Файл: moduls/panel/us.edit.php
Строк: 49
<?php
$title = 'Редактирование пользователя';
require ($_SERVER['DOCUMENT_ROOT'].'/core/sys.php');
if($user['id'] != 1){
header('Location: /');
exit;
}
$id = abs(intval($_GET['id']));
$up_us = $db->prepare('SELECT * FROM `users` WHERE `id` = ?');
$up_us -> execute([$id]);
$up_us = $up_us -> fetch(PDO :: FETCH_ASSOC);
if(!isset($up_us['id'])){
$_SESSION['message'] = 'Данный пользователь не был найден !';
header('Location: /panel/my/us.view.aspx');
exit;
}
if(isset($_POST['ok'])){
$filter = array(
'money' => trim(filter_input(INPUT_POST, 'money', FILTER_UNSAFE_RAW)),
'email' => trim(filter_input(INPUT_POST, 'email', FILTER_UNSAFE_RAW)),
'block' => trim(filter_input(INPUT_POST, 'block', FILTER_UNSAFE_RAW)),
);
$update = $db->prepare("UPDATE `users` SET `money` = ?, `email` = ?, `block` = ? WHERE `id` = ?");
$update -> execute([$filter['money'],$filter['email'],$_POST['block'],$up_us['id']]);
$_SESSION['message'] = 'Вы успешно изменили пользователя!';
exit(header('Location: /panel/my/us.view.aspx'));
}
require ($_SERVER['DOCUMENT_ROOT'].'/core/head.php');
echo '<div class="top"> '.$title.'</div>';
echo '<div class="box">
<form action="" method="POST">
<h3>Логин :</h3>
<br /><input type="text" name="login" maxlength="45" value="'.$up_us['name'].'" disabled/><br />
<h3>Денежные средства:</h3><br /><input type="text" name="money" maxlength="45" value="'.$up_us['money'].'" /><br />
<h3>E-MAIL:</h3><br /><input type="text" name="email" value="'.$up_us['email'].'" maxlength="50" /><br /><br />';
if($up_us['block'] != 0) $check = 'checked';
?>
<style>
input[type="checkbox"] {
display:inline-block;
width:19px;
height:19px;
margin:-1px 4px 0 0;
vertical-align:middle;
background:url(/design/check.png) left top no-repeat;
cursor:pointer;
}
input[type="checkbox"]:checked{
background:url(/design/check.png) -19px top no-repeat;
}
</style>
<div class='checkbox'><input type='checkbox' name='block' value='1' <?=$check?>/> <strong>Заблокировать</strong> </label></div><br />
<input type="submit" name="ok" value="Изменить" />
</form></div>
<?
require ($_SERVER['DOCUMENT_ROOT'].'/core/foot.php');