/[LeafOK_CVS]/fenglin/bbs/ch_username_sub.php
ViewVC logotype

Diff of /fenglin/bbs/ch_username_sub.php

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.4 by sysadm, Thu Jan 7 01:21:28 2010 UTC Revision 1.8 by sysadm, Wed Mar 26 11:48:07 2025 UTC
# Line 6  Line 6 
6  <?  <?
7  if ($_SESSION["BBS_uid"]==0)  if ($_SESSION["BBS_uid"]==0)
8  {  {
9          include "./force_login.inc.php";          echo ("尚未登陆");
10          exit();          exit();
11  }  }
12    
13  $permit = false;  $permit = false;
14  if (preg_match("/^[A-Za-z]{3,12}$/",$_SESSION["BBS_username"]))  if (preg_match("/^[A-Za-z]{3,12}$/",$_SESSION["BBS_username"]))
15  {  {
16          error_msg ("Ȩ޸û", true);          error_msg ("您无权修改用户名!", true);
17          exit();          exit();
18  }  }
19    
20  $username=htmlspecialchars(trim($_POST["username"]));  $username=trim($_POST["username"]);
 $username=addslashes($username);  
21    
22  if (!preg_match("/^[A-Za-z]{5,12}$/",$username))  if (!preg_match("/^[A-Za-z]{5,12}$/",$username))
23  {  {
24          error_msg ("ûдȷ", true);          error_msg ("用户名填写不正确!", true);
25          exit();          exit();
26  }        }      
27  if (!check_str($username))  if (!check_str($username))
28  {  {
29          error_msg ("ûϵͳʣ", true);          error_msg ("用户名含有系统保留词!", true);
30          exit();          exit();
31  }  }
32    
33  $db_conn=include "./db_open.inc.php";  $db_conn=include "./db_open.inc.php";
34    
35  $rs=mysql_query("select UID from user_list where username='$username' limit 1");  $rs=mysql_query("select UID from user_list where username='" .
36            mysqli_real_escape_string($db_conn, $username) . "' limit 1");
37  if (mysql_num_rows($rs)>0)  if (mysql_num_rows($rs)>0)
38  {  {
39          error_msg ("ûѴڣ", true);          error_msg ("用户名已存在!", true);
40          exit();          exit();
41  }  }
42  mysql_free_result($rs);  mysql_free_result($rs);
43    
44  mysql_query("update user_list set username='$username'".  mysql_query("update user_list set username='" .
45            mysqli_real_escape_string($db_conn, $username) . "'".
46          " where UID=".$_SESSION["BBS_uid"])          " where UID=".$_SESSION["BBS_uid"])
47          or die("Update error!");          or die("Update error!");
48    

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1