| 1 |
<?
|
| 2 |
require_once "../lib/db_open.inc.php";
|
| 3 |
require_once "../lib/str_process.inc.php";
|
| 4 |
require_once "./session_init.inc.php";
|
| 5 |
require_once "./check_sub.inc.php";
|
| 6 |
|
| 7 |
force_login();
|
| 8 |
|
| 9 |
$data = json_decode(file_get_contents("php://input"), true);
|
| 10 |
|
| 11 |
$user_tz = (isset($data["user_tz"]) ? $data["user_tz"] : "");
|
| 12 |
$photo = (isset($data["photo"]) ? intval($data["photo"]) : 0);
|
| 13 |
$introduction = (isset($data["introduction"]) ? $data["introduction"] : "");
|
| 14 |
$sign_1 = (isset($data["sign_1"]) ? $data["sign_1"] : "");
|
| 15 |
$sign_2 = (isset($data["sign_2"]) ? $data["sign_2"] : "");
|
| 16 |
$sign_3 = (isset($data["sign_3"]) ? $data["sign_3"] : "");
|
| 17 |
|
| 18 |
$result_set = array(
|
| 19 |
"return" => array(
|
| 20 |
"code" => 0,
|
| 21 |
"message" => "",
|
| 22 |
"errorFields" => array(),
|
| 23 |
)
|
| 24 |
);
|
| 25 |
|
| 26 |
header("Content-Type:application/json; charset=utf-8");
|
| 27 |
|
| 28 |
// Validate input data
|
| 29 |
$timezone_identifiers = DateTimeZone::listIdentifiers();
|
| 30 |
if (!in_array($user_tz, $timezone_identifiers, true))
|
| 31 |
{
|
| 32 |
$result_set["return"]["code"] = -1;
|
| 33 |
array_push($result_set["return"]["errorFields"], array(
|
| 34 |
"id" => "user_tz",
|
| 35 |
"errMsg" => "不存在的时区",
|
| 36 |
));
|
| 37 |
}
|
| 38 |
|
| 39 |
$r_introduction = check_badwords(split_line($introduction, "", 80, 10), "****");
|
| 40 |
if ($introduction != $r_introduction)
|
| 41 |
{
|
| 42 |
$result_set["return"]["code"] = -1;
|
| 43 |
array_push($result_set["return"]["errorFields"], array(
|
| 44 |
"id" => "introduction",
|
| 45 |
"errMsg" => "不符合要求",
|
| 46 |
"updateValue" => $r_introduction,
|
| 47 |
));
|
| 48 |
}
|
| 49 |
|
| 50 |
$r_sign_1 = check_badwords(split_line($sign_1, "", 80, 10), "****");
|
| 51 |
if ($sign_1 != $r_sign_1)
|
| 52 |
{
|
| 53 |
$result_set["return"]["code"] = -1;
|
| 54 |
array_push($result_set["return"]["errorFields"], array(
|
| 55 |
"id" => "sign_1",
|
| 56 |
"errMsg" => "不符合要求",
|
| 57 |
"updateValue" => $r_sign_1,
|
| 58 |
));
|
| 59 |
}
|
| 60 |
|
| 61 |
$r_sign_2 = check_badwords(split_line($sign_2, "", 80, 10), "****");
|
| 62 |
if ($sign_2 != $r_sign_2)
|
| 63 |
{
|
| 64 |
$result_set["return"]["code"] = -1;
|
| 65 |
array_push($result_set["return"]["errorFields"], array(
|
| 66 |
"id" => "sign_2",
|
| 67 |
"errMsg" => "不符合要求",
|
| 68 |
"updateValue" => $r_sign_2,
|
| 69 |
));
|
| 70 |
}
|
| 71 |
|
| 72 |
$r_sign_3 = check_badwords(split_line($sign_3, "", 80, 10), "****");
|
| 73 |
if ($sign_3 != $r_sign_3)
|
| 74 |
{
|
| 75 |
$result_set["return"]["code"] = -1;
|
| 76 |
array_push($result_set["return"]["errorFields"], array(
|
| 77 |
"id" => "sign_3",
|
| 78 |
"errMsg" => "不符合要求",
|
| 79 |
"updateValue" => $r_sign_3,
|
| 80 |
));
|
| 81 |
}
|
| 82 |
|
| 83 |
if ($result_set["return"]["code"] != 0)
|
| 84 |
{
|
| 85 |
mysqli_close($db_conn);
|
| 86 |
exit(json_encode($result_set));
|
| 87 |
}
|
| 88 |
|
| 89 |
// Secure SQL statement
|
| 90 |
$introduction = mysqli_real_escape_string($db_conn, $introduction);
|
| 91 |
$sign_1 = mysqli_real_escape_string($db_conn, $sign_1);
|
| 92 |
$sign_2 = mysqli_real_escape_string($db_conn, $sign_2);
|
| 93 |
$sign_3 = mysqli_real_escape_string($db_conn, $sign_3);
|
| 94 |
|
| 95 |
// Begin transaction
|
| 96 |
$rs = mysqli_query($db_conn, "SET autocommit=0");
|
| 97 |
if ($rs == false)
|
| 98 |
{
|
| 99 |
$result_set["return"]["code"] = -2;
|
| 100 |
$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
|
| 101 |
|
| 102 |
mysqli_close($db_conn);
|
| 103 |
exit(json_encode($result_set));
|
| 104 |
}
|
| 105 |
|
| 106 |
$rs = mysqli_query($db_conn, "BEGIN");
|
| 107 |
if ($rs == false)
|
| 108 |
{
|
| 109 |
$result_set["return"]["code"] = -2;
|
| 110 |
$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
|
| 111 |
|
| 112 |
mysqli_close($db_conn);
|
| 113 |
exit(json_encode($result_set));
|
| 114 |
}
|
| 115 |
|
| 116 |
$sql = "UPDATE user_pubinfo SET user_timezone = '$user_tz', introduction = '$introduction', ".
|
| 117 |
"photo = $photo, sign_1 = '$sign_1', sign_2 = '$sign_2', sign_3 = '$sign_3'".
|
| 118 |
" WHERE UID=" . $_SESSION["BBS_uid"];
|
| 119 |
|
| 120 |
$rs = mysqli_query($db_conn, $sql);
|
| 121 |
if ($rs == false)
|
| 122 |
{
|
| 123 |
echo "Update data error: " . mysqli_error($db_conn);
|
| 124 |
exit();
|
| 125 |
}
|
| 126 |
|
| 127 |
// Commit transaction
|
| 128 |
$rs = mysqli_query($db_conn, "COMMIT");
|
| 129 |
if ($rs == false)
|
| 130 |
{
|
| 131 |
$result_set["return"]["code"] = -2;
|
| 132 |
$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
|
| 133 |
|
| 134 |
mysqli_close($db_conn);
|
| 135 |
exit(json_encode($result_set));
|
| 136 |
}
|
| 137 |
|
| 138 |
// Update user_tz in session data
|
| 139 |
$_SESSION["BBS_user_tz"] = new DateTimeZone($user_tz);
|
| 140 |
|
| 141 |
mysqli_close($db_conn);
|
| 142 |
exit(json_encode($result_set));
|
| 143 |
?>
|
Parent Directory
| 
Revision Log