--- fenglin/bbs/preference_service.php	2025/04/07 06:33:07	1.1
+++ fenglin/bbs/preference_service.php	2025/04/08 01:58:33	1.2
@@ -8,6 +8,7 @@
 
 	$data = json_decode(file_get_contents("php://input"), true);
 
+	$user_tz = (isset($data["user_tz"]) ? $data["user_tz"] : "");
 	$photo = (isset($data["photo"]) ? intval($data["photo"]) : 0);
 	$introduction = (isset($data["introduction"]) ? $data["introduction"] : "");
 	$sign_1 = (isset($data["sign_1"]) ? $data["sign_1"] : "");
@@ -25,6 +26,16 @@
 	header("Content-Type:application/json; charset=utf-8");
 
 	// Validate input data
+	$timezone_identifiers = DateTimeZone::listIdentifiers();
+	if (!in_array($user_tz, $timezone_identifiers, true))
+	{
+		$result_set["return"]["code"] = -1;
+		array_push($result_set["return"]["errorFields"], array(
+			"id" => "user_tz",
+			"errMsg" => "不存在的时区",
+		));
+	}
+
 	$r_introduction = check_badwords(split_line($introduction, "", 80, 10), "****");
 	if ($introduction != $r_introduction)
 	{
@@ -102,7 +113,7 @@
 		exit(json_encode($result_set));
 	}
 
-	$sql = "UPDATE user_pubinfo SET introduction = '$introduction', ".
+	$sql = "UPDATE user_pubinfo SET user_timezone = '$user_tz', introduction = '$introduction', ".
 		"photo = $photo, sign_1 = '$sign_1', sign_2 = '$sign_2', sign_3 = '$sign_3'".
 		" WHERE UID=" . $_SESSION["BBS_uid"];
 
@@ -124,6 +135,9 @@
 		exit(json_encode($result_set));
 	}
 
+	// Update user_tz in session data
+	$_SESSION["BBS_user_tz"] = new DateTimeZone($user_tz);
+
 	mysqli_close($db_conn);
 	exit(json_encode($result_set));
 ?>