Файл: bloodlands.pw/user/profile/edit.php
Строк: 254
<?php
require '../../system/sid.php';
require '../../system/config.php';
include '../../system/user.php';
include '../../system/head.php';
include '../../system/navigator.php';
whorm(0, 'edit');
$do = isset($_GET['do']) ? $_GET['do'] : NULL;
switch($do) {
default:
echo '<div class="title">Настройки</div>';
echo '<div class="menu">';
echo '<div class="auth2">
<u>Анкета</u> | <a href="/user/change_password.php">Безопасность</a>
</div></div>';
if (isset($_GET['ok'])) msg('Настройки сохранены!');
if ($user['sex'] == 1) {
$sex = 'Женский';
} elseif ($user['sex'] == 2) {
$sex = 'Мужской';
} else {
$sex = 'Не указано';
}
if ($user['know'] == 1) $Kn = 'Кодер';
elseif ($user['know'] == 2) $Kn = 'Дизайнер';
elseif ($user['know'] == 3) $Kn = 'Мастер';
elseif ($user['know'] == 4) $Kn = 'Продавец';
elseif ($user['know'] == 5) $Kn = 'Кредитор';
else $Kn = '-';
if (!empty($user['birth']))
{
$birth = calc_age($user['birth']) . ' (' . zodiak($user['birth']) . ')';
}
echo '<div class="menu"><div class="menu3"><a href="edit.php?do=name"><b>Имя:</b></a> ' . $user['name'] . '</div>
<div class="menu3"><a href="edit.php?do=sex"><b>Пол:</b></a> ' . $sex . '</div>
<div class="menu3"><a href="edit.php?do=status"><b>Статус:</b></a> ' . $user['status']. '</div>
<div class="menu3"><a href="edit.php?do=age"><b>Возраст:</b></a> ' . $birth . '</div>
<div class="menu3"><a href="edit.php?do=kosh"><b>Кошелек:</b></a> ' . $user['kosh'] . '</div>
<div class="menu3"><a href="edit.php?do=strana"><b>Страна:</b></a> ' . $user['strana'] . '</div>
<div class="menu3"><a href="edit.php?do=city"><b>Город:</b></a> ' . $user['gorod'] . '</div>
<div class="menu3"><a href="edit.php?do=phon"><b>Телефон:</b></a> ' . $user['phone'] . '</div>
<div class="menu3"><a href="edit.php?do=oper"><b>Оператор:</b></a> ' . $user['operator'] . '</div>
<div class="menu3"><a href="edit.php?do=site"><b>Сайт:</b></a> ' . $user['sait'] . '</div>
<div class="menu3"><a href="edit.php?do=wmid"><b>WMID:</b></a> ' . $user['wmid'] . '</div>
<div class="menu3"><a href="edit.php?do=icq"><b>ICQ:</b></a> ' . $user['icq'] . '</div>
<div class="menu3"><a href="edit.php?do=email"><b>Email:</b></a> ' . $user['email'] . '</div>
<div class="menu3"><a href="/user/uslugi.php?nick"><b>Цвет ника</b></a></div></div>';
break;
case site:
echo $div_title . 'Сайт' . $div_end;
if (isset($_POST['save'])) {
$sait= trim(mysql_real_escape_string(check($_POST['sait'])));
mysql_query("UPDATE `users` SET `sait` = '$sait' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=site">
<label>Сайт:</label><br/>
<input type="text" name="sait" value="' . $user['sait'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM><br>
* Вводить без (http://)<br>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case oper:
echo $div_title . 'Оператор' . $div_end;
if (isset($_POST['save'])) {
$operator= trim(mysql_real_escape_string(check($_POST['operator'])));
mysql_query("UPDATE `users` SET `operator` = '$operator' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=oper">
<label>Оператор:</label><br/>
<input type="text" name="operator" value="' . $user['operator'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case phon:
echo $div_title . 'Мобильный телефон' . $div_end;
if (isset($_POST['save'])) {
$phone= trim(mysql_real_escape_string(check($_POST['phone'])));
mysql_query("UPDATE `users` SET `phone` = '$phone' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=phon">
<label>Мобильный телефон:</label><br/>
<input type="text" name="phone" value="' . $user['phone'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case city:
echo $div_title . 'Город' . $div_end;
if (isset($_POST['save'])) {
$gorod= trim(mysql_real_escape_string(check($_POST['gorod'])));
mysql_query("UPDATE `users` SET `gorod` = '$gorod' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=city">
