Просмотр файла user/edit.php

<?php

/*********************************************************************/
#---------------------------KokirCMS Соц сети-------------------------#
#---------------------Kiriyan и kokir Сайт kiriyan.org----------------#
#-------------------------------2012 г.-------------------------------#
#------------------Связь ICQ 455002004. [email protected]#
#----------------------------Пример ewwap.ru--------------------------#
/*********************************************************************/

require('../inc/core.php');
if(empty($_GET['id']) || !ctype_digit($_GET['id']))
  error('5', $home);

$id = $_GET['id'];

$u = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = $id;"));
if(!$u)
  error('4', $home);

if($user['id'] != $u['id'] && $user['rights'] < 2)
  error('6', $home);

$title = 'Редактирование анкеты ' . $u['login'];
require('../inc/head.php');

if(isset($_POST['edit']))
{
  $name = mb_substr(escstr($_POST['name']), 0, 20);
  $city = mb_substr(escstr($_POST['city']), 0, 100);
  $orient = escstr($_POST['orient']);
  $about = mb_substr(escstr($_POST['about']), 0, 500);
  $mail = mb_substr(escstr($_POST['mail']), 0, 100);
  $tel = mb_substr(escstr($_POST['tel']), 0, 13);
  $icq = mb_substr(abs(intval($_POST['icq'])), 0, 11);
  $skype = mb_substr(escstr($_POST['skype']), 0, 50);
  $site = mb_substr(escstr($_POST['site']), 0, 100);

  $edit = array(
    'about' => $about,
    'mail' => $mail,
    'tel' => $tel,
    'icq' => (mb_strlen($icq) >= 5 ? $icq : ''),
    'skype' => $skype,
    'site' => $site
  );

  if(mb_strlen($name) >= 2)
    $edit['name'] = $name;

  $d = abs(intval($_POST['d']));
  $m = abs(intval($_POST['m']));
  $y = abs(intval($_POST['y']));
  if($d >= 1 && $d <= 31 && $m >= 1 && $m <= 12 && mb_strlen($y) == 4 && ctype_digit($y) && $y < (date("Y", $time) - 10))
    $edit['birth'] = strtotime("$y-$m-$d");

  if(mb_strlen($city) >= 2)
    $edit['city'] = $city;
  if(in_array($orient, array('Гетеро', 'Гей', 'Би', 'Лесби')))
    $edit['orient'] = $orient;

  if($user['rights'] >= 2)
  {
    $rights = abs(intval($_POST['rights']));
    if($rights >= 0 && $rights <= 2)
        $edit['rights'] = $rights;
  }

  $query = "UPDATE `users` SET `id` = '" . $id . "'";
  foreach($edit as $key => $value)
  {
    $query .= ", `" . $key . "` = '" . $value . "'";
  }
  $query .= " WHERE `id` = $id;";

  if(mysql_query($query))
    echo '<div class="galarm">Изменения внесены</div>';
  else
    echo '<div class="error">Произошла ошибка</div>';

  $u = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = $id;"));
}

echo '<div class="caption"><a href="' . $home . '/id' . $u['id'] . '">Анкета ' . $u['login'] . '</a> &raquo; Редактировать</div>';
echo '<form action="" method="post">';
echo '<div class="menu">';
echo '<label><img src="' . $home . '/images/profile.png" alt="*"/> Имя:<br/><input type="text" name="name" maxlength="20" value="' . $u['name'] . '"/></label><br/>';
echo '<img src="' . $home . '/images/calendar.png" alt="*"/> День рождения:<br/>';
echo '<input type="text" name="d" maxlength="2" size="2" value="' . date("d", $u['birth']) . '"/>-';
echo '<input type="text" name="m" maxlength="2" size="2" value="' . date("m", $u['birth']) . '"/>-';
echo '<input type="text" name="y" maxlength="4" size="4" value="' . date("Y", $u['birth']) . '"/><br/>';
echo '<label><img src="' . $home . '/images/map.png" alt="*"/> Город:<br/><input type="text" name="city" maxlength="100" value="' . $u['city'] . '"/></label><br/>';
echo '<img src="' . $home . '/images/heart.png" alt="*"/> Ориентация:<br/><select name="orient">';
echo '<option' . ($u['orient'] == 'Гетеро' ? ' selected="selected"' : '') . '>Гетеро</option>';
echo '<option' . ($u['orient'] == 'Гей' ? ' selected="selected"' : '') . '>Гей</option>';
echo '<option' . ($u['orient'] == 'Би' ? ' selected="selected"' : '') . '>Би</option>';
echo '<option' . ($u['orient'] == 'Лесби' ? ' selected="selected"' : '') . '>Лесби</option>';
echo '</select><br/>';
echo '</div><div class="menu">';

echo '<label><img src="' . $home . '/images/info.png" alt="*"/> О себе:<br/><textarea name="about">' . $u['about'] . '</textarea></label>';

echo '</div><div class="menu">';

echo '<label><img src="' . $home . '/images/email.png" alt="*"/> E-mail :<br/><input type="text" name="mail" maxlength="100" value="' . $u['mail'] . '"/></label><br/>';
echo '<label><img src="' . $home . '/images/tel.png" alt="*"/> Телефон :<br/><input type="text" name="tel" maxlength="13" value="' . $u['tel'] . '"/></label><br/>';
echo '<label><img src="' . $home . '/images/icq.png" alt="*"/> ICQ :<br/><input type="text" name="icq" maxlength="11" value="' . $u['icq'] . '"/></label><br/>';
echo '<label><img src="' . $home . '/images/skype.png" alt="*"/> Skype :<br/><input type="text" name="skype" maxlength="50" value="' . $u['skype'] . '"/></label><br/>';
echo '<label><img src="' . $home . '/images/site.png" alt="*"/> Сайт :<br/><input type="text" name="site" maxlength="100" value="' . $u['site'] . '"/></label>';

if($user['rights'] >= 2 && $u['id'] != $user['id'])
{
  echo '</div><div class="menu adm">';
  echo '<b>Должность:</b><br/>';
  echo '<label><input type="radio" name="rights" value="0"' . (!$u['rights'] ? ' checked="checked"' : '') . '/> Пользователь</label><br/>';
  echo '<label><input type="radio" name="rights" value="1"' . ($u['rights'] == 1 ? ' checked="checked"' : '') . '/> Модератор</label><br/>';
  echo '<label><input type="radio" name="rights" value="2"' . ($u['rights'] == 2 ? ' checked="checked"' : '') . '/> <b>Администратор</b></label>';
}

echo '</div><div class="menu">';
echo '<input type="submit" name="edit" value="Сохранить"/>';
echo '</div>';
echo '</form>';

require('../inc/end.php');

?>