Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
252 views
in Technique[技术] by (71.8m points)

php - where am I missing to put a new filed bank?

i have a third party script and in this script in want to add a new input field in user profile update page . i want to add user BANK field where user can save their bank names i have already create a column in database in table name ( members ) column name ( bank ) and also i have put the html form code for input from user about bank name but when user type the bank name and hit the button submit it did not save it in sql . below is the script code.

setting.tpl

<!-- Content -->
<div class="widget-main-title">{$lang.txt.personalsettings}</div>
<div class="widget-content">
<div id="errorbox" class="errorbox" style="display:none"></div>
{if !empty($user_info.new_email)}        
<div style="display:none" class="success_box" id="message_sent">{$lang.txt.personalsaved}</div>
<div style="display:none" class="success_box" id="message_sent2">{$lang.txt.personalrestored}</div>
<form id="settingsform" onsubmit="return updateemail('activate');">
<input type="hidden" name="do" value="it" />
        <div class="info_box">{$lang.txt.personalvalidatemsg|replace:"%email":$user_info.new_email}</div>
<table cellpadding="4" width="100%" class="widget-tbl">
    <tr>
        <td align="right">{$lang.txt.activationid}:</td>
        <td><input type="text" name="code" id="aid" /></td>
    </tr>
    <tr>
        <td colspan="2" align="center">
            <input type="submit" name="btn" value="{$lang.txt.send}" class="orange" />
            <input type="button" name="btn" value="{$lang.txt.cancel}" class="buttonblue" onclick="updateemail('restore')" />
        </td>
    </tr>
</table>  
</form>
{else}
<form id="settingsform" onsubmit="return submitform(this.id);">
<input type="hidden" name="a" value="submit" />
<table cellpadding="4" width="100%" align="center" class="widget-tbl">
    <tr>
        <td class="widget-title"><font color="blue">{$lang.txt.personaldata}</font></td>
    </tr>
    <tr>
        <td>
                <table cellpadding="4" width="100%">
                <tr>
                    <td align="right" width="50%">{$lang.txt.email}:</td>
                    <td><input type="text" name="email" id="email" value="{$user_info.email}" /></td>
                </tr>
                <tr>
                    <td align="right">{$lang.txt.acceptemail}:</td>
                    <td>
                            <input type="radio" name="aemail" value="yes" id="aemail_1" {if $user_info.acceptmails=='yes'}checked{/if} /><label for="aemail_1">{$lang.txt.yes}</label>
                            <input type="radio" name="aemail" value="no" id="aemail_2" {if $user_info.acceptmails=='no'}checked{/if} /><label for="aemail_2">{$lang.txt.no}</label>
                    </td>            
                </tr>
                </table>
    </td>
    </tr>
    {if $settings.message_system == 'yes'}
    <tr>
        <td class="widget-title"><font color="blue">{$lang.txt.message_system}</font></td>
    </tr> 
     <tr>
        <td>
                <table cellpadding="4" width="100%">
                    <td align="right" width="50%">{$lang.txt.msgsystem_enabled}:</td>
                    <td>
                            <input type="radio" name="personal_msg" value="yes" id="msg_system_1" {if $user_info.personal_msg=='yes'}checked{/if} /><label for="msg_system_1">{$lang.txt.yes}</label>
                            <input type="radio" name="personal_msg" value="no" id="msg_system_2" {if $user_info.personal_msg=='no'}checked{/if} /><label for="msg_system_2">{$lang.txt.no}</label>
                    </td>            
                </tr>
                </table>
    </td>
    </tr>       
    {/if}
    <tr>
        <td class="widget-title"><font color="blue">Payment Method</font></td>
    </tr>
    <tr>
        <td>
                <table cellpadding="4" width="100%">
                {section name=g loop=$gateway}
                <tr>
                    <td align="right" width="50%">
                    {$gateway[g].name}:
                    </td>
                    <td><input type="text" name="gatewayid[{$gateway[g].id}]" value="{section name=n loop=$usrgateway}{if $usrgateway[n].id == $gateway[g].id}{$usrgateway[n].account}{/if}{/section}{$gateway[g].member}" /></td>
                </tr>
                {/section}
                <td align="right" width="50%">
                    Bank Name:
                    </td>
                    <td><input type="text" name="bank" id="bank" value="{$user_info.bank}"></td>
                </table>
    </td>
    </tr>


