public function set_additional_field($field, $value) { $db_prefix = \Control\Core::conf()->db_prefix; $this->db = \Control\Core::db(); if ($this->db->Execute("SELECT `{$field}` FROM {$this->conf->db_prefix}users_additional_data WHERE `id`='{$this->id}'")->RecordCount() == 1) { $this->db->Execute("UPDATE {$this->conf->db_prefix}users_additional_data SET `{$field}`='{$value}' WHERE `id`='{$this->id}'"); } else { $this->db->Execute("INSERT INTO {$this->conf->db_prefix}users_additional_data SET `{$field}`='{$value}', `id`='{$this->id}'"); } }
public function editProfileAction() { $conf = \Control\Core::conf(); $db = \Control\Core::db(); $live = \Control\Live::getInstance(); $user = $live->user; $time = time(); $fields = explode($conf->ac_sep, $_POST['fields']); $new_values = str_replace($conf->ac_con, '&', $_POST['new_values']); $new_values = explode($conf->ac_sep, $new_values); $values_sql = array(); for ($i = 0; $i < count($fields); $i++) { $field = data::quote_smart($fields[$i]); switch ($field) { case 'pass': $pass = $new_values[$i]; break; case 'pass2': $pass2 = $new_values[$i]; break; default: $value = data::quote_smart($new_values[$i]); $values_sql[] = sprintf("`%s`='%s'", $field, $value); } } if (!empty($pass) && !empty($pass2)) { // если изменился пароль, генерируем хэш if ($pass == $pass2) { $hash = $_SESSION['user_hash'] = md5($user->id . ':' . $user->login . ':' . md5($pass) . ':' . $user->salt); $values_sql[] = sprintf("`hash`='%s'", $hash); } else { echo 'Пароли не совпадают.'; exit; } } $values_sql = implode(',', $values_sql); $db->Execute("UPDATE {$conf->db_prefix}users SET {$values_sql} WHERE `id`='{$user->id}'"); }