if (isAdmin($editorid)) { $master_note = $post_get->getvar("master_note"); } else { $sql = "SELECT master_note\n\t\tFROM " . PREF . "users\n\t\tWHERE id={$userid}\n\t\tLIMIT 1"; $master_note = (string) db_result00($sql); } $sql = "UPDATE " . PREF . "users\n\tSET name='{$name}',\n\t\tnick='{$nick}',\n\t\tcity='{$city}',\n\t\tage='{$age}',\n\t\tcontacts='{$contacts}',\n\t\tcontraindication='{$contraindication}',\n\t\tchronicdesease='{$chronicdesease}',\n\t\twishes='{$wishes}',\n\t\tpublicity='{$publicity}',\n\t\tcharacter_name='{$character_name}',\n\t\tcharacter_age='{$character_age}',\n\t\tcountry='{$country}',\n\t\tbirth='{$birth}',\n\t\trank='{$rank}',\n\t\tquota='{$quota}',\n\t\tquenta='{$quenta}',\n\t\twishes2='{$wishes2}',\n\t\tmaster_note='{$master_note}',\n\t\tgo_royal_wedding={$go_royal_wedding}\n\n\tWHERE id={$userid}\n\tLIMIT 1"; query($sql); $updated = (bool) affected_rows(); if (isset($_FILES["photo"]) && $_FILES["photo"]['error'] != 4) { $options = new FileUploadOptions(); $options->key = "photo"; $options->extensions = ["png", "jpg", "jpeg", "gif"]; $options->dir = "../photos/"; $options->is_critical = true; $options->neoname = photoFileName($email) . ".jpg"; if (file_exists("../photos/{$options->neoname}")) { unlink("../photos/{$options->neoname}"); } $filename = file_upload($options); if ($filename != $options->neoname) { rename("../photos/" . $filename, "../photos/" . $options->neoname); } $updated = true; } if ($updated) { $link = $_SERVER["HTTP_HOST"] . "/edit.php?" . http_build_query(["email" => $email]); if ($editorid == emailToId($email)) { markUpdated(emailToId($email)); // send_mail_to_admin("$name обновил заявку", "<a href=\"$link\">Просмотреть</a>"); } else {
<?php include "include/config.php"; $post_get = new GetVarClass("_GET"); $email = $post_get->getemail("email"); $justUpdated = $post_get->getvar("justUpdated"); if (!$email) { die("Редактирование заявки невозможно: введите корректный e-mail. "); } $editorid = loginbycookie(); if (!canEdit($editorid, $email)) { die("У вас недостаточно прав доступа, чтобы редактировать заявку {$email}. "); } $sql = "SELECT *\n\tFROM " . PREF . "users\n\tWHERE email='{$email}'\n\tLIMIT 1"; $result = query($sql); $userData = fetch_assoc($result); $photoname = photoFileName($email); $userid = (int) emailToId($email); if (isAdmin($editorid)) { unmarkUpdated($userid); unmarkUnread($userid); } $sql = "SELECT m.id, u.name, m.message\n\tFROM " . PREF . "messages AS m\n\tLEFT JOIN " . PREF . "users AS u ON m.authorid=u.id\n\tWHERE m.userid={$userid}\n\tORDER BY m.id"; $result = query($sql); $messages = fetch_assocs($result); $render_data = $userData + ["justUpdated" => (bool) $justUpdated, "isAdmin" => (bool) isAdmin($editorid), "publicities" => $langPublicities, "countries" => $langCountries, "birthes" => $langBirthes, "ranks" => $langRanks, "quotas" => $langQuotas, "goRoyalWeddings" => $langYesNo, "photo" => file_exists("photos/{$photoname}.jpg") ? "{$photoname}.jpg" : "", "messages" => $messages]; $ret = constructTwig()->render("edit.twig", $render_data); echo $ret;