    <tr>
        <td class="widget-title"><font color="blue">{$lang.txt.updpassword}</font></td>
    </tr>
    <tr>
        <td>
                <table cellpadding="4" width="100%">
                <tr>
                    <td align="right" width="50%">{$lang.txt.newpassword}:</td>
                    <td><input type="password" name="newpassword" id="newpassword" /></td>
                </tr>
                <tr>
                    <td align="right">{$lang.txt.newpasswordconfirm}:</td>
                    <td><input type="password" name="newpassword2" id="newpassword2" /></td>
                </tr>
                </table>
    </td>
    </tr>

    <tr>
        <td class="widget-title"><font color="blue">{$lang.txt.send}</font></td>
    </tr>
    <tr>
        <td>
        <div class="info_box">{$lang.txt.newpasswordmsg}</div>
        <div class="padding5 " align="center"><input type="password" name="password" id="password" /></div>
        <div align="center" class="padding5 " style="margin-top:1px">
        <input type="submit" name="btn" value="{$lang.txt.send}" class="orange" />
        </div>
        </td>
    </tr>
</table>  
</form>

{/if}

</div>
<!-- End Content -->

setting.php file

<?php


if (!defined("personal")) {
    exit("Hacking attempt...");
}

$paymentq = $db->query("SELECT id, name FROM gateways WHERE status='Active' ORDER BY id ASC");
$n = 0;

while ($row = $db->fetch_array($paymentq)) {
    $gateway[$n] = $row;
    $n = $n + 1;
}

$usrgtw = unserialize($user_info['gateways']);
$usrgtw = (!is_array($usrgtw) ? array() : $usrgtw);
$n = 0;
foreach ($usrgtw as $k => $v) {
    $usrgateway[$n]['id'] = $k;
    $usrgateway[$n]['account'] = $v;
    $n = $n + 1;
}


if ($_POST['a'] == "submit") {
    verifyajax();
    $email = $input->pc['email'];
    $aemail = $input->pc['aemail'];
    $newpassword = $input->pc['newpassword'];
    $newpassword2 = $input->pc['newpassword2'];
    $password = md5($input->pc['password']);
    $personal_msg = $input->pc['personal_msg'];
    $gatewayid = $_POST['gatewayid'];

    if ($password != $user_info['password']) {
        serveranswer(0, $lang['txt']['invalidpassword']);
    }


    if (validateEmail($email) !== true) {
        serveranswer(0, $lang['txt']['invalidemail']);
    }


    if (empty($aemail)) {
        serveranswer(0, $lang['txt']['selectacceptmails']);
    }


    if (!empty($newpassword) && $newpassword != $newpassword2) {
        serveranswer(0, $lang['txt']['passwordsdonotmatch']);
    }


    if (!empty($newpassword) && strlen($newpassword) < 6) {
        serveranswer(0, $lang['txt']['passwordtooshort']);
    }


    if (is_array($gatewayid)) {
        foreach ($gatewayid as $k => $v) {

            if ($v != "") {
                $verify = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE gateways LIKE '%" . $v . "%' AND id!=" . $user_info['id']);

                if ($verify != 0) {
                    serveranswer(0, $v . " account is being used by other member");
                }


                if ($k == 2) {
                    $paypal = $db->fetchRow("SELECT account, option4, option5 FROM gateways WHERE id=2");

                    if ($paypal['option4'] == "yes") {
                        if (!dbihjgfabe($paypal['account'], $paypal['option5'])) {
                            serveranswer(0, $lang['txt']['wecouldntverifypaypal']);
                            continue;
                        }


                        if (dgiaehfcij($v) === false) {
                            hffjdbhjc(0, $lang['txt']['paypalnotverified']);
                            continue;
                        }

                        continue;
                    }

                    continue;
                }

                continue;
            }
        }

        $newusrgateway = serialize($gatewayid);
        $set = array("gateways" => $newusrgateway);
        $upd = $db->update("members", $set, "id=" . $user_info['id']);
    }


    if ($email != $user_info['email']) {
        $verifymail = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE email='" . $email . "' and id!=" . $user_info['id']);

        if ($verifymail != 0) {
            serveranswer(0, $lang['txt']['usernameused']);
        }

