File size: 7.23Kb
<?php
/*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\//
// Sitchi CMS - Mobile Content Management System //
// The author: Nikoloz Sitchinava [sitchi] //
// Link: http://sitchicms.num.ge //
// Skype: SitchiCMS //
// License: LICENSE.txt (see attached file) //
// Version: VERSION.txt (see attached file) //
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*/
define('_SITCHICMS', 1);
$root_path='../';
require $root_path.'includes/db_connect.php';
require $root_path.'includes/start.php';
require $root_path.'includes/header.php';
require $root_path.'includes/functions.php';
require $root_path.'includes/head.php'; // თავი
$lng_info = load_lng('info');
if($user['level']<2)
header("Location: index.php?".SID);
if (isset($_GET['id']))
{
$ank['id']=intval(abs($_GET['id']));
}else{
header("Location: /");
exit;
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '$ank[id]' LIMIT 1"),0)==0){
header("Location: /");
exit;}
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = $ank[id] LIMIT 1"));
if (!isset($user) && $ank['level']>$user['level'])
{
header("Location: /");
exit;}
head(''.$lng_info['1_28'].' | '.$ank['login']);
echo'<div class="hdr"><b>'.$lng_info['1_28'].' | '.$ank['login'].'</b></div>';
if (isset($_POST['save']))
{
if (isset($_POST['name']) && preg_match('#^([A-zა-ჰ \-]*)$#ui', $_POST['name']))
{
$ank['name']=$_POST['name'];
mysql_query("UPDATE `users` SET `name` = '".mres($ank['name'])."' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_6'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['country']) && preg_match('#^([A-zა-ჰ \-]*)$#ui', $_POST['country']))
{
$ank['country']=$_POST['country'];
mysql_query("UPDATE `users` SET `country` = '".mres($ank['country'])."' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_7'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['city']) && preg_match('#^([A-zა-ჰ \-]*)$#ui', $_POST['city']))
{
$ank['city']=$_POST['city'];
mysql_query("UPDATE `users` SET `city` = '".mres($ank['city'])."' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_8'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['chemze']) && preg_match('#^([A-zა-ჰ \-]*)$#ui', $_POST['chemze']))
{
$ank['chemze']=$_POST['chemze'];
mysql_query("UPDATE `users` SET `chemze` = '".mres($ank['chemze'])."' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_13'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['email']) && ($_POST['email']==null || preg_match('#^[a-z0-9\-\._]+\@([a-z0-9]+\.)+([a-z0-9]{2,4})$#ui',$_POST['email'])))
{
$ank['email']=$_POST['email'];
mysql_query("UPDATE `users` SET `email` = '$ank[email]' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_15'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['number']) && (is_numeric($_POST['number']) && strlen($_POST['number'])>=5 && strlen($_POST['number'])<=11 || $_POST['number']==NULL))
{
$ank['number']=$_POST['number'];
mysql_query("UPDATE `users` SET `number` = '$ank[number]' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_17'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['skype']))
{
$ank['skype']=$_POST['skype'];
mysql_query("UPDATE `users` SET `skype` = '$ank[skype]' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_16'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['icq']) && (is_numeric($_POST['icq']) && strlen($_POST['icq'])>=5 && strlen($_POST['icq'])<=9 || $_POST['icq']==NULL))
{
$ank['icq']=$_POST['icq'];
if ($ank['icq']==null)$ank['icq']='null';
mysql_query("UPDATE `users` SET `icq` = $ank[icq] WHERE `id` = '$ank[id]' LIMIT 1");
if ($ank['icq']=='null')$ank['icq']=NULL;
}else $err[] = '<div class="errmenu">'.$lng_info['1_18'].' '.$lng_info['1_29'].'</div>';
if (isset($_POST['site']) && ($_POST['site']==null || preg_match('#^[-a-z0-9_\.]+[-a-z0-9_\.]+[_-a-Z0-9\.]?#i', $_POST['site'])))
{
$ank['site']=$_POST['site'];
mysql_query("UPDATE `users` SET `site` = '$ank[site]' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_19'].' '.$lng_info['1_29'].'</div>';
if ($ank['id']!=$user['id'] && intval($_POST['level'])<$user['level'] && $ank['level']<$user['level'])
{
$ank['level']=intval($_POST['level']);
mysql_query("UPDATE `users` SET `level` = '$ank[level]' WHERE `id` = '$ank[id]' LIMIT 1");
}else $err[] = '<div class="errmenu">'.$lng_info['1_30'].'</div>';
if (!isset($err))msg('<div class="menu">'.$lng_info['1_27'].'</div>');
}
err();
echo'<form method="POST" action="?id='.$ank['id'].'"><div class="egmenu">' .
