Файл: avatars/handler/update.php
Строк: 4
<?php
if (!empty($_GET['update']) && is_numeric($_GET['update']))
{
$update = abs(intval($_GET['update']));
if (mysql_result(mysql_query("SELECT COUNT(`id`) FROM `avatars` WHERE `id` = '".$update."' AND `user_id` = '".$user_id."' LIMIT 1"),0) == true)
{
$arr = mysql_fetch_array(mysql_query("SELECT * FROM `avatars` WHERE `id` = '".$update."' AND `user_id` = '".$user_id."' LIMIT 1"));
mysql_query("UPDATE `users` SET `avatar` = '".$arr['name']."' WHERE `id` = '".$user_id."'");
}
}
?>