diff -Nur pmb.orig/usur_imp.php pmb/usur_imp.php
--- pmb.orig/usur_imp.php	2009-02-05 15:08:46.000000000 +0100
+++ pmb/usur_imp.php	2009-03-12 09:10:28.000000000 +0100
@@ -23,6 +23,13 @@
 	return(split($sep, $linea));
 }
 
+function fields_slashes($field) {
+	
+	$que = array("&", "<", ">");
+	$por = array("&amp;", "&lt;", "&gt;");
+
+	return addslashes(str_replace($que, $por, $field));
+}
 
 $base_path=".";                            
 $base_auth = "ADMINISTRATION_AUTH";  
@@ -58,21 +65,64 @@
 
 		if(((($num+1)%24)== 0) && ($num != 0)){//cada 24 debido a que hay 24 campos
 		
-		$sql_comp= "SELECT * FROM `empr` WHERE (`empr`.`empr_cb` like '" . $tot[$num-23] . "' AND `empr`. `empr_nom` like '" . $tot[$num-22] . "' AND `empr`. `empr_prenom` like '" . $tot[$num-21] . "' )";
+		$sql_comp= "SELECT `empr`.`id_empr`, `empr`.`empr_login`, `empr`.`empr_password`, `empr`.`empr_location` FROM `empr` WHERE (`empr`.`empr_cb`='" . $tot[$num-23] . "' AND `empr`. `empr_nom` like '" . $tot[$num-22] . "' AND `empr`. `empr_prenom` like '" . $tot[$num-21] . "' )";
 		$resul1= @mysql_query($sql_comp, $link2);
+		$fecha= date('Y-m-d');
+		$fecha_cad= date('Y-m-d', strtotime('+1 year'));
+		//echo $date_cad;
+		if (trim($tot[$num-9]) != "") {
+			$user_a=addslashes($tot[$num-9]);
+			if (trim($tot[$num-8]) != "") $pass_a=addslashes($tot[$num-8]);
+			else $pass_a=$tot[$num-23];
+		} else {
+			$user_a=$tot[$num-23];
+			$pass_a=$tot[$num-23];
+		}
+		if (trim($tot[$num-3]) != "") $loca=intval(($tot[$num-3]));
+		else $loca=1;
 		  if (@mysql_num_rows($resul1) != 0) {
-			echo "$msg[usur_imp_b] <b>" . $tot[$num-23] . "</b><br>";
+			//echo "$msg[usur_imp_b] <b>" . $tot[$num-23] . "</b><br>";
+			$row1 = mysql_fetch_array($resul1);
+			$requete = "UPDATE empr SET ";
+			$requete .= "empr_nom='".fields_slashes($tot[$num-22])."',";
+			$requete .= "empr_prenom='".fields_slashes($tot[$num-21])."',";
+			$requete .= "empr_adr1='".fields_slashes($tot[$num-20])."',";
+			$requete .= "empr_adr2='".fields_slashes($tot[$num-19])."',";
+			$requete .= "empr_cp='".fields_slashes($tot[$num-18])."',";
+			$requete .= "empr_ville='".fields_slashes($tot[$num-17])."',";
+			$requete .= "empr_pays='".fields_slashes($tot[$num-16])."',";
+			$requete .= "empr_mail='".fields_slashes($tot[$num-15])."',";
+			$requete .= "empr_tel1='".fields_slashes($tot[$num-14])."',";
+			$requete .= "empr_tel2='".fields_slashes($tot[$num-13])."',";
+			$requete .= "empr_prof='".fields_slashes($tot[$num-12])."',";
+			$requete .= "empr_year=".intval(($tot[$num-11])).",";
+			if ($row1['empr_login'] == "") {
+				$requete .= "empr_login='".$user_a."', ";
+				$requete .= "empr_password='".$pass_a."', ";
 			}
-else{ 
-// arreglar saltos de línea
-$fecha= date('Y-m-d');
-$fecha_cad= date('Y-m-d', strtotime('+1 year'));
-echo $date_cad;
-$sql = "insert into empr (empr_cb, empr_nom, empr_prenom, empr_adr1, empr_adr2, empr_cp, empr_ville, empr_pays, empr_mail, empr_tel1, empr_tel2, empr_prof, empr_year, empr_sexe, empr_login, empr_password, empr_msg, empr_lang, type_abt, last_loan_date, empr_location, date_fin_blocage, total_loans, empr_statut, empr_creation, empr_modif, empr_date_adhesion, empr_date_expiration, empr_categ, empr_codestat) values ( '" . $tot[$num-23] . "', '" . $tot[$num-22] . "', '" . $tot[$num-21] . "', '" . $tot[$num-20] . "', '" . $tot[$num-19] . "', '" . $tot[$num-18] . "', '" . $tot[$num-17] . "', '" . $tot[$num-16] . "', '" . $tot[$num-15] . "', '" . $tot[$num-14] . "', '" . $tot[$num-13] . "', '" . $tot[$num-12] . "', " . intval(($tot[$num-11])) . ", " . intval(($tot[$num-10])) . ", '" . $tot[$num-9] . "', '" . $tot[$num-8] . "', '" . $tot[$num-7] . "', '" . $tot[$num-6] . "', '" . $tot[$num-5] . "', '" . $tot[$num-4] . "', '" . $tot[$num-3] . "', '" . $tot[$num-2] . "', '" . $tot[$num-1] . "', '" . $tot[$num] . "', '" . $fecha . "', '" . $fecha . "', '" . $fecha . "', '" . $fecha_cad . "', 7, 2 )";
-$resul2 = @mysql_query($sql, $link2);
-$cont++;
+			//$requete .= "empr_msg='".$tot[$num-7]."' ";
+			//$requete .= "empr_lang='".$lang."', ";
+			//$requete .= "type_abt='".$tot[$num-5]."', ";
+			//$requete .= "last_loan_date='".$tot[$num-4]."', ";
+			if ($row1['empr_location'] == "" || intval($row1['empr_location']) == 0) $requete .= "empr_location='".$loca."', ";
+			//$requete .= "date_fin_blocage=$tot[$num-22],";
+			//$requete .= "total_loans=$tot[$num-22],";
+			//$requete .= "empr_statut='"$tot[$num-22]."',";
+			$requete .= "empr_sexe=".intval(($tot[$num-10]))."";
+			$requete .= " WHERE id_empr=".intval($row1['id_empr'])." ";
+			$resul2 = @mysql_query($requete, $link2);
+			$cont++;
 
