Файл: vitaliy_nosov/public_html/game/edit.php
Строк: 61
<?php
require_once ('../config/func.php');
$title = 'Редактирование';
require_once ('../config/header.php');
auth();
if($user['moder'] < 4){
header('Location: /game/');
}
switch(htmlspecialchars($_GET['adm'])){
default;
case 'user':
$id = abs(intval($_GET['id']));
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$id."'"));
if(isset($_REQUEST['ok'])) {
$login = text($_POST['login']);
$sila = text($_POST['sila']);
$lovk = text($_POST['lovk']);
$def = text($_POST['def']);
$max_hp = text($_POST['max_hp']);
$moder = abs(intval($_POST['moder']));
$exp = text($_POST['exp']);
$gold = abs(intval($_POST['gold']));
$cristal = abs(intval($_POST['cristal']));
$secret = text($_POST['secret']);
mysql_query("UPDATE `user` SET `login` = '".$login."', `sila` = '".$sila."', `lovk` = '".$lovk."', `def` = '".$def."', `max_hp` = '".$max_hp."', `exp` = '".$exp."', `gold` = '".$gold."', `cristal` = '".$cristal."', `secret` = '".$secret."' WHERE `id` = '".$id."'");
$_SESSION['notif'] = 'Изменения приняты';
header('Location: /pers/'.$id.'/');
exit();
}
echo '<div class="block">
<form action="" method="post">
Ник:<br /><input type="text" name="login" maxlength="25" value="'.$ank['login'].'" /><br />
Сила:<br /><input type="text" name="sila" maxlength="45" value="'.$ank['sila'].'" /><br />
Ловкость:<br /><input type="text" name="lovk" maxlength="40" value="'.$ank['lovk'].'" /><br />
Защита:<br /><input type="text" name="def" maxlength="40" value="'.$ank['def'].'" /><br />
Здоровье:<br /><input type="text" name="max_hp" maxlength="100" value="'.$ank['max_hp'].'" /><br />
Опыт:<br /><input type="text" name="exp" maxlength="20" value="'.$ank['exp'].'" /><br />
Золото:<br /><input type="text" name="gold" maxlength="1000" value="'.$ank['gold'].'" /><br />
Монеты:<br /><input type="text" name="cristal" maxlength="1000" value="'.$ank['cristal'].'" /><br />';
echo 'Секретный код:<br /><input type="text" name="level" value="'.$ank['secret'].'" maxlength="50" /><br />
<input type="submit" name="ok" value="Изменить" />
</form></div>';
break;
}
require_once ('../config/footer.php');
?>