📄 edituser.php
字号:
<?php
include'include/begin.php';
include'include/p_begin.php';
userp1();
include language();
$pagename_m = $_pagename[19];
$tpl_html = 'edituser';
$reurl='edituser.php';
include'include/main.php';
if (!$username) {
echoerror(62);
}
userp1();
if ($_GET['type'] == 'post') {
$password = $_POST['password'];
$password2 = $_POST['password2'];
$email = trim($_POST['email']);
$sex = $_POST['sex'];
$signatext = $_POST['signatext'];
$code = $_POST["code"];
if ($code) {
$result = mysql_query("select * from {$db_prefix}code where code='$code'", $myconn);
if ($row = mysql_fetch_array($result)) {
$a = $row['a'];
$b = $row['b'];
$c = $row['c'];
$sysguset = $row['e']?10 : 0;
if ($row['f'] && $row['f'] != $username) {
echoerror(126);
}
if ($row['i'] < 1) {
echoerror(127);
}
if ($row['g'] < $time) {
echoerror(128);
}
if ($user['admin'] > 0 && $sysguset) {
echoerror(129);
}
mysql_query("update {$db_prefix}code set i=i-1 where id='$row[id]'", $myconn);
} else {
echoerror(125);
}
} else {
$a = 0;
$b = 0;
$c = 0;
$sysguset = $user['admin'];
}
$passwordmd5 = md5($password);
$password = substr($passwordmd5, 0, 13) . substr($passwordmd5, -3);
if ($password != $user["password"]) {
echoerror(42);
}
if (!empty($password2)) {
$password2md5 = md5($password2);
preg_match("/^[a-zA-Z0-9\.]+$/is", $password2)?null : echoerror(34);
bstrlen($password2) > $passwordmax || bstrlen($password2) < $passwordmin?echoerror(31): $password = substr($password2md5, 0, 13) . substr($password2md5, -3);
} else {
$password = $user["password"];
}
$signatext = preg_replace("/\[img\](.+?)\[\/img\]/eis", "wkpic('\\1')", $signatext);
ka($signatext, 250);
if (SERVER_GHO) $signatext=gho_server($signatext);
if ($email != $user["email"]) {
ereg("^[-a-zA-Z0-9_\.]+\@([0-9A-Za-z][0-9A-Za-z-]+\.)+[A-Za-z]{2,3}$", $email)?null : echoerror(32);
$emailresult = mysql_query("select id from {$db_prefix}members where email='$email'", $myconn);
mysql_fetch_array($emailresult)?echoerror(38): null;
}
$emailhide = $_POST["emailhide"]?1 : 0;
$sex = $sex == 1?1 : 0;
for($n = 0;$n < 4;$n++) {
$_POST["title{$n}"] = str_replace(',', '', str_replace('|', '', $_POST["title{$n}"]));
$modelist .= $_POST["select{$n}"] . "," . substr(trim($_POST["title{$n}"]), 0, 50) . "," . $_POST["addresshide{$n}"] . "|";
}
$face = explode('|', $user['face']);
$filen = $face[2];
if ($_FILES['userfile']['name']) {
if (!$userp1[21]) {
echoerror(60);
}
if ($userp1[1] <= $user['up_today']) {
echoerror(102);
}
$filetype = strrchr($_FILES['userfile']['name'], '.');
$filetype = strtolower(str_replace('.', '', $filetype));
$uploaddir = floor($user['id'] / 10000);
$updir = $imagedir . '/uploadface/' . $uploaddir;
if (!is_dir($updir)) {
if (@mkdir($updir, 0777) == false) {
echoerror(9);
}
}
$upfiletype = array('gif', 'jpg', 'jpeg');
if (!in_array($filetype, $upfiletype)) {
echoerror(5);
}
if ($_FILES['userfile']['size'] > $userp1[21] * 1024) {
echoerror(16);
}
$filename = $updir . '/' . $user['id'] . '.' . $filetype;
if (@move_uploaded_file(StripSlashes($_FILES['userfile']['tmp_name']), $filename)) {
if ($face[2] != $uploaddir . '/' . $user['id'] . '.' . $filetype) {
@unlink($imagedir . '/uploadface/' . $face[2]);
}
@mysql_query("update {$db_prefix}members set up_num=up_num+1,up_today=up_today+1 where username='$username'" , $myconn);
$filen = $uploaddir . '/' . $user['id'] . '.' . $filetype;
}
}
unset($grouplist);
if ($user['groups']) {
$group = explode('|', $user['groups']);
while (list(, $val) = each($group)) {
if ($val) {
$groups = explode(",", $val);
$byname = $_POST["group" . $groups[0]];
if (!$groupname[$groups[0]]) {
continue;
}
if (strlens($byname) < $namemin || strlens($byname) > $namemax) {
echoerror(131);
}
if (jyname($byname)) {
echoerror(130);
}
$grouplist .= '|' . $groups[0] . ',' . $byname;
