File size: 3.62Kb
<?php
/*
Appointment: Личные настройки
File: mysettings.php
*/
if(!defined('MOZG'))
die('Hacking attempt!');
$row = $db->super_query("SELECT email, name, lastname, password FROM `".PREFIX."_users` WHERE user_id = '".$user_info['user_id']."'");
//Если сохраянем
if(isset($_POST['save'])){
$old_pass = md5(md5(GetVar($_POST['old_pass'])));
$new_pass = md5(md5(GetVar($_POST['new_pass'])));
$name = textFilter($_POST['name'], false, true);
$lastname = textFilter($_POST['lastname'], false, true);
$email = textFilter($_POST['email'], false, true);
$errors = array();
//Проверка имени
if(isset($name)){
if(strlen($name) >= 2){
if(!preg_match("/^[a-zA-Zа-яА-Я]+$/", $name))
$errors[] = 'Enter the name';
} else
$errors[] = 'Enter the name';
} else
$errors[] = 'Enter the name';
//Проверка фамилии
if(isset($lastname)){
if(strlen($lastname) >= 2){
if(!preg_match("/^[a-zA-Zа-яА-Я]+$/", $lastname))
$errors[] = 'Enter the last name';
} else
$errors[] = 'Enter the last name';
} else
$errors[] = 'Enter the last name';
//Проверка E-mail
if(!preg_match('/^(("[\w-\s]+")|([\w-]+(?:\.[\w-]+)*)|("[\w-\s]+")([\w-]+(?:\.[\w-]+)*))(@((?:[\w-]+\.)*\w[\w-]{0,66})\.([a-z]{2,6}(?:\.[a-z]{2})?)$)|(@\[?((25[0-5]\.|2[0-4][0-9]\.|1[0-9]{2}\.|[0-9]{1,2}\.))((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\.){2}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\]?$)/i', $email))
$errors[] = 'Please enter a valid e-mail address';
//Если меняем пароль
if($_POST['old_pass'])
if($old_pass == $row['password'])
$newPassOk = true;
else
$errors[] = 'Old password incorrectly';
foreach($errors as $er)
if($er)
$all_er .= '<li>'.$er.'</li>';
if($all_er)
msgbox('Error', $all_er, '?mod=mysettings');
else {
if($newPassOk)
$db->query("UPDATE `".PREFIX."_users` SET name = '".$name."', lastname = '".$lastname."', email = '".$email."', name_lastname = '".$name." ".$lastname."' WHERE user_id = '".$user_info['user_id']."'");
else
$db->query("UPDATE `".PREFIX."_users` SET name = '".$name."', lastname = '".$lastname."', email = '".$email."', password = '".$new_pass."', name_lastname = '".$name." ".$lastname."' WHERE user_id = '".$user_info['user_id']."'");
//clear cache
mozg_clear_cache_file('user_'.$user_info['user_id'].'/profile_'.$user_info['user_id']);
mozg_clear_cache();
msgbox('Changes have been saved', 'Your personal information has been saved successfully', '?mod=mysettings');
}
} else {
echoheader();
echohtmlstart('Edit their own profile');
echo <<<HTML
<style type="text/css" media="all">
.inpu{width:300px;}
textarea{width:300px;height:100px;}
</style>
<form method="POST" action="">
<div class="fllogall">E-mail:</div><input type="text" name="email" class="inpu" value="{$row['email']}" /><div class="mgcler"></div>
<div class="fllogall">Name:</div><input type="text" name="name" class="inpu" value="{$row['name']}" /><div class="mgcler"></div>
<div class="fllogall">Lastname:</div><input type="text" name="lastname" class="inpu" value="{$row['lastname']}" /><div class="mgcler"></div>
<div class="fllogall">Old password:</div><input type="password" name="old_pass" class="inpu" /><div class="mgcler"></div>
<div class="fllogall">New password:</div><input type="text" name="new_pass" class="inpu" /><div class="mgcler"></div>
<div class="fllogall"> </div><input type="submit" value="Сохранить" name="save" class="inp" style="margin-top:0px" />
</form>
HTML;
htmlclear();
echohtmlend();
}
?>