''.$lng_info['1_6'].'(max 64):<br/><input type="text" name="name" value="'.$ank['name'].'" maxlength="64" /><br/>' .
''.$lng_info['1_7'].'(max 32):<br/><input type="text" name="country" value="'.$ank['country'].'" maxlength="32" /><br/>' .
''.$lng_info['1_8'].'(max 32):<br/><input type="text" name="city" value="'.$ank['city'].'" maxlength="32" /><br/>' .
''.$lng_info['1_13'].'(max 128):<br/><input type="text" name="chemze" value="'.$ank['chemze'].'" maxlength="128" /><br/>' .
''.$lng_info['1_15'].'(max 32):<br/><input type="text" name="email" value="'.$ank['email'].'" maxlength="32" /><br/>' .
''.$lng_info['1_17'].'(max 11):<br/><input type="text" name="number" value="'.$ank['number'].'" maxlength="11" /><br/>' .
''.$lng_info['1_16'].'(max 32):<br/><input type="text" name="skype" value="'.$ank['skype'].'" maxlength="32" /><br/>' .
''.$lng_info['1_18'].'(max 9):<br/><input type="text" name="icq" value="'.$ank['icq'].'" maxlength="9" /><br/>' .
''.$lng_info['1_19'].'(max 64)(http://'.$lng['1_9'].'):<br/><input type="text" name="site" value="'.$ank['site'].'" maxlength="64" /><br/>';
if ($ank['id']==$user['id'] || $ank['level']==10)$dis=' disabled="disabled"';
else $dis=NULL;
echo''.$lng['1_67'].':<br/><select name="level"'.$dis.'><br/>';
if ($ank['level']==0)$sel=' selected="selected"';
else $sel=NULL;
echo'<option value="0"'.$sel.'>'.$lng['1_55'].'</option>';
if ($ank['level']==2)$sel=' selected="selected"';
else $sel=NULL;
if ($user['level']>$ank['level'] && $user['level']>2)
echo'<option value="2"'.$sel.'>'.$lng['1_56'].'</option>';
if ($ank['level']==4)$sel=' selected="selected"';
else $sel=NULL;
if ($user['level']>$ank['level'] && $user['level']>4)
echo'<option value="4"'.$sel.'>'.$lng['1_57'].'</option>';
if ($ank['level']==6)$sel=' selected="selected"';
else $sel=NULL;
if ($user['level']>$ank['level'] && $user['level']>6)
echo'<option value="6"'.$sel.'>'.$lng['1_58'].'</option>';
if ($ank['level']==8)$sel=' selected="selected"';
else $sel=NULL;
if ($user['level']>$ank['level'] && $user['level']>8)
echo'<option value="8"'.$sel.'>'.$lng['1_59'].'</option>';
echo'</select>';
echo'<br/><input type="submit" name="save" value="'.$lng['1_53'].'" />';
echo'</div></form>';
if (isset($_SERVER['HTTP_REFERER']))
echo'<a href="'.htmlspecialchars($_SERVER['HTTP_REFERER']).'"> '.$lng['1_50'].'</a><br/>';
echo'<a href="/pages/info.php?id='.$ank['id'].'">'.$lng_info['1_26'].'</a>';
require $root_path.'includes/end.php'; // დასასრული
?>