En el archivo funtions se define toda la funcion, lo ke no entiendo es ke el fichero user, usa esa funcion mas de 3 o 4 veces en la misma pagina y no ocurre nada, funciona a la pefeccion, espera te pongo codigo, gracias por ayudarme tio
functions.php
Código PHP:
//skip the config file if somebody call it from the browser.
if (eregi("functions.php", $_SERVER['SCRIPT_NAME'])) {
Header("Location: index.php"); die();
}
if (!ini_get("register_globals")) {
import_request_variables('GPC');
}
$phpver = phpversion();
if ($phpver < '4.1.0') {
$_GET = $HTTP_GET_VARS;
$_POST = $HTTP_POST_VARS;
$_SERVER = $HTTP_SERVER_VARS;
}
$phpver = explode(".", $phpver);
$phpver = "$phpver[0]$phpver[1]";
if ($phpver >= 41) {
$PHP_SELF = $_SERVER['PHP_SELF'];
}
if(isset($admin)){
$admin = base64_decode($admin);
$admin = addslashes($admin);
$admin = base64_encode($admin);
}
if(isset($user)){
$user = base64_decode($user);
$user = addslashes($user);
$user = base64_encode($user);
}
foreach ($_GET as $sec_key => $secvalue) {
if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*object*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*style*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*form*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*img*\"?[^>]*>", $secvalue)) ||
(eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) ||
(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
(eregi("\"", $secvalue))) {
die ("not allowed");
}
}
foreach ($_POST as $secvalue) {
if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) {
die ("not allowed");
}
}
include ("config.php");
include("mysql.class.php");
$db = new sql_db($dbhost, $dbuname, $dbpass, $dbname, false);
if(!$db->db_connect_id) {
include("header.php");
echo "<br><font color=\"red\"><h5><br><center>Error:</b><br><hr><br>
<b>Connection to database has faild!<br>
check mysql server/database name/username/password </center>
<br><br><br><br><br><br><br><br><br>";
echo mysql_error();
include("footer.php");
die();
}
//load the site info from db.
$setup_sql = $db->sql_query("SELECT * FROM ".$prefix."_setupme");
$setup_row = $db->sql_fetchrow($setup_sql);
$site_name = stripslashes($setup_row['site_name']);
$site_email= stripslashes($setup_row['site_email']);
$site_url = stripslashes($setup_row['site_url']);
$site_info = stripslashes($setup_row['site_info']);
$language = stripslashes($setup_row['language']);
$tmp_header = stripslashes($setup_row['tmp_header']);
$tmp_footer = stripslashes($setup_row['tmp_footer']);
//load the language
include ("lang/$language.php");
//global function for checkig whethar user is logged in or not.
//you will notice we will use it everwhere in the script.
function is_logged_in($user) {
global $db,$prefix;
if(!is_array($user)) {
$read_cookie = explode("|", base64_decode($user));
$userid = $read_cookie[0];
$passwd = $read_cookie[2];
} else {
$userid = $read_cookie[0];
$passwd = $read_cookie[2];
}
$userid = addslashes($userid);
$userid = intval($userid);
if ($userid != "" AND $passwd != "") {
$result = $db->sql_query("SELECT password FROM ".$prefix."_users WHERE userid='$userid'");
$row = $db->sql_fetchrow($result);
$pass = $row['password'];
if($pass == $passwd && $pass != "") {
return 1;
}
}
return 0;
}
function is_logged_in_admin($admin) {
global $db,$prefix;
if(!is_array($admin)) {
$read_cookie = explode("|", base64_decode($admin));
$adminid = $read_cookie[0];
$passwd = $read_cookie[2];
} else {
$adminid = $read_cookie[0];
$passwd = $read_cookie[2];
}
$adminid = addslashes($adminid);
$adminid = intval($adminid);
if ($adminid != "" AND $passwd != "") {
$result = $db->sql_query("SELECT password FROM ".$prefix."_admin WHERE adminid='$adminid'");
$row = $db->sql_fetchrow($result);
