File: /var/www/web37/htdocs/0900topliste/admin/editaccount.php
<?php
############################################
### Top-XL V.1.24 Free - Edit User editaccount.php
############################################
/// 1. You are NOT entiteld to rent, lease, transfer, reproduce or distribute this Software.
/// 2. You are entiteld to adapt, and modify the Software to your need.
/// 3. You can use this Script on all of YOUR Domains.
/// 4. Any modification or removal to the links in the footer and member area shall terminate this license immediately .
/// 5. The Script has been tested on different Servers and found free of any notable errors by the author. The Author shall not in any case be liable for any special, incidental indirect or other similar damages arising from the use of this Script.
/// 6. Author: Simon Zehender - Contact: http://www.derwebgestalter.de or http://www.paddelberg.de
////////////////////////////////////////////
////////////////////////////////////////////
if ($scriptpath!=$_SERVER['DOCUMENT_ROOT'])
{echo "Are you looking for something?";exit;}
$id=safety($_GET["id"]);
$fromsite=safety($_GET["fromsite"]);
$dataget=mysql_query("SELECT * FROM $topxl_user_table WHERE id='$id'");
$datagetrow=mysql_fetch_array($dataget);
if ($do=="changeeditaccount")
{
$name=safety($_POST["name"]);
$email=safety($_POST["email"]);
$title=$_POST["title"];
$description=$_POST["description"];
$url=safety($_POST["url"]);
$bannerurl=safety($_POST["bannerurl"]);
$reciprocal=safety($_POST["reciprocal"]);
$notes=$_POST["notes"];
$active=safety($_POST["active"]);
$hitin=safety($_POST["hitin"]);
$hitout=safety($_POST["hitout"]);
$urlslash=slashcheck($url);
if($urlslash==3)
{$url=$url."/";}
$recislash=slashcheck($reciprocal);
if($recislash==3)
{$reciprocal=$reciprocal."/";}
if (!$name)
{$error1=$errortext1;}
if (strlen($name) > 60)
{$error1=$errortext1b;}
if (!$email)
{$error2=$errortext2;}
if (!eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})$", trim($email)))
{$error2=$errortext2a;}
if (strlen($email) > 255)
{$error2=$errortext5b;}
if (!url || strpos($url, 'http://')===false)
{$error3=$errortext3;}
if (strlen($url) > 255)
{$error3=$errortext5b;}
if (!$reciprocal || strpos($reciprocal, 'http://')===false)
{$error4=$errortext4;}
if (strlen($reciprocal) > 255)
{$error4=$errortext5b;}
if ($showbanner=="yes")
{
if (!$bannerurl || strpos($bannerurl, 'http://')===false)
{$error5=$errortext5;}
else
{
$sqlholder=",bannerurl='$bannerurl'";
if (strlen($bannerurl) > 255)
{$error5=$errortext5b;}
$extens=ereg_replace('http://', ' ',$bannerurl);
$ext=strrchr($extens,'.');
$limitedext=array(".gif",".jpg",".jpeg",".png");
if (!in_array($ext,$limitedext))
{$error5=$errortext5a;}
}
}
if (!$title)
{$error6=$errortext6;}
if (strlen($title) > $maxsigntitle)
{$error6=$errortext6a;}
if (!$description)
{$error7=$errortext7;}
if (strlen($description) > $maxsigndesc)
{$error7=$errortext7a;}
if ($hitout=="" or !is_numeric($hitout))
{$error11=$text_notnumeric;}
if ($hitin=="" or !is_numeric($hitin))
{$error12=$text_notnumeric;}
if ($hitout!=$datagetrow[hitout])
{
$diffout=$hitout-$datagetrow[hitout];
if($hitout<$datagetrow[hitout])
{
$diffout=eregi_replace("-","",$diffout);
$hitouttotal=$datagetrow[hitouttotal]-$diffout;;
}
else {$hitouttotal=$datagetrow[hitouttotal]+$diffout;}
}
else {$hitouttotal=$datagetrow[hitouttotal];}
if ($hitin!=$datagetrow[hitin])
{
$diffin=$hitin-$datagetrow[hitin];
if($hitin<$datagetrow[hitin])
{
$diffin=eregi_replace("-","",$diffin);
$hitintotal=$datagetrow[hitintotal]-$diffin;
}
else {$hitintotal=$datagetrow[hitintotal]+$diffin;}
}
else {$hitintotal=$datagetrow[hitintotal];}
//// if an error happens
if ($error1 || $error2 || $error3 || $error4 || $error5 || $error6 || $error7 || $error11 || $error12)
{$message=$messageerror;}
else
{
if ($active=="yes")
{
$checknew=mysql_query("SELECT newentry FROM $topxl_user_table WHERE id=$id") or die (mysql_error());
$checknewrow=@mysql_fetch_array($checknew);
if ($checknewrow["newentry"]=="yes")
{
$validationdate=time();
$activeholder=",active='yes',newentry='no',validationdate='$validationdate'";
}
else
{$activeholder=",active='yes'";}
}
else
{$activeholder=",active='no'";}
$title=rtrim($title);
$description=rtrim($description);
mysql_query("UPDATE $topxl_user_table SET name='$name',email='$email',title='$title',description='$description',url='$url',bannerurl='$bannerurl',reciprocal='$reciprocal',notes='$notes'$activeholder,hitin='$hitin',hitout='$hitout',hitintotal='$hitintotal',hitouttotal='$hitouttotal' WHERE id='$id'") or die (mysql_error());
$message=$messageupdate;
}
}
else
{
$name=$datagetrow[name];
$email=$datagetrow[email];
$title=$datagetrow[title];
$description=$datagetrow[description];
$url=$datagetrow[url];
$bannerurl=$datagetrow[bannerurl];
$reciprocal=$datagetrow[reciprocal];
$notes=$datagetrow[notes];
$active=$datagetrow[active];
$hitin=$datagetrow[hitin];
