Anketa fix

This commit is contained in:
lopar 2018-03-02 19:23:17 +02:00
parent 85aa7f2492
commit af75583404

View File

@ -16,9 +16,10 @@ $name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_SPECIAL_CHARS);
$oldpsw = filter_input(INPUT_POST, 'oldpsw', FILTER_SANITIZE_SPECIAL_CHARS); $oldpsw = filter_input(INPUT_POST, 'oldpsw', FILTER_SANITIZE_SPECIAL_CHARS);
$newpsw = filter_input(INPUT_POST, 'newpsw', FILTER_SANITIZE_SPECIAL_CHARS); $newpsw = filter_input(INPUT_POST, 'newpsw', FILTER_SANITIZE_SPECIAL_CHARS);
$color = filter_input(INPUT_POST, 'color', FILTER_VALIDATE_INT); $color = filter_input(INPUT_POST, 'color', FILTER_VALIDATE_INT);
$hobbie = str_replace("\\n", "<br />", $_POST['hobbie']); $hobbie = filter_input(INPUT_POST, 'hobbie', FILTER_SANITIZE_SPECIAL_CHARS);
$hobbie = str_replace("\\r", "", $_POST['hobbie']); $hobbie = str_replace("\\n", "<br />", $hobbie);
$hobbie = str_replace("&lt;br&nbsp;/&gt;", "<br />", $_POST['hobbie']); $hobbie = str_replace("\\r", "", $hobbie);
$hobbie = str_replace("&lt;br&nbsp;/&gt;", "<br />", $hobbie);
if ($name || $color || $hobbie) { if ($name || $color || $hobbie) {
@ -38,7 +39,7 @@ if ($name || $color || $hobbie) {
} }
if ($oldpsw && $newpsw){ if ($oldpsw && $newpsw){
if (password_verify($oldpsw, $u->i()['psw'])){ if (password_verify($oldpsw, $u->i()['pass'])){
db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `id` = ?i', password_hash($newpsw,PASSWORD_DEFAULT), $u->i()['id']); db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `id` = ?i', password_hash($newpsw,PASSWORD_DEFAULT), $u->i()['id']);
} else err('Неверный текущий пароль!'); } else err('Неверный текущий пароль!');
} }