Файл: app/user/edit.php
Строк: 65
<?php
Core::only('user');
$smarty->header('Редактировать');
if (filter_has_var(INPUT_POST, 'submit'))
{
$filter = [
'name' => filter_has_var(INPUT_POST, 'name')
? filter_input(INPUT_POST, 'name', FILTER_UNSAFE_RAW)
: null,
'sex' => filter_has_var(INPUT_POST, 'sex')
? filter_input(INPUT_POST, 'sex', FILTER_SANITIZE_NUMBER_INT)
: null,
'city' => filter_has_var(INPUT_POST, 'city')
? filter_input(INPUT_POST, 'city', FILTER_UNSAFE_RAW)
: null,
'phone' => filter_has_var(INPUT_POST, 'phone')
? filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_NUMBER_INT)
: null
];
if (!empty($filter['name']) && (Filter::strlen($filter['name']) > 50 || !preg_match("#^[А-яA-z]+$#ui", $filter['name'])))
{
$error = 'Неверный формат имени.';
}
if ($filter['sex'] < 0 || $filter['sex'] > 1)
{
$error = 'Неверный формат пола.';
}
if (!empty($filter['city']) && (Filter::strlen($filter['city']) > 50 || !preg_match("#^[А-яA-z]+$#ui", $filter['city'])))
{
$error = 'Неверный формат города.';
}
if (!empty($filter['phone']) && Filter::strlen($filter['phone']) != 12)
{
$error = 'Неверный формат номера телефона.';
}
if (empty($error))
{
$stmt = $db->prepare("UPDATE `users` SET `name` = :name, `sex` = :sex, `city` = :city, `phone` = :phone WHERE `id` = :id");
$stmt->execute([
':name' => $filter['name'],
':sex' => $filter['sex'],
':city' => $filter['city'],
':phone' => $filter['phone'],
':id' => $user['id']
]);
Core::go('?id=' . $user['id']);
}
}
Core::show('error');
$elements[] = [
'type' => 'input',
'title' => Lang::word('Имя'),
'br' => 1,
'info' => [
'name' => 'name',
'value' => $user['name'],
]
];
$elements[] = [
'type' => 'input',
'title' => Lang::word('Город'),
'br' => 1,
'info' => [
'name' => 'city',
'value' => $user['city'],
]
];
$elements[] = [
'type' => 'input',
'title' => Lang::word('Номер телефона'),
'br' => 1,
'info' => [
'name' => 'phone',
'value' => $user['phone'],
]
];
$elements[]= [
'type' => 'select',
'title' => Lang::word('Пол'),
'br' => 1,
'info' => [
'name' => 'sex',
'options' => [
[
1,
Lang::word('Мужской'),
$user['sex'] == 1
],
[ 0,
Lang::word('Женский'),
$user['sex'] == 0
]
]
]
];
$elements[] = [
'type' => 'submit',
'info' => [
'name' => 'submit',
'value' => Lang::word('Сохранить')
]
];
$smarty->assign([
'method' => 'POST',
'action' => '?',
'el' => $elements
]);
$smarty->display('form.tpl');
$smarty->footer();