<?php
session_start();
if (!isset($_SESSION['uid'])) {
    header('Location: /index.php');
    die();
}
include_once('config.php');
include_once('functions.php');

if ($user['battle'] > 0) {
    header('Location: /fbattle.php');
    die();
}

$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$oldpsw = filter_input(INPUT_POST, 'oldpsw', FILTER_SANITIZE_SPECIAL_CHARS);
$newpsw = filter_input(INPUT_POST, 'newpsw', FILTER_SANITIZE_SPECIAL_CHARS);
$color = filter_input(INPUT_POST, 'color', FILTER_VALIDATE_INT);
$hobbie = filter_input(INPUT_POST, 'hobbie', FILTER_SANITIZE_STRING);
$hobbie = str_replace("\\n", "<br />", $hobbie);
$hobbie = str_replace("\\r", "", $hobbie);
$hobbie = str_replace("&lt;br&nbsp;/&gt;", "<br />", $hobbie);

if ($name || $color || $hobbie) {

    $simbolcount = strlen($hobbie);

    switch ($color) {
        case 1: $color = 'blue'; break;
        case 2: $color = 'green'; break;
        default: $color = 'black'; break;
    }

    if ($simbolcount > 1500) {
        err('Максимальная длинна поля Хобби: 1500 символов!');
    } else {
        db::c()->query('UPDATE `users` SET `realname` = "?s", `color` = "?s", `info` = "?s" WHERE `id` = ?i', $name, $color, $hobbie, $user['id']);
    }
}

if ($oldpsw && $newpsw){
    if (password_verify($oldpsw, $user['pass'])){
        db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `id` = ?i', password_hash($newpsw,PASSWORD_DEFAULT), $user['id']);
    } else err('Неверный текущий пароль!');
}
?>
<!doctype html>
<html>
<head>
    <meta charset="utf-8"/>
    <link rel="stylesheet" href="css/main.css">
    <title>Анкета</title>
</head>
<body>
<a href="main.php">← на главную</a>
<h1>Анкета персонажа <?= $user['login'] ?></h1>
<form method="post" action="user_anketa.php">
    <input name="name" placeholder="Реальное имя" value="<?= $user['realname']; ?>"><br>
    <select name="color" id="color">
        <option value="0" selected>Чёрный</option>
        <option value="1">Синий</option>
        <option value="2">Зелёный</option>
    </select><label for="color"></label><br>
    <textarea name="hobbie" placeholder="Хобби"><?= $user['info'] ?></textarea><br>
    <input name="submit" type="submit">
</form>
<h1>Безопасность</h1>
<form method="post" action="user_anketa.php">
    <input placeholder="Старый пароль" name="oldpsw">
    <input placeholder="Новый пароль" name="newpsw">
    <input type="submit">
</form>
</body>
</html>