Просмотр файла mafia/profile.php

Размер файла: 11.01Kb
<?
header("Cache-Control: no-cache");
header("Content-type:text/vnd.wap.wml");  
$ref=rand(10000,1000000);
require("inc.php");
$link = @mysql_pconnect ($MySQL_Hostname, $MySQL_Username, $MySQL_Password)
                or die ("<wml>
<card id=\"error\" title=\"error\">
<do type=\"prev\" label=\"Back\"><prev/></do><p align=\"center\">Can not connect to MySQL</p>
</card>
</wml>");
     
     @mysql_select_db($MySQLDatabasename) or die ("<wml>
<card id=\"error\" title=\"error\">
<do type=\"prev\" label=\"Back\"><prev/></do><p align=\"center\">error select the database...</p>
</card>
</wml>");

        $result = @mysql_query ("Select * from mafusers where id='".$id."'");
         
         if (mysql_affected_rows() == 0) {
          echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"error\" title=\"&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;\" ontimer=\"index.php?ref=$ref\"><timer value=\"15\"/>\n";
echo "<p align=\"center\">\n";
echo "User was not found\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close($link);
exit;
}
                
$row = mysql_fetch_array ($result);
if ($ps !== $row["pass"]){
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"error\" title=\"&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;\" ontimer=\"index.php?ref=$ref\"><timer value=\"15\"/>\n";
echo "<p align=\"center\">\n";
echo "Your login failed\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close($link);   
exit;
}           
$us=$row["user"];  
if(!isset($err)) $err="";

if(!@$go)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card id=\"profile\" title=\"Анкета\">\n";
echo "<p>\n";
echo "<b>$us</b><br/>\n";
echo "*Ваш пароль:<br/>\n";     
echo "<input name=\"pass\" maxlength=\"10\" value=\"$row[pass]\" title=\"pass\"/><br/>\n";
echo "*Кличка:<br/>\n";     
echo "<input name=\"name\" maxlength=\"15\" value=\"$row[name]\" title=\"name\"/><br/>\n";
if($row["sex"] === "М")
{
echo "Пол:<br/>\n";
echo "<select name=\"sex\">\n";
echo "<option value=\"М\">&#x041C;</option>\n";
echo "<option value=\"Ж\">&#x0416;</option>\n";
echo "</select><br/>\n";
 }
 else
 {
echo "Пол:<br/>\n";
echo "<select name=\"sex\">\n";
echo "<option value=\"Ж\">&#x0416;</option>\n";
echo "<option value=\"М\">&#x041C;</option>\n";
echo "</select><br/>\n"; 
 }
@list( $day, $month, $year ) = split( '-', $row["birth"] );
echo "*Дата рождения:<br/>\n";     
echo "День:<input name=\"days\" value=\"$day\" maxlength=\"2\" title=\"day\" format=\"*N\"/><br/>\n";  
echo "Месяц:<input name=\"months\" value=\"$month\" maxlength=\"2\" title=\"month\" format=\"*N\"/><br/>\n";     
echo "Год:<input name=\"years\" value=\"$year\" maxlength=\"4\" title=\"year\" format=\"*N\"/><br/>\n";  
echo "*Город:<br/>\n";     
echo "<input name=\"city\" maxlength=\"40\" value=\"$row[city]\" title=\"city\"/><br/>\n";
echo "*Краткая справка:<br/>\n";     
echo "<input name=\"infa\" maxlength=\"200\" value=\"$row[infa]\" title=\"infa\"/><br/>\n";  
if(isset($rm))echo "<anchor title=\"go\">Апдейт<go href=\"profile.php?id=$id&amp;ps=$ps&amp;go=rew&amp;rm=$rm&amp;ref=$ref\" method=\"post\">\n";
else echo "<anchor title=\"go\">Апдейт<go href=\"profile.php?id=$id&amp;ps=$ps&amp;go=rew&amp;ref=$ref\" method=\"post\">\n";
echo "<postfield name=\"pass\" value=\"$(pass)\"/>\n";
echo "<postfield name=\"name\" value=\"$(name)\"/>\n";
echo "<postfield name=\"sex\" value=\"$(sex)\"/>\n";
echo "<postfield name=\"day\" value=\"$(days)\"/>\n";
echo "<postfield name=\"month\" value=\"$(months)\"/>\n";
echo "<postfield name=\"year\" value=\"$(years)\"/>\n";
echo "<postfield name=\"city\" value=\"$(city)\"/>\n";
echo "<postfield name=\"infa\" value=\"$(infa)\"/>\n";
echo "</go></anchor><br/>\n";
if(isset($rm))echo "<a href=\"maf.php?id=$id&amp;ps=$ps&amp;rm=$rm&amp;ref=$ref\">В игру</a>\n";
else echo "<a href=\"enter.php?id=$id&amp;ps=$ps&amp;ref=$ref\">На улицу</a>\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
mysql_close ($link);
 }
 else
 {

