OverLord Shell

Path : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/
File Upload :
Current File : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/useredit_save.php

<?php session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array(2,$_SESSION['role'])){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("../db/conn.php");

$uid=$_POST['uid'];
$username=trim(preg_replace('/[^a-zA-Z0-9]+/','',$_POST['username']));
$fullname=trim($_POST['fullname']);
$email=filter_var(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL), FILTER_VALIDATE_EMAIL);
$phone=trim(preg_replace('/[^0-9]+/','',$_POST['phone']));
$role="";
foreach($_POST['section'] as $secval){
	if($secval%2==0)$role.=($secval-1).",";
	$role.=$secval.",";
}
$role=rtrim($role,',');

$selr=$connection->query("SELECT usersrno FROM busdir_mst_users WHERE usersrno!=".$uid." AND (username='".$username."' OR email='".$email."')");
if($selr->num_rows!=0)echo "Duplicate Username or Email";
else{
	$updateq="UPDATE busdir_mst_users SET username='$username',name='$fullname',email='$email',phone='$phone',";
	if(!empty($role))$updateq.="role='$role',";else $updateq.="role=NULL,";
	$updateq.="modifiedby='".$_SESSION['company_id']."' WHERE usersrno=".$uid;
	$updater=$connection->query($updateq);
	if($updater)echo "success";
	else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>

xRyukZ - Copyright 2k19