Файл: test.masteram.us/us_guest.php
Строк: 49
<?
include 'Core.php';
only_reg();
$set['title']=''.$ln['hello'].'';
include_once 'sys/inc/thead.php';
title();
if (isset($_POST['save'])){
if (isset($_POST['us_guest']) && strlen2($_POST['us_guest'])<=64)
{
if (preg_match('#[^A-zА-я0-9 _-=+()*?.,]#ui',$_POST['us_guest']))$err[]=''.$ln['err'].'';
else {
$user['us_guest']=$_POST['us_guest'];
mysql_query("UPDATE `user` SET `us_guest` = '".my_esc($user['us_guest'])."' WHERE `id` = '$user[id]' LIMIT 1");
}
}
else $err[]=''.$ln['err'].'';
$q = mysql_query("SELECT * FROM `frends` WHERE `user` = '$user[id]' AND `lenta_forum` = '1' AND `i` = '1'");
while ($f = mysql_fetch_array($q))
{
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[frend]' LIMIT 1"));
$msg_lenta="".$ln['good']."";
mysql_query("INSERT INTO `lenta` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$msg_lenta', '$time')");
}
if (!isset($err))msg(''.$ln['good'].'');
}
err();
echo "<div class='rekl'>";
echo "<font color='red'>".$ln['hello'].":</font><br />n";
if ($user['us_guest']!=NULL)
echo "<span style="color:$user[mcolor]"> $user[us_guest]</span>n";
else
echo " ".$ln['user']."n";
echo "<form method='post' action='?$passgen'>n";
echo "n<input type='text' name='us_guest' value='".output_text($user['us_guest'],false)."' maxlength='256' /><br />n";
echo "<input type='submit' name='save' value='OK' />n";
echo "</form>n";
echo '</div>';
echo "<div class='rekl'>";
echo "<img src='/style/back.gif' alt='' class='icon'/>n";
echo "<a href="/us_guest/index.php?id=$user[id]">".$ln['back']."</a><br/>";
echo "<img src='/style/back.gif' alt='' class='icon'/>n";
echo '</div>';
include_once 'sys/inc/tfoot.php';
?>