Файл: new_fanland/anketa.php
Строк: 270
<?php
###########################
# Данная версия скрипта принадлежит #
# LiraS aka Артур Лукин Иванович #
# Вносить свои изменения крайне #
# запрещенно! #
###########################
include "db.php";
include "cfg.php";
// Данные игрока
if (isset($_GET['man']))
{
$_GET['man'] = intval($_GET['man']);
$users = htmlspecialchars(stripslashes(trim($_GET['man'])));
} else
{
$users = $_GET['usr'];
}
function anketa()
{
echo "<div class="main"><div class="in">"; pochta();
$u = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '".$users."'"));
$users = $u['usr'];
$i = mysql_num_rows(mysql_query("SELECT * FROM u_info WHERE user = '".mysql_real_escape_string($users)."'"));
if ($i == 0)
{
mysql_query("INSERT INTO u_info SET user = '".mysql_real_escape_string($users)."'");
$rand = rand(1000,9999);
echo "<a href="anketa.php?usr=$_GET[usr]&pwd=$_GET[pwd]&r=$rand&man=$_GET[man]">Обновить</a>";
}
else
{
$a = mysql_fetch_array(mysql_query("SELECT * FROM u_info WHERE user = '".mysql_real_escape_string($users)."'"));
$a['name'] = iconv("windows-1251","utf-8",$a['name']);
$a['surname'] = iconv("windows-1251","utf-8",$a['surname']);
$a['otchestvo'] = iconv("windows-1251","utf-8",$a['otchestvo']);
$a['country']= iconv("windows-1251","utf-8",$a['country']);
$a['city'] = iconv("windows-1251","utf-8",$a['city']);
$a['about'] = iconv("windows-1251","utf-8",$a['about']);
$age = strip_tags($a['age']);
echo "Имя: $a[name]<br/>n";
echo "Фамилия: $a[surname]<br/>n";
echo "Отчество: $a[otchestvo]<br/>n";
if ($a[pol] == 1)
{
echo "Пол: Мужской<br/>n";
}
elseif ($a[pol] == 2)
{
echo "Пол: Женский<br/>n";
}
echo "Возраст: $age<br/>n";
echo "Страна: $a[country]<br/>n";
echo "Город: $a[city]<br/>n";
echo "ICQ: $a[icq]<br/>n";
echo "О себе: $a[about]<br/>n";
}
echo "<br/>n------<br/>n";
echo "<a href="main.php?usr=$_GET[usr]&pwd=$_GET[pwd]&id=">На главную</a>";
}
function ab()
{
echo "<div class="main"><div class="in">"; pochta();
$i = mysql_num_rows(mysql_query("SELECT * FROM u_info WHERE user = '".mysql_real_escape_string($_GET['usr'])."'"));
if ($i == 0)
{
mysql_query("INSERT INTO u_info SET user = '".mysql_real_escape_string($_GET['usr'])."'");
$rand = rand(1000,9999);
echo "<a href="anketa.php?usr=$_GET[usr]&pwd=$_GET[pwd]&r=$rand">Обновить</a>";
}
else
{
$a = mysql_fetch_array(mysql_query("SELECT * FROM u_info WHERE user = '".mysql_real_escape_string($_GET['usr'])."'"));
$a['name'] = iconv("windows-1251","utf-8",$a['name']);
$a['surname'] = iconv("windows-1251","utf-8",$a['surname']);
$a['otchestvo'] = iconv("windows-1251","utf-8",$a['otchestvo']);
$a['country'] = iconv("windows-1251","utf-8",$a['country']);
$a['city'] = iconv("windows-1251","utf-8",$a['city']);
$a['about'] = iconv("windows-1251","utf-8",$a['about']);
$age = strip_tags($a['age']);
echo "Имя: $a[name]<br/>n";
echo "Фамилия: $a[surname]<br/>n";
echo "Отчество: $a[otchestvo]<br/>n";
if ($a['pol'] == 1)
{
echo "Пол: Мужской<br/>n";
}
elseif ($a['pol'] == 2)
{
echo "Пол: Женский<br/>n";
}
echo "Возраст: $age<br/>n";
echo "Страна: $a[country]<br/>n";
echo "Город: $a[city]<br/>n";
echo "ICQ: $a[icq]<br/>n";
echo "О себе: $a[about]<br/>n";
echo "<a href="anketa.php?usr=$_GET[usr]&pwd=$_GET[pwd]&id=change">Изменить</a>";
}
echo "<br/>n------<br/>n";
echo "<a href="main.php?usr=$_GET[usr]&pwd=$_GET[pwd]&id=">На главную</a>";
}
function change()
{
echo "<div class="main"><div class="in">"; pochta();
$i = mysql_fetch_array(mysql_query("SELECT * FROM u_info WHERE user = '".mysql_real_escape_string($_GET['usr'])."'"));
$i['name'] = iconv("windows-1251","utf-8",$i['name']);
$i['surname'] = iconv("windows-1251","utf-8",$i['surname']);
$i['otchestvo'] = iconv("windows-1251","utf-8",$i['otchestvo']);
