authuser $authuser g $authguest"; // common sets authuser if authed and $authguest if it's guest (guest does not come back in authuser // handle id (User ID passed in) // See if ID is same a ID for the AUTHED user (userid from se_names) $sqlt="select * from se_names where id='$id'" ;// get userid for the requested profile (passed id) for auth check $rest=mysql_query($sqlt); if ($rowt=mysql_fetch_object($rest)) { $userid_t=$rowt->userid; // user id for the ID passed } else { $userid_t='now is the time hey hey'; } if ($isform) { if ($userid_t!=$authuser and $authuser!='admin') { echo "

Auth Error!

"; exit; } $sql="replace profiles set id='$id', educ='$educ', family='$family', prof='$prof', hobby='$hobby', ret='$ret', contact='$contact', pixurl='$pixurl', url='$url' "; $res=mysql_query($sql); // actual update //echo "

s=$sql ".mysql_error()."

"; // spin through all records } if ($isedit) { //echo "xx $userid_t xxxx $authuser"; if ($userid_t!=$authuser and $authuser!='admin') { echo "

Auth Error 2!

"; exit; } $sql="select * from profiles where id='$id'"; $res=mysql_query($sql); // echo "

s=$sql ".mysql_error()."

"; // spin through all records if ($row=mysql_fetch_object($res)) { } $cols=60; $rows=7; $educstr=""; $profstr=""; $familystr=""; $hobbystr=""; $retirestr=""; $contactstr=""; $urlstr=""; $pixurlstr=""; echo<< EOF; } else { // is normal not edit prompt, build fields NOT as form data $sql="select * from profiles where id='$id'"; $res=mysql_query($sql); // echo "

s=$sql ".mysql_error()."

"; // spin through all records if ($row=mysql_fetch_object($res)) { } function fordisp($t) { // prepare entry from db for display return str_replace("\n","
\n",$t); } $educstr=fordisp($row->educ); $profstr=fordisp($row->prof); $familystr=fordisp($row->family); $hobbystr=fordisp($row->hobby); $retirestr=fordisp($row->ret); $contactstr=fordisp($row->contact); $t=trim($row->url); $t2=$t; // for raw display for snafus if ($t) { $t=str_replace("http://","",$t); // strip out possible http stuff $urlstr="Personal Web Page
$t2"; } $pixurlstr=fordisp($row->pixurl); $sqlt="select * from se_names where id='$id'"; $rest=mysql_query($sqlt); // echo "

s=$sqlt ".mysql_error()."

"; if ($rowt=mysql_fetch_object($rest)) { // master se_names data $ph="db_images/db_"."$rowt->hname"."1.jpg"; // 7/2009 change to use ihrig s dir for photos //$ph="http://www.leawoodolympics.org/se64/pics/db_"."$rowt->hname"."1.jpg"; $oldphoto="

"; $phnew="db_images_pro/$rowt->hname".".jpg"; $phimg="

"; $userid=$rowt->userid; if (!file_exists("/southeast/$phnew")) $phimg=""; // no profile pix $deceased=$rowt->deceased; // checked later for output format } $newphoto="

$rowt->fname $rowt->lname

$phimg

"; } $editlink=""; if ($authok and ($authuser==$rowp->userid or $authuser=='admin')) { // is this picture/ID is the one LOGGED $editlink="Edit This Profile"; } echo "

$editlink

"; // standard output! // put out the big profile table if ($deceased) { echo << $oldphoto$newphoto Obituary$educstr EOF; } else { // not deceased echo << $oldphoto$newphoto Education$educstr Professional Life$profstr Family Life$familystr Hobbies & Interests$hobbystr Retirement Plans$retirestr Contact Information$contactstr Link$urlstr Photos$pixurlstr EOF; } if ($isedit) echo ""; ?>