Файл: forum/profile.php
Строк: 196
<?
session_start();
include ("header.php");
if (empty($mod)) $mod="form";
$date=date("d.m.Y");
$ref=rand(10000,10000000);
if (!$autorize)
{
echo "Профиль закрыт незарегистрированным!<br/>";
include ("footer.php");
exit();
}
switch ($mod) {
case "form":
echo $div["header"];
echo "Ваша анкета<br/>";
echo $div["end"];
echo $div["div"];
if ($_SESSION['wap']!="xml") {echo "-<br/>";}
echo $div["end"];
if ($_SESSION['wap']=="xml")
{
echo "<form action="profile.php?mod=edit&".session_name()."=".session_id()."" method="post">";
echo "<div>";
echo "Новый Пароль(для смены введите): <br/>";
echo "<input name="newpass" maxlength="10" type="password"/><br/>";
echo "Имя: <br/>";
echo "<input name="name" value="".$autorize['name']."" maxlength="15"/><br/>";
echo "Пол: <br/>";
echo "<select name="sex">";
echo "<option value="m">Мужской</option>";
echo "<option value="f">Женский</option>";
echo "</select><br/>";
echo "E-mail: <br/>";
echo "<input name="email" value="".$autorize['email']."" maxlength="50" title="Text"/><br/>";
echo "Дата рождения: <br/>";
echo "<input name="den" value="".$autorize['den']."" maxlength="2" size="2"/>.";
echo "<input name="mes" value="".$autorize['mes']."" maxlength="2" size="2"/>.";
echo "<input name="god" value="".$autorize['god']."" maxlength="4" size="4"/><br/>";
echo "Город: <br/>";
echo "<input name="gorod" value="".$autorize['gorod']."" maxlength="30"/><br/>";
echo "Модель телефона: <br/>";
echo "<input name="mobila" value="".$autorize['mobila']."" maxlength="20"/><br/>";
echo "Оператор: <br/>";
echo "<input name="opsos" value="".$autorize['opsos']."" maxlength="20"/><br/>";
echo "ICQ: <br/>";
echo "<input name="icq" value="".$autorize['icq']."" maxlength="9"/><br/>";
echo "Страница: <br/>";
echo "<input name="site" value="".$autorize['site']."" maxlength="30"/><br/>";
echo "Занятость: <br/>";
echo "<input name="zan" value="".$autorize['zan']."" maxlength="100"/><br/>";
echo "О себе: <br/>";
echo "<input name="about" value="".$autorize['about']."" maxlength="255"/><br/>";
echo "<input class="ibutton" type="submit" value="Сохранить"/>";
echo "</div>";
echo "</form>";
}
else
{
echo "Новый Пароль(для смены введите): <br/>";
echo "</small><input name="newpass".$ref."" maxlength="10" type="password"/><br/><small>";
echo "Имя: <br/>";
echo "</small><input name="name".$ref."" value="".$autorize['name']."" maxlength="15"/><br/><small>";
echo "Пол: <br/>";
echo "</small><select name="sex">";
echo "<option value="m">Мужской</option>";
echo "<option value="f">Женский</option>";
echo "</select><small><br/>";
echo "E-mail: <br/>";
echo "</small><input name="email".$ref."" value="".$autorize['email']."" maxlength="50" title="Text"/><br/><small>";
echo "Дата рождения: <br/>";
echo "</small><input name="den".$ref."" value="".$autorize['den']."" format="*N" maxlength="2" size="2"/><small>.";
echo "</small><input name="mes".$ref."" value="".$autorize['mes']."" format="*N" maxlength="2" size="2"/><small>.";
echo "</small><input name="god".$ref."" value="".$autorize['god']."" format="*N" maxlength="4" size="4"/><small><br/>";
echo "Город: <br/>";
echo "</small><input name="gorod".$ref."" value="".$autorize['gorod']."" maxlength="30"/><br/><small>";
echo "Модель телефона: <br/>";
echo "</small><input name="mobila".$ref."" value="".$autorize['mobila']."" maxlength="20"/><br/><small>";
echo "Оператор: <br/>";
echo "</small><input name="opsos".$ref."" value="".$autorize['opsos']."" maxlength="20"/><br/><small>";
echo "ICQ: <br/>";
echo "</small><input name="icq".$ref."" format="*N" value="".$autorize['icq']."" maxlength="9"/><br/><small>";
echo "Сайт: <br/>";
echo "</small><input name="site".$ref."" value="".$autorize['site']."" maxlength="30"/><br/><small>";
echo "Занятость: <br/>";
echo "</small><input name="zan".$ref."" value="".$autorize['zan']."" maxlength="100"/><br/><small>";
