Просмотр файла wkat/edits.php

Размер файла: 7.44Kb
<?
$start_time = microtime();
$start_array = explode(" ",$start_time);
$start_time = $start_array[1] + $start_array[0];
include "xconf.php";
header("Cache-Control: no-cache");

$title="Pe&#x0434;a&#x043A;&#x0442;&#x0438;po&#x0432;a&#x043D;&#x0438;e";
include "header.php";
print $begin;




If (!isset($_GET['mode']) || $_GET['mode']=="no") {$mode="no";}
elseif ($_GET['mode']=="edit") {$mode="edit";}
else {$mode="no";}

If (!isset($_GET['id']) || !isset($_GET['pass'])){
echo "$p_l $d_fl B&#x0432;e&#x0434;e&#x043D;&#x044B; &#x043D;e &#x0432;ce &#x0434;a&#x043D;&#x043D;&#x044B;e!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}
If (!is_numeric($_GET['id'])  || $_GET['id']<0 || $_GET['id']==0)

{
echo "$p_l $d_fl He&#x0432;ep&#x043D;o y&#x043A;a&#x0437;a&#x043D; id<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}
$pass=$_GET['pass'];
$id=$_GET['id'];
If (!preg_match('/^[a-z0-9]{1,}$/', $pass)){
echo "$p_l $d_fl &#x041F;apo&#x043B;&#x044C; y&#x043A;a&#x0437;a&#x043D; &#x043D;e&#x043A;oppe&#x043A;&#x0442;&#x043D;o<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}
$result=mysql_query("select * from `cool_site` where id='$id' ");
$rowse=mysql_num_rows($result);
If ($rowse==0){
echo "$p_l $d_fl Ta&#x043A;o&#x0433;o id &#x043D;e cy&#x0449;ec&#x0442;&#x0432;ye&#x0442;<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}
$pas=mysql_result($result,0,"pass");
If ($pas!=$pass){

echo "$p_l $d_fl &#x041F;apo&#x043B;&#x044C; &#x043D;e&#x0432;epe&#x043D;!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

if ($mode=="no"){

$link=mysql_result($result,0,"link");
$about=mysql_result($result,0,"about");
$titles=mysql_result($result,0,"title");
$email=mysql_result($result,0,"email");
$cat=mysql_result($result,0,"category");
$activ=mysql_result($result,0,"activ");
print $p_l; 
print $d_fl;
if ($ver=="htm")
{


print "

<form action=\"edits.php?id=$id&amp;pass=$pass&amp;ver=$ver&amp;mode=edit\" method=\"post\"><div>
Ha&#x0437;&#x0432;a&#x043D;&#x0438;e:</div>
		$d_ms <div><input type=\"text\" name=\"titles\" maxlength=\"30\" value=\"$titles\"/></div>$d_e
		<div>A&#x0434;pec:</div>
		$d_ms<div><input type=\"text\" name=\"link\" maxlength=\"100\" value=\"$link\"/></div>$d_e";
		print"<div>Ka&#x0442;e&#x0433;op&#x0438;&#x044F;:
		</div><div>$d_ms<select name=\"k\" value=\"$cat\">$d_e";
		 $q=mysql_query("select * from `cool_raz` where 1 order by por asc");
		while($datas = @mysql_fetch_array($q)){
		print"<option value=\"".$datas['id']."\">".$datas['text']."</option>";}
		print"</select></div>
		<div>O&#x043F;&#x0438;ca&#x043D;&#x0438;e:</div>
		$d_ms <div><input type=\"text\" name=\"about\" maxlength=\"250\" value=\"$about\"/></div>$d_e
		<div>Пароль:</div>
		$d_ms <div><input type=\"text\" name=\"passw\" maxlength=\"30\" value=\"$pas\"/></div>$d_e
		
		<div>E-Mail:</div>
		$d_ms<div><input type=\"text\" name=\"email\" maxlength=\"70\" value=\"$email\"/></div>$d_e
		<div><input type=\"hidden\" name=\"ver\" value=\"$ver\" /></div>
		<div><input type=\"hidden\" name=\"id\" value=\"$id\" /></div>
		<div><input type=\"hidden\" name=\"pass\" value=\"$pass\" /></div>
		<div><input type=\"hidden\" name=\"mode\" value=\"edit\" /></div>
		<div><input type=\"submit\" class=\"ibutton\" value=\"&#x0418;&#x0437;&#x043C;e&#x043D;&#x0438;&#x0442;&#x044C;\" /></div>
		
		</form>";

}
else
{

print"Ha&#x0437;&#x0432;a&#x043D;&#x0438;e:<br/>
		<input type=\"text\" name=\"titles\" maxlength=\"30\" value=\"$titles\"/><br/>
		A&#x0434;pec:<br/>
		<input type=\"text\" name=\"link\" maxlength=\"100\" value=\"$link\"/><br/>";
		print"Ka&#x0442;e&#x0433;op&#x0438;&#x044F;:<br/><select name=\"k\" value=\"$cat\">";
		$q=mysql_query("select * from `cool_raz` where 1 order by por asc");
		while($datas = @mysql_fetch_array($q)){
		print"<option value=\"".$datas['id']."\">".$datas['text']."</option>";}
		print"</select><br/>
		O&#x043F;&#x0438;ca&#x043D;&#x0438;e:<br/>
		<input type=\"text\" name=\"about\" maxlength=\"250\" value=\"$about\"/><br/>
		Пароль<br/>
		<input type=\"text\" name=\"passw\" maxlength=\"30\" value=\"$pas\"/><br/>
		
		E-Mail:<br/>
		<input type=\"text\" name=\"email\" maxlength=\"70\" value=\"$email\"/><br/>
		<anchor>&#x0418;&#x0437;&#x043C;e&#x043D;&#x0438;&#x0442;&#x044C;&#187;
		<go href=\"edits.php?id=$id&amp;pass=$pass&amp;mode=edit&amp;ver=$ver\" method=\"post\">
			<postfield name=\"titles\" value=\"$(titles)\"/>
		<postfield name=\"passw\" value=\"$(passw)\"/>
		<postfield name=\"link\" value=\"$(link)\"/>
		<postfield name=\"about\" value=\"$(about)\"/>
		<postfield name=\"email\" value=\"$(email)\"/>
		<postfield name=\"k\" value=\"$(k)\"/>
		</go></anchor><br/><br/>
		";
		}
@include "ber.php";
print $endpage3;

}
if ($mode=="edit")
{

$titles=$_POST['titles'];
$link=$_POST['link'];
$about=$_POST['about'];
$passw=$_POST['passw'];
$email=$_POST['email'];
$site=$_POST['site'];
$k=$_POST['k'];
$titles=coding_cool(substr(trim($titles), 0, 50));
$link=coding_cool(substr(trim($link), 0, 100));
$about=coding_cool(substr(trim($about), 0, 300));
$passw=coding_cool(substr(trim($passw), 0, 30));
$email=coding_cool(substr(trim($email), 0, 70));


$res=mysql_query("select * from `cool_site` where link='".$link."'  && id<>'$id'");
$kol=mysql_num_rows($res);
 If ($kol!=0){
echo "$p_l $d_fl Ta&#x043A;o&#x0439; ca&#x0439;&#x0442; y&#x0436;e ec&#x0442;&#x044C;<br/> <a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

If (!is_numeric($_POST['k'])  || $_POST['id']<0)

{
echo "$p_l $d_fl He&#x0432;ep&#x043D;o y&#x043A;a&#x0437;a&#x043D;a &#x043A;a&#x0442;e&#x0433;op&#x0438;&#x044F;!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

If (!preg_match("/^(http:\/\/){1}[-0-9a-z_.]+\.[a-z]{2,4}$/i",$link)){
echo "$p_l $d_fl B&#x0432;e&#x0434;&#x0451;&#x043D;&#x043D;&#x044B;&#x0439; a&#x0434;pec &#x043D;e&#x0432;epe&#x043D;!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

If (!preg_match("/^[-0-9a-z_.]+@[0-9a-z_^\.]+\.[a-z]{2,4}$/i",$email)){
echo "$p_l $d_fl B&#x0432;e&#x0434;&#x0451;&#x043D;&#x043D;&#x044B;&#x0439; e-mail &#x043D;e&#x0432;epe&#x043D;!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

If (!titles){
echo "$p_l $d_fl He y&#x043A;a&#x0437;a&#x043D;o &#x043D;a&#x0437;&#x0432;a&#x043D;&#x0438;e ca&#x0439;&#x0442;a!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

If (!about){
echo "$p_l $d_fl He y&#x043A;a&#x0437;a&#x043D;o o&#x043F;&#x0438;ca&#x043D;&#x0438;e ca&#x0439;&#x0442;a!<br/><a href=\"edit.php?ver=$ver\">Ha&#x0437;a&#x0434;</a><br/>";
@include "ber.php";
$endpage3;
exit;
}

If (!preg_match("/^[a-z0-9]{1,}$/",$passw)){
exit;
}

mysql_query("update `cool_site` set title='$titles',email='$email',pass='$passw',link='$link',about='$about',category='$k' where id='$id';");
print "$p_l $d_fl $d_msl Ba&#x0448; ca&#x0439;&#x0442; yc&#x043F;e&#x0448;&#x043D;o &#x0438;&#x0437;&#x043C;e&#x043D;e&#x043D;!!! $d_e<br/>-----<br/>";
@include "ber.php";
$endpage3;


}
?>