<?php session_start(); if (!isset($_SESSION['uid'])) { header('Location: /index.php'); die(); } include_once('config.php'); include_once('functions.php'); if ($u->i()['battle'] > 0) { header('Location: /fbattle.php'); die(); } $name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_SPECIAL_CHARS); $oldpsw = filter_input(INPUT_POST, 'oldpsw', FILTER_SANITIZE_SPECIAL_CHARS); $newpsw = filter_input(INPUT_POST, 'newpsw', FILTER_SANITIZE_SPECIAL_CHARS); $color = filter_input(INPUT_POST, 'color', FILTER_VALIDATE_INT); $hobbie = filter_input(INPUT_POST, 'hobbie', FILTER_SANITIZE_SPECIAL_CHARS); $hobbie = str_replace("\\n", "<br />", $hobbie); $hobbie = str_replace("\\r", "", $hobbie); $hobbie = str_replace("<br />", "<br />", $hobbie); if ($name || $color || $hobbie) { $simbolcount = strlen($hobbie); switch ($color) { case 1: $color = 'blue'; break; case 2: $color = 'green'; break; default: $color = 'black'; break; } if ($simbolcount > 1500) { err('Максимальная длинна поля Хобби: 1500 символов!'); } else { db::c()->query('UPDATE `users` SET `realname` = "?s", `color` = "?s", `info` = "?s" WHERE `id` = ?i', $name, $color, $hobbie, $u->i()['id']); } } if ($oldpsw && $newpsw){ if (password_verify($oldpsw, $u->i()['pass'])){ db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `id` = ?i', password_hash($newpsw,PASSWORD_DEFAULT), $u->i()['id']); } else err('Неверный текущий пароль!'); } ?> <!doctype html> <html> <head> <meta charset="utf-8"/> <link rel="stylesheet" href="css/main.css"> <title>Анкета</title> </head> <body> <a href="main.php">← на главную</a> <h1>Анкета персонажа <?= $u->i()['login'] ?></h1> <form method="post" action="user_anketa.php"> <input name="name" placeholder="Реальное имя" value="<?= $u->i()['realname']; ?>"><br> <select name="color" id="color"> <option value="0" selected>Чёрный</option> <option value="1">Синий</option> <option value="2">Зелёный</option> </select><label for="color"></label><br> <textarea name="hobbie" placeholder="Хобби"><?= $u->i()['info'] ?></textarea><br> <input name="submit" type="submit"> </form> <h1>Безопасность</h1> <form method="post" action="user_anketa.php"> <input placeholder="Старый пароль" name="oldpsw"> <input placeholder="Новый пароль" name="newpsw"> <input type="submit"> </form> </body> </html>