Файл: modules/edit_ank.php
Строк: 90
<?
////////////////////////////////////////
///// Основа ApiCMS //////
///// Автор биллинга - IvanDanilov /////
///// Автор биллинга - IvanDanilov /////
///// ICQ 936545, mail: KyberID@ya.ru //
////////////////////////////////////////
////////////////////////////////////////
$title = 'Редактирование анкеты';
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
////////////////////////////////////////
if (!$user['id']) header('location: /');
$my_sets = mysql_real_escape_string($_POST['set_theme']);
///////////////////////////////////
if (isset($_POST['save'])){
///////////////////////////////////
if (isset($_POST['name']) && preg_match('/[A-zА-я0-9 _-=+()*?.,]/i', $_POST['name'])){
$nameus = mysql_real_escape_string($_POST['name']);
mysql_query("UPDATE `users` SET `name` = '$nameus' WHERE `id` = '$user[id]' LIMIT 1");
}
///////////////////////////////////
if (isset($_POST['surname']) && preg_match('/[A-zА-я0-9 _-=+()*?.,]/i', $_POST['surname'])){
$surnameus = mysql_real_escape_string($_POST['surname']);
mysql_query("UPDATE `users` SET `surname` = '$surnameus' WHERE `id` = '$user[id]' LIMIT 1");
}
///////////////////////////////////
if (isset($_POST['country']) && preg_match('/[A-zА-я0-9 _-=+()*?.,]/i', $_POST['country'])){
$countryus = mysql_real_escape_string($_POST['country']);
mysql_query("UPDATE `users` SET `country` = '$countryus' WHERE `id` = '$user[id]' LIMIT 1");
}
///////////////////////////////////
if (isset($_POST['city']) && preg_match('/[A-zА-я0-9 _-=+()*?.,]/i', $_POST['city'])){
$cityus = mysql_real_escape_string($_POST['city']);
mysql_query("UPDATE `users` SET `city` = '$cityus' WHERE `id` = '$user[id]' LIMIT 1");
}
///////////////////////////////////
if (isset($_POST['wm_id']) && isset($_POST['wm_id']) && strlen(intval($_POST['wm_id']))==12 && strlen(intval($_POST['wm_wmr']))==12){
if(empty($user['wm_id'])){
mysql_query("UPDATE `users` SET `wm_id` = '".intval($_POST['wm_id'])."' WHERE `id` = '$user[id]' LIMIT 1");
}
if(empty($user['wm_wmr'])){
mysql_query("UPDATE `users` SET `wm_wmr` = '".intval($_POST['wm_wmr'])."' WHERE `id` = '$user[id]' LIMIT 1");
}
}
echo '<div class="content"><center>Изменения в анкету внесены</center></div>';
}
////////////////////////////////////////
echo "<form method='post' action='?ok'>n";
///////////////////////////////////
echo '<div class="subhead">';
echo "Ваше имя: </br> <input type='text' name='name' value='".htmlentities($user['name'], ENT_QUOTES, 'UTF-8')."' /><br />n";
echo '</div>';
///////////////////////////////////
echo '<div class="subhead">';
echo "Ваша фамилия: </br> <input type='text' name='surname' value='".htmlentities($user['surname'], ENT_QUOTES, 'UTF-8')."' /><br />n";
echo '</div>';
///////////////////////////////////
echo '<div class="subhead">';
echo "Ваша страна: </br> <input type='text' name='country' value='".htmlentities($user['country'], ENT_QUOTES, 'UTF-8')."' /><br />n";
echo '</div>';
///////////////////////////////////
echo '<div class="subhead">';
echo "Ваш город: </br> <input type='text' name='city' value='".htmlentities($user['city'], ENT_QUOTES, 'UTF-8')."' /><br />n";
echo '</div>';
///////////////////////////////////
echo '<div class="loghead">Webmoney реквизиты</div>';
echo '<div class="erors">Webmoney реквизиты изменять нельзя нельзя. ';
if(empty($user['wm_id']) && empty($user['wm_wmr']))echo'Подойдите ответственно к их заполнению.';
echo '</div><div class="subhead">';
if(empty($user['wm_id'])){
echo "WMID: </br><input type='text' name='wm_id' value='".htmlentities($user['wm_id'], ENT_QUOTES, 'UTF-8')."' /></br>n";
}else{
echo "WMID: </br><input type='text' name='wm_id' value='".htmlentities($user['wm_id'], ENT_QUOTES, 'UTF-8')."' readonly /></br>n";
}
echo '</div>';
echo '<div class="subhead">';
if(empty($user['wm_wmr'])){
echo "WMR кош. (Без буквы <b>R</b>): </br> <input type='text' name='wm_wmr' value='".htmlentities($user['wm_wmr'], ENT_QUOTES, 'UTF-8')."' /><br />n";
}else{
echo "WMR кош. (Без буквы <b>R</b>): </br> <input type='text' name='wm_wmr' value='".htmlentities($user['wm_wmr'], ENT_QUOTES, 'UTF-8')."' readonly /><br />n";
}
echo '</div>';
echo "<div class='subhead'><center><input type='submit' name='save' value='Сохранить' /></center></div>n";
////////////////////////////////////////
apicms_foot();
?>