Файл: savesetting.php
Строк: 19
<?php
include_once("files/ini.php");
include_once("files/data.php");
$fal = @file("data/reg/$log.dat");
$udata = explode(":||:",$fal[0]);
if($_POST[chat]!=="1" || $_POST[chat]!=="0"){ header ("Location: setting.php?&error");}
if($_POST[help]!=="1" || $_POST[help]!=="0"){ header ("Location: setting.php?&error");}
if($_POST[pict]!=="1" || $_POST[pict]!=="0"){ header ("Location: setting.php?&error");}
if(eregi("[^0-9]",$_POST[kolchat])){ header ("Location: setting.php?&error"); exit;}
//////////////////////////////////
$chat=str_replace("\","",$chat);
$chat=str_replace("/","",$chat);
$chat=str_replace("|","",$chat);
$chat=str_replace("$","",$chat);
$chat=str_replace("&","",$chat);
$chat=str_replace("<","",$chat);
$chat=str_replace(">","",$chat);
//////////////////////////////////
$pict=str_replace("\","",$pict);
$pict=str_replace("/","",$pict);
$pict=str_replace("|","",$pict);
$pict=str_replace("$","",$pict);
$pict=str_replace("&","",$pict);
$pict=str_replace("<","",$pict);
$pict=str_replace(">","",$pict);
//////////////////////////////////
$kolchat=str_replace("\","",$kolchat);
$kolchat=str_replace("/","",$kolchat);
$kolchat=str_replace("|","",$kolchat);
$kolchat=str_replace("$","",$kolchat);
$kolchat=str_replace("&","",$kolchat);
$kolchat=str_replace("<","",$kolchat);
$kolchat=str_replace(">","",$kolchat);
//////////////////////////////////
mysql_query("UPDATE `users` SET `udata21`='$chat' WHERE `udata0`='$log'");
mysql_query("UPDATE `users` SET `udata34`='$pict' WHERE `udata0`='$log'");
mysql_query("UPDATE `users` SET `udata35`='$kolchat' WHERE `udata0`='$log'");
mysql_query("UPDATE `users` SET `udata48`='$help' WHERE `udata0`='$log'");
mysql_query("UPDATE `users` SET `udata74`='$_POST[skil]' WHERE `udata0`='$log'");
header ("Location: setting.php?save&");
include_once"files/down.php";
?>