/[LeafOK_CVS]/fenglin/bbs/reg_user_service.php
ViewVC logotype

Annotation of /fenglin/bbs/reg_user_service.php

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.1 - (hide annotations)
Mon Mar 31 14:13:22 2025 UTC (11 months, 2 weeks ago) by sysadm
Branch: MAIN 
Move reguser_service.php to reg_user_service.php
Refine and fix bug
1 sysadm 1.1 <?
2     require_once "../lib/common.inc.php";
3     require_once "../lib/str_process.inc.php";
4     require_once "../lib/vn_gif.inc.php";
5     require_once "../lib/passwd.inc.php";
6     require_once "../lib/db_open.inc.php";
7     require_once "../lib/send_mail.inc.php";
8     require_once "./session_init.inc.php";
9     require_once "./reg_check.inc.php";
10    
11     $data = json_decode(file_get_contents("php://input"), true);
12    
13     $username = (isset($data["username"]) ? $data["username"] : "");
14     $nickname = (isset($data["nickname"]) ? $data["nickname"] : "");
15     $realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
16     $gender = (isset($data["gender"]) ? $data["gender"] : "");
17     $gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
18     $email = (isset($data["email"]) ? $data["email"] : "");
19     $year = (isset($data["year"]) ? intval($data["year"]) : 0);
20     $month = (isset($data["month"]) ? intval($data["month"]) : 0);
21     $day = (isset($data["day"]) ? intval($data["day"]) : 0);
22     $qq = (isset($data["qq"]) ? $data["qq"] : "");
23     $agreement = (isset($data["agreement"]) && $data["agreement"] == "1");
24     $vn_str = (isset($data["vn_str"]) ? $data["vn_str"] : "");
25    
26     $result_set = array(
27     "return" => array(
28     "code" => 0,
29     "message" => "",
30     "errorFields" => array(),
31     )
32     );
33    
34     header("Content-Type:application/json; charset=utf-8");
35    
36     // Validate input data
37     if (!preg_match("/^[A-Za-z][A-Za-z0-9]{4,11}$/", $username))
38     {
39     $result_set["return"]["code"] = -1;
40     array_push($result_set["return"]["errorFields"], array(
41     "id" => "username",
42     "errMsg" => "不符合格式要求",
43     ));
44     }
45     else if (!check_str($username))
46     {
47     $result_set["return"]["code"] = -1;
48     array_push($result_set["return"]["errorFields"], array(
49     "id" => "username",
50     "errMsg" => "用户名不可用",
51     ));
52     }
53    
54     if ($nickname == "" || preg_match("/[[:space:]]/", $nickname) || str_length($nickname) > 20)
55     {
56     $result_set["return"]["code"] = -1;
57     array_push($result_set["return"]["errorFields"], array(
58     "id" => "nickname",
59     "errMsg" => "不符合格式要求",
60     ));
61     }
62     else if (!check_str($nickname))
63     {
64     $result_set["return"]["code"] = -1;
65     array_push($result_set["return"]["errorFields"], array(
66     "id" => "nickname",
67     "errMsg" => "昵称不可用",
68     ));
69     }
70    
71     if ($realname == "" || preg_match("/[\t\r\n]/", $realname) || str_length($realname) > 10)
72     {
73     $result_set["return"]["code"] = -1;
74     array_push($result_set["return"]["errorFields"], array(
75     "id" => "realname",
76     "errMsg" => "不符合格式要求",
77     ));
78     }
79    
80     if ($gender != "M" && $gender != "F")
81     {
82     $result_set["return"]["code"] = -1;
83     array_push($result_set["return"]["errorFields"], array(
84     "id" => "gender",
85     "errMsg" => "未指定性别",
86     ));
87     }
88    
89     if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
90     {
91     $result_set["return"]["code"] = -1;
92     array_push($result_set["return"]["errorFields"], array(
93     "id" => "email",
94     "errMsg" => "不符合格式要求",
95     ));
96     }
97    