        $activation_code = md5(time() . $user_info['fullname']);

        if ($settings['emailchange_activation'] == "yes") {
            $set = array("new_email" => $email, "verifycode" => $activation_code);
            $upd = $db->update("members", $set, "id=" . $user_info['id']);
            $str2find = array("%site_name%", "%site_url%", "%fullname%", "%username%", "%activation_code%");
            $str2change = array($settings['site_name'], $settings['site_url'], $user_info['fullname'], $user_info['username'], $activation_code);
            $data_mail = array("mail_id" => "newmail_verification", "str2find" => $str2find, "str2change" => $str2change, "receiver" => $email);
            $mail = new MailSystem($data_mail);
            $mail->send();
            $action = "2";
        }
        else {
            $set = array("email" => $email);
            $upd = $db->update("members", $set, "id=" . $user_info['id']);
            $action = "1";
        }
    }
    else {
        $action = "1";
    }


    if (!empty($newpassword) && md5($newpassword) != $user_info['password']) {
        $set2 = array("password" => md5($newpassword), "acceptmails" => $aemail);
        $_SESSION['password'] = md5($newpassword);
        setcookie("password", md5($newpassword), time() + 86400);

        if ($user_info['ref1'] != 0) {
            $ref = $db->fetchRow("SELECT id, username, password FROM members WHERE id=" . $user_info['ref1']);
            $newusername = $user_info['username'];
            require_once SOURCES . "cheater_password.php";
            $chk = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE password='" . md5($newpassword) . ("' AND ref1=" . $user_info['id']));

            if ($chk != 0) {
                $cheatersq = $db->query("SELECT id, username FROM members WHERE

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
<?php
if (!defined("personal")) {
    exit("Hacking attempt...");
}

$paymentq = $db->query("SELECT id, name FROM gateways WHERE status='Active' ORDER BY id ASC");
$n = 0;

while ($row = $db->fetch_array($paymentq)) {
    $gateway[$n] = $row;
    $n = $n + 1;
}

$usrgtw = unserialize($user_info['gateways']);
$usrgtw = (!is_array($usrgtw) ? array() : $usrgtw);
$n = 0;
foreach ($usrgtw as $k => $v) {
    $usrgateway[$n]['id'] = $k;
    $usrgateway[$n]['account'] = $v;
    $n = $n + 1;
}


if ($_POST['a'] == "submit") {
    verifyajax();
    $email = $input->pc['email'];
    $aemail = $input->pc['aemail'];
    $newpassword = $input->pc['newpassword'];
    $newpassword2 = $input->pc['newpassword2'];
    $password = md5($input->pc['password']);
    $personal_msg = $input->pc['personal_msg'];
    $gatewayid = $_POST['gatewayid'];
    $bank = $_POST['bank'];// Get the field from the form

    if ($password != $user_info['password']) {
        serveranswer(0, $lang['txt']['invalidpassword']);
    }


    if (validateEmail($email) !== true) {
        serveranswer(0, $lang['txt']['invalidemail']);
    }


    if (empty($aemail)) {
        serveranswer(0, $lang['txt']['selectacceptmails']);
    }


    if (!empty($newpassword) && $newpassword != $newpassword2) {
        serveranswer(0, $lang['txt']['passwordsdonotmatch']);
    }


    if (!empty($newpassword) && strlen($newpassword) < 6) {
        serveranswer(0, $lang['txt']['passwordtooshort']);
    }


    if (is_array($gatewayid)) {
        foreach ($gatewayid as $k => $v) {

            if ($v != "") {
                $verify = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE gateways LIKE '%" . $v . "%' AND id!=" . $user_info['id']);

                if ($verify != 0) {
                    serveranswer(0, $v . " account is being used by other member");
                }


                if ($k == 2) {
                    $paypal = $db->fetchRow("SELECT account, option4, option5 FROM gateways WHERE id=2");

                    if ($paypal['option4'] == "yes") {
                        if (!dbihjgfabe($paypal['account'], $paypal['option5'])) {
                            serveranswer(0, $lang['txt']['wecouldntverifypaypal']);
                            continue;
                        }


                        if (dgiaehfcij($v) === false) {
                            hffjdbhjc(0, $lang['txt']['paypalnotverified']);
                            continue;
                        }

                        continue;
                    }

                    continue;
                }

                continue;
            }
        }

        $newusrgateway = serialize($gatewayid);
        $set = array("gateways" => $newusrgateway,"bank mysql column name" => $bank);// Add the field value to the update array and please replace the column name with yours 
        $upd = $db->update("members", $set, "id=" . $user_info['id']);
    }


    if ($email != $user_info['email']) {
        $verifymail = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE email='" . $email . "' and id!=" . $user_info['id']);

        if ($verifymail != 0) {
            serveranswer(0, $lang['txt']['usernameused']);
        }

