Your IP : 216.73.216.40
<?php
$loginID = $_REQUEST['loginID'];
if (!$loginID) $loginID = $user;
$tbl = 'profiles';
if ($submit == 'SAVE') {
$passwd = $_POST['passwd'];
$title = htmlsafe($_POST['title']);
$full_name = htmlsafe($_POST['full_name']);
$father_name = htmlsafe($_POST['father_name']);
$designation = htmlsafe($_POST['designation']);
$email = htmlsafe($_POST['email']);
$webpage = htmlsafe($_POST['webpage']);
$dob = $_POST['dob'];
$dojoining = $_POST['dojoining'];
$address = htmlsafe($_POST['address']);
$phone_no = htmlsafe($_POST['phone_no']);
$hobbies = htmlsafe($_POST['hobbies']);
$blood_group = htmlsafe($_POST['blood_group']);
$known_lang = htmlsafe($_POST['known_lang']);
$expertise = htmlsafe($_POST['expertise']);
$achievements = htmlsafe($_POST['achievements']);
$webmaster = htmlsafe($_POST['webmaster']);
if (mysql_num_rows(mysql_query("select * from $tbl where login='$loginID'"))) {
if ($passwd) mysql_query("update $tbl set passwd=password('$passwd') where login='$loginID'");
mysql_query("update $tbl set title='$title',full_name='$full_name',father_name='$father_name',
designation='$designation',email='$email',webpage='$webpage',dob='$dob',dojoining='$dojoining',
address='$address',phone_no='$phone_no',hobbies='$hobbies',blood_group='$blood_group',
known_lang='$known_lang',expertise='$expertise',achievements='$achievements',webmaster='$webmaster'
where login='$loginID'");
} else {
mysql_query("insert into $tbl(login,passwd,title,full_name,father_name,
designation,email,webpage,dob,dojoining,address,phone_no,hobbies,
blood_group,known_lang,expertise,achievements,webmaster)
values('$loginID',password('$passwd'),'$title','$full_name','$father_name',
'$designation','$email','$webpage','$dob','$dojoining','$address',
'$phone_no','$hobbies','$blood_group','$known_lang','$expertise',
'$achievements','No')");
}
echo "Your profile has been created/updated. <a href='$PHP_SELF?conf=$conf&loginID=$loginID'>Edit</a> here<br>";
} else if ($submit == 'DELETE') {
mysql_query("delete from $tbl where login='$loginID'");
}
if ($role == 'admin') {
echo "Select <b>LoginID</b>
<select name='logID' onchange=\"document.location.href='$PHP_SELF?conf=$conf&loginID='+this.value\">
<option value='new'>Add new profile</option>";
$rs = mysql_query("SELECT * FROM $tbl order by full_name");
while ($o = mysql_fetch_object($rs)) {
echo "<option value='$o->login'";
if ($loginID == $o->login) echo " selected";
echo ">$o->login</option>";
}
echo "</select>";
} else if (!$role) {
echo "Click on the name, sorted alphabetically, for detailed profile of the person.<br><ol>";
$rs = mysql_query("SELECT * FROM $tbl order by full_name");
while ($o = mysql_fetch_object($rs)) {
if ($loginID == $o->login) {
echo "<li><h3>$o->title $o->full_name, $o->designation</h3>
<table class='normal' width='90%' cellspacing='5'>
<tr valign='top'><td align='right' width='20%'>
<b>Name: </b></td><td width='80%'>$o->title $o->full_name</td>
<td rowspan='9' id='box'><img src='images/{$o->login}.jpg' width='150' height'200' border='0'></td></tr>
<tr><td align='right'><b>Designation: </b></td><td>$o->designation</td></tr>
<tr><td align='right'><b>Father's Name: </b></td><td>$o->father_name</td></tr>
<tr><td align='right'><b>Email: </b></td><td>$o->email</td></tr>
<tr><td align='right'><b>Phone No.: </b></td><td>$o->phone_no</td></tr>
<tr><td align='right'><b>Date of Birth: </b></td><td>$o->dob</td></tr>
<tr><td align='right'><b>Date of Joining: </b></td><td>$o->dojoining</td></tr>
<tr><td align='right'><b>Blood Group: </b></td><td>$o->blood_group</td></tr>
<tr><td align='right'><b>Address: </b></td><td>$o->address</td></tr>
<tr><td align='right'><b>Hobbies: </b></td><td>$o->hobbies</td></tr>
<tr><td align='right'><b>Language Known: </b></td><td>$o->known_lang</td></tr>
<tr><td align='right'><b>Expertise: </b></td><td>$o->expertise</td></tr>
<tr><td align='right'><b>Achievements: </b></td><td>$o->achievements</td></tr>
</table></li>";
} else {
echo "<li><a href='$PHP_SELF?conf=profiles&loginID=$o->login'>
$o->title $o->full_name, $o->designation</a></li>";
}
}
echo "</ol>";
}
if ($role == 'admin' || $role == 'user' || loginID == 'new') {
if ($role == 'admin') $rs = mysql_query("select * from $tbl where login='$loginID'");
else $rs = mysql_query("select * from profiles where login='$user'");
$o = mysql_fetch_object($rs);
?><p>
Please furnish these information in order to host your profile on website. Thanks.
