<?php
// Автор: waphak
// ICQ: 9988817
session_name("SID");
session_start();
include_once "theme/index.php";
require_once"conf.php";
require_once"config.php";
include_once "template/login.php";
if (!$_SESSION[uin]=="" && !md5($_SESSION[par])=="" && md5($_SESSION[par])==$provpar && $_SESSION[uin]==$provuin)
{
if(eregi("[^a-z0-9-]",$npar))
{
echo'<br><center>
Ошибка! Допустимы только знаки латинского алфавита и тире в поле "Пароль"
<br><a href="profil.php?'.SID.'">Повторить</a><br>
</center>'; exit;
}
$browser=htmlspecialchars(stripslashes(getenv('HTTP_USER_AGENT')));
if (getenv("HTTP_X_FORWARDED_FOR"))
{ $ip=htmlspecialchars(stripslashes(getenv("HTTP_X_FORWARDED_FOR"))); }
else { $ip=htmlspecialchars(stripslashes($_SERVER['REMOTE_ADDR'])); }
$text = @file("users/$uin.log");
if ($text!="")
{
$udata = explode(":||:",$text[0]);
$provuin=trim($udata[0]);
$nick=trim($udata[2]);
$name=trim($udata[3]);
$surname=trim($udata[4]);
$city=trim($udata[5]);
$about=trim($udata[6]);
$happy=trim($udata[7]);
$height=trim($udata[8]);
$weight=trim($udata[9]);
$mail=trim($udata[10]);
$mobile=trim($udata[11]);
$provpar=trim($udata[1]);
$browser=trim($udata[12]);
$ip=trim($udata[13]);
$regtime=trim($udata[14]);
$photo=trim($udata[15]);
}
if (isset($_POST['nick'])) $nick = $_POST['nick'];
if (isset($_POST['status'])) $status = $_POST['status'];
$npar = htmlspecialchars(stripslashes(trim($npar)));
$city = htmlspecialchars(stripslashes(trim($city)));
$about = htmlspecialchars(stripslashes(trim($about)));
$mail = htmlspecialchars(stripslashes(trim($mail)));
$mobile=htmlspecialchars(stripslashes(trim($mobile)));
$ip=htmlspecialchars(stripslashes(trim($ip)));
$height=htmlspecialchars(stripslashes(trim($height)));
$weight=htmlspecialchars(stripslashes(trim($weight)));
$happy=htmlspecialchars(stripslashes(trim($happy)));
$surname=htmlspecialchars(stripslashes(trim($surname)));
$name=htmlspecialchars(stripslashes(trim($name)));
$photo=htmlspecialchars(stripslashes(trim($photo)));
$nick=htmlspecialchars(stripslashes(trim($nick)));
$status = htmlspecialchars(stripslashes(trim($status)));
$photo = str_replace(";","",$photo);
$photo = str_replace(",","",$photo);
$photo = str_replace("'","",$photo);
$photo = str_replace("@","",$photo);
$photo = str_replace("!","",$photo);
$photo = str_replace("<","",$photo);
$photo = str_replace(">","",$photo);
$photo = str_replace("]","",$photo);
$photo = str_replace("[","",$photo);
$photo = str_replace("{","",$photo);
$photo = str_replace("}","",$photo);
$photo = str_replace("#","",$photo);
$photo = str_replace("$","",$photo);
$photo = str_replace("%","",$photo);
$photo = str_replace("^","",$photo);
$photo = str_replace("*","",$photo);
$photo = str_replace("(","",$photo);
$photo = str_replace(")","",$photo);
$photo = str_replace("=","",$photo);
$photo = str_replace("+","",$photo);
$photo = str_replace("php.","",$photo);
$photo = str_replace("PHP.","",$photo);
$photo = str_replace("dat.","",$photo);
$photo = str_replace("zip.","",$photo);
$photo = str_replace("DAT.","",$photo);
$photo = str_replace("ZIP.","",$photo);
$photo = str_replace("Zip.","",$photo);
$photo = str_replace("","",$photo);
$about = str_replace("|","",$about);
$about = str_replace("||","",$about);
$about=str_replace("&","&",$about);
$about = str_replace("'", "'",$about);
$about=str_replace("<","<",$about);
$about=str_replace(">",">",$about);
$about=str_replace("\"",""",$about);
$about=str_replace("$","$",$about);
$about = str_replace("\\", "\", $about);
$about = str_replace("!", "!", $about);
$about = str_replace("[", "[", $about);
$about = str_replace("]", "]", $about);
$about = str_replace("@", "@", $about);
$nick = str_replace("|","",$nick);
$nick = str_replace("||","",$nick);
$status = str_replace("|","",$status);
$status = str_replace("||","",$status);
$city = str_replace("|","",$city);
$city = str_replace("||","",$city);
$city=str_replace("&","&",$city);
$city = str_replace("'", "'",$city);
$city=str_replace("<","<",$city);
$city=str_replace(">",">",$city);
$city=str_replace("\"",""",$city);
$city=str_replace("$","$",$city);
$city = str_replace("\\", "\", $city);
$city = str_replace("!", "!", $city);
$city = str_replace("[", "[", $city);
$city = str_replace("]", "]", $city);
$city = str_replace("@", "@", $city);
$mail = str_replace("|","",$mail);
$mail = str_replace("||","",$mail);
$photo = str_replace("|","",$photo);
$photo = str_replace("||","",$photo);
$mobile = str_replace("|","",$mobile);
$mobile = str_replace("||","",$mobile);
$height = str_replace("|","",$height);
$height = str_replace("||","",$height);
$weight = str_replace("|","",$weight);
$weight = str_replace("||","",$weight);
$happy = str_replace("|","",$happy);
$happy = str_replace("||","",$happy);
$npars=md5($npar);
$fal = @file("users/$uin.log");
$udata = explode(":||:",$fal[0]);
$text=$uin.':||:'.$udata[1].':||:'.$nick.':||:'.$name.':||:'.$surname.':||:'.$city.':||:'.$about.':||:'.$happy.':||:'.$height.':||:'.$weight.':||:'.$mail.':||:'.$mobile.':||:'.$browser.':||:'.$ip.':||:'.$regtime.':||:'.$photo.':||:'.$status.':||:';
$of = @file("users/$uin.log");
$udata = explode(":||:",$of[0]);
$provpar= $udata[1];
$provpar= trim($provpar);
if ($provpar==md5($_SESSION[par]))
{
$fp=fopen("users/$uin.log","a+");
flock($fp,LOCK_EX);
ftruncate($fp,0);
fputs($fp,"$text");
fflush($fp);
flock($fp,LOCK_UN);
fclose($fp);
header ("Location: index.php?".SID);
}
else
{
print"Неверный пароль!<br>";
}
}else{
header ("Location: index.php?".SID);
}
include_once "theme/foot.php";
?>