<label>Город:</label><br/>
<input type="text" name="gorod" value="' . $user['gorod'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case kosh:
echo $div_title . 'Кошелек' . $div_end;
if (isset($_POST['save'])) {
$kosh= trim(mysql_real_escape_string(check($_POST['kosh'])));
mysql_query("UPDATE `users` SET `kosh` = '$kosh' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=kosh">
<label>Кошелек:</label><br/>
<input type="text" name="kosh" value="' . $user['kosh'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case strana:
echo $div_title . 'Страна' . $div_end;
if (isset($_POST['save'])) {
$strana= trim(mysql_real_escape_string(check($_POST['strana'])));
mysql_query("UPDATE `users` SET `strana` = '$strana' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=strana">
<label>Кошелек:</label><br/>
<input type="text" name="strana" value="' . $user['strana'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case status:
echo $div_title . 'Статус' . $div_end;
if (isset($_POST['save'])) {
$status= trim(mysql_real_escape_string(check($_POST['status'])));
mysql_query("UPDATE `users` SET `status` = '$status' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=status">
<label>Статус:</label><br/>
<input type="text" name="status" value="' . $user['status'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case name:
echo $div_title . 'Имя' . $div_end;
if (isset($_POST['save'])) {
$name = trim(mysql_real_escape_string(check($_POST['name'])));
if (!empty($name) && !preg_match('#^[а-яё]+$#ui', $name)) {
err('Имя вводится русскими буквами!');
} else {
mysql_query("UPDATE `users` SET `name` = '$name' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
}
echo '<FORM method="POST" action="edit.php?do=name">
<label>Имя:</label><br/>
<input type="text" name="name" value="' . $user['name'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case icq:
echo $div_title . 'ICQ' . $div_end;
if (isset($_POST['save'])) {
$icq = my_int($_POST['icq']);
mysql_query("UPDATE `users` SET `icq` = '$icq' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=icq">
<label>ICQ:</label><br/>
<input type="text" name="icq" value="' . $user['icq'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case email:
echo $div_title . 'Email' . $div_end;
if (isset($_POST['save'])) {
$email = trim(mysql_real_escape_string(check($_POST['email'])));
mysql_query("UPDATE `users` SET `email` = '$email' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=email">
<label>Email:</label><br/>
<input type="text" name="email" value="' . $user['email'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case sex:
echo $div_title . 'Пол' . $div_end;
if (isset($_POST['save'])) {
$sex = my_int($_POST['sex']);
mysql_query("UPDATE `users` SET `sex` = '$sex' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=sex">
<label>Пол:</label><br/>
<input type="radio" name="sex" ' . ($user['sex'] == 1 ? 'checked' : '') . ' value="1"/> Женский
<br/>
<input type="radio" name="sex" ' . ($user['sex'] == 2 ? 'checked' : '') . ' value="2"/> Мужской
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case age:
echo $div_title . 'Дата рождения' . $div_end;
list($day, $month, $year) = explode('.', $user['birth']);
if (isset($_POST['save'])) {
$day = my_int($_POST['day']);
$month = my_int($_POST['month']);
$year = my_int($_POST['year']);
if ($day > 31 || $month > 12 || (strlen($year) != 4) || $year >= date('Y') || $year < 1960) {
err('Не верно указана дата рождения!');
} else {
mysql_query("UPDATE `users` SET `birth` = '".$day.".".$month.".".$year."' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
}
echo '<FORM method="POST" action="edit.php?do=age">
<label>Дата рождения:</label><br/>
<input type="text" name="day" value="' . $day . '" size="2"/>.
<input type="text" name="month" value="' . $month . '" size="2"/>.