    $error = true;
$pass = trim(" $pass ");
$pass = ereg_replace(" +"," ",$pass);         
$name = trim(" $name ");
$name = ereg_replace(" +"," ",$name);        
$day = trim(" $day ");
$day = ereg_replace(" +"," ",$day);           
$month = trim(" $month ");
$month = ereg_replace(" +"," ",$month);         
$year = trim(" $year ");
$year = ereg_replace(" +"," ",$year);                   
$city  = trim(" $city  ");
$city  = ereg_replace(" +"," ",$city);  
 
$infa  = trim(" $infa  ");
$infa  = ereg_replace(" +"," ",$infa);         
$infa=substr($infa,0,400);            

$emp = "&#x041D;&#x0435; &#x0437;&#x0430;&#x043F;&#x043E;&#x043B;&#x043D;&#x0435;&#x043D;&#x044B; &#x043E;&#x0431;&#x044F;&#x0437;&#x0430;&#x0442;&#x0435;&#x043B;&#x044C;&#x043D;&#x044B;&#x0435; &#x043F;&#x043E;&#x043B;&#x044F;!";              


    if ($pass === "") {
        $msg = "$emp";
    } elseif(!preg_match("!^[a-z0-9]+$!i",$pass))  {
        $msg = "&#x0412; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x0435; &#x043E;&#x0431;&#x043D;&#x0430;&#x0440;&#x0443;&#x0436;&#x0435;&#x043D;&#x044B; &#x0437;&#x0430;&#x043F;&#x0440;&#x0435;&#x0448;&#x0435;&#x043D;&#x043D;&#x044B;&#x0435; &#x0437;&#x043D;&#x0430;&#x043A;&#x0438;!";    
    } elseif ($name == "") {            
        $msg = "$emp";   
    } elseif ($day == "") {          
        $msg = "$emp";      
    } elseif ($month == "") {          
        $msg = "$emp";      
    } elseif ($year == "") {
        $msg = "$emp";             
    } elseif ($city == "") {
        $msg = "$emp";    
    } elseif ($infa == "") {
        $msg = "$emp";       

    } else {
    
        $pass = HtmlSpecialChars($pass); 
        $name = HtmlSpecialChars($name);     
        $day = HtmlSpecialChars($day);     
        $month = HtmlSpecialChars($month);     
        $year = HtmlSpecialChars($year);        
        $city = HtmlSpecialChars($city);           
    
        $infa = HtmlSpecialChars($infa);       
                            
        $pass = str_replace("", "", $pass);
        $pass = str_replace("", "", $pass); 
        $pass = str_replace("", "", $pass);         
        $pass = str_replace("", "", $pass); 
        $pass = str_replace("", "", $pass);        
        $pass = str_replace("", "", $pass); 
        $name = str_replace("", "", $name);
        $name = str_replace("", "", $name); 
        $name = str_replace("", "", $name);         
        $name = str_replace("", "", $name); 
        $name = str_replace("", "", $name);         
        $name = str_replace("", "", $name);         
        $city = str_replace("", "", $city);
        $city = str_replace("", "", $city); 
        $city = str_replace("", "", $city);         
        $city = str_replace("", "", $city); 
        $city = str_replace("", "", $city);        
        $city = str_replace("", "", $city);           
                
