Файл: user/inc/profile_info.php
Строк: 227
<?php
only_reg();
$set['title'] = 'Информация о себе';
if (isset($_POST['save'])) {
if (isset($_POST['ank_name']) && preg_match('#^([A-zА-я -]*)$#ui', $_POST['ank_name'])) {
$user['ank_name'] = $_POST['ank_name'];
mysql_query("UPDATE `user` SET `ank_name` = '" . my_esc($user['ank_name']) . "' WHERE `id` = '$user[id]' LIMIT 1");
} else {
$err[] = lang('Неверный формат имени');
}
if (isset($_POST['ank_d_r']) && (is_numeric($_POST['ank_d_r']) && $_POST['ank_d_r'] > 0 && $_POST['ank_d_r'] <= 31 || $_POST['ank_d_r'] == NULL)) {
$user['ank_d_r'] = (int) $_POST['ank_d_r'];
if ($user['ank_d_r'] == null) {
$user['ank_d_r'] = 'null';
}
mysql_query("UPDATE `user` SET `ank_d_r` = $user[ank_d_r] WHERE `id` = '$user[id]' LIMIT 1");
if ($user['ank_d_r'] == 'null') {
$user['ank_d_r'] = NULL;
}
} else {
$err[] = lang('Неверный формат дня рождения');
}
if (isset($_POST['ank_m_r']) && (is_numeric($_POST['ank_m_r']) && $_POST['ank_m_r'] > 0 && $_POST['ank_m_r'] <= 12 || $_POST['ank_m_r'] == NULL)) {
$user['ank_m_r'] = (int) $_POST['ank_m_r'];
if ($user['ank_m_r'] == null) {
$user['ank_m_r'] = 'null';
}
mysql_query("UPDATE `user` SET `ank_m_r` = $user[ank_m_r] WHERE `id` = '$user[id]' LIMIT 1");
if ($user['ank_m_r'] == 'null') {
$user['ank_m_r'] = NULL;
}
} else {
$err[] = lang('Неверный формат месяца рождения');
}
if (isset($_POST['ank_g_r']) && (is_numeric($_POST['ank_g_r']) && $_POST['ank_g_r'] > 0 && $_POST['ank_g_r'] <= date('Y') || $_POST['ank_g_r'] == NULL)) {
$user['ank_g_r'] = (int) $_POST['ank_g_r'];
if ($user['ank_g_r'] == null) {
$user['ank_g_r'] = 'null';
}
mysql_query("UPDATE `user` SET `ank_g_r` = $user[ank_g_r] WHERE `id` = '$user[id]' LIMIT 1");
if ($user['ank_g_r'] == 'null') {
$user['ank_g_r'] = NULL;
}
} else {
$err[] = lang('Неверный формат года рождения');
}
if (isset($_POST['ank_city']) && preg_match('#^([A-zА-я -]*)$#ui', $_POST['ank_city'])) {
$user['ank_city'] = $_POST['ank_city'];
mysql_query("UPDATE `user` SET `ank_city` = '" . my_esc($user['ank_city']) . "' WHERE `id` = '$user[id]' LIMIT 1");
} else {
$err[] = lang('Неверный формат названия города');
}
if (isset($_POST['ank_icq']) && (is_numeric($_POST['ank_icq']) && strlen($_POST['ank_icq']) >= 5 && strlen($_POST['ank_icq']) <= 9 || $_POST['ank_icq'] == NULL)) {
$user['ank_icq'] = $_POST['ank_icq'];
if ($user['ank_icq'] == null) {
$user['ank_icq'] = 'null';
}
mysql_query("UPDATE `user` SET `ank_icq` = $user[ank_icq] WHERE `id` = '$user[id]' LIMIT 1");
if ($user['ank_icq'] == 'null') {
$user['ank_icq'] = NULL;
}
} else {
$err[] = lang('Неверный формат ICQ');
}
if (isset($_POST['ank_skype']) && strlen2($_POST['ank_o_sebe']) <= 32) {
mysql_query("UPDATE `user` SET `ank_skype` = '" . my_esc($_POST['ank_skype']) . "' WHERE `id` = '$user[id]' LIMIT 1");
}
if (isset($_POST['pol']) && ($_POST['pol'] == 1 || $_POST['pol'] == 0)) {
$user['pol'] = intval($_POST['pol']);
mysql_query("UPDATE `user` SET `pol` = '$user[pol]' WHERE `id` = '$user[id]' LIMIT 1");
} else {
$err = 'Ошибка в поле (Пол)';
}
if (isset($_POST['ank_o_sebe']) && strlen2($_POST['ank_o_sebe']) <= 512) {
mysql_query("UPDATE `user` SET `ank_o_sebe` = '" . my_esc($_POST['ank_o_sebe']) . "' WHERE `id` = '$user[id]' LIMIT 1");
