I hope to implement this as a feature very soon. Here's a stylized version of the profile script:
<?php
// USER PROFILE SCRIPT
// (c) 2005 Dean Wiebe / ListMail
//
// Usage:
// profile.php?u=example&e=email@example.com (with require_email set to true)
// or profile.php?u=example (with require_email set to false - default)
// to move profile.php out of the mail directory, set the variable below to point
// to your ListMail folder relative to the working folder, with a trailing slash:
// example: $lmp = 'mail/';
// default is the current directory, as already set
$lmp = './';
// load ListMail config
include($lmp.'config.php');
include($lmp.'admin.php');
// MySQL connection done automatically with admin.php
// load profile from uid (and email, if desired) with variables u and e
if(get_magic_quotes_gpc()==0){
$e = addslashes($e);
$u = addslashes($u);
$email = addslashes($email);
$fname = addslashes($fname);
$lname = addslashes($lname);
$user1 = addslashes($user1);
$user2 = addslashes($user2);
$user3 = addslashes($user3);
$user4 = addslashes($user4);
$user5 = addslashes($user5);
$user6 = addslashes($user6);
$user7 = addslashes($user7);
}
// also require email? (added security)
// $require_email = true;
$require_email = false;
// VERIFY CREDENTIALS
if($u){
if($require_email && !$e) exit_error(1);
} else exit_error(1);
if($require_email && !valid_email($e)) exit_error(4);
// CHECK USER
$ucmd = "select email,fname,lname,user1,user2,user3,user4,user5,user6,user7 from $utable where uid = '$u'";
if($require_email) $ucmd .= " and email like '$e'";
// echo "ucmd=$ucmd<br>";
$urow = mysql_query($ucmd);
if(@mysql_num_rows($urow)>0){
if(!$save) list($email,$fname,$lname,$user1,$user2,$user3,$user4,$user5,$user6,$user7) = mysql_fetch_row($urow);
} else {
if(!$save) exit_error(2);
}
// SAVE
if($save){
if(!valid_email($email)) exit_error(4);
$cmd = "update $utable set email = '$email', fname = '$fname', lname = '$lname', user1 = '$user1', user2 = '$user2', user3 = '$user3', user4 = '$user4', user5 = '$user5', user6 = '$user6', user7 = '$user7' where uid = '$u'";
if($require_email) $cmd .= " and email like '$e'";
// echo "cmd=$cmd<br>";
if(mysql_query($cmd)){
$status_msg = 'User updated!';
$email = stripslashes($email);
$fname = stripslashes($fname);
$lname = stripslashes($lname);
$user1 = stripslashes($user1);
$user2 = stripslashes($user2);
$user3 = stripslashes($user3);
$user4 = stripslashes($user4);
$user5 = stripslashes($user5);
$user6 = stripslashes($user6);
$user7 = stripslashes($user7);
}
else exit_error(3);
}
// EDIT PAGE
echo "<html>
<head>
<title>User Profile</title>
<style type=text/css rel=stylesheet><!--
h1 { font: 14pt verdana; margin-bottom: 3px; }
td { font: 9pt verdana; }
.input_text { font: 9pt verdana; border: 1px solid #00000; }
.button { font: bold 9pt verdana; color: #222222; cursor: hand; margin-top: 2px; }
.status_text { font: 8pt verdana; color: blue; margin-top: 3px; }
--></style>
</head>
<body>
<h1>User Profile</h1>
<form method=post action=$PHP_SELF>
<table border=0 cellpadding=0 cellspacing=3>
<tr>
<td align=right>First Name<br></td>
<td><input type=text name=fname class=input_text value=\"".htmlspecialchars($fname)."\"><br></td>
</tr>
<tr>
<td align=right>Last Name<br></td>
<td><input type=text name=lname class=input_text value=\"".htmlspecialchars($lname)."\"><br></td>
</tr>
<tr>
<td align=right>Email Address<br></td>
<td><input type=text name=email class=input_text value=\"".htmlspecialchars($email)."\"><br></td>
</tr>
<tr>
<td align=right>Address 1<br></td>
<td><input type=text name=user1 class=input_text value=\"".htmlspecialchars($user1)."\"><br></td>
</tr>
<tr>
<td align=right>Address 2<br></td>
<td><input type=text name=user2 class=input_text value=\"".htmlspecialchars($user2)."\"><br></td>
</tr>
<tr>
<td align=right>Town/City<br></td>
<td><input type=text name=user3 class=input_text value=\"".htmlspecialchars($user3)."\"><br></td>
</tr>
<tr>
<td align=right>County/State<br></td>
<td><input type=text name=user4 class=input_text value=\"".htmlspecialchars($user4)."\"><br></td>
</tr>
<tr>
<td align=right>Postal/Zip Code<br></td>
<td><input type=text name=user5 class=input_text value=\"".htmlspecialchars($user5)."\"><br></td>
</tr>
<tr>
<td align=right>Country<br></td>
<td><input type=text name=user6 class=input_text value=\"".htmlspecialchars($user6)."\"><br></td>
</tr>
<tr>
<td align=right>Mobile Phone #<br></td>
<td><input type=text name=user7 class=input_text value=\"".htmlspecialchars($user7)."\"><br></td>
</tr>
<tr>
<td colspan=2 align=center>
<input type=hidden name=u value=\"".htmlspecialchars($u)."\">
<input type=hidden name=e value=\"".htmlspecialchars($e)."\">
<input type=hidden name=save value=1>
<input class=button type=submit value=\"Submit Changes\"><br>
</td>
</tr>
</table>\n";
if($status_msg) echo "<div class=status_text>$status_msg</div>";
echo "</body>
</html>";
function exit_error($m){
if($m==1) $msg = 'missing data';
if($m==2) $msg = 'user not found';
if($m==3) $msg = 'database error - could not update user';
if($m==4) $msg = 'invalid email address';
echo "error: $msg<br>";
exit;
}
?>