action\users\user_ico_cut_save.action.php

<?php
	   //引入模块公共方法文件
	  require("foundation/module_users.php");
	require("foundation/aintegral.php");
	require("foundation/fcontent_format.php");
	require("api/base_support.php");
	  //语言包引
	  $u_langpackage=new userslp;
	  //数据库操作
	  dbtarget('w',$dbServs);
	  $dbo=new dbex();
	  $photo_url=short_check(get_argg('pic'));         //这里这里.
	  $user_id=get_sess_userid();//用户ID
	  $user_name=get_sess_username();//用户名
	  $ico_url=long_check(get_argp('u_ico_url'));
	往下看
	;
	;
	;
	 
	if(preg_match("/uploadfiles\/photo_store/",$photo_url)){
	unlink($photo_url);//删除临时图片文件          // you know

//变量声明区
	$user_id=get_sess_userid();
	$user_name=get_sess_username();
	$userico=get_sess_userico();
	  $cho=get_argp('pol_cho'); //此处可控未过滤
	  $pid=intval(get_argg('pid'));
	  $anon=short_check(get_argp('anonymity'));
	  $total_credit=intval(get_argp('credit'));
	  $per_int=intval(get_argp('percredit'));
	  $p_subject=short_check(get_argp('subject'));	往下看
	 foreach($cho as $v){
	  $option.=",".$v;
	  }
	  $sql="select `option` from $t_polloption where oid in(0.$option)"; //you know too

<?php
require("foundation/module_users.php");
//引入语言包
$u_langpackage=new userslp;
//变量获得
$user_id =get_sess_userid();
$model = short_check(get_argg('model'));
$birth_year = short_check(get_argp('birth_year'));
$birth_month = short_check(get_argp('birth_month'));
$birth_day = short_check(get_argp('birth_day'));
$reside_city = short_check(get_argp('reside_city'));
$reside_province = short_check(get_argp('reside_province'));
$birth_city = short_check(get_argp('birth_city'));
$birth_province = short_check(get_argp('birth_province'));
$is_finish=intval(get_argg('is_finish'));
$info = get_argp('info');    //看这里
往下看
//更新自定义信息表
if(!empty($info)){
foreach($info as $key => $value){
if($value!==''){
$key=explode('|',$key);
$sql="insert into $t_user_info (user_id,info_id,info_value) values ($user_id,'".$key[0]."','$value')";//直接查询, 不过受Gpc
$dbo -> exeUpdate($sql);
}
}
}