fenglin/bbs/preference_service.php

<?
        require_once "../lib/db_open.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "./session_init.inc.php";
        require_once "./check_sub.inc.php";

        force_login();

        $data = json_decode(file_get_contents("php://input"), true);

        $user_tz = (isset($data["user_tz"]) ? $data["user_tz"] : "");
        $photo = (isset($data["photo"]) ? intval($data["photo"]) : 0);
        $introduction = (isset($data["introduction"]) ? $data["introduction"] : "");
        $sign_1 = (isset($data["sign_1"]) ? $data["sign_1"] : "");
        $sign_2 = (isset($data["sign_2"]) ? $data["sign_2"] : "");
        $sign_3 = (isset($data["sign_3"]) ? $data["sign_3"] : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        $timezone_identifiers = DateTimeZone::listIdentifiers();
        if (!in_array($user_tz, $timezone_identifiers, true))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "user_tz",
                        "errMsg" => "不存在的时区",
                ));
        }

        $r_introduction = check_badwords(split_line($introduction, "", 80, 10), "****");
        if ($introduction != $r_introduction)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "introduction",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_introduction,
                ));
        }

        $r_sign_1 = check_badwords(split_line($sign_1, "", 80, 10), "****");
        if ($sign_1 != $r_sign_1)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "sign_1",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_sign_1,
                ));
        }

        $r_sign_2 = check_badwords(split_line($sign_2, "", 80, 10), "****");
        if ($sign_2 != $r_sign_2)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "sign_2",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_sign_2,
                ));
        }

        $r_sign_3 = check_badwords(split_line($sign_3, "", 80, 10), "****");
        if ($sign_3 != $r_sign_3)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "sign_3",
                        "errMsg" => "不符合要求",
                        "updateValue" => $r_sign_3,
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Secure SQL statement
        $introduction = mysqli_real_escape_string($db_conn, $introduction);
        $sign_1 = mysqli_real_escape_string($db_conn, $sign_1);
        $sign_2 = mysqli_real_escape_string($db_conn, $sign_2);
        $sign_3 = mysqli_real_escape_string($db_conn, $sign_3);

        $sql = "UPDATE user_pubinfo SET user_timezone = '$user_tz', introduction = '$introduction', ".
                "photo = $photo, sign_1 = '$sign_1', sign_2 = '$sign_2', sign_3 = '$sign_3'".
                " WHERE UID=" . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                echo "Update data error: " . mysqli_error($db_conn);
                exit();
        }

        // Update user_tz in session data
        $_SESSION["BBS_user_tz"] = new DateTimeZone($user_tz);

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	<?
2	require_once "../lib/db_open.inc.php";
3	require_once "../lib/str_process.inc.php";
4	require_once "./session_init.inc.php";
5	require_once "./check_sub.inc.php";
6
7	force_login();
8
9	$data = json_decode(file_get_contents("php://input"), true);
10
11	$user_tz = (isset($data["user_tz"]) ? $data["user_tz"] : "");
12	$photo = (isset($data["photo"]) ? intval($data["photo"]) : 0);
13	$introduction = (isset($data["introduction"]) ? $data["introduction"] : "");
14	$sign_1 = (isset($data["sign_1"]) ? $data["sign_1"] : "");
15	$sign_2 = (isset($data["sign_2"]) ? $data["sign_2"] : "");
16	$sign_3 = (isset($data["sign_3"]) ? $data["sign_3"] : "");
17
18	$result_set = array(
19	"return" => array(
20	"code" => 0,
21	"message" => "",
22	"errorFields" => array(),
23	)
24	);
25
26	header("Content-Type:application/json; charset=utf-8");
27
28	// Validate input data
29	$timezone_identifiers = DateTimeZone::listIdentifiers();
30	if (!in_array($user_tz, $timezone_identifiers, true))
31	{
32	$result_set["return"]["code"] = -1;
33	array_push($result_set["return"]["errorFields"], array(
34	"id" => "user_tz",
35	"errMsg" => "不存在的时区",
36	));
37	}
38
39	$r_introduction = check_badwords(split_line($introduction, "", 80, 10), "****");
40	if ($introduction != $r_introduction)
41	{
42	$result_set["return"]["code"] = -1;
43	array_push($result_set["return"]["errorFields"], array(
44	"id" => "introduction",
45	"errMsg" => "不符合要求",
46	"updateValue" => $r_introduction,
47	));
48	}
49
50	$r_sign_1 = check_badwords(split_line($sign_1, "", 80, 10), "****");
51	if ($sign_1 != $r_sign_1)
52	{
53	$result_set["return"]["code"] = -1;
54	array_push($result_set["return"]["errorFields"], array(
55	"id" => "sign_1",
56	"errMsg" => "不符合要求",
57	"updateValue" => $r_sign_1,
58	));
59	}
60
61	$r_sign_2 = check_badwords(split_line($sign_2, "", 80, 10), "****");
62	if ($sign_2 != $r_sign_2)
63	{
64	$result_set["return"]["code"] = -1;
65	array_push($result_set["return"]["errorFields"], array(
66	"id" => "sign_2",
67	"errMsg" => "不符合要求",
68	"updateValue" => $r_sign_2,
69	));
70	}
71
72	$r_sign_3 = check_badwords(split_line($sign_3, "", 80, 10), "****");
73	if ($sign_3 != $r_sign_3)
74	{
75	$result_set["return"]["code"] = -1;
76	array_push($result_set["return"]["errorFields"], array(
77	"id" => "sign_3",
78	"errMsg" => "不符合要求",
79	"updateValue" => $r_sign_3,
80	));
81	}
82
83	if ($result_set["return"]["code"] != 0)
84	{
85	mysqli_close($db_conn);
86	exit(json_encode($result_set));
87	}
88
89	// Secure SQL statement
90	$introduction = mysqli_real_escape_string($db_conn, $introduction);
91	$sign_1 = mysqli_real_escape_string($db_conn, $sign_1);
92	$sign_2 = mysqli_real_escape_string($db_conn, $sign_2);
93	$sign_3 = mysqli_real_escape_string($db_conn, $sign_3);
94
95	$sql = "UPDATE user_pubinfo SET user_timezone = '$user_tz', introduction = '$introduction', ".
96	"photo = $photo, sign_1 = '$sign_1', sign_2 = '$sign_2', sign_3 = '$sign_3'".
97	" WHERE UID=" . $_SESSION["BBS_uid"];
98
99	$rs = mysqli_query($db_conn, $sql);
100	if ($rs == false)
101	{
102	echo "Update data error: " . mysqli_error($db_conn);
103	exit();
104	}
105
106	// Update user_tz in session data
107	$_SESSION["BBS_user_tz"] = new DateTimeZone($user_tz);
108
109	mysqli_close($db_conn);
110	exit(json_encode($result_set));
111	?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1