Файл: modules/user/edit.php
Строк: 117
<?
if(isset($user)) {
if(isset($_POST['save']) && $_GET['act']== 'save') {
$name = substr(input($_POST['name']), 0, 35);
$surname = substr(input($_POST['surname']), 0, 35);
$day = substr(abs(intval($_POST['day'])), 0, 2);
$month = substr(abs(intval($_POST['month'])), 0, 2);
$year = substr(abs(intval($_POST['year'])), 0, 4);
$device = substr(input($_POST['device']), 0, 65);
$icq = substr(abs(intval($_POST['icq'])), 0, 9);
$gender = ($_POST['gender'] == 1 || $_POST['gender'] == 2 ? abs(intval($_POST['gender'])) : 1);
$city = substr(input($_POST['city']), 0, 65);
$country = substr(input($_POST['country']), 0, 55);
$site1 = substr(input($_POST['site']), 0, 40);
$site = str_replace('http://', '', $site1);
$about_me = substr(input($_POST['about_me']), 0, 1000);
$db->query("UPDATE `users` SET `name` = '". $name."', `surname` = '". $surname."', `day` = '". $day."', `month` = '". $month."', `year` = '". $year."', `device` = '". $device."', `icq` = '". $icq."', `city` = '". $city."', `country` = '". $country."', `site` = '". $site."', `gender` = '". $gender."', `info` = '". $about_me."' WHERE `id` = '".$user['id'] ."'");
// print_r($db->errorInfo());
go('/user/edit/?act=edited');
}
$locate = 'in_pr_edit';
$title = $lang->word('edit_profile');
require_once(SYS.'/view/header.php');
if($_GET['act']=='edited') {$tpl->div('block', $lang->word('succ_save'));}
$tpl->div('title', $lang->word('edit_profile'));
echo '<div class="post">
<form action="?act=save" method="post">
'. $lang->word('name') .': <br/>
<input type="text" name="name" value="'. $user['name'] .'" /><br/>
'. $lang->word('surname') .': <br/>
<input type="text" name="surname" value="'. $user['surname'] .'" /><br/>
'. $lang->word('birth') .': <br/>
<select name="day">
<option value="0" '.($user['day'] == '0' ? 'selected="selected"' : NULL).'>0</option>';
for($d = 1; $d<=31; $d++) {
echo "<option value="". $d ."" ".($user['day'] == $d ? 'selected="selected"' : NULL).">". $d ."</option>n";
}
echo '</select>
<select name="month">
<option value="0" '.($user['day'] == '0' ? 'selected="selected"' : NULL).'>0</option>';
for($m = 1; $m<=12; $m++) {
echo "<option value="". $m ."" ".($user['month'] == $m ? 'selected="selected"' : NULL).">". $m ."</option>n";
}
echo '</select>
<select name="year">
<option value="0" '.($user['day'] == '0' ? 'selected="selected"' : NULL).'>0</option>';
for($y = 1960; $y<=(date('Y')-1); $y++) {
echo "<option value="". $y ."" ".($user['year'] == $y ? 'selected="selected"' : NULL).">". $y ."</option>n";
}
echo '</select><br/>
'. $lang->word('gender') .': <br/>
<select name="gender">
<option value="1" '.($user['gender'] == '1' ? 'selected="selected"' : NULL).'>'. $lang->word('male') .'</option>
<option value="2" '.($user['gender'] == '2' ? 'selected="selected"' : NULL).'>'. $lang->word('female') .'</option>
</select><br/>
'. $lang->word('device') .': <br/>
<input type="text" name="device" value="'. $user['device'] .'" /><br/>
ICQ: <br/>
<input type="text" name="icq" value="'. $user['icq'] .'" /><br/>
'. $lang->word('city') .': <br/>
<input type="text" name="city" value="'. $user['city'] .'" /><br/>
'. $lang->word('country') .': <br/>
<input type="text" name="country" value="'. $user['country'] .'" /><br/>
'. $lang->word('site') .': <br/>
<input type="text" name="site" value="'. (empty($user['site']) ? 'http://' : $user['site']).'" /><br/>
'. $lang->word('about_me') .': <br/>
<textarea name="about_me">'. $user['info'] .'</textarea><br/>
<input name="save" type="submit" value="'. $lang->word('save') .'" />
</form>
</div>
';
$tpl->div('block', NAV.'<a href="/user/panel/">'.$lang->word('user_panel').'</a><br/>'. HICO .'<a href="/">'. $lang->word('home') .'</a>');
require_once(SYS.'/view/footer.php');
} else { go('/'); }
?>