Файл: profile.php
Строк: 315
<?
session_start();
include("header.php");
$urlpage='Страница профиля';
require("inc/connect.inc.php");
if (isset($_COOKIE['id']) and isset($_COOKIE['hash']))
{
$query = mysql_query("SELECT *,INET_NTOA(login_ip) as login_ip FROM ".$db_pref."users WHERE id = '".intval($_COOKIE['id'])."' LIMIT 1");
$userdata = mysql_fetch_assoc($query);
if(($userdata['hash'] !== $_COOKIE['hash']) or ($userdata['id'] !== $_COOKIE['id'])
or (($userdata['login_ip'] !== $_SERVER['REMOTE_ADDR']) and ($userdata['login_ip'] !== "0.0.0.0")))
{
echo "<div align='center'><font color='red'><br><b>".$lang['error16']."</b></font><br><br></div>";
}
else
{
$passs=$userdata['pass'];
$id=$userdata['id'];
$wm_alert=$userdata['alertpay'];
$wm_perfekt=$userdata['perfektmoney'];
$user=$userdata['user'];
$wm=$userdata['wm'];
$icq=$userdata['icq'];
$skype=$userdata['skype'];
$email=$userdata['email'];
$add=$_GET["add"];
$wm_perfekt1=mysql_escape_string($_POST["wm_perfekt"]);
$wm_alert1=mysql_escape_string($_POST["wm_alert"]);
$edit=$_POST["edit"];
$skypea=mysql_escape_string($_POST["skype"]);
$icqa=mysql_escape_string($_POST["icq"]);
$kosel=mysql_escape_string($_POST["kosel"]);
$pass=mysql_escape_string($_POST["pass"]);
$pass0=mysql_escape_string($_POST["pass0"]);
$pass1=mysql_escape_string($_POST["pass1"]);
$pass2=mysql_escape_string($_POST["pass2"]);
$emailyou=mysql_escape_string($_POST["emailyou"]);
$code=$_POST["code"];
$sql1=mysql_query("select*from ".$db_pref."sysvals");
$row1=mysql_fetch_array($sql1);
$sistem=$row1['sistem'];
$currency=$row1['currency'];
$lang['profiles1']=str_replace("{wm}",$currency,$lang['profiles1']);
$profiles=$lang['profiles'];
$profiles1=$lang['profiles1'];
$profiles2=$lang['profiles2'];
$profiles3=$lang['profiles3'];
$profiles4=$lang['profiles4'];
$profiles5=$lang['profiles5'];
$profiles6=$lang['profiles6'];
$profiles7=$lang['profiles7'];
$profiles8=$lang['profiles8'];
$profiles_liber=$lang['profiles18'];
$profiles_alertpay=$lang['profiles19'];
$profiles_perfekt=$lang['profiles20'];
$sqlop=mysql_query("select*from ".$db_pref."rest where login='$user' limit 1");
$rowop=mysql_fetch_array($sqlop);
$otpusk=$rowop['login'];
echo"<!-- ид $id -->";
$wm_perfekt1 = preg_replace("/(s){1,}/",'',$wm_perfekt1);
$wm_alert1 = preg_replace("/(s){1,}/",'',$wm_alert1);
$kosel = preg_replace("/(s){1,}/",'',$kosel);
$lang['reg16']=str_replace("{wm}",$row1['currency'],$lang['reg16']);
$lang['reg33']=str_replace("{wm}",$row1['currency'],$lang['reg33']);
$lang['reg34']=str_replace("{wm}",$row1['currency'],$lang['reg34']);
$lang['reg35']=str_replace("{wm}",$row1['currency'],$lang['reg35']);
if(isset($add)):
$sql22=mysql_query("select*from ".$db_pref."sysvals");
$row22=mysql_fetch_array($sql22);
$currency=$row22['currency'];
include("inc/usermenu.inc.php");
print_form_pro();
print_form_pro_pass();
elseif(isset($edit)):
include("inc/usermenu.inc.php");
$ulength=strlen($emailyou);
if (($ulength<'6') || ($ulength>'30')):
?><br>
<table width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles11'];?></font></td>
</tr>
</table>
<?
print_form_pro();
else:
$findwm = mysql_query("select * from ".$db_pref."users where wm='$kosel';");
$count1=mysql_num_rows($findwm);
if(($sistem==multi)and($yes!='NO')and($kosel!=='')and($count1>0)):
?>
<div align="center"><font color="red"><b><?=$lang['reg28'];?><br>LIBERTY RESERVE</b></font><br></div>
<? print_form_pro();
else:
$findwm = mysql_query("select * from ".$db_pref."users where perfektmoney='$wm_perfekt1';");
$count2=mysql_num_rows($findwm);
if(($sistem==multi)and($wm_perfekt1!=='')and($count2>0)):
?>
<div align="center"><font color="red"><b><?=$lang['reg28'];?><br>Perfect Money</b></font><br></div>
<? print_form_pro();
else:
$findwm = mysql_query("select * from ".$db_pref."users where alertpay='$wm_alert1';");
$count3=mysql_num_rows($findwm);
if(($sistem==multi)and($yes!='NO')and($wm_alert1!=='')and($count3>0)):
?>
<div align="center"><font color="red"><b><?=$lang['reg28'];?><br>ALERTPAY</b></font><br></div>
<?
