template_dir = $prefix."smarty/templates"; $smarty->compile_dir = $prefix."smarty/templates_c"; $smarty->cache_dir = $prefix."smarty/cache"; $smarty->config_dir = $prefix."smarty/configs"; // Default action is to display entries in DB $dblink = connectToSQL("db373.perfora.net", "dbo166284576", "aBRZEJm5", "db166284576"); if($_GET['e']) { // if there is a hash included in the url $foundID = 0; $q_query = "SELECT id, email from penngaa"; $emails = query_ASSOC($q_query, $dblink); foreach($emails as $email) { if(md5($email['email']) == $_GET['e']) { // hash in URL matches hashed email, so get ID $foundID = $email['id']; } } if($foundID) { // get the info for this user $q_query = "SELECT * from penngaa WHERE id='$foundID'"; $usr = query_ASSOC($q_query, $dblink); // Set up vars $smarty->assign("usr", $usr[0]); $smarty->assign("fname", $usr[0]['fname']); $smarty->assign("lname", $usr[0]['lname']); $smarty->assign("city", $usr[0]['city']); $smarty->assign("state", $usr[0]['state']); $smarty->assign("country", $usr[0]['country']); $smarty->assign("zip", $usr[0]['zip']); $smarty->assign("emp", $usr[0]['emp']); $smarty->assign("empurl", $usr[0]['empurl']); $smarty->assign("url", $usr[0]['url']); $smarty->assign("occ", $usr[0]['occ']); $smarty->assign("getnews", $usr[0]['getnews']); $smarty->assign("phone", $usr[0]['phone']); $smarty->assign("email", $usr[0]['email']); $smarty->assign("id", $usr[0]['id']); $smarty->assign("mentor", $usr[0]['mentor']); $smarty->assign("helpout", $usr[0]['helpout']); $smarty->assign("showemail", $usr[0]['showemail']); $smarty->assign("showloc", $usr[0]['showloc']); $smarty->assign("showjob", $usr[0]['showjob']); // Show edit template $smarty->display('edit_user.tpl'); } else { $message = "Validation failed. Access denied. Make sure you entered the correct validation link."; $smarty->assign('message', $message); $smarty->display('validate_email_form.tpl'); } } else if($_POST['e']) { $suppliedEmail = $_POST['e']; $q_query = "SELECT id, email from penngaa where email='".$suppliedEmail."'"; $email = query_ASSOC($q_query, $dblink); if(count($email) >= 1) { $to = trim($_POST['e']); print("Found ".$to." -- sending validated link. Check your inbox for a link to edit your information."); $hash = md5($email[0]['email']); $url = "http://www.penncga.org/update-your-info/index.php?e=$hash"; $message = "Someone has attempted to validate the email address ".$to." \r\n"; $message .= "Click the following link (or copy and paste the URL into a browser) to update the information associated with this email address.\r\n"; $message .= $url."\r\n"; $message .= "If you did not request this validation, please send an email to matt@matt-roberts.net.\r\r\n"; $headers = 'From: PennCGA Email Validation' . "\r\n" . 'Reply-To: admin@penncga.org' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); $subject = "PennCGA email validation"; mail($to, $subject, $message, $headers); } else { $message = "Cannot find supplied email '$suppliedEmail'"; $smarty->assign('message', $message); $smarty->display('validate_email_form.tpl'); } } else if($_POST['id']) // update form posted this { //print_r($_POST); $datetime = date("Y-m-d H:m:s"); //UPDATE `penngaa` SET `helpout` = '1' WHERE `id` =13 LIMIT 1 ; $q_update = "UPDATE penngaa SET email='".$_POST['email']."', "; $q_update .= "city='".$_POST['city']."', "; $q_update .= "state='".$_POST['state']."', "; $q_update .= "zip='".$_POST['zip']."', "; $q_update .= "phone='".$_POST['phone']."', "; $q_update .= "emp='".$_POST['emp']."', "; if (eregi('http://', $_POST['url']) || $_POST['url'] == "") { $url= $_POST['url']; } else { $url = "http://".$_POST['url']; } $q_update .="url='".$url."',"; // check url if (eregi('http://', $_POST['empurl']) || $_POST['empurl'] == "") { $empurl_update= $_POST['empurl']; } else { $empurl_update = "http://".$_POST['empurl']; } $empurl_update = $_POST['empurl']; $q_update .= "empurl='". $empurl_update."',"; $q_update .= "dmd='".$_POST['dmd']."', "; $q_update .= "cggt='".$_POST['cggt']."', "; $q_update .= "phd='".$_POST['phd']."', "; $q_update .= "friend='".$_POST['friend']."', "; $q_update .= "wug='".$_POST['wug']."', "; $q_update .= "wg='".$_POST['wg']."', "; $q_update .= "sasug='".$_POST['sasug']."', "; $q_update .= "sasg='".$_POST['sasg']."', "; $q_update .= "seasug='".$_POST['seasug']."', "; $q_update .= "seasg='".$_POST['seasg']."', "; $q_update .= "occ='".$_POST['occ']."', "; $q_update .= "getnews='".$_POST['getnews']."', "; $q_update .= "mentor='".$_POST['mentor']."', "; $q_update .= "helpout='".$_POST['helpout']."', "; $q_update .= "country='".$_POST['country']."', "; $q_update .= "showemail='".$_POST['showemail']."', "; $q_update .= "showjob='".$_POST['showjob']."', "; $q_update .= "showloc='".$_POST['showloc']."', "; $q_update .= "timestamp='".$datetime."' "; $q_update .= "WHERE id='".$_POST['id']."'"; query_ASSOC($q_update, $dblink); $smarty->display('edit_save.tpl'); } else { $smarty->display('validate_email_form.tpl'); } ?>