<input type="text" name="year" value="' . $year . '" size="4"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case city:
echo $div_title . 'Откуда' . $div_end;
if (isset($_POST['save'])) {
$city = trim(mysql_real_escape_string(check($_POST['city'])));
mysql_query("UPDATE `users` SET `city` = '$city' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=city">
<label>Откуда:</label><br/>
<input type="text" name="city" value="' . $user['city'] . '"/>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case wmid:
echo $div_title . 'WMID' . $div_end;
if (isset($_POST['save']) && empty($user['wmid'])) {
$wmid = my_int($_POST['wmid']);
$select = mysql_query("SELECT id FROM users WHERE wmid = '$wmid' LIMIT 1");
if (strlen($wmid) != 12)
{
err('Не корректный wmid!');
}
elseif (mysql_num_rows($wmid) != false)
{
err('Такой wmid уже есть в системе!');
} else {
mysql_query("UPDATE `users` SET `wmid` = '$wmid' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: ?ok');
}
}
echo '<FORM method="POST" action="edit.php?do=wmid">
<label>WMID:</label><br/>
' . (empty($user['wmid'])
? '<input type="text" name="wmid" maxlength="12"/>'
: '<input type="text" disabled="disabled" name="wmid" value="'.$user['wmid'].'"/>') . '
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
Из соображений безопасности данные wmid изменить нельзя. Можно обновить информацию об уровне аттестата в системе Webmoney
<br/>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case photo:
echo $div_title . 'Фотография' . $div_end;
if (isset($_GET['delete_avatar'])) {
mysql_query("UPDATE `users` SET `img` = '' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?do=photo');
}
if (!empty($user['img'])) {
$rot = mysql_fetch_array(mysql_query("SELECT `rotate`, `block` FROM `albums` WHERE `user` = '$user[id]' AND `type` = 'f' AND `path` = '$user[img]'"));
if ($rot[1] == 1) $Foto = '<img src="ico/block_photo.gif" alt=""/>';
else $Foto = '<img src="resize.php?img='.$user['img'].'&width=128&height=0&i='.$rot[0].'" alt=""/>';
$ph = '<a href="photo.php?">' . $Foto . '</a>
<br/>
Фотография:
<a href="edit.php?do=avatar"><img src="ico/edit.gif" alt=""/></a>
<a href="edit.php?do=photo&delete_avatar"><img src="ico/delete.gif" alt=""/></a>
' . $block;
} else {
$ph = '<a href="photo.php?">Выбрать фотографию</a><br/>';
}
echo $ph . '
ВНИМАНИЕ! Запрещено ставить на аватар фотографии эротического и порнографического содержания.
Это может привести к удалению Вашей анкеты.';
break;
case avatar:
echo $div_title . 'Выбрать фото' . $div_end;
$rot = mysql_fetch_array(mysql_query("SELECT `rotate` FROM `albums` WHERE `user` = '$user[id]' AND `type` = 'f' AND `path` = '$us[img]'"));
echo 'Выберите фотографию
' . $div_razdel . '
<img src="resize.php?img='.$user['img'].'&width=80&height=0&i='.$rot[0].'" alt=""/>
<br/>
Без описания
' . $div_end . '
<a href="photo.php?">Фотографии</a>(здесь Вы можете создать альбом или добавить фотографии)
' . $block . '
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
case know:
echo $div_title . 'Деятельность' . $div_end;
if (isset($_POST['save'])) {
$know = my_int($_POST['know']);
mysql_query("UPDATE `users` SET `know` = '$know' WHERE `id` = '$user[id]' LIMIT 1");
header('Location: edit.php?ok');
}
echo '<FORM method="POST" action="edit.php?do=know">
<label>Деятельность:</label><br/>
<select name="know">
<option ' . ($user['know'] == 0 ? 'selected' : '') . ' value="0">-</option>
<option ' . ($user['know'] == 1 ? 'selected' : '') . ' value="1">Кодер</option>
<option ' . ($user['know'] == 2 ? 'selected' : '') . ' value="2">Дизайнер</option>
<option ' . ($user['know'] == 3 ? 'selected' : '') . ' value="3">Мастер</option>
<option ' . ($user['know'] == 4 ? 'selected' : '') . ' value="4">Продавец</option>
<option ' . ($user['know'] == 5 ? 'selected' : '') . ' value="5">Кредитор</option>
</select>
<br/>
<input type="submit" name="save" value="Сохранить"/>
</FORM>
<div class="menu"><a class="ssyl2" href="edit.php?">Назад</a></div>';
break;
}
include '../../system/foot.php';
?>