$db->query("UPDATE {$db->pre}user SET icq = '{$_POST['icq']}', yahoo = '{$_POST['yahoo']}', aol = '{$_POST['aol']}', msn = '{$_POST['msn']}', jabber = '{$_POST['jabber']}', birthday = '{$bday}', gender = '{$_POST['gender']}', hp = '{$_POST['hp']}', signature = '{$_POST['signature']}', location = '{$_POST['location']}', fullname = '{$_POST['fullname']}', mail = '{$_POST['email']}'{$changename} WHERE id = '{$my->id}' LIMIT 1", __LINE__, __FILE__); ok($lang->phrase('data_success'), "editprofile.php?action=profile" . SID2URL_x); } } elseif ($_GET['action'] == "settings") { $breadcrumb->Add($lang->phrase('editprofile_settings')); echo $tpl->parse("header"); echo $tpl->parse("menu"); $design = cache_loaddesign(); $mydesign = $design[$my->template]['name']; $language = cache_loadlanguage(); $mylanguage = $language[$my->language]['language']; $mymodules->load('editprofile_settings_top'); echo $tpl->parse("editprofile/settings"); } elseif ($_GET['action'] == "settings2") { $cache = cache_loaddesign(); $cache2 = cache_loadlanguage(); $error = array(); if (intval($_POST['location']) < -12 && intval($_POST['location']) > 12) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('timezone'); } if ($_POST['opt_0'] < 0 && $_POST['opt_0'] > 2) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_editor'); } if ($_POST['opt_1'] != 0 && $_POST['opt_1'] != 1) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_emailpn'); } if ($_POST['opt_2'] != 0 && $_POST['opt_2'] != 1) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_bad'); } if ($_POST['opt_3'] < 0 && $_POST['opt_3'] > 2) { $error[] = $lang->phrase('editprofile_settings_error') . $lang->phrase('editprofile_showmail');
function sid_login() { global $my, $config, $db, $gpc; $result = $db->query('SELECT u.*, s.mid FROM ' . $db->pre . 'user AS u LEFT JOIN ' . $db->pre . 'session AS s ON s.mid = u.id WHERE name="' . $_POST['name'] . '" AND pw=MD5("' . $_POST['pw'] . '") LIMIT 1', __LINE__, __FILE__); $my2 = array(); $my2['mark'] = $my->mark; $my2['sid'] = $my->sid; $mytemp = $gpc->prepare($db->fetch_object($result)); if ($db->num_rows($result) == 1 && $mytemp->confirm == '11') { $my =& $mytemp; $my->vlogin = TRUE; $my->mark = $my2['mark']; $my->sid = $my2['sid']; $my->p = $this->Permissions(); if (!isset($my->timezone)) { $my->timezone = $config['timezone']; } $my->timezonestr = ''; if ($my->timezone != 0) { if ($my->timezone[0] != '+' && $my->timezone > 0) { $my->timezonestr = '+' . $my->timezone; } else { $my->timezonestr = $my->timezone; } } $cache = cache_loaddesign(); $q_tpl = $gpc->get('design', int); if (isset($my->template) == false || isset($cache[$my->template]) == false) { $my->template = $config['templatedir']; } if (isset($my->settings['q_tpl']) && isset($cache2[$my->settings['q_tpl']]) != false) { $my->template = $my->settings['q_tpl']; } if (isset($cache2[$q_tpl]) != false) { //if ($gpc->get('admin', int) != 1) { $my->settings['q_tpl'] = $q_tpl; //} $my->template = $q_tpl; } if (isset($cache[$q_tpl]) != false) { $my->template = $q_tpl; } $my->templateid = $cache[$my->template]['template']; $my->imagesid = $cache[$my->template]['images']; $my->cssid = $cache[$my->template]['stylesheet']; $my->smileyfolder = $cache[$my->template]['smileyfolder']; $cache2 = cache_loadlanguage(); $q_lng = $gpc->get('lang', int); if (isset($my->language) == false || isset($cache2[$my->language]) == false) { $my->language = $config['langdir']; } if (isset($my->settings['q_lng']) && isset($cache2[$my->settings['q_lng']]) != false) { $my->language = $my->settings['q_lng']; } if (isset($cache2[$q_lng]) != false) { $my->settings['q_lng'] = $q_lng; $my->language = $q_lng; } if (!empty($my->mid)) { $sqlwhere = "mid = '{$my->id}'"; $db->query("DELETE FROM {$db->pre}session WHERE sid = '{$my->sid}' LIMIT 1", __LINE__, __FILE__); } else { $sqlwhere = "sid = '{$my->sid}'"; } if (!isset($my->settings) || !is_array($my->settings)) { $my->settings = array(); } $action = $gpc->get('action', str); $qid = $gpc->get('id', int); $db->query("UPDATE {$db->pre}session SET settings = '" . serialize($my->settings) . "', mark = '" . serialize($my->mark) . "', wiw_script = '" . SCRIPTNAME . "', wiw_action = '" . $action . "', wiw_id = '" . $qid . "', active = '" . time() . "', mid = '{$my->id}', lastvisit = '{$my->lastvisit}' WHERE {$sqlwhere} LIMIT 1", __LINE__, __FILE__); makecookie($config['cookie_prefix'] . '_vdata', $my->id . "|" . $my->pw); makecookie($config['cookie_prefix'] . '_vlastvisit', $my->lastvisit); $this->cookiedata[0] = $my->id; $this->cookiedata[1] = $my->pw; return TRUE; } else { return FALSE; } }