Файл: public_html/managerial/edit_profile.php
Строк: 85
<?php
include '../system/system.php';
$title = 'Редактирование';
include '../system/head.php';
if(!$user) {
header('location: /index.php');
exit();
}
if($user['access'] != 2) {
header('location: /game.php');
exit();
}
$id = _string(_num($_GET['id']));
if($id) {
$i = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$id.'"');
$i = mysql_fetch_array($i);
}
if(!$i OR $i['id'] == $user['id']) {
header('location: /game.php');
exit();
}
if(isset($_GET['save'])){
$login = _string($_POST['login']);
$password = _string($_POST['password']);
$secret_password = _string($_POST['secret_password']);
$gold = _string(_num($_POST['gold']));
$silver = _string(_num($_POST['silver']));
$strength = _string(_num($_POST['strength']));
$armor = _string(_num($_POST['armor']));
$max_health = _string(_num($_POST['max_health']));
$max_energy = _string(_num($_POST['max_energy']));
$level = _string(_num($_POST['level']));
$exp = _string(_num($_POST['exp']));
$access = _string(_num($_POST['access']));
mysql_query("update `users` set `login` = '".$i['login']."', `password` = '".$i['password']."', `secret_password` = '".$secret_password."', `gold` = '".$gold."', `silver` = '".$silver."', `strength` = '".$strength."', `armor` = '".$armor."', `level` = '".$level."', `exp` = '".$exp."', `max_health` = '".$max_health."', `max_energy` = '".$max_energy."', `access` = '".$access."' where `id` = '".$i['id']."'");
echo '<div class="block small green center">Изменения приняты!</div>';
echo '<a href="/profile.php?id='.$i['id'].'" class="link"><img src="/images/icons/forward.png"> Продолжить</a>';
include ('../system/foot.php');
exit();
}
echo "<div class='block'> <form method='post' action='?id=$i[id]&save'>";
echo "Логин: <br>
<input name='login' class='text' type='text' style='width: 97%' value='$i[login]' disabled>";
echo "Пароль: <br>
<input name='password' class='text' type='text' style='width: 97%' value='$i[password]' disabled>";
echo "Секретный пароль: <br>
<input name='secret_password' class='text' type='text' style='width: 97%' value='$i[secret_password]'>";
echo "Золото: <br>
<input name='gold' class='text' type='text' style='width: 97%' value='$i[gold]'>";
echo "Серебро: <br>
<input name='silver' class='text' type='text' style='width: 97%' value='$i[silver]'>";
echo "Атака: <br>
<input name='strength' class='text' type='text' style='width: 97%' value='$i[strength]'>";
echo "Защита: <br>
<input name='armor' class='text' type='text' style='width: 97%' value='$i[armor]'>";
echo "Здоровье: <br>
<input name='max_health' class='text' type='text' style='width: 97%' value='$i[max_health]'>";
echo "Энергия: <br>
<input name='max_energy' class='text' type='text' style='width: 97%' value='$i[max_energy]'>";
echo "Уровень: <br>
<input name='level' class='text' type='text' style='width: 97%' value='$i[level]'>";
echo "Опыт: <br>
<input name='exp' class='text' type='text' style='width: 97%' value='$i[exp]'>";
echo "<br>Права: <br>
<input name='access' class='text' type='number' style='width: 97%' value='$i[access]'>";
echo "<input type='submit' class='submit' value='Изменить'></form></div>";
echo '<a href="/profile.php?id='.$i['id'].'" class="link"> <img src="/images/race/'.$i['race'].'.png"> '.$i['login'].'</a>';
include '../system/foot.php';
?>