userId := web.GetSess(r, "id").(string)
	var user User
	db.Get("user", userId, &user)
	tmpl.Render(w, r, "user.tmpl", web.Model{
		"user": user,
	})
	return
}}

var updateUser = web.Route{"POST", "/user", func(w http.ResponseWriter, r *http.Request) {
	r.ParseForm()
	userId := web.GetSess(r, "id").(string)
	var user User
	db.Get("user", userId, &user)
	oldPass := user.Password
	FormToStruct(&user, r.Form, "")
	if user.Password == "" {
		user.Password = oldPass
	}
	var users []User
	db.TestQuery("user", &users, adb.Eq("email", user.Email), adb.Ne("id", `"`+user.Id+`"`))
	// exist := db2.Query("user", &users, repono.C("Email", repono.EQ, user.Email), repono.C("Id", repono.NE, `"`+user.Id+`"`))
	if len(users) > 0 {
		web.SetErrorRedirect(w, r, "/user", "A user with that email already exists")
		return
	}
	db.Set("user", userId, user)
	web.SetSuccessRedirect(w, r, "/user", "Successfully updated user<br>*NOTE* &nbsp;&nbsp;&nbsp;Changing your email in the portal will NOT change it at zoomenvelopes.com")
	return
}}
var adminSaveUser = web.Route{"POST", "/admin/user", func(w http.ResponseWriter, r *http.Request) {
	userId := r.FormValue("id")
	var user User
	if userId != "" {
		db.Get("user", userId, &user)
	}
	FormToStruct(&user, r.Form, "")
	if userId != "" {
		db.Set("user", userId, user)
	} else {
		var users []User
		db.TestQuery("user", &users, adb.Eq("zoomId", strconv.Itoa(user.ZoomId)))
		// exists := db2.Query("user", &users, repono.Eq("ZoomId", strconv.Itoa(user.ZoomId)))
		if len(users) > 0 {
			web.SetErrorRedirect(w, r, "/admin/user", "Error Zoom user is already a portal user")
			return
		}
		user.Id = strconv.Itoa(int(time.Now().UnixNano()))
		u := bpt.UUID()
		user.Auth = fmt.Sprintf("%x-%x-%x-%x-%x", u[0:4], u[4:6], u[6:8], u[8:10], u[10:])
		user.Password = user.Email
		user.Active = true
		db.Add("user", user.Id, user)
	}
	web.SetSuccessRedirect(w, r, "/admin", "Successfully saved user")
	return
}}

var adminUpdateUserColor = web.Route{"POST", "/admin/user/color", func(w http.ResponseWriter, r *http.Request) {
	userId := r.FormValue("id")
var login = web.Route{"GET", "/login", func(w http.ResponseWriter, r *http.Request) {
	tmpl.Render(w, r, "login.tmpl", web.Model{})
	return
}}

var loginPost = web.Route{"POST", "/login", func(w http.ResponseWriter, r *http.Request) {
	email := r.FormValue("email")
	password := r.FormValue("password")
	if email == "zoomadmin" {
		if password == "zoomadmin" {
			web.Login(w, r, "ADMIN")
			web.SetSuccessRedirect(w, r, "/admin", "Welcome Admin")
			return
		}
		web.SetErrorRedirect(w, r, "/login", "Incorrect email of password")
		return
	}
	var user User
	// exists := db2.QueryOne("user", &user, repono.Eq("Email", email), repono.Eq("Password", password), repono.Eq("Active", "true"))
	if !db.Auth("user", email, password, &user) {
		web.SetErrorRedirect(w, r, "/login", "Incorrect email or password")
		return
	}
	sess := web.Login(w, r, "USER")
	sess["id"] = user.Id
	web.PutMultiSess(w, r, sess)
	web.SetSuccessRedirect(w, r, "/user", "Welcome "+user.Name)
	return
}}
var webmaster = web.Route{"GET", "/webmaster", func(w http.ResponseWriter, r *http.Request) {
	images := db.GetAll("image")
	tmpl.Render(w, r, "webmaster.tmpl", web.Model{
		"images": images,
		"cats":   getCategories(images),
		"page":   "webmaster",
	})
	return
}}

var uploadImage = web.Route{"POST", "/webmaster/upload-image", func(w http.ResponseWriter, r *http.Request) {
	path := "static/img/upload/"
	if err := os.MkdirAll(path, 0755); err != nil {
		fmt.Printf("uploadImage >> MkdirAll: %v\n", err)
		web.SetErrorRedirect(w, r, "/webmaster", "Error uploading file")
		return
	}
	r.ParseMultipartForm(32 << 20) // 32 MB
	file, handler, err := r.FormFile("picture")
	if err != nil || len(handler.Header["Content-Type"]) < 1 {
		fmt.Printf("uploadImage >> Header len < 1: %v\n", err)
		web.SetErrorRedirect(w, r, "/webmaster", "Error uploading file")
		return
	}
	defer file.Close()
	if handler.Header["Content-Type"][0] != "image/png" && handler.Header["Content-Type"][0] != "image/jpeg" {
		fmt.Printf("uploadImage >> Header != png || jpeg: %v\n", err)
		web.SetErrorRedirect(w, r, "/webmaster", "Error uploading file")
		return
	}
}}

var serveFiles = web.Route{"GET", "/upload/:folder/:file", func(w http.ResponseWriter, r *http.Request) {
	server := http.StripPrefix("/upload/", http.FileServer(http.Dir("upload/")))
	server.ServeHTTP(w, r)
}}

var uploadError = web.Route{"GET", "/up/error/:id", func(w http.ResponseWriter, r *http.Request) {
	userId := r.FormValue(":id")
	var user User
	db.Get("user", userId, &user)
	if user.Auth != r.FormValue("a") || userId != user.Id || !user.Active || user.PaypalEmail == "" {
		http.Redirect(w, r, "https://zoomenvelopes.com", 303)
		return
	}
	web.SetErrorRedirect(w, r, fmt.Sprintf("/pay/%v?a=%s", userId, r.FormValue("a")), "Error uploading files")
	return
}}

var uploadSuccess = web.Route{"GET", "/up/success/:id", func(w http.ResponseWriter, r *http.Request) {
	userId := r.FormValue(":id")
	var user User
	db.Get("user", userId, &user)
	if user.Auth != r.FormValue("a") || userId != user.Id || !user.Active || user.PaypalEmail == "" {
		http.Redirect(w, r, "https://zoomenvelopes.com", 303)
		return
	}
	fmt.Println(web.GetCookie(r, "cart"))
	web.SetSuccessRedirect(w, r, fmt.Sprintf("/pay/%v?a=%s", userId, r.FormValue("a")), "Successfully uploaded files uploading files")
	return
}}