Файл: titwar.ru/settings.php
Строк: 93
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /');
exit;
}
if($user['save'] == 0) {
header('location: /save/');
exit;
}
$title = 'Settings';
include './system/h.php';
echo '
<div class='line'></div>';
$login = _string($_POST['login']);
if($login) {
if($user['g'] < 250) $errors[] = 'Error, you need <img src='/images/icon/gold.png' alt='*'> '.(250 - $user['g']).' gold<div class='separator'></div><a href='/trade/' class='button'>Buy</a>';
if(!preg_match('/[a-z0-9а-я]{2,20}/i', $login)) $errors[] = 'Error, username is invalid';
if(mysql_result(mysql_query('SELECT COUNT(*) FROM `users` WHERE `login` = ''.$login.'''),0) != 0) $errors[] = 'Error, username has been already registered';
if($errors) {
echo '<div class='content' align='center'>';
foreach($errors as $error) {
echo $error.'<br/>';
}
echo '</div>
<div class='line'></div>';
}
else
{
mysql_query('UPDATE `users` SET `login` = ''.$login.'',
`g` = `g` - 250 WHERE `id` = ''.$user['id'].''');
header('location: /');
}
}
$password = _string($_POST['password']);
if($password) {
if(!preg_match('/[a-z0-9]{2,20}/i', $password)) $errors[] = 'Error, password is invalid';
if($errors) {
echo '<div class='content' align='center'>';
foreach($errors as $error) {
echo $error.'<br/>';
}
echo '</div>
<div class='line'></div>';
}
else
{
mysql_query('UPDATE `users` SET `password` = ''.$password.'' WHERE `id` = ''.$user['id'].''');
setCookie('password', $password, time() + 86400, '/');
header('location: /');
}
}
echo '<div class='list'>
<li><a href='/settings/login/'>Change character's name</a></li>
<li><a href='/settings/password/'>Change password</a></li>
<li><a href='/settings/sex/'>Change sex</a></li>
<li class='no_b'><a href='/settings/race/'>Change race</a></li>
<li><a href='/?exit'>Exit</a></li>
';
if($_GET['action']) {
echo '<div class='line'></div>
<div class='content'>';
switch($_GET['action']) {
case 'login':
echo '<form action='/settings/login/' method='post'>
Type new name:<br/>
<input name='login'/><br/>
<input type='submit' value='Submit'/>
</form>';
break;
case 'password':
echo '<form action='/settings/password/' method='post'>
Type new password:<br/>
<input name='password'/><br/>
<input type='submit' value='Submit'/>
</form>';
break;
case 'race':
if($_GET['change'] == true && $user['g'] >= 50) {
mysql_query('UPDATE `users` SET `r` = "'.($user['r'] == 0 ? 1:0).'", `g` = `g` - 50 WHERE `id` = "'.$user['id'].'"');
header('location: /');
}
echo 'Your race: <img src='/images/icon/race/'.$user['r'].'.png' alt='*'/> '.($user['r'] == 0 ? 'Asura':'Boreas').'<br/>
Are you want to change your race to <img src='/images/icon/race/'.($user['r'] == 0 ? 1:0).'.png' alt='*'/> '.($user['r'] == 0 ? 'Boreas':'Asura').'?<br/><br/>
<a href='/settings/race/?change=true' class='button'>Submit</a>';
break;
case 'sex':
if($_GET['change'] == true) {
mysql_query('UPDATE `users` SET `sex` = ''.($user['sex'] == 0 ? 1:0).'' WHERE `id` = ''.$user['id'].''');
header('location: /');
}
echo 'Are you sure to change sex to <b>'.($user['sex'] == 0 ? 'Female':'Male').'</b>?<br/><br/>
<a href='/settings/sex/?change=true' class='button'>Submit</a>';
break;
echo '</div>';
}
echo '</div>';
}
echo ' ';
include './system/f.php';
?>