Файл: apanel/uedit.php
Строк: 98
<?php
define('R', $_SERVER['DOCUMENT_ROOT']);
define('S', R.'/system');
require_once(R.'/system/kernel.php');
$tmp->header('edit');
$tmp->div('title', Language::config('edit'));
User::panel();
if(User::level() < 3)
{
header('location: /');
}
$id=$db->guard($_GET['id']);
$a=$db->fass("select * from `users` where `id` = '".$id."'");
if(isset($_REQUEST['submit']))
{
$name = $db->guard($_POST['name']);
$fname = $db->guard($_POST['fname']);
$strana = $db->guard($_POST['strana']);
$gorod = $db->guard($_POST['gorod']);
$osebe = $db->guard($_POST['osebe']);
$email = $db->guard($_POST['email']);
$icq = $db->guard($_POST['icq']);
$sex = $db->guard($_POST['sex']);
$ascces = $db->guard($_POST['ascces']);
/*
if(empty($name) || empty($fname) || empty($strana) || empty($gorod) || empty($osebe) || empty($email) || empty($icq))
$error .= 'Заполните все поля!</br>';
*/
if( !preg_match('#^([A-zА-я0-9-_ ])+$#ui', $_POST['name'])) {
$error .= ''.$lng['no_text'].'</br>';
}
if( !preg_match('#^([0-9])+$#ui', $_POST['icq'])) {
$error .= ''.$lng['no_text'].'</br>';
} if( !preg_match('#^[A-z0-9-._]+@[A-z0-9]{2,}.[A-z]{2,4}$#ui', $_POST['email'])) {
$error .= ''.$lng['no_email_text'].'</br>';
}
if(!isset($error))
{
$db->query("UPDATE `users` set `name` = '".$db->escape($name)."', `first_name` = '".$db->escape($fname)."', `sex` = '".$db->escape($sex)."', `country` = '".$db->escape($strana)."', `city` = '".$db->escape($gorod)."', `about` = '".$db->escape($osebe)."', `email`= '".$db->escape($email)."', `icq` = '".$db->escape($icq)."' WHERE `id`='".$id."' ");
$tmp->div('menu', Language::config('ok_save'));
}
}
error($error);
$tmp->div('menu' ,'<form method="POST" action="">
'.Language::config('name').': <br/>
<input type="text" name="name" value="'. out($a['name']) .'" /><br/>
'.Language::config('fname').'<br/>
<input type="text" name="fname" value="'. out($a['first_name']) .'"/><br/>
'.Language::config('country').':<br/>
<input type="text" name="strana" value="'. out($a['country']) .'"/><br/>
'.Language::config('city').':<br/>
<input type="text" name="gorod" value="'. out($a['city']) .'"/><br/>
'.Language::config('about').':<br/>
<input type="text" name="osebe" value="'. out($a['about']) .'"/><br/>
'.Language::config('sex').': <br/>
<select name="sex"><option value="0">'.Language::config('wom').'</option><option value="1">'.Language::config('men').'</option></select></br>
'.Language::config('ascces').': <br/>
<select name="ascces"><option value="2">Mod</option><option value="3">Adm</option><option value="4">Super Adm</option></select></br>
'.Language::config('email').':<br/>
<input type="text" name="email" value="'. out($a['email']) .'"/><br/>
'.Language::config('icq').':<br/>
<input type="text" name="icq" value="'. out($a['icq']) .'"/><br/>
<input type="submit" name="submit" value="'.Language::config('save').'" /></form></br>');
$tmp->footer();
?>