Файл: public_html/page/profile.php
Строк: 116
<?php
if (!defined('BASE_DIR')) { exit(header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found', true)); }
if (!isset($_SESSION['user_id'])) { exit(header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found', true)); }
if ($users_info['ban'] == 1) { exit(header('Location: /ban.php?mode='.$users_info['ban'])); }
if (isset($_GET['mode']) && $_GET['mode'] == 'save')
{
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
$skype = filter_var($_POST['skype'], FILTER_SANITIZE_STRING);
$icq = filter_var($_POST['icq'], FILTER_SANITIZE_STRING);
$webmoney = filter_var($_POST['wmr'], FILTER_SANITIZE_STRING);
$payeer = filter_var($_POST['payeer'], FILTER_SANITIZE_STRING);
$newpass = $_POST['newpass'];
if ($webmoney)
{
if (!preg_match("|^(R)([d]+)$|", $webmoney) || mb_strlen($webmoney) < 13) { exit(header('Location: /profile.php')); }
$query = $mysqli->query("SELECT `wmr` FROM ".PREFIX."_users WHERE `wmr` = '".$webmoney."' and id != '".$_SESSION['user_id']."' LIMIT 1");
if ($query->num_rows) { exit(header('Location: /profile.php')); }
}
if (!empty($payeer))
{
require(BASE_DIR.'/lib/payeer/cpayeer.php');
$payeer_api = new CPayeer(PAYEER_WALLET, PAYEER_API_ID, PAYEER_API_KEY);
if ($payeer_api->isAuth())
{
if ($payeer_api->checkUser(array('user' => $payeer,)))
{
$query = $mysqli->query("SELECT `payeer` FROM ".PREFIX."_users WHERE `payeer` = '".$payeer."' and `id` != '".$_SESSION['user_id']."' LIMIT 1");
if ($query->num_rows) { exit(header('Location: /profile.php')); }
}
else
{
exit(header('Location: /profile.php'));
}
}
else
{
exit(header('Location: /profile.php'));
}
}
if ($newpass)
{
$password = md5(md5($newpass.HASH_MD5));
}
else
{
$password = $users_info['password'];
}
if ($email)
{
$mysqli->query("UPDATE `".PREFIX."_users` SET `email` = '".$email."',
`skype` = '".$skype."',
`icq` = '".$icq."',
`wmr` = '".$webmoney."',
`payeer` = '".$payeer."',
`password` = '".$password."'
WHERE `id` = '".$_SESSION['user_id']."'");
exit(header('Location: /profile.php'));
}
}
$obEngine->addTitleHtml('Профиль');
$token = md5($_SESSION['user_id'].HASH_MD5);
?>
<div class="wrapper">
<div class="main">
<div class="m_left">
<div class="m_title">Профиль <?php echo $users_info['login']; ?></div>
<form name="form1" method="POST" action="?mode=save&token=<?php echo $token; ?>" onsubmit="return validate1();">
<div class="m_l">
<div class="m_name">Логин: </div>
<div class="m_pole"><input type="text" value="<?php echo $users_info['login']; ?>" maxlength="40" name="login" disabled="disabled"></div>
</div>
<div class="m_l">
<div class="m_name"><b style="color:red;" title="Обязательное поле">*</b> Email: </div>
<div class="m_pole"><input type="text" value="<?php echo $users_info['email']; ?>" maxlength="40" name="email"></div>
</div>
<div class="m_l">
<div class="m_name">Skype: </div>
<div class="m_pole"><input type="text" value="<?php echo $users_info['skype']; ?>" maxlength="50" name="skype"></div>
</div>
<div class="m_l">
<div class="m_name">ICQ: </div>
<div class="m_pole"><input type="text" value="<?php echo $users_info['icq']; ?>" maxlength="9" name="icq"></div>
</div>
<div class="m_l">
<div class="m_name">Webmoney <B> WMR:</B></div>
<div class="m_pole"><input type="text" value="<?php echo $users_info['wmr']; ?>" name="wmr" maxlength="13"></div>
</div>
<div class="m_l">
<div class="m_name">Payeer: </div>
<div class="m_pole"><input type="text" value="<?php echo $users_info['payeer']; ?>" name="payeer" maxlength="10" disabled="disabled"></div>
</div>
<div class="m_l">
<div class="m_name">Новый пароль: </div>
<div class="m_pole"><input type="text" name="newpass" maxlength="15" onkeyup="return validate2(this);" onchange="return validate2(this);"></div>
</div>
<div class="m_l"><button style="float:right;">Сохранить</button></div>
</form>
</div>
<?php include 'module/user_menu.php'; ?>
</div>
</div>
<script type="text/javascript">
function validate1 ( )
{
valid = true;
if (document.form1.email.value == "")
{
alert ('Не заполенно поле «Email»');
valid = false;
}
temp = $.ajax ({ url: "fetch.php", type: "POST", data: "mode=check_pair&login=" + document.form1.login.value +"&email=" + document.form1.email.value, async: false }).responseText;
if ((temp == 'taken') && (valid == true))
{
alert ('Пользователь с таким Email уже зарегистрирован');
valid = false;
}
return valid;
}
function validate2(input)
{
var value = input.value;
var good = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz@.';
for (i=0;i<value.length;i++)
{
letter = value.charAt(i)
if (good.indexOf(letter) == -1)
input.value = value.replace(letter, '');
}
}
$('.radioB input').change(function()
{
$('.radioB input').removeAttr('checked');
$(this).prop('checked', true);
});
</script>