<table class='search' width='100%' border='0' cellpadding='2' cellspacing='1'>
<tr><td class=normal>Login ID *</td>
<td><input type=text class=input name="loginID" value='<?=htmlsafe($loginID)?>' size=60>
</td></tr>
<tr><td class=normal>Password *</td>
<td><input type=password class=input name="passwd" value='' size=60>
</td></tr>
<tr><td class=normal>Name *</td>
<td><select name='title'>
<?php
$mttl = array('Mr.','Sri.','Ms.','Mrs.','Miss.','Dr.','Prof.');
foreach ($mttl as $tt){
echo "<option value='$tt'";
if($tt == htmlsafe($o->title)) echo " selected";
echo ">$tt</option>";
}
?>
</select> <input type=text class=input name="full_name" value='<?=htmlsafe($o->full_name)?>' size=51>
</td></tr>
<tr><td class=normal nowrap>Father's Name</td>
<td><input type=text class=input name="father_name" value='<?=htmlsafe($o->father_name)?>' size=60>
</td></tr>
<tr><td class=normal nowrap>Designation</td>
<td><input type=text class=input name="designation" value='<?=htmlsafe($o->designation)?>' size=60>
</td></tr>
<tr><td class=normal>Email *</td>
<td><input type=text class=input name="email" value='<?=htmlsafe($o->email)?>' size=60>
</td></tr>
<tr><td class=normal nowrap>Webpage</td>
<td><input type=text class=input name="webpage" value='<?=htmlsafe($o->webpage)?>' size=60>
</td></tr>
<tr><td class=normal nowrap>Date of Birth</td>
<td><input type=text class=input name="dob" value='<?=$o->dob?>' size=60>
</td></tr>
<tr><td class=normal nowrap>Blood Group</td>
<td><select class=input name="blood_group" style="width:50">
<?php
$bgroup = array('A+','A-','B+','B-','O+','O-','AB+','AB-');
foreach ($bgroup as $bg){
echo "<option value='$bg'";
if($bg == htmlsafe($o->blood_group)) echo " selected";
echo ">$bg</option>";
}
?>
</select> [ <a href='inner.php?conf=uploads'>Upload Photo</a> ]</td></tr>
<tr><td class=normal nowrap>Date of Joining</td>
<td><input type=text class=input name="dojoining" value='<?=$o->dojoining?>' size=60>
</td></tr>
<tr><td class=normal nowrap>Address</td>
<td><input type=text class=input name="address" value='<?=htmlsafe($o->address)?>' size=60>
</td></tr>
<tr><td class=normal nowrap>Contact No.</td>
<td><input type=text class=input name="phone_no" value='<?=htmlsafe($o->phone_no)?>' size=60>
</td></tr>
<tr><td class=normal>Hobbies</td>
<td><textarea name="hobbies" class=input cols=50 rows=3><?=htmlsafe($o->hobbies)?></textarea>
</td></tr>
<tr><td class=normal nowrap>Languages Known</td>
<td><textarea name="known_lang" class=input cols=50 rows=3><?=htmlsafe($o->known_lang)?></textarea>
</td></tr>
<tr><td class=normal nowrap>Expertise</td>
<td><textarea name="expertise" class=input cols=50 rows=3><?=htmlsafe($o->expertise)?></textarea>
</td></tr>
<tr><td class=normal>Achievements</td>
<td><textarea name="achievements" class=input cols=50 rows=3><?=htmlsafe($o->achievements)?></textarea>
</td></tr>
<?php
if ($role == 'admin') {
echo "<tr><td class=normal>Webmaster</td><td><select name='webmaster' style='width:60'>";
$webm = array('Yes','No');
foreach ($webm as $wm){
echo "<option value='$wm'";
if($wm == htmlsafe($o->webmaster)) echo " selected";
echo ">$wm</option>";
}
echo "</select></td></tr>";
}
?>
</table>
<input type="submit" name="submit" value="SAVE" style='width:80px'>
<input type="submit" name="submit" value="DELETE" style='width:80px'>
<?php
}
?>