} else {
$err[] = lang('О себе нужно писать меньше');
}
if (isset($_POST['ank_countr']) && preg_match('#^([A-zА-я -]*)$#ui', $_POST['ank_countr'])) {
mysql_query("UPDATE `user` SET `ank_countr` = '" . my_esc($_POST['ank_countr']) . "' WHERE `id` = '$user[id]' LIMIT 1");
}
if (isset($_POST['ank_family']) && preg_match('#^([A-zА-я -]*)$#ui', $_POST['ank_family'])) {
mysql_query("UPDATE `user` SET `ank_family` = '" . my_esc($_POST['ank_family']) . "' WHERE `id` = '$user[id]' LIMIT 1");
}
#удаляем кэш файл
cache_delete::user($user['id']);
if (!isset($err)) {
$_SESSION['message'] = lang('Изменения успешно приняты');
exit(header('Location: ?'));
}
}
err();
echo "<form method='post' class='list-group-item' action=''>";
echo lang('Имя') . ":<br />";
echo "<input type='text' class='form-control' name='ank_name' value='" . output_text($user['ank_name'], false) . "' maxlength='32' />";
echo lang('Фамилия') . ":<br />";
echo "<input type='text' class='form-control' name='ank_family' value='" . output_text($user['ank_family'], false) . "' maxlength='32' />";
echo lang('Дата рождения') . ': день/месяц/год<br />';
#День
echo "<div class='col-xs-4'><select class='form-control' name='ank_d_r'><option selected='$user[ank_d_r]' value='$user[ank_d_r]'>$user[ank_d_r]</option>";
for ($i = 1; $i < 32; ++$i) {
echo "<option value='$i'>$i</option>";
}
echo '</select></div>';
#Месяц
echo "<div class='col-xs-4'><select class='form-control' name='ank_m_r'><option selected='$user[ank_m_r]' value='$user[ank_m_r]'>$user[ank_m_r]</option>";
for ($i = 1; $i < 13; ++$i) {
echo "<option value='$i'>$i</option>";
}
echo '</select></div>';
#Год
echo "<div class='col-xs-4'><select class='form-control' name='ank_g_r'><option selected='$user[ank_g_r]' value='$user[ank_g_r]'>$user[ank_g_r]</option>";
for ($i = 1920; $i < date('Y') - 7; ++$i) {
echo "<option value='$i'>$i</option>";
}
echo '</select></div>';
echo "<br /><br />";
echo lang('Пол') . ":<br />";
echo "<select class='form-control' class='form-control' name='pol'>";
echo "<option value='1'" . ($user['pol'] == 1 ? " selected='selected'" : null) . ">Мужской</option>";
echo "<option value='0'" . ($user['pol'] == 0 ? " selected='selected'" : null) . ">Женский</option>";
echo "</select>";
echo lang('Город') . ":<br />";
echo "<input type='text' class='form-control' name='ank_city' value='" . output_text($user['ank_city'], false) . "' maxlength='32' />";
echo lang('Регион') . ":<br />";
echo "<input type='text' class='form-control' name='ank_countr' value='" . output_text($user['ank_countr'], false) . "' maxlength='32' />";
echo lang('ICQ') . ":<br />";
echo "<input type='text' class='form-control' name='ank_icq' value='$user[ank_icq]' maxlength='9' />";
echo lang('Skype логин') . ":<br />";
echo "<input type='text' class='form-control' name='ank_skype' value='" . output_text($user['ank_skype'], false) . "' maxlength='32' />";
echo lang('О себе') . ":<br />";
echo "<textarea name='ank_o_sebe' class='form-control' maxlength='512'>" . output_text($user['ank_o_sebe'], false) . "</textarea><br />";
echo "<button class='btn btn-success' name='save'><span class='fa fa-save fa-fw'></span> " . lang('Сохранить') . "</button>";
echo "</form>";