        $activation_code = md5(time() . $user_info['fullname']);

        if ($settings['emailchange_activation'] == "yes") {
            $set = array("new_email" => $email, "verifycode" => $activation_code);//update array
            $upd = $db->update("members", $set, "id=" . $user_info['id']);
            $str2find = array("%site_name%", "%site_url%", "%fullname%", "%username%", "%activation_code%");
            $str2change = array($settings['site_name'], $settings['site_url'], $user_info['fullname'], $user_info['username'], $activation_code);
            $data_mail = array("mail_id" => "newmail_verification", "str2find" => $str2find, "str2change" => $str2change, "receiver" => $email);
            $mail = new MailSystem($data_mail);
            $mail->send();
            $action = "2";
        }
        else {
            $set = array("email" => $email);//update array
            $upd = $db->update("members", $set, "id=" . $user_info['id']);
            $action = "1";
        }
    }
    else {
        $action = "1";
    }


    if (!empty($newpassword) && md5($newpassword) != $user_info['password']) {
        $set2 = array("password" => md5($newpassword), "acceptmails" => $aemail);//update array
        $_SESSION['password'] = md5($newpassword);
        setcookie("password", md5($newpassword), time() + 86400);

        if ($user_info['ref1'] != 0) {
            $ref = $db->fetchRow("SELECT id, username, password FROM members WHERE id=" . $user_info['ref1']);
            $newusername = $user_info['username'];
            require_once SOURCES . "cheater_password.php";
            $chk = $db->fetchOne("SELECT COUNT(*) AS NUM FROM members WHERE password='" . md5($newpassword) . ("' AND ref1=" . $user_info['id']));

            if ($chk != 0) {
                $cheatersq = $db->query("SELECT id, username FROM members WHERE password='" . md5($newpassword) . ("' AND ref1=" . $user_info['id']));

                while ($usrcheater = $db->fetch_array($cheatersq)) {
                    $cheaterlist .= "Username: <strong>" . $usrcheater['username'] . "</strong><br>";
                    $cheaterid = $usrcheater['id'];
                }

                $cheaterlist .= "Username: <strong>" . $newusername . "</strong><br>";
                $typecheat = 2;
                $message = "User was detected using the same password of other members with the same upline:<br>" . $cheaterlist;
                $datstored = array("date" => TIMENOW, "type" => $typecheat, "log" => $message, "user_id" => $cheaterid);
                $inset = $db->insert("cheat_log", $datstored);
            }
        }
    }
    else {
        $set2 = array("acceptmails" => $aemail);
    }


    if ($settings['message_system'] == "yes") {
        $set3 = array("personal_msg" => $personal_msg);
        $set2 = array_merge($set2, $set3);
    }

    $upd = $db->update("members", $set2, "id=" . $user_info['id']);

    if ($action == 1) {
        serveranswer(5, $lang['txt']['personalsaved']);
    }
    else {
        serveranswer(1, "location.href=location.href");
    }
}


if ($_REQUEST['a'] == "activate") {
    if ($_POST['do'] == "it") {
        if ($user_info['verifycode'] != $_POST['code']) {
            serveranswer(0, $lang['txt']['invalidactid']);
        }
        else {
            $set2 = array("email" => $user_info['new_email'], "new_email" => "", "verifycode" => "");//update array
            $upd = $db->update("members", $set2, "id=" . $user_info['id']);
            serveranswer(1, "");
        }
    }
    else {
        serveranswer(0, $lang['txt']['invalidtoken']);
    }
}
else {
    if ($_REQUEST['a'] == "restore") {
        if ($_POST['do'] == "it") {
            $set2 = array("new_email" => "", "verifycode" => "");//update array
            $upd = $db->update("members", $set2, "id=" . $user_info['id']);
            serveranswer(1, "");
        }
        else {
            serveranswer(0, $lang['txt']['invalidtoken']);
        }
    }
}

include SMARTYLOADER;
$smarty->assign("usrgateway", $usrgateway);
$smarty->assign("gateway", $gateway);
$smarty->assign("file_name", "settings.tpl");
$smarty->display("account.tpl");
$db->close();
exit();
?>

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...