$i['country'] = iconv("windows-1251","utf-8",$i['country']);
$i['city'] = iconv("windows-1251","utf-8",$i['city']);
$i['about'] = iconv("windows-1251","utf-8",$i['about']);
echo "<form action="anketa.php?usr=$_GET[usr]&pwd=$_GET[pwd]&id=s_change" method="post">";
echo "Имя:<br/>n <input name="imya" value="$i[name]"><br/>n";
echo "Фамилия:<br/>n <input name="surname" value="$i[surname]"><br/>n";
echo "Отчество:<br/>n <input name="otchestvo" value="$i[otchestvo]"><br/>n";
echo "Пол:<br/>n <select name="pol" value="$i[pol]"><option value="1">Мужской</option><option value="2">Женский</option></select><br/>n";
echo "Возраст:<br/>n <input name="age" value="$i[age]"><br/>n";
echo "Страна:<br/>n <input name="country" value="$i[country]"><br/>n";
echo "Город:<br/>n <input name="city" value="$i[city]"><br/>n";
echo "ICQ:<br/>n <input name="icq" value="$i[icq]"><br/>n";
echo "О себе:<br/>n <input name="about" value="$i[about]"><br/>n";
echo "<input type="submit" value="Изменить"></form>";
echo "<br/>n------<br/>n";
echo "<a href="main.php?usr=$_GET[usr]&pwd=$_GET[pwd]&id=">На главную</a>";
}
function s_change()
{
echo "<div class="main"><div class="in">"; pochta();
$imya = htmlspecialchars(stripslashes($_POST['imya']));
$surname = htmlspecialchars(stripslashes($_POST['surname']));
$otchestvo = htmlspecialchars(stripslashes($_POST['otchestvo']));
$country = htmlspecialchars(stripslashes($_POST['country']));
$city = htmlspecialchars(stripslashes($_POST['city']));
$icq = htmlspecialchars(stripslashes($_POST['icq']));
$pol = htmlspecialchars(stripslashes($_POST['pol']));
$age = htmlspecialchars(stripslashes($_POST['age']));
$about = htmlspecialchars(stripslashes($_POST['about']));
$imya = iconv("utf-8","windows-1251",$imya);
$surname = iconv("utf-8","windows-1251",$surname);
$otchestvo = iconv("utf-8","windows-1251",$otchestvo);
$country = iconv("utf-8","windows-1251",$country);
$city = iconv("utf-8","windows-1251",$city);
$icq = iconv("utf-8","windows-1251",$icq);
$about = iconv("utf-8","windows-1251",$about);
$icq = intval($icq);
$age = intval($age);
$pol = intval($pol);
mysql_query("UPDATE u_info SET name = '$imya',surname = '$surname',otchestvo = '$otchestvo', pol = '$pol', age = '$age', country = '$country',city = '$city',icq = $icq,about = '$about' WHERE (user = '".mysql_real_escape_string($_GET['usr'])."');");
echo "Изменения успешно изменены!<br/>n <a href="anketa.php?usr=$_GET[usr]&pwd=$_GET[pwd]">в анкету</a>";
echo "<br/>n------<br/>n";
echo "<a href="main.php?usr=$_GET[usr]&pwd=$_GET[pwd]&id=">На главную</a>";
}
$db_connection = mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_table, $db_connection);
mysql_query('SET NAMES cp1251');
$exist = mysql_num_rows(mysql_query("SELECT usr, pwd FROM users WHERE usr = '".mysql_real_escape_string($_GET['usr'])."' AND pwd = '".mysql_real_escape_string($_GET['pwd'])."'"));
$online = mysql_num_rows(mysql_query("SELECT * FROM online WHERE laikas > '$timeout'"));
$year = date("Y.m.d");
$times = date("H:i");
$vremechko = "$year $times";
$subt = file_get_contents("max_on.dat");
$max = explode("|", $subt);
$max_onl = $max[0];
$max_on_time = $max[1];
if ($online >= $max_onl)
{
$fp55 = fopen("max_on.dat", 'w');
fwrite($fp55, "$online|$vremechko|");
fclose($fp55);
}
$u = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '".$user."'"));
$users = $u['usr'];
$set['title']="Анкета - $users";
head();
title ();
if($exist == 1)
{
include "on.php";
if (isset($_GET['man']))
{
anketa();
} else
{
if($_GET['id'] == "")
{ab();}
elseif($_GET['id'] == "change")
{change();}
elseif($_GET['id'] == "s_change")
{s_change();}
}
}
else
{
echo "<div class="main"><div class="in">"; pochta();
echo "Вы не зарегистрированны!<br/>";
}foot();
mysql_close($db_connection);
?>