print_form_pro();
else:
$sql1=mysql_query("select*from ".$db_pref."sysvals");
$row1=mysql_fetch_array($sql1);
$currency=$row1['currency'];
$kosel=trim($kosel);
$wm_length=strlen($kosel);
$wm_test=substr($kosel,0,1);
if (($sistem==multi) and ($kosel!=='') and ($wm_length != '8') || ($wm_test != "$currency")):
?>
<div align="center"><font color="red"><b><?=$lang['reg35'];?></b></font><br></div>
<?
print_form_pro();
else:
$sql1=mysql_query("select*from ".$db_pref."sysvals");
$row1=mysql_fetch_array($sql1);
$currency=$row1['currency'];
$wm_perfekt1=trim($wm_perfekt1);
$wm_length_p=strlen($wm_perfekt1);
$wm_test_p=substr($wm_perfekt1,0,1);
if (($sistem==multi) and ($wm_perfekt1!=='') and ($wm_length_p != '8') || ($wm_test_p != "$currency")):
?>
<div align="center"><font color="red"><b><?=$lang['reg34'];?></b></font><br></div>
<?
print_form_pro();
else:
if(($sistem==multi) and ($wm_alert1!=='') and (!preg_match('/^(([^<>()[]\.,;:s@"']+(.[^<>()[]\.,;:s@"']+)*)|("[^"']+"))@(([d{1,3}.d{1,3}.d{1,3}.d{1,3}])|(([a-zA-Zd-]+.)+[a-zA-Z]{2,}))$/', $wm_alert1))):
?>
<div align="center"><font color="red"><b><?=$lang['reg15'];?> Alertpay</b></font><br></div>
<?
print_form_pro();
else:
if( strtolower($_POST['code'])!= strtolower($_SESSION['texto'])):
?><br>
<table width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles12'];?></font></td>
</tr>
</table>
<?
print_form_pro();
else:
if (eregi("^[a-z0-9_]+([-_.]?[a-z0-9_])+@[a-z0-9]+([-_.]?[a-z0-9])+.[a-z]{2,4}", $emailyou)):
$password = md5(md5(trim($pass1)));
if(($wm_perfekt!=='')and($sistem=='multi')){
$wm_perfekt1=$wm_perfekt;
}
if(($wm!=='')and($sistem=='multi')){
$kosel=$wm;
$yes="YES";
}
if(($wm_alert!=='')and($sistem=='multi')){
$wm_alert1=$wm_alert;
}
if($otpusk==$user){
mysql_query("update ".$db_pref."users set skype='$skypea', icq='$icqa', email='$emailyou' where id='".intval($id)."' LIMIT 1");
}else{
mysql_query("update ".$db_pref."users set alertpay='$wm_alert1', perfektmoney='$wm_perfekt1', wm='$kosel' , skype='$skypea', icq='$icqa', email='$emailyou' where id=".intval($id)." LIMIT 1");
}
?>
<br>
<table class="form" width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><i><b><?=$lang['profiles9'];?></b></i></td>
</tr>
<tr>
<td align="center"><font color="gren"><?=$lang['profiles10'];?><font></td>
</tr>
</table>
<?
echo "<script language='Javascript'>function reload() {location = "account.php"}; setTimeout('reload()', 3000);</script>";
else:
?><br>
<table class="form" width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles13'];?></font></td>
</tr>
</table>
<?
print_form_pro();
endif;endif;
endif;
endif;
endif;
endif;
endif;
endif;
endif;
elseif(isset($pass)):
$passold = md5(md5(trim($pass0.$sekretkey)));
if (($passs!==$passold)):
include("inc/usermenu.inc.php");
?><br>
<table class="form" width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles14'];?></font></td>
</tr>
</table>
<?
print_form_pro_pass();
else:
if (($pass1==null) || ($pass2==nulll)):
include("inc/usermenu.inc.php");
?><br>
<table class="form" width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles15'];?></font></td>
</tr>
</table>
<?
print_form_pro_pass();
else:
if (($pass1!==$pass2)):
include("inc/usermenu.inc.php");
?><br>
<table class="form" width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles16'];?></font></td>
</tr>
</table>
<?
print_form_pro_pass();
else:
$ulength=strlen($pass1);
if (($ulength<'6') || ($ulength>'12')):
include("inc/usermenu.inc.php");
?><br>
<table class="form" width="100%" align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td align="center"><font color="red"><?=$lang['profiles17'];?></font></td>
</tr>
</table>
<?
print_form_pro_pass();
else:
include("inc/usermenu.inc.php");
?>
<br>
<table class="form" width="100%" align="center" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="center"><?=$lang['profiles9'];?></td>
</tr>
<tr>
<td align="center" ><font color="green"><?=$lang['profiles10'];?><font></td>
</tr>
</table>
<?
echo "<script language='Javascript'>function reload() {location = "account.php"}; setTimeout('reload()', 3000);</script>";
$password = md5(md5(trim($pass1.$sekretkey)));
mysql_query("update ".$db_pref."users set pass='$password' where id='".intval($id)."' LIMIT 1");
endif;endif;endif;endif;endif;
}
}
else
{
echo "<div align='center'><font color='red'><br><b>".$lang['error']."</b></font><br><br></div>";
}
include("footer.php");
?>