bymas.ru | Просмотр архива

Файл public_html/adm_panel/update_user.php
Вес запакованого файла 820b (820 b)
Вес распакованого файла: 3.6Kb (3647 b)
Метод сжатия: 8
<?php
session_start();
include_once "../inc/db_connect.php";
if(!isset($_SESSION['user'])){
	header("Location: index.php?");
	exit();
}else{
	$data_user = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE login='".$_SESSION['user']."'")) or die(mysql_error());
	if($data_user['status'] == 0){
		header("Location: ../index.php?");
		exit();
	}else{
?>
<?php
if($data_user['status'] == 4){
if(isset($_POST['submitsoz'])){
	$idp = mysql_real_escape_string($_POST['id1']);
	$banp = mysql_real_escape_string($_POST['ban1']);
	$nickp = mysql_real_escape_string($_POST['nick1']);
	$loginp = mysql_real_escape_string($_POST['login1']);
	$passwordp = mysql_real_escape_string($_POST['pass1']);
	$fuelp = mysql_real_escape_string($_POST['fuel1']);
	$speedp = mysql_real_escape_string($_POST['speed1']);
	$levelp = mysql_real_escape_string($_POST['level1']);
	$moneyp = mysql_real_escape_string($_POST['money1']);
	$baksyp = mysql_real_escape_string($_POST['baksy1']);	
        $rublip = mysql_real_escape_string($_POST['rubli1']);
        $yacheekp = mysql_real_escape_string($_POST['yacheek1']);
	$turnirniep = mysql_real_escape_string($_POST['turnirnie1']);
	$opitp = mysql_real_escape_string($_POST['opit1']);
	$carp = mysql_real_escape_string(trim($_POST['car1']));
	$carnamep = mysql_real_escape_string($_POST['carname1']);
	$gorp = mysql_real_escape_string($_POST['gor1']);
	$raitingp = mysql_real_escape_string(strip_tags(stripslashes(htmlspecialchars($_POST['raiting1']))));
		$editok1 = mysql_query("UPDATE users SET `ban`='$banp',`nick`='$nickp',`login`='$loginp',`password`='$passwordp',`fuel`='$fuelp',`speed`='$speedp',`level`='$levelp',`money`='$moneyp',`rubli`='$rublip',`yacheek`='$yacheekp',`turnirnie`='$turnirniep',`baksy`='$baksyp',`opit`='$opitp',`car`='$carp',`carname`='$carnamep',`raiting`='$raitingp' WHERE id='".$idp."'") or die(mysql_error());
		if($editok1 == true){
			echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
			exit();
	}
}
else{
	echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
	exit();
}
}elseif($data_user['status'] == 3){
if(isset($_POST['submitsoz'])){
	$idp = mysql_real_escape_string($_POST['id1']);
	$banp = mysql_real_escape_string($_POST['ban1']);
	$nickp = mysql_real_escape_string($_POST['nick1']);
	$moneyp = mysql_real_escape_string($_POST['money1']);
	$baksyp = mysql_real_escape_string($_POST['baksy1']);		
		$editok1 = mysql_query("UPDATE users SET `ban`='$banp',`nick`='$nickp',`money`='$moneyp',`baksy`='$baksyp' WHERE id='".$idp."'") or die(mysql_error());
		if($editok1 == true){
			echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
			exit();
	}
}
else{
	echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
	exit();
}
}elseif($data_user['status'] == 2){
if(isset($_POST['submitsoz'])){
	$idp = mysql_real_escape_string($_POST['id1']);
	$banp = mysql_real_escape_string($_POST['ban1']);
	$nickp = mysql_real_escape_string($_POST['nick1']);		
		$editok1 = mysql_query("UPDATE users SET `ban`='$banp',`nick`='$nickp' WHERE id='".$idp."'") or die(mysql_error());
		if($editok1 == true){
			echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
			exit();
	}
}
else{
	echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
	exit();
}
}elseif($data_user['status'] == 1){
if(isset($_POST['submitmod'])){
		echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
		exit();
	}
else{
	echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
	exit();
}
}else{
	echo "<meta http-equiv='refresh' content='0; URL=../index.php' />";
	exit();
}
?>
<?
}
}
?>