Файл: modules/user/edit.php
Строк: 124
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
if(!User::logged()) go('/');
$locate = 'in_pr_edit';
if(isset($_POST['save']) && $_GET['act']== 'save')
{
$name = substr(input($_POST['name']), 0, 35);
$surname = substr(input($_POST['surname']), 0, 35);
$day = substr(abs(intval($_POST['day'])), 0, 2);
$month = substr(abs(intval($_POST['month'])), 0, 2);
$year = substr(abs(intval($_POST['year'])), 0, 4);
$device = substr(input($_POST['device']), 0, 65);
$icq = substr(abs(intval($_POST['icq'])), 0, 9);
$gender = ($_POST['gender'] == 1 || $_POST['gender'] == 2 ? abs(intval($_POST['gender'])) : 1);
$city = substr(input($_POST['city']), 0, 65);
$country = substr(input($_POST['country']), 0, 55);
$site = substr(input($_POST['site']), 0, 40);
$site = str_replace('http://', '', $site);
$about_me = substr(input($_POST['about_me']), 0, 1000);
$db->query("UPDATE `users` SET `name` = '". $name."', `surname` = '". $surname."', `day` = '". $day."', `month` = '". $month."', `year` = '". $year."', `device` = '". $device."', `icq` = '". $icq."', `city` = '". $city."', `country` = '". $country."', `site` = '". $site."', `gender` = '". $gender."', `info` = '". $about_me."' WHERE `id` = '".$user['id'] ."'");
// print_r($db->errorInfo());
go('/user/edit/?act=edited');
}
$title = _t('edit_profile');
include_header($title);
if($_GET['act']=='edited') {$tpl->div('block', _t('succ_save'));}
$tpl->div('title', _t('edit_profile'));
echo '<div class="post">
<form action="?act=save" method="post">
<b>'. _t('name') .'</b>: <br/>
<input type="text" name="name" value="'. $user['name'] .'" /><br/>
<b>'. _t('surname') .'</b>: <br/>
<input type="text" name="surname" value="'. $user['surname'] .'" /><br/>
<b>'. _t('birth') .'</b>: <br/>
<select name="day">
<option value="0" '.($user['day'] == '0' ? 'selected="selected"' : NULL).'>0</option>';
for($d = 1; $d<=31; $d++)
{
echo "<option value="". $d ."" ".($user['day'] == $d ? 'selected="selected"' : NULL).">". $d ."</option>n";
}
echo '</select>
<select name="month">
<option value="0" '.($user['day'] == '0' ? 'selected="selected"' : NULL).'>0</option>';
for($m = 1; $m<=12; $m++)
{
echo "<option value="". $m ."" ".($user['month'] == $m ? 'selected="selected"' : NULL).">". $m ."</option>n";
}
echo '</select>
<select name="year">
<option value="0" '.($user['day'] == '0' ? 'selected="selected"' : NULL).'>0</option>';
for($y = 1960; $y<=(date('Y')-1); $y++)
{
echo "<option value="". $y ."" ".($user['year'] == $y ? 'selected="selected"' : NULL).">". $y ."</option>n";
}
echo '</select><br/>
<b>'. _t('gender') .'</b>: <br/>
<select name="gender">
<option value="1" '.($user['gender'] == '1' ? 'selected="selected"' : NULL).'>'. _t('male') .'</option>
<option value="2" '.($user['gender'] == '2' ? 'selected="selected"' : NULL).'>'. _t('female') .'</option>
</select><br/>
<b>'. _t('device') .'</b>: <br/>
<input type="text" name="device" value="'. $user['device'] .'" /><br/>
<b>ICQ</b>: <br/>
<input type="text" name="icq" value="'. $user['icq'] .'" /><br/>
<b>'. _t('city') .'</b>: <br/>
<input type="text" name="city" value="'. $user['city'] .'" /><br/>
<b>'. _t('country') .'</b>: <br/>
<input type="text" name="country" value="'. $user['country'] .'" /><br/>
<b>'. _t('site') .'</b>: <br/>
<input type="text" name="site" value="'. (empty($user['site']) ? 'http://' : $user['site']).'" /><br/>
<b>'. _t('about_me') .'</b>: <br/>
<textarea rows="5" cols="30" name="about_me">'. $user['info'] .'</textarea><br/>
<input name="save" type="submit" value="'. _t('save') .'" />
</form>
</div>
';
$tpl->div('block', NAV.'<a href="/user/panel/">'._t('user_panel').'</a><br/>'. HICO .'<a href="/">'. _t('home') .'</a>');
include_footer();
?>