= 70 && $imgDimensions != false)
{
$img = $_POST['avatar'];
}
else
{
$img = "";
}
}
else
{
$img = "";
}

$newUserStr = $_SESSION['user']->getUserId()."\n".trim(stripslashes($_POST['password']))."\nfalse\n".$_SESSION['user']->getNoTopics()."\n".$_SESSION['user']->getNoPosts()."\n".$_SESSION['user']->getJoinDate()."\n".$_SESSION['user']->getLevel()."\n".$sigStr."\n".trim(stripslashes($_POST['email']))."\n".$hideEmail."\n".$img;

file_put_contents("db/Users/".$_SESSION['user']->getUserId().".dat",$newUserStr);

$temp = new User($newUserStr);
$_SESSION['loggedIn'] = true;
$_SESSION['user'] = $temp;
header("location: editUser.php?userId=".$_SESSION['user']->getUserId());
?>
Something went wrong with that request. Please try again.