@mysql_query("update {$db_prefix}groupuser set byname='$byname' where groupid='$groups[0]'&& username='$username'" , $myconn);
}
}
}
if ($_POST['face'] == 1 || $_POST['face'] == 2) {
} else {
$_POST['face'] = 0;
}
if (is_numeric($_POST['faces'])) {
$_POST['faces'] = Ceil($_POST['faces']);
if ($_POST['faces'] > $facenum) {
$_POST['faces'] = 1;
}
} else {
$_POST['faces'] = 1;
}
$_POST['faces'] = is_numeric($_POST['faces'])?$_POST['faces']: 1;
$face = $_POST['face'] . "|" . $_POST['faces'] . "|" . $filen . "|";
mysql_query("update {$db_prefix}members set password='$password', email='$email',sex='$sex',face='$face',signa='$signatext',groups='$grouplist',a=a+'$a',b=b+'$b',c=c+'$c',admin='$sysguset' where username='$username'" , $myconn);
for($n = 0;$n < 4;$n++) {
$address .= $_POST["select{$n}"] . "," . $_POST["title{$n}"] . "," . $_POST["addresshide{$n}"] . "|";
}
$address = $emailhide . '|' . $address;
ka($address, 250);
mysql_query("update {$db_prefix}address set address='$address' where username='$username'", $myconn);
$reurl = 'showuser.php';
echoioy(7);
}
unset($sexchecked, $addresslist, $grouplist);
$result = mysql_query("select * from {$db_prefix}address where username='$username'", $myconn);
$userrow = mysql_fetch_array($result);
$userrow = explode("|", $userrow["address"]);
$emailhide = $userrow[0]?"checked=\"checked\"" : null;
$email = $user["email"];
@array_shift($userrow);
for($n = 0;$n < 4;$n++) {
unset($messagemodelist);
$userrows = explode(",", $userrow[$n]);
$addresslist .= '<select name="select'.$n.'">';
foreach($messagemode as $key => $tread) {
$messagemodelist .= $key == $userrows[0]?'<option value="'.$key.'" selected="selected">'.$tread.'</option>': '<option value="'.$key.'">'.$tread.'</option>';
}
$addresshide = $userrows[2] == 1?'<input checked="checked" value="1" name="addresshide'.$n.'" type="checkbox">': '<input value="1" name="addresshide'.$n.'" type="checkbox">';
$addresslist .= $messagemodelist . '</select><input class="subject" maxlength="40" size="40" name="title'.$n.'" value="'. htmlspecialchars($userrows[1]) . '">' . $addresshide . $_p_edituser[0].'<br />';
}
$face = explode('|', $user['face']);
$facedef[$face[0]] = 'checked="checked"';
for($n = 1;$n <= $facenum;$n++) {
$facelist .= $face[1] == $n?'<span><img src="'.$imagedir.'/face/face'.$n.'.gif" border="0"><input name="faces" value="'.$n.'" checked="checked" type="radio"></span>': '<span><img src="'.$imagedir.'/face/face'.$n.'.gif" border="0"><input name="faces" value="'.$n.'" type="radio"></span>' ;
}
$sexhide = $userp2[2]?null : 'disabled="disabled"';
$sexchecked[$user['sex']] = 'checked="checked"';
$userfilehide = !$userp1[12] || !$userp1[1] || $userp1[1] <= $user['up_today']?'disabled="checked"' : null;
$echoupface = $face[2]?'<img src="'
. $imagedir . '/uploadface/' . $face[2] . '" />': '';
$ubb_t = $signa?$_p_edituser[1]: $_p_edituser[2];
$signatext = htmlspecialchars($user['signa']);
if (SERVER_GHO) $signatext = str_replace('WEBURL', SERVER_NAME, $signatext);
if ($user['groups']) {
$group = explode('|', $user['groups']);
while (list(, $val) = each($group)) {
if ($val) {
$groups = explode(',', $val);
$grouplist .= $groupname[$groups[0]]?$groupname[$groups[0]] . ':<input name="group' . $groups[0] . '" type="text" maxlength="12" value="' . htmlspecialchars($groups[1]) . '"><br />': '';
}
}
}
$maxk = $userp1[21];
$maxb = $userp1[21] * 1024;
include_once './cache/template/m_' . $style_id . '_' . $tpl_html . '.php';
function wkpic($content)
{
global $img_ubb;
$filetype = strtolower(str_replace('.', '', strrchr($content, '.')));
if (eregi("\"|'|>|<|\?", $content)) echoerror(89);
if (!@in_array($filetype, $img_ubb) || $filetype=='php') return '[url]' . $content . '[/url]';
return '[img]' . $content . '[/img]';
}
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -