Get_Text("makeuser_T-Shirt"),
'size_select' => ($user['Tshirt'] == 0) ? html_select_key('size', array (
'S' => "S",
'M' => "M",
'L' => "L",
'XL' => "XL",
'2XL' => "2XL",
'3XL' => "3XL",
'4XL' => "4XL",
'5XL' => "5XL",
'S-G' => "S Girl",
'M-G' => "M Girl",
'L-G' => "L Girl",
'XL-G' => "XL Girl"
), $user['Size']) : $user['Size']
));
return template_render('../templates/user_settings.html', array (
'link' => page_link_to("user_settings"),
'greeting' => Get_Text("Hallo") . $user['Nick'] . ",
" . Get_Text(13),
'text_user_data' => Get_Text("pub_einstellungen_Text_UserData"),
'label_nick' => Get_Text("pub_einstellungen_Nick"),
'label_name' => Get_Text("pub_einstellungen_Name"),
'label_prename' => Get_Text("pub_einstellungen_Vorname"),
'label_age' => Get_Text("pub_einstellungen_Alter"),
'label_tel' => Get_Text("pub_einstellungen_Telefon"),
'label_mobile' => Get_Text("pub_einstellungen_Handy"),
'label_dect' => Get_Text("pub_einstellungen_DECT"),
'label_mail' => Get_Text("pub_einstellungen_Email"),
'label_hometown' => Get_Text("pub_einstellungen_Hometown"),
'nick' => $user['Nick'],
'name' => $user['Name'],
'prename' => $user['Vorname'],
'age' => $user['Alter'],
'tel' => $user['Telefon'],
'mobile' => $user['Handy'],
'dect' => $user['DECT'],
'mail' => $user['email'],
'icq' => $user['ICQ'],
'jabber' => $user['jabber'],
'hometown' => $user['Hometown'],
'label_save' => Get_Text("save"),
'tshirts' => $tshirt_html,
'text_password' => Get_Text(14),
'current_pw_label' => Get_Text(15),
'new_pw_label' => Get_Text(16),
'new_pw2_label' => Get_Text(17),
'text_theme' => Get_Text(18),
'theme_label' => Get_Text(19),
'theme_select' => html_select_key('theme', array (
"1" => "Standard-Style",
"2" => "ot/Gelber Style",
"3" => "Club-Mate Style",
"5" => "Debian Style",
"6" => "c-base Style",
"7" => "Blau/Gelber Style",
"8" => "Pastel Style",
"4" => "Test Style",
"9" => "Test Style 21c3",
"10" => "msquare (cccamp2011)"
), $user['color']),
'text_language' => Get_Text(20),
'language_label' => Get_Text(21),
'language_select' => html_select_key('language', array (
'DE' => "Deutsch",
'EN' => "English"
), $user['Sprache'])
));
} else {
switch ($_REQUEST['action']) {
case 'sprache' :
if (isset ($_REQUEST['language']) && preg_match("/^DE|EN$/", $_REQUEST['language']))
$language = $_REQUEST['language'];
else
$language = "EN";
sql_query("UPDATE `User` SET " . "`Sprache`='" . sql_escape($language) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
$_SESSION['Sprache'] = $language;
header("Location: " . page_link_to("user_settings"));
break;
case 'colour' :
$theme = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['theme']));
sql_query("UPDATE `User` SET " . "`color`='" . sql_escape($theme) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
header("Location: " . page_link_to("user_settings"));
break;
case 'set' :
$html = "";
if ($_REQUEST["new_pw"] == $_REQUEST["new_pw2"]) {
if (PassCrypt($_REQUEST["current_pw"]) == $user['Passwort']) {
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
header("Location: " . page_link_to("user_settings"));
} else {
$html .= error(Get_Text(30));
}
} else {
$html .= error(Get_Text(31));
}
return $html;
break;
case "setUserData" :
$nick = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['nick']));
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name']));
$prename = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['prename']));
$age = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['age']));
$tel = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['tel']));
$mobile = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mobile']));
$dect = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['dect']));
$mail = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mail']));
$icq = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['icq']));
$jabber = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['jabber']));
$hometown = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['hometown']));
$size = ($user['TShirt'] == 0) ? preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['size'])) : $user['Size'];
sql_query("UPDATE `User` SET " .
"`Nick`='" . sql_escape($nick) . "', " .
"`Name`='" . sql_escape($name) . "', " .
"`Vorname`='" . sql_escape($prename) . "', " .
"`Alter`='" . sql_escape($age) . "', " .
"`Telefon`='" . sql_escape($tel) . "', " .
"`Handy`='" . sql_escape($mobile) . "', " .
"`DECT`='" . sql_escape($dect) . "', " .
"`email`='" . sql_escape($mail) . "', " .
"`ICQ`='" . sql_escape($icq) . "', " .
"`jabber`='" . sql_escape($jabber) . "', " .
"`Hometown`='" . sql_escape($hometown) . "', " .
"`Size`='" . sql_escape($size) . "' " .
"WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
header("Location: " . page_link_to("user_settings"));
break;
}
}
// AVATARE
/*
if (get_cfg_var("file_uploads")) {
echo "
\n