edit.php

还是WEB游戏源码 Darkstep 还是WEB游戏源码 Darkstep

<?php /* ------------------------- */

  include("_include-jail.php");

/* ------------------------- */ ?>
<html>


<head>
<title>[( Elite Avengers )]</title>
<link rel="stylesheet" type="text/css" href="css-v1.css">

</head>


<body>
<table width=100%>
  <tr><td class="subTitle"><b>Profile</b></td>
<?php /* ------------------------- */

  print "  <tr><td class=\"mainTxt\"><a href=\"profile.php?x={$data->login}\">Look at your profile</a></td></tr>\n";
  if(isset($_POST['profile'])) {
    $data->url				= preg_replace('/\</','&#60;',$_POST['website']);
    $data->avatar			= preg_replace('/\</','&#60;',$_POST['avatar']);
    $data->info				= preg_replace('/\</','&#60;',substr($_POST['info'],0,500000));
    $data->land				= preg_replace('/\</','&#60;',substr($_POST['country'],0,36));
    $data->woonplaats			= preg_replace('/\</','&#60;',$_POST['city']);
    $data->age				= preg_replace('/\</','&#60;',$_POST['age']);
    $data->realname			= preg_replace('/\</','&#60;',$_POST['name']);
    $data->music			= preg_replace('/\</','&#60;',$_POST['music']);
    $data->url				= htmlspecialchars($data->url);
    $data->avatar			= htmlspecialchars($data->avatar);
    $data->land				= htmlspecialchars($data->land);
    $data->woonplaats			= htmlspecialchars($data->woonplaats);
    $data->age				= htmlspecialchars($data->age);
    $data->realname			= htmlspecialchars($data->realname);
    $data->music			= htmlspecialchars($data->music);
    mysql_query("UPDATE `[users]` SET `avatar`='{$data->avatar}',`url`='{$data->url}',`info`='{$data->info}',`land`='{$data->land}',`woonplaats`='{$data->woonplaats}',`age`='{$data->age}',`realname`='{$data->realname}',`music`='{$data->music}' WHERE `login`='{$data->login}'");
    print "  <tr><td class=\"mainTxt\">You successfully updated your profile!</td></tr>\n";
exit;
  }
  else if(isset($_POST['password']) && preg_match('/^[0-9a-zA-Z=\[\]\+&#]{0,15}$/',$_POST['pass']) && preg_match('/^[0-9a-zA-Z=\[\]\+&#]{0,15}$/',$_POST['confirm']) && preg_match('/^[0-9a-zA-Z=\[\]\+&#]{0,15}$/',$_POST['cpass'])) {
    if($_POST['pass'] != "" && $_POST['pass'] == $_POST['confirm'] && $data->pass == $_POST['cpass']) {
      mysql_query("UPDATE `[users]` SET `pass`='{$_POST['pass']}' WHERE `login`='{$data->login}'");
      print "  <head>
<meta http-equiv=\"refresh\" content=\"0; URL=login.php?x=logout\"
</head>
<body>

<tr><td class=\"mainTxt\">You've changed your password!</td></tr>\n";
    }
    else
      print "  <tr><td class=\"mainTxt\"><B><font color=red>* The two passwords don't match!</font></b></td></tr>\n";
  }

  $data->url				= stripslashes($data->url);
  $data->avatar				= stripslashes($data->avatar);
  $data->info				= stripslashes($data->info);
  $data->info				= str_replace("\'","'",$data->info);
  $data->land				= stripslashes($data->land);
  $data->woonplaats			= stripslashes($data->woonplaats);
  $data->realname			= stripslashes($data->realname);
  $data->age				= stripslashes($data->age);
  $data->music				= stripslashes($data->music);

  print <<<ENDHTML
  <tr><td class="mainTxt">
	<form method="post"><table align="center">
	  <tr><td width=100>E-Mail:</td>	<td>{$data->email}</td></tr>
	  <tr><td width=100>Country:</td>	<td><input type="text" name="country" value="{$data->land}"></td></tr>
	  <tr><td width=100>City:</td>		<td><input type="text" name="city" value="{$data->woonplaats}"></td></tr>
	  <tr><td width=100>Name:</td>		<td><input type="text" name="name" value="{$data->realname}"></td></tr>
	  <tr><td width=100>Age:</td>		<td><input type="text" name="age" value="{$data->age}"></td></tr>
	  <tr><td width=100>Website:</td>	<td><input type="text" name="website" value="{$data->url}"></td></tr>
	  <tr><td width=100>Avatar:</td>	<td><input type="text" name="avatar" value="{$data->avatar}"></td></tr>
	  <tr><td width=100>Music:</td>		<td><input type="text" name="music" value="{$data->music}"></td></tr>
	  <tr><td width=100 valign="top">Personal Quote:<br><br>
				 <a href="help.php#fax">Ubb-codes</a><br> are enabled!</td>
					<td><textarea name="info" cols=30 rows=10>{$data->info}</textarea></td></tr>
	  <tr><td></td>			<td align="right"><input type="submit" name="profile" value="Update"></td></tr>
	</table></form></td></tr></table>
  <table width=100%>

  <tr><td class="subTitle"><b>Password</b></td></tr>
  <tr><td class="mainTxt">
	<form method="post"><table align="center">
	  <tr><td width=120>Current Password:</td>		<td><input type="password" name="cpass" maxlength=16></td></tr>
	  <tr><td width=120>New Password:</td>		<td><input type="password" name="pass" maxlength=16></td></tr>
	  <tr><td width=120>Confirm Password:</td>	<td><input type="password" name="confirm" maxlength=16></td></tr>
	  <tr><td></td>				<td align="right"><input type="submit" name="password" value="Change!"></td></tr>
</form>	</table></td></tr></table>
ENDHTML;

/* ------------------------- */ ?>


</body>


</html>