File size: 2.38Kb
<?php
/***************************************************************************
* usercp_editstyle.php
* -------------------
* Разработка: Гутник Игорь ( чел ).
* 2009 год
***************************************************************************/
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
exit;
}
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
$style = htmlspecialchars(stripslashes($HTTP_GET_VARS['style']));
if ( (!empty($HTTP_POST_VARS['add']) && !empty($HTTP_POST_VARS['style_text'])) || (!empty($HTTP_POST_VARS['style_id'])) )
{
if (!empty($HTTP_POST_VARS['style_id']) && empty($HTTP_POST_VARS['add']))
{
$style_id = intval($HTTP_POST_VARS['style_id']);
$sql = "SELECT style_text
FROM " . STYLES_CSS . "
WHERE style_id = $style_id";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get data from styles table", "", __LINE__, __FILE__, $sql);
}
$row = $db->sql_fetchrow($result);
$style_text = str_replace("'", "''", $row['style_text']);
} else {
$style_text = htmlspecialchars(trim($HTTP_POST_VARS['style_text']));
}
$sql = "UPDATE " . USERS_TABLE . "
SET style_text = '" . str_replace("\'", "''", $style_text) . "'
WHERE user_id = ".$userdata['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
}
$message = 'Стиль установлен<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
$template->assign_vars(array(
"META" => '<meta http-equiv="refresh" content="2;url=' . append_sid("index.$phpEx") . '">')
);
message_die(GENERAL_MESSAGE, $message);
} else {
$style_select = style_select($board_config['default_style'], 'style_id');
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'profile_style_edit.tpl')
);
$template->assign_vars(array(
'STYLE_TEXT' => $userdata['style_text'],
'STYLE_SELECT' => $style_select,
'L_SUBMIT' => $lang['Submit'],
'S_PROFILE_ACTION' => append_sid("profile.$phpEx?mode=editstyle"))
);
$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
?>