$passwd_old = query_int($_POST['passwd_old']); $passwd_in1 = query_int($_POST['passwd_in1']); $email = query_int($_POST['email']); if (plogin($row['pLogin'], 0) == 1) { msgbox($lang_error['all_error'], $lang_error['ucp_game'], 1); } else { if ($passwd_old != $row['pKey']) { msgbox($lang_error['all_error'], $lang_error['_err_17'], 1); } else { if (!preg_match('/^[a-zA-Z0-9]+$/', $passwd_in1)) { msgbox($lang_error['all_error'], $lang_error['ucp_st_info_1'], 1); } else { if (strlen($passwd_in1) < 6 or strlen($passwd_in1) > 20) { msgbox($lang_error['all_error'], $lang_error['ucp_st_info_2'], 1); } else { if ($passwd_in1 != query_int($_POST['passwd_in2'])) { msgbox($lang_error['all_error'], $lang_error['ucp_st_info_3'], 1); } else { if (!is_email($_POST['email'])) { msgbox($lang_error['all_error'], $lang_error['ucp_st_info_5'], 1); } else { if (tru_email($_POST['email'], $username) == 2) { msgbox($lang_error['all_error'], $lang_error['ucp_st_info_6'], 1); } else { if (!$resp->is_valid) { msgbox($lang_error['all_error'], $lang_error['err_01.5'], 1); } else { if ($row['pPhousekey'] != 999) { //$db->query("UPDATE accounts SET pKey = '$passwd_in1' WHERE Name = '$username'") or die(mysql_error()); } else { $db->query("UPDATE accounts SET pKey = '{$passwd_in1}', pEmail = '{$email}' WHERE Name = '{$username}'") or die(mysql_error());
echo "no"; } else { echo "yes"; } } exit; } else { if ($_GET['list'] == "search") { $html = ''; $html .= '<li>'; $html .= '<a href="javascript://" rel="nofollow" onclick="window.open(\'urlString\',\'up1\',\'scrollbars=1,top=0,left=0,resizable=1,width=780,height=310\');return false;">'; $html .= '<i class="icon-user"></i>nameString'; $html .= ' [functionString]'; $html .= '</a>'; $html .= '</li> '; $search_string = query_int($_POST['query']); $search_string = preg_replace("/[^A-Za-z0-9]/", " ", $search_string); if (strlen($search_string) >= 1 && $search_string !== ' ') { $query = 'SELECT * FROM accounts WHERE Name LIKE "%' . $search_string . '%" OR Name LIKE "%' . $search_string . '%" LIMIT 0, 3'; $result = $db->query($query) or die(mysql_error()); while ($results = mysql_fetch_array($result)) { $result_array[] = $results; } if (isset($result_array)) { echo '<a href="#results" class="nav-header" data-toggle="collapse"><i class="icon-search" style="margin-left:4px;"></i>Поиск персонажа <i class="icon-chevron-up"></i></a>'; echo '<ul id="results" style="height: 100px; overflow: auto" class="nav nav-list collapse in">'; foreach ($result_array as $result) { $display_function = preg_replace("/" . $search_string . "/i", "<b class='highlight'>" . $search_string . "</b>", $result['pLevel']); $display_name = preg_replace("/" . $search_string . "/i", "<b class='highlight'>" . $search_string . "</b>", str_replace('_', ' ', $result['Name'])); $display_url = '/profile/' . urlencode($result['Name']) . '/'; $output = str_replace('nameString', $display_name, $html);