98     if (!checkdate($month, $day, $year))
99     {
100     $result_set["return"]["code"] = -1;
101     array_push($result_set["return"]["errorFields"], array(
102     "id" => "birthday",
103     "errMsg" => "非法日期",
104     ));
105     }
106     else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
107     {
108     $result_set["return"]["code"] = -1;
109     array_push($result_set["return"]["errorFields"], array(
110     "id" => "birthday",
111     "errMsg" => "需年满16周岁才能使用本站服务",
112     ));
113     }
114    
115     if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
116     {
117     $result_set["return"]["code"] = -1;
118     array_push($result_set["return"]["errorFields"], array(
119     "id" => "qq",
120     "errMsg" => "不符合格式要求",
121     ));
122     }
123    
124     if (!$agreement)
125     {
126     $result_set["return"]["code"] = -1;
127     array_push($result_set["return"]["errorFields"], array(
128     "id" => "agreement",
129     "errMsg" => "请仔细阅读并确认同意《用户许可协议》",
130     ));
131     }
132    
133     if ((!isset($_SESSION["BBS_reg_vn_str"])) || $_SESSION["BBS_reg_vn_str"] == "" || VN_check($_SESSION["BBS_reg_vn_str"], $vn_str) != 0)
134     {
135     $result_set["return"]["code"] = -1;
136     array_push($result_set["return"]["errorFields"], array(
137     "id" => "vn_str",
138     "errMsg" => "验证码错误",
139     ));
140     }
141    
142     if ($result_set["return"]["code"] != 0)
143     {
144     mysqli_close($db_conn);
145     exit(json_encode($result_set));
146     }
147    
148     // Begin transaction
149     $rs = mysqli_query($db_conn, "SET autocommit=0");
150     if ($rs == false)
151     {
152     $result_set["return"]["code"] = -2;
153     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
154    
155     mysqli_close($db_conn);
156     exit(json_encode($result_set));
157     }
158    
159     $rs = mysqli_query($db_conn, "BEGIN");
160     if ($rs == false)
161     {
162     $result_set["return"]["code"] = -2;
163     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
164    
165     mysqli_close($db_conn);
166     exit(json_encode($result_set));
167     }
168    
169     // Check availability of username and nickname
170     $sql = "SELECT UID FROM user_list WHERE username = '" .
171     mysqli_real_escape_string($db_conn, $username) . "'";
172    
173     $rs = mysqli_query($db_conn, $sql);
174     if ($rs == false)
175     {
176     $result_set["return"]["code"] = -2;
177     $result_set["return"]["message"] = "Query user list error: " . mysqli_error($db_conn);
178    
179     mysqli_close($db_conn);
180     exit(json_encode($result_set));
181     }
182    
183     if (mysqli_num_rows($rs) > 0)
184     {
185     $result_set["return"]["code"] = -1;
186     array_push($result_set["return"]["errorFields"], array(
187     "id" => "username",
188     "errMsg" => "用户名已存在",
189     ));
190     }
191     mysqli_free_result($rs);
192    
193     $sql = "SELECT UID FROM user_nickname WHERE nickname = '" .
194     mysqli_real_escape_string($db_conn, $nickname) . "'";
195    
196     $rs = mysqli_query($db_conn, $sql);
197     if ($rs == false)
198     {
199     $result_set["return"]["code"] = -2;
200     $result_set["return"]["message"] = "Query user nickname error: " . mysqli_error($db_conn);
201    
202     mysqli_close($db_conn);
203     exit(json_encode($result_set));
204     }
205    
206     if (mysqli_num_rows($rs) > 0)
207     {
208     $result_set["return"]["code"] = -1;
209     array_push($result_set["return"]["errorFields"], array(
210     "id" => "nickname",
211     "errMsg" => "昵称已存在",
212     ));
213     }
214     mysqli_free_result($rs);
215    
216     $sql = "SELECT UID FROM user_pubinfo WHERE email = '" .
