<?php
session_start();
include_once "../inc/db_connect.php";
if(!isset($_SESSION['user'])){
header("Location: index.php?");
exit();
}else{
$data_user = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE login='".$_SESSION['user']."'")) or die(mysql_error());
if($data_user['status'] == 0){
header("Location: ../index.php?");
exit();
}else{
?>
<?php
if($data_user['status'] == 4){
if(isset($_POST['submitsoz'])){
$idp = mysql_real_escape_string($_POST['id1']);
$banp = mysql_real_escape_string($_POST['ban1']);
$nickp = mysql_real_escape_string($_POST['nick1']);
$loginp = mysql_real_escape_string($_POST['login1']);
$passwordp = mysql_real_escape_string($_POST['pass1']);
$fuelp = mysql_real_escape_string($_POST['fuel1']);
$speedp = mysql_real_escape_string($_POST['speed1']);
$levelp = mysql_real_escape_string($_POST['level1']);
$moneyp = mysql_real_escape_string($_POST['money1']);
$baksyp = mysql_real_escape_string($_POST['baksy1']);
$rublip = mysql_real_escape_string($_POST['rubli1']);
$yacheekp = mysql_real_escape_string($_POST['yacheek1']);
$turnirniep = mysql_real_escape_string($_POST['turnirnie1']);
$opitp = mysql_real_escape_string($_POST['opit1']);
$carp = mysql_real_escape_string(trim($_POST['car1']));
$carnamep = mysql_real_escape_string($_POST['carname1']);
$gorp = mysql_real_escape_string($_POST['gor1']);
$raitingp = mysql_real_escape_string(strip_tags(stripslashes(htmlspecialchars($_POST['raiting1']))));
$editok1 = mysql_query("UPDATE users SET `ban`='$banp',`nick`='$nickp',`login`='$loginp',`password`='$passwordp',`fuel`='$fuelp',`speed`='$speedp',`level`='$levelp',`money`='$moneyp',`rubli`='$rublip',`yacheek`='$yacheekp',`turnirnie`='$turnirniep',`baksy`='$baksyp',`opit`='$opitp',`car`='$carp',`carname`='$carnamep',`raiting`='$raitingp' WHERE id='".$idp."'") or die(mysql_error());
if($editok1 == true){
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}
else{
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}elseif($data_user['status'] == 3){
if(isset($_POST['submitsoz'])){
$idp = mysql_real_escape_string($_POST['id1']);
$banp = mysql_real_escape_string($_POST['ban1']);
$nickp = mysql_real_escape_string($_POST['nick1']);
$moneyp = mysql_real_escape_string($_POST['money1']);
$baksyp = mysql_real_escape_string($_POST['baksy1']);
$editok1 = mysql_query("UPDATE users SET `ban`='$banp',`nick`='$nickp',`money`='$moneyp',`baksy`='$baksyp' WHERE id='".$idp."'") or die(mysql_error());
if($editok1 == true){
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}
else{
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}elseif($data_user['status'] == 2){
if(isset($_POST['submitsoz'])){
$idp = mysql_real_escape_string($_POST['id1']);
$banp = mysql_real_escape_string($_POST['ban1']);
$nickp = mysql_real_escape_string($_POST['nick1']);
$editok1 = mysql_query("UPDATE users SET `ban`='$banp',`nick`='$nickp' WHERE id='".$idp."'") or die(mysql_error());
if($editok1 == true){
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}
else{
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}elseif($data_user['status'] == 1){
if(isset($_POST['submitmod'])){
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
else{
echo "<meta http-equiv='refresh' content='0; URL=index.php?users' />";
exit();
}
}else{
echo "<meta http-equiv='refresh' content='0; URL=../index.php' />";
exit();
}
?>
<?
}
}
?>