-}}
+			}
+		else{ 
+			// arreglar saltos de línea
+
+			$sql = "insert into empr (empr_cb, empr_nom, empr_prenom, empr_adr1, empr_adr2, empr_cp, empr_ville, empr_pays, empr_mail, empr_tel1, empr_tel2, empr_prof, empr_year, empr_sexe, empr_login, empr_password, empr_msg, empr_lang, type_abt, last_loan_date, empr_location, date_fin_blocage, total_loans, empr_statut, empr_creation, empr_modif, empr_date_adhesion, empr_date_expiration, empr_categ, empr_codestat) values ( '" . fields_slashes($tot[$num-23]) . "', '" . fields_slashes($tot[$num-22]) . "', '" . fields_slashes($tot[$num-21]) . "', '" . fields_slashes($tot[$num-20]) . "', '" . fields_slashes($tot[$num-19]) . "', '" . fields_slashes($tot[$num-18]) . "', '" . fields_slashes($tot[$num-17]) . "', '" . fields_slashes($tot[$num-16]) . "', '" . fields_slashes($tot[$num-15]) . "', '" . fields_slashes($tot[$num-14]) . "', '" . fields_slashes($tot[$num-13]) . "', '" . fields_slashes($tot[$num-12]) . "', " . intval(($tot[$num-11])) . ", " . intval(($tot[$num-10])) . ", '" . $user_a . "', '" . $pass_a . "', '" . fields_slashes($tot[$num-7]) . "', '" . $lang . "', '" . fields_slashes($tot[$num-5]) . "', '" . $tot[$num-4] . "', $loca, '" . $tot[$num-2] . "', '" . $tot[$num-1] . "', '" . $tot[$num] . "', '" . $fecha . "', '" . $fecha . "', '" . $fecha . "', '" . $fecha_cad . "', 7, 2 )";
+			$resul2 = @mysql_query($sql, $link2);
+			$cont++;
+
+		}
+	}
 		
 	$num++;
 		}