217     mysqli_real_escape_string($db_conn, $email) . "'";
218    
219     $rs = mysqli_query($db_conn, $sql);
220     if ($rs == false)
221     {
222     $result_set["return"]["code"] = -2;
223     $result_set["return"]["message"] = "Query user email error: " . mysqli_error($db_conn);
224    
225     mysqli_close($db_conn);
226     exit(json_encode($result_set));
227     }
228    
229     if (mysqli_num_rows($rs) >= $BBS_max_user_per_email)
230     {
231     $result_set["return"]["code"] = -1;
232     array_push($result_set["return"]["errorFields"], array(
233     "id" => "email",
234     "errMsg" => "该邮箱的使用次数已超过限制",
235     ));
236     }
237     mysqli_free_result($rs);
238    
239     if ($result_set["return"]["code"] != 0)
240     {
241     mysqli_close($db_conn);
242     exit(json_encode($result_set));
243     }
244    
245     // Create new user
246     $temp_password = gen_passwd(10);
247    
248     $sql = "INSERT INTO user_list(username, temp_password) values('$username', '$temp_password')";
249    
250     $rs = mysqli_query($db_conn, $sql);
251     if ($rs == false)
252     {
253     $result_set["return"]["code"] = -2;
254     $result_set["return"]["message"] = "Add user list error: " . mysqli_error($db_conn);
255    
256     mysqli_close($db_conn);
257     exit(json_encode($result_set));
258     }
259    
260     $uid = mysqli_insert_id($db_conn);
261    
262     $sql = "INSERT INTO user_reginfo(UID, name, birthday, signup_dt, signup_ip) VALUES($uid, '" .
263     mysqli_real_escape_string($db_conn, $realname) . "', '$year-$month-$day', NOW(), '".
264     client_addr() . "')";
265    
266     $rs = mysqli_query($db_conn, $sql);
267     if ($rs == false)
268     {
269     $result_set["return"]["code"] = -2;
270     $result_set["return"]["message"] = "Add user reginfo error: " . mysqli_error($db_conn);
271    
272     mysqli_close($db_conn);
273     exit(json_encode($result_set));
274     }
275    
276     $sql = "INSERT INTO user_pubinfo(UID, nickname, email, gender, gender_pub, qq, last_login_dt) VALUES($uid, '" .
277     mysqli_real_escape_string($db_conn, $nickname) . "', '$email', '$gender', $gender_public, '$qq', NOW())";
278    
279     $rs = mysqli_query($db_conn, $sql);
280     if ($rs == false)
281     {
282     $result_set["return"]["code"] = -2;
283     $result_set["return"]["message"] = "Add user pubinfo error: " . mysqli_error($db_conn);
284    
285     mysqli_close($db_conn);
286     exit(json_encode($result_set));
287     }
288    
289     $sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason) VALUES($uid, '" .
290     mysqli_real_escape_string($db_conn, $nickname) . "', NOW(), 'R')";
291    
292     $rs = mysqli_query($db_conn, $sql);
293     if ($rs == false)
294     {
295     $result_set["return"]["code"] = -2;
296     $result_set["return"]["message"] = "Add user nickname error: " . mysqli_error($db_conn);
297    
298     mysqli_close($db_conn);
299     exit(json_encode($result_set));
300     }
301    
302     // Send initial password via email
303     $from = "";
304     $fromname = $BBS_name;
305     $to = $email;
306     $toname = $username;
307     $subject = $BBS_name . "注册确认";
308     $body = $username . ":\n 您好!\n" .
309     " 您的临时密码是: $temp_password (区分大小写)\n".
310     " 请访问以下链接并在登录时修改密码:\n".
311     "https://$BBS_host_name/bbs/\n\n".
312     " 感谢您的大力支持!\n\n".
313     $BBS_name . "\n" . date("Y年m月d日") . "\n";
314    
315     $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
316     if ($ret == false)
317     {
318     $result_set["return"]["code"] = -2;
319     $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
320    
321     mysqli_close($db_conn);
322     exit(json_encode($result_set));
323     }
324    
325     // Commit transaction
326     $rs = mysqli_query($db_conn, "COMMIT");
327     if ($rs == false)
328     {
329     $result_set["return"]["code"] = -2;
330     $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
331    
332     mysqli_close($db_conn);
333     exit(json_encode($result_set));
334     }
335    
336     $_SESSION["BBS_reg_vn_str"] == "";
337    
338     mysqli_close($db_conn);
339     exit(json_encode($result_set));
340     ?>
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1