fenglin/bbs/preference_service.php

<?
        require_once "../lib/db_open.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "./session_init.inc.php";
        require_once "./check_sub.inc.php";

        force_login();

        $data = json_decode(file_get_contents("php://input"), true);

        $user_tz = (isset($data["user_tz"]) ? $data["user_tz"] : "");
        $photo = (isset($data["photo"]) ? intval($data["photo"]) : 0);
        $introduction = (isset($data["introduction"]) ? $data["introduction"] : "");
        $sign_1 = (isset($data["sign_1"]) ? $data["sign_1"] : "");
        $sign_2 = (isset($data["sign_2"]) ? $data["sign_2"] : "");
        $sign_3 = (isset($data["sign_3"]) ? $data["sign_3"] : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        $timezone_identifiers = DateTimeZone::listIdentifiers();
        if (!in_array($user_tz, $timezone_identifiers, true))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "user_tz",
                        "errMsg" => "不存在的时区",
                ));
        }

        $r_introduction = check_badwords(split_line($introduction, "", 80, 10), "****");
        if ($introduction != $r_introduction)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "introduction",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_introduction,
                ));
        }

        $r_sign_1 = check_badwords(split_line($sign_1, "", 80, 10), "****");
        if ($sign_1 != $r_sign_1)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "sign_1",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_sign_1,
                ));
        }

        $r_sign_2 = check_badwords(split_line($sign_2, "", 80, 10), "****");
        if ($sign_2 != $r_sign_2)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "sign_2",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_sign_2,
                ));
        }

        $r_sign_3 = check_badwords(split_line($sign_3, "", 80, 10), "****");
        if ($sign_3 != $r_sign_3)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "sign_3",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_sign_3,
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Secure SQL statement
        $introduction = mysqli_real_escape_string($db_conn, $introduction);
        $sign_1 = mysqli_real_escape_string($db_conn, $sign_1);
        $sign_2 = mysqli_real_escape_string($db_conn, $sign_2);
        $sign_3 = mysqli_real_escape_string($db_conn, $sign_3);

        $sql = "UPDATE user_pubinfo SET user_timezone = '$user_tz', introduction = '$introduction', ".
                "photo = $photo, sign_1 = '$sign_1', sign_2 = '$sign_2', sign_3 = '$sign_3'".
                " WHERE UID=" . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                echo "Update data error: " . mysqli_error($db_conn);
                exit();
        }

        // Update user_tz in session data
        $_SESSION["BBS_user_tz"] = new DateTimeZone($user_tz);

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.1	<?
2			require_once "../lib/db_open.inc.php";
3			require_once "../lib/str_process.inc.php";
4			require_once "./session_init.inc.php";
5			require_once "./check_sub.inc.php";
6
7			force_login();
8
9			$data = json_decode(file_get_contents("php://input"), true);
10
11	sysadm	1.2	$user_tz = (isset($data["user_tz"]) ? $data["user_tz"] : "");
12	sysadm	1.1	$photo = (isset($data["photo"]) ? intval($data["photo"]) : 0);
13			$introduction = (isset($data["introduction"]) ? $data["introduction"] : "");
14			$sign_1 = (isset($data["sign_1"]) ? $data["sign_1"] : "");
15			$sign_2 = (isset($data["sign_2"]) ? $data["sign_2"] : "");
16			$sign_3 = (isset($data["sign_3"]) ? $data["sign_3"] : "");
17
18			$result_set = array(
19			"return" => array(
20			"code" => 0,
21			"message" => "",
22			"errorFields" => array(),
23			)
24			);
25
26			header("Content-Type:application/json; charset=utf-8");
27
28			// Validate input data
29	sysadm	1.2	$timezone_identifiers = DateTimeZone::listIdentifiers();
30			if (!in_array($user_tz, $timezone_identifiers, true))
31			{
32			$result_set["return"]["code"] = -1;
33			array_push($result_set["return"]["errorFields"], array(
34			"id" => "user_tz",
35			"errMsg" => "不存在的时区",
36			));
37			}
38
39	sysadm	1.1	$r_introduction = check_badwords(split_line($introduction, "", 80, 10), "****");
40			if ($introduction != $r_introduction)
41			{
42			$result_set["return"]["code"] = -1;
43			array_push($result_set["return"]["errorFields"], array(
44			"id" => "introduction",
45			"errMsg" => "不符合要求",
46			"updateValue" => $r_introduction,
47			));
48			}
49
50			$r_sign_1 = check_badwords(split_line($sign_1, "", 80, 10), "****");
51			if ($sign_1 != $r_sign_1)
52			{
53			$result_set["return"]["code"] = -1;
54			array_push($result_set["return"]["errorFields"], array(
55			"id" => "sign_1",
56			"errMsg" => "不符合要求",
57			"updateValue" => $r_sign_1,
58			));
59			}
60
61			$r_sign_2 = check_badwords(split_line($sign_2, "", 80, 10), "****");
62			if ($sign_2 != $r_sign_2)
63			{
64			$result_set["return"]["code"] = -1;
65			array_push($result_set["return"]["errorFields"], array(
66			"id" => "sign_2",
67			"errMsg" => "不符合要求",
68			"updateValue" => $r_sign_2,
69			));
70			}
71
72			$r_sign_3 = check_badwords(split_line($sign_3, "", 80, 10), "****");
73			if ($sign_3 != $r_sign_3)
74			{
75			$result_set["return"]["code"] = -1;
76			array_push($result_set["return"]["errorFields"], array(
77			"id" => "sign_3",
78			"errMsg" => "不符合要求",
79			"updateValue" => $r_sign_3,
80			));
81			}
82
83			if ($result_set["return"]["code"] != 0)
84			{
85			mysqli_close($db_conn);
86			exit(json_encode($result_set));
87			}
88
89			// Secure SQL statement
90			$introduction = mysqli_real_escape_string($db_conn, $introduction);
91			$sign_1 = mysqli_real_escape_string($db_conn, $sign_1);
92			$sign_2 = mysqli_real_escape_string($db_conn, $sign_2);
93			$sign_3 = mysqli_real_escape_string($db_conn, $sign_3);
94
95	sysadm	1.2	$sql = "UPDATE user_pubinfo SET user_timezone = '$user_tz', introduction = '$introduction', ".
96	sysadm	1.1	"photo = $photo, sign_1 = '$sign_1', sign_2 = '$sign_2', sign_3 = '$sign_3'".
97			" WHERE UID=" . $_SESSION["BBS_uid"];
98
99			$rs = mysqli_query($db_conn, $sql);
100			if ($rs == false)
101			{
102			echo "Update data error: " . mysqli_error($db_conn);
103			exit();
104			}
105
106	sysadm	1.2	// Update user_tz in session data
107			$_SESSION["BBS_user_tz"] = new DateTimeZone($user_tz);
108
109	sysadm	1.1	mysqli_close($db_conn);
110			exit(json_encode($result_set));
111			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1