File size: 3.4Kb
<?php
# author Drk in
require_once ( $_SERVER['DOCUMENT_ROOT']."/_core/system.php" );
# admin
system::adm();
$id = isset( $_GET['id'] ) ? abs(intval($_GET['id'])): 0;
if($id == 1 && $user['id'] != 1)system::header('/admin/users','Ебалунся ID 1 изменять?!');
$act = DB :: $dbh -> queryFetch("SELECT CK FROM `user` WHERE id = ? LIMIT 1;", array($id));
$act = cache_user::check($act['CK']);
if (cache_user::ch($act['CK']) == false)system::header('/admin/users','Ошибка ID не найден');
# meta
$title = 'Пользователи - Изменить - '.system::check($act['login']);
$description = system::check($config['description']);
$keywords = system::check($config['keywords']);
$tl = 'Пользователи - Изменить - '.system::check($act['login']);
# post
if (isset($_POST['CFMS'])):
$login = system::check($_POST['login']);
$password = system::check($_POST['password']);
$email = system::check($_POST['email']);
$admin = abs(intval($_POST['admin']));
$CK = system::check($_POST['CK']);
if (system::utf_strlen($login) > 2 && system::utf_strlen($login) < 33): if (preg_match('|^[a-z0-9\-]+$|i', $login)):
if (system::utf_strlen($password) > 5 && system::utf_strlen($password) < 33):
if (system::utf_strlen($email) > 5 && system::utf_strlen($email) < 33):if (filter_var($email, FILTER_VALIDATE_EMAIL)):
if ($admin == 0 || $admin == 1):
if ($user['CK'] == $CK):
DB :: $dbh -> query("UPDATE user SET login = ?, password = ?, email = ?, admin = ? WHERE id = ? LIMIT 1;", array($login,$password,$email,$admin,$act['id']));
cache_user::save($act['CK']);
system::header('?','Успешно',1);
# error
else: system::header('?','Ошибка, возможно вам подкинули эту ссылку'); endif;
else: system::header('?','Ошибка, не верно выбран параметр права'); endif;
else: system::header('?','Запрещеные символы в E-mail'); endif;
else: system::header('?','E-mail 6-32 cим.'); endif;
else: system::header('?','Пароль 6-32 cим.'); endif;
else: system::header('?','Запрещеные символы в логине'); endif;
else: system::header('?','Логин 3-32 cим.'); endif;
endif;
# head
require_once ( head );
?>
<script>
function drk_in()
{
document.getElementById("show").type = "text";
}
</script>
<?php
echo '
<div class ="touch">
<form method="post">
<input type="hidden" name="CK" value="'.$user['CK'].'">
Логин: <br><input type="text" name="login" value="'.$act['login'].'">
<br>Пароль: <a onclick="drk_in();">Показать</a> <br><input type="password" id="show" name="password" value="'.$act['password'].'">
<br>E-mail: <br><input type="text" name="email" value="'.$act['email'].'">
<br>Права: <br>
<input type="radio" class="middle" name="admin" value="0" '.($act['admin'] == 0 ? 'checked="checked"':'').'> Пользователь<br>
<input type="radio" class="middle" name="admin" value="1" '.($act['admin'] == 1 ? 'checked="checked"':'').'> Администратор
<br>
<input type="submit" name="CFMS" value="Сохранить">
</form>
</div>
<a href="'.site.'admin/users" class="touch">« Назад</a>';
# foot
require_once ( foot ) ;
?>