echo "О себе: <br/>";
echo "</small><input name="about".$ref."" value="".$autorize['about']."" maxlength="255"/><br/><small>";
echo "<anchor title="send">Сохранить<go href="profile.php?mod=edit&".session_name()."=".session_id()."" method="post">";
echo "<postfield name="login" value="$(login".$ref.")"/>";
echo "<postfield name="newpass" value="$(newpass".$ref.")"/>";
echo "<postfield name="name" value="$(name".$ref.")"/>";
echo "<postfield name="sex" value="$(sex)"/>";
echo "<postfield name="email" value="$(email".$ref.")"/>";
echo "<postfield name="den" value="$(den".$ref.")"/>";
echo "<postfield name="mes" value="$(mes".$ref.")"/>";
echo "<postfield name="god" value="$(god".$ref.")"/>";
echo "<postfield name="mobila" value="$(mobila".$ref.")"/>";
echo "<postfield name="opsos" value="$(opsos".$ref.")"/>";
echo "<postfield name="icq" value="$(icq".$ref.")"/>";
echo "<postfield name="site" value="$(site".$ref.")"/>";
echo "<postfield name="zan" value="$(zan".$ref.")"/>";
echo "<postfield name="about" value="$(about".$ref.")"/>";
echo "<postfield name="gorod" value="$(gorod".$ref.")"/>";
echo "</go></anchor><br/>";
}
echo $div["div"];
if ($_SESSION['wap']!="xml") {echo "-<br/>";}
echo "[<a href="index.php?".session_name()."=".session_id()."">Назад в форум</a>]<br/>";
echo $div["end"];
break;
case "edit":
echo $div["div"];
//$login=htmlspecialchars(stripslashes(trim($login)));
$newpass=htmlspecialchars(stripslashes(trim($newpass)));
$name=htmlspecialchars(stripslashes(trim($name)));
$email=htmlspecialchars(stripslashes(trim($email)));
$den=htmlspecialchars(stripslashes(trim($den)));
$mes=htmlspecialchars(stripslashes(trim($mes)));
$god=htmlspecialchars(stripslashes(trim($god)));
$mobila=htmlspecialchars(stripslashes(trim($mobila)));
$opsos=htmlspecialchars(stripslashes(trim($opsos)));
$icq=htmlspecialchars(stripslashes(trim($icq)));
$site=htmlspecialchars(stripslashes(trim($site)));
$zan=htmlspecialchars(stripslashes(trim($zan)));
$about=htmlspecialchars(stripslashes(trim($about)));
$gorod=htmlspecialchars(stripslashes(trim($gorod)));
//$login=str_replace("$","$$",$login);
$name=str_replace("$","$$",$name);
$email=str_replace("$","$$",$email);
$den=str_replace("$","$$",$den);
$mes=str_replace("$","$$",$mes);
$god=str_replace("$","$$",$god);
$mobila=str_replace("$","$$",$mobila);
$opsos=str_replace("$","$$",$opsos);
$icq=str_replace("$","$$",$icq);
$site=str_replace("$","$$",$site);
$zan=str_replace("$","$$",$zan);
$about=str_replace("$","$$",$about);
$gorod=str_replace("$","$$",$gorod);
if(empty($error)) $error='';
//if(empty($login)) $error='Не введен логин!<br/>';
if (!empty($newpass)) {if(!preg_match("!^[a-z0-9]+$!i",$newpass)) $error=$error.'Неверные символы в пароле!<br/>';}
//if(!preg_match("!^[a-z0-9]+$!i",$login)) $error=$error.'Неверные символы в логине!<br/>';
// if (!eregi("^[a-z0-9._-]+@[a-z0-9._-]+.[a-z]{2,4}$", $email)) $error=$error.'Неверно указан е-мэйл!<br/>';
//if(empty($pass)) $error=$error.'Укажите Ваш пароль!<br/>';
if(empty($name)) $error=$error.'Укажите Вашe имя!<br/>';
if(empty($sex)) $error=$error.'Не указан ваш пол!!<br/>';
if(empty($error))
{
@mysql_query("UPDATE users SET `name`='$name',`sex`='$sex',`email`='$email',`den`='$den',`mes`='$mes',`god`='$god',`mobila`='$mobila',`opsos`='$opsos',`icq`='$icq',`site`='$site',`zan`='$zan',`about`='$about',`gorod`='$gorod' WHERE `login`='$login'");
if (!empty($newpass)) { @mysql_query("UPDATE users SET `pass`='$newpass' WHERE `login`='$login'");
$_SESSION['pass']=$newpass;
}
echo "Профиль успешно сохранен!<br/>";
echo "[<a href="index.php?".session_name()."=".session_id()."">Назад в форум</a>]<br/>";
}
else
{
echo $error;
echo "[<a href="profile.php?".session_name()."=".session_id()."">Назад</a>]<br/>";
}
echo $div["end"];
break;
case "form":
}
include ("footer.php");
?>