Просмотр файла includes/usercp_editstyle.php

Милый пушистый сайт !!!!
Размер файла: 2.35Kb 
<?php
/***************************************************************************
 *                            usercp_editstyle.php
 *                            -------------------
 *      Разработка: Гутник Игорь ( чел ).
 *          2009 год
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
	die("Hacking attempt");
	exit;
}

include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);

$style = htmlspecialchars(stripslashes($HTTP_GET_VARS['style']));

if ( (!empty($HTTP_POST_VARS['add']) && !empty($HTTP_POST_VARS['style_text'])) || (!empty($HTTP_POST_VARS['style_id'])) )
{
	if (!empty($HTTP_POST_VARS['style_id']) && empty($HTTP_POST_VARS['add']))
	{
		$style_id = intval($HTTP_POST_VARS['style_id']);

		$sql = "SELECT style_text  
			FROM " . STYLES_CSS . " 
			WHERE style_id = $style_id";
		if(!$result = $db->sql_query($sql))
		{
			message_die(GENERAL_ERROR, "Could not get data from styles table", "", __LINE__, __FILE__, $sql);
		}
		$row = $db->sql_fetchrow($result);
		$style_text = $row['style_text'];
	} else {
		$style_text = htmlspecialchars(trim($HTTP_POST_VARS['style_text']));
	}

	$sql = "UPDATE " . USERS_TABLE . "
		SET style_text = '" . str_replace("\'", "''", $style_text) . "'
		WHERE user_id = ".$userdata['user_id'];
	if ( !($result = $db->sql_query($sql)) )
	{
		message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
	}
	$message = 'Стиль установлен<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
	$template->assign_vars(array(
		"META" => '<meta http-equiv="refresh" content="2;url=' . append_sid("index.$phpEx") . '">')
	);
	message_die(GENERAL_MESSAGE, $message);
} else {

	$style_select = style_select($board_config['default_style'], 'style_id');
	include($phpbb_root_path . 'includes/page_header.'.$phpEx);

	$template->set_filenames(array(
		'body' => 'profile_style_edit.tpl')
	);

	$template->assign_vars(array(
		'STYLE_TEXT' => $userdata['style_text'],
		'STYLE_SELECT' => $style_select,
		'L_SUBMIT' => $lang['Submit'],
		'S_PROFILE_ACTION' => append_sid("profile.$phpEx?mode=editstyle"))
	);

	$template->pparse('body');
	include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
?>