$pass = $row['password'];
if($pass == $passwd && $pass != "") {
return 1;
}
}
return 0;
}
function msg_redirect($msg,$url,$seconds){
global $site_name, $site_url;
echo "<html dir=\""._LTR_RTL."\">\n"
."<head>\n"
."<title>$site_name</title>\n"
."<meta http-equiv=\"Refresh\" content=\"$seconds; URL=$url\">\n"
."<meta http-equiv=\"Content-Type\" content=\"text/html; charset="._CHARSET."\">\n"
."<link rel=\"stylesheet\" href=\"style.css\" type=\"text/css\">\n"
."</head>\n\n"
."<body>\n"
."<br />\n"
."<br />\n"
."<br />\n"
."<br />\n\n\n"
."<div align=\"center\">\n"
."<table cellpadding=\"6\" cellspacing=\"1\" border=\"0\" width=\"70%\" bgcolor=\"#E1E1E1\">"
."<tr>"
."<td bordercolor=\"#808080\">"._REDIRECTING."</td>"
."</tr> "
."<tr> "
."<td align=\"center\" bgcolor=\"#FFFFFF\">"
."<blockquote> "
."<p> </p>"
."<p><h3>$msg</h3></p>"
."<p><a href=\"$url\"> "
.""._CLICK_HERE_BROWSER_REDIRECT."</a></p><br />"
."</blockquote>"
."</div>\n"
."</td>\n"
."</tr>\n"
."</table>\n\n\n"
."</body>\n"
."</html>";
}
?>
Un trozo del archivo user.php:
Código PHP:
function EditMyInfo_form(){
global $user, $db, $prefix, $username, $password, $email, $fullname, $user_taken_err, $email_taken_err;
if (is_logged_in($user)) {
navigation_menu();
$cookie_read = explode("|", base64_decode($user));
$userid = $cookie_read[0];
$result = $db->sql_query("SELECT * FROM ".$prefix."_users WHERE userid='$userid'");
$row = $db->sql_fetchrow($result);
echo "<center><font class=\"title\">"._CHANGE_MY_INFORMATION."</font></center><br>\n";
echo "<center>"._FILED_STAR_REQUIRED."
<form name=\"EditMyInfoForm\" method=\"POST\" action=\"users.php\">
<table align=\"center\" border=\"1\" width=\"500\" id=\"table1\" cellpadding=\"2\" bordercolor=\"#C0C0C0\">
<tr>
<td width=\"100\" align=\"right\">"._USERNAME." :</td>
<td><input type=\"text\" disabled=\"true\" name=\"username\" size=\"18\" value=\"$row[username]\"></td>
</tr>
<tr>
<td align=\"right\">"._EMAIL." :</td>
<td><input type=\"text\" name=\"email\" size=\"27\" value=\"$row[email]\"> * $email_taken_err</td>
</tr>
<tr>
<td align=\"right\">"._FULLNAME." :</td>
<td><input type=\"text\" name=\"fullname\" size=\"27\" value=\"$row[fullname]\"></td>
</tr>
<tr>
<td align=\"right\">"._WEBSITE." :</td>
<td><input type=\"text\" name=\"site\" size=\"27\" value=\"$row[site]\"> "._EG." http://www.site.com</td>
</tr>
<tr>
<td align=\"right\">"._COUNTRY." :</td>
<td><input type=\"text\" name=\"country\" size=\"27\" value=\"$row[country]\"></td>
</tr>
<tr>
<td align=\"right\">"._CITY.":</td>
<td><input type=\"text\" name=\"city\" size=\"27\" value=\"$row[city]\"></td>
</tr>
<tr>
<td align=\"right\">"._TEL_MOBILE." :</td>
<td><input type=\"text\" name=\"tel\" size=\"27\" value=\"$row[tel]\"></td>
</tr>
<tr>
<td align=\"right\">"._PROFILE.":</td>
<td><textarea rows=\"5\" name=\"profile\" cols=\"30\">$row[profile]</textarea></td>
</tr>
<tr>
<td> </td>
<td> <input type=\"hidden\" name=\"maa\" value=\"do_EditMyInfo\">
<input type=\"submit\" value=\""._SAVE_CHANGES."\"></td>
</tr>
</table></form>";
}else{
echo "<br /><center><font class=\"title\">"._NOT_AUTHORIZED."</font>";
}
}
function do_EditMyInfo(){
global $user, $db, $prefix, $email, $fullname, $email_taken_err;
global $site, $country, $city, $tel, $profile;
global $site_name, $site_email, $site_url;
if (is_logged_in($user)) {
//this function will check fields incase of javascript not working.
if(trim(empty($email))){
//print the error message and load the form.
include("header.php");
EditMyInfo_form();
echo "<center><font class=\"error\">"._ERROR_PLEASE_FILL_FIELDS."</font></center>\n";
include("footer.php");
exit();
}
He puesto el users pa que se vea como se repite sin error alguno