$hitout=$datagetrow[hitout];
}
if ($_GET["back"])
{$back=safety($_GET["back"]);$back++;}
else
{$back=1;}
$main_content.="
<table width=\"874\" border=\"0\" align=\"center\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#CCCCCC\">
<tr>
<td height=\"35\" colspan=\"3\" bgcolor=\"#FFFFFF\" class=\"top\"><strong class=\"heading\">".$text_editaccountdata." ".$id."<strong> ".$message."</td>
</tr>
<tr>
<td height=\"28\" colspan=\"3\" bgcolor=\"#FFFFFF\"><a href=\"javascript:history.go(-$back)\">".$text_back."</a></td>
</tr>
<form name=\"form1\" method=\"post\" action=\"index.php?do=changeeditaccount&id=".$id."&fromsite=".$fromsite."&back=".$back."\">
<tr>
<td width=\"120\" bgcolor=\"#FFFFFF\">".$text_name."</td>
<td width=\"210\" align=\"center\" bgcolor=\"#FFFFFF\"><input name=\"name\" type=\"text\" class=\"inputs\" value=\"".$name."\"></td>
<td width=\"541\" bgcolor=\"#FFFFFF\"><span class=\"error\">".$error1."</span></td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_email."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input name=\"email\" type=\"text\" class=\"inputs\" value=\"".$email."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error2."</span> <a href=\"mailto:".$email."\" target=\"_blank\">".$text_email."</a></td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_url."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input name=\"url\" type=\"text\" class=\"inputs\" id=\"url\" value=\"".$url."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error3."</span> <a href=\"".$url."\" target=\"_blank\">".$text_view."</a></td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_reciprocal."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input name=\"reciprocal\" type=\"text\" class=\"inputs\" id=\"reciprocal\" value=\"".$reciprocal."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error4."</span> <a href=\"".$reciprocal."\" target=\"_blank\">".$text_view."</a></td>
</tr>";
if ($showbanner=="yes")
{
$main_content.="
<tr>
<td bgcolor=\"#FFFFFF\">".$text_bannerurl.":</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input name=\"bannerurl\" type=\"text\" class=\"inputs\" id=\"bannerurl\" value=\"".$bannerurl."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error5."</span> <img width=\"468\" height=\"60\" src=\"".$bannerurl."\" border=\"0\" class=\"banner\" vspace=\"4\" hspace=\"4\"></td>
</tr>";
}
$main_content.="
<tr>
<td bgcolor=\"#FFFFFF\">".$text_title."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input name=\"title\" type=\"text\" class=\"inputs\" id=\"title\" value=\"".$title."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error6."</span></td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_description."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><textarea name=\"description\" id=\"description\" class=\"textarea1\">".$description."</textarea></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error7."</span></td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_notes."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><textarea name=\"notes\" id=\"notes\" class=\"textarea1\">".$notes."</textarea></td>
<td bgcolor=\"#FFFFFF\"> </td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_activeentry."</td>
<td bgcolor=\"#FFFFFF\">
<select name=\"active\">
<option value=\"yes\"";
if ($active=="yes")
{$main_content.=" selected";}
$main_content.=">".$text_yes."</option>
<option value=\"no\"";
if ($active=="no")
{$main_content.=" selected";}
$main_content.=">".$text_no."</option>
</select>
</td>
<td bgcolor=\"#FFFFFF\"> </td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_hitout."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input type=\"text\" class=\"inputs\" name=\"hitout\" id=\"hitout\" value=\"".$hitout."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error11."</span> ".$text_exp_hitschange."</td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_hitin."</td>
<td align=\"center\" bgcolor=\"#FFFFFF\"><input type=\"text\" class=\"inputs\" name=\"hitin\" id=\"hitin\" value=\"".$hitin."\"></td>
<td bgcolor=\"#FFFFFF\"><span class=\"error\">".$error12."</span> ".$text_exp_hitschange1."</td>
</tr>
<tr>
<td bgcolor=\"#FFFFFF\">".$text_deleteuser."</td>
<td bgcolor=\"#FFFFFF\"><a href=\"index.php?do=delete&id=".$id."&fromsite=".$fromsite."\">".$text_del."</a></td>
<td bgcolor=\"#FFFFFF\"></td>
</tr>
<tr>
<td height=\"41\" bgcolor=\"#FFFFFF\"> </td>
<td align=\"center\" valign=\"middle\" bgcolor=\"#FFFFFF\">
<input name=\"Submit\" type=\"submit\" class=\"submitbuton\" value=\"".$text_submit."\">
<input name=\"Reset\" type=\"reset\" class=\"submitbuton\" value=\"".$text_reset."\"></td>
<td bgcolor=\"#FFFFFF\"> </td>
</tr></form>
</table>";
/// Template
if(!file_exists($file))
{echo "The template ".$file." does not exist."; exit;}
$fp1=fopen($file,"r");
$zeile=fread ($fp1, filesize ($file));
include("template.php");
echo $zeile;
exit;
?>