        $infa = str_replace("", "", $infa);
        $infa = str_replace("", "", $infa); 
        $infa = str_replace("", "", $infa);         
        $infa = str_replace("", "", $infa); 
        $infa = str_replace("", "", $infa);    
        $infa = str_replace("", "", $infa);            
                  
        $pass = str_replace("$", "$$", $pass);     
        $pass = str_replace("|", "&#0166;", $pass);           
        $name = str_replace("$", "$$", $name);     
        $name = str_replace("|", "&#0166;", $name);               
        $day = str_replace("$", "$$", $day);     
        $day = str_replace("|", "&#0166;", $day);   
        $month = str_replace("$", "$$", $month);     
        $month = str_replace("|", "&#0166;", $month);           
        $year = str_replace("$", "$$", $year);     
        $year = str_replace("|", "&#0166;", $year);                 
        $city = str_replace("$", "$$", $city);     
        $city = str_replace("|", "&#0166;", $city);           
                     
        $infa = str_replace("$", "$$", $infa);     
        $infa = str_replace("|", "&#0166;", $infa);      
                
        $pass = str_replace("'", "&#8216;", $pass);             
        $name = str_replace("'", "&#8216;", $name);               
        $day = str_replace("'", "&#8216;", $day);   
        $month = str_replace("'", "&#8216;", $month);              
        $year = str_replace("'", "&#8216;", $year);                 
        $city = str_replace("'", "&#8216;", $city);            
            
        $infa = str_replace("'", "&#8216;", $infa);       
                         
        if (mysql_select_db ($MySQLDatabasename)) {
            $result = mysql_query ("Select * mafusers where id = '".$id."'");
            if (mysql_affected_rows() == 0) {
                $msg = "database error...";
            } else {
   
                $birth = "$day-$month-$year";
   $ins_str = "Update mafusers set pass='".$pass."', name='".$name."', sex='".$sex."', birth='".$birth."', city='".$city."', infa='".$infa."' where id ='".$id."'";
    if (mysql_query ($ins_str)) {
     $msg = "&#x0412;&#x0430;&#x0448; &#x043F;&#x0440;&#x043E;&#x0444;&#x0430;&#x0439;&#x043B; &#x0438;&#x0437;&#x043C;&#x0435;&#x043D;&#x0451;&#x043D;";
     $error = False;
                } else {
                    $msg = "database error...";
                }
            }
        } else {
            $msg = "error select the database...";
        }
        mysql_close($link);

    }
 if ($error) {
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
if(isset($rm))echo "<card id=\"error\" title=\"error\" ontimer=\"profile.php?id=$id&amp;ps=$ps&amp;rm=$rm\"><timer value=\"15\"/>\n";
else echo "<card id=\"error\" title=\"error\" ontimer=\"profile.php?id=$id&amp;ps=$ps\"><timer value=\"15\"/>\n";
echo "<do type=\"prev\" label=\"Back\"><prev/></do>\n";

echo "<p>\n";
echo "<b>$msg</b>\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";

    } else {

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
if(isset($rm))echo "<card id=\"ok\" title=\"OK\" ontimer=\"maf.php?id=$id&amp;ps=$pass&amp;rm=$rm&amp;ref=$ref\"><timer value=\"10\"/>\n";
else echo "<card id=\"ok\" title=\"OK\" ontimer=\"enter.php?id=$id&amp;ps=$pass&amp;ref=$ref\"><timer value=\"10\"/>\n";
echo "<p>\n";
echo "<b>$msg</b><br/>\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
}
}

?>