Example #1
0
 $passwd_old = query_int($_POST['passwd_old']);
 $passwd_in1 = query_int($_POST['passwd_in1']);
 $email = query_int($_POST['email']);
 if (plogin($row['pLogin'], 0) == 1) {
     msgbox($lang_error['all_error'], $lang_error['ucp_game'], 1);
 } else {
     if ($passwd_old != $row['pKey']) {
         msgbox($lang_error['all_error'], $lang_error['_err_17'], 1);
     } else {
         if (!preg_match('/^[a-zA-Z0-9]+$/', $passwd_in1)) {
             msgbox($lang_error['all_error'], $lang_error['ucp_st_info_1'], 1);
         } else {
             if (strlen($passwd_in1) < 6 or strlen($passwd_in1) > 20) {
                 msgbox($lang_error['all_error'], $lang_error['ucp_st_info_2'], 1);
             } else {
                 if ($passwd_in1 != query_int($_POST['passwd_in2'])) {
                     msgbox($lang_error['all_error'], $lang_error['ucp_st_info_3'], 1);
                 } else {
                     if (!is_email($_POST['email'])) {
                         msgbox($lang_error['all_error'], $lang_error['ucp_st_info_5'], 1);
                     } else {
                         if (tru_email($_POST['email'], $username) == 2) {
                             msgbox($lang_error['all_error'], $lang_error['ucp_st_info_6'], 1);
                         } else {
                             if (!$resp->is_valid) {
                                 msgbox($lang_error['all_error'], $lang_error['err_01.5'], 1);
                             } else {
                                 if ($row['pPhousekey'] != 999) {
                                     //$db->query("UPDATE accounts SET pKey = '$passwd_in1' WHERE Name = '$username'") or die(mysql_error());
                                 } else {
                                     $db->query("UPDATE accounts SET pKey = '{$passwd_in1}', pEmail = '{$email}' WHERE Name = '{$username}'") or die(mysql_error());
Example #2
0
             echo "no";
         } else {
             echo "yes";
         }
     }
     exit;
 } else {
     if ($_GET['list'] == "search") {
         $html = '';
         $html .= '<li>';
         $html .= '<a href="javascript://" rel="nofollow" onclick="window.open(\'urlString\',\'up1\',\'scrollbars=1,top=0,left=0,resizable=1,width=780,height=310\');return false;">';
         $html .= '<i class="icon-user"></i>nameString';
         $html .= ' [functionString]';
         $html .= '</a>';
         $html .= '</li> ';
         $search_string = query_int($_POST['query']);
         $search_string = preg_replace("/[^A-Za-z0-9]/", " ", $search_string);
         if (strlen($search_string) >= 1 && $search_string !== ' ') {
             $query = 'SELECT * FROM accounts WHERE Name LIKE "%' . $search_string . '%" OR Name LIKE "%' . $search_string . '%" LIMIT 0, 3';
             $result = $db->query($query) or die(mysql_error());
             while ($results = mysql_fetch_array($result)) {
                 $result_array[] = $results;
             }
             if (isset($result_array)) {
                 echo '<a href="#results" class="nav-header" data-toggle="collapse"><i class="icon-search" style="margin-left:4px;"></i>Поиск персонажа <i class="icon-chevron-up"></i></a>';
                 echo '<ul id="results" style="height: 100px; overflow: auto" class="nav nav-list collapse in">';
                 foreach ($result_array as $result) {
                     $display_function = preg_replace("/" . $search_string . "/i", "<b class='highlight'>" . $search_string . "</b>", $result['pLevel']);
                     $display_name = preg_replace("/" . $search_string . "/i", "<b class='highlight'>" . $search_string . "</b>", str_replace('_', ' ', $result['Name']));
                     $display_url = '/profile/' . urlencode($result['Name']) . '/';
                     $output = str_replace('nameString', $display_name, $html);