fenglin/bbs/update_profile_service.php

<?
        require_once "../lib/common.inc.php";
        require_once "../lib/db_open.inc.php";
        require_once "../lib/send_mail.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "../lib/passwd.inc.php";
        require_once "./common_lib.inc.php";
        require_once "./session_init.inc.php";

        force_login();

        $data = json_decode(file_get_contents("php://input"), true);

        $realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
        $gender = (isset($data["gender"]) ? $data["gender"] : "");
        $gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
        $year = (isset($data["year"]) ? intval($data["year"]) : 0);
        $month = (isset($data["month"]) ? intval($data["month"]) : 0);
        $day = (isset($data["day"]) ? intval($data["day"]) : 0);
        $qq = (isset($data["qq"]) ? $data["qq"] : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if ($realname == "" || preg_match("/[\t\r\n]/", $realname) || str_length($realname) > 10)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "realname",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($gender != "M" && $gender != "F")
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "gender",
                        "errMsg" => "未指定性别",
                ));
        }

        if (!checkdate($month, $day, $year))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "birthday",
                        "errMsg" => "非法日期",
                ));
        }
        else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "birthday",
                        "errMsg" => "需年满16周岁才能使用本站服务",
                ));
        }

        if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "qq",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "SELECT email FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if($row = mysqli_fetch_array($rs))
        {
                $email = $row["email"];
        }
        else
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "个人资料不存在";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_free_result($rs);

        $sql = "UPDATE user_reginfo SET name = '" . mysqli_real_escape_string($db_conn, $realname) .
                        "', birthday = '$year-$month-$day', signup_ip='" . client_addr() .
                        "' WHERE UID = " . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update user reginfo error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "UPDATE user_pubinfo SET gender = '$gender', gender_pub = $gender_public,
                        qq = '$qq' WHERE UID =" . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update user pubinfo error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "INSERT INTO user_modify_log(UID, modify_dt, modify_ip, complete) VALUES(".
                        $_SESSION["BBS_uid"] . ", NOW(), '" . client_addr() . "', 1)";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Send mail
        $from = "";
        $fromname = $BBS_name;
        $to = $email;
        $toname = $_SESSION["BBS_username"];
        $subject = $BBS_name . "用户资料更改通知";
        $body = $_SESSION["BBS_username"] . ":\n    您好！\n" .
                        "    您在本站的注册资料已经于" . date("Y年m月d日 H:i:s") . "更改。\n" .
                        "    为了您的个人资料的安全，如果此情况与事实不符，请立即与我们联系。\n\n" .
                        $BBS_name . "\n" . date("Y年m月d日") . "\n";

        $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
        if ($ret == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.1	<?
2			require_once "../lib/common.inc.php";
3			require_once "../lib/db_open.inc.php";
4			require_once "../lib/send_mail.inc.php";
5			require_once "../lib/str_process.inc.php";
6			require_once "../lib/passwd.inc.php";
7			require_once "./common_lib.inc.php";
8			require_once "./session_init.inc.php";
9
10			force_login();
11
12			$data = json_decode(file_get_contents("php://input"), true);
13
14			$realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
15			$gender = (isset($data["gender"]) ? $data["gender"] : "");
16			$gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
17			$year = (isset($data["year"]) ? intval($data["year"]) : 0);
18			$month = (isset($data["month"]) ? intval($data["month"]) : 0);
19			$day = (isset($data["day"]) ? intval($data["day"]) : 0);
20			$qq = (isset($data["qq"]) ? $data["qq"] : "");
21
22			$result_set = array(
23			"return" => array(
24			"code" => 0,
25			"message" => "",
26			"errorFields" => array(),
27			)
28			);
29
30			header("Content-Type:application/json; charset=utf-8");
31
32			// Validate input data
33			if ($realname == "" \|\| preg_match("/[\t\r\n]/", $realname) \|\| str_length($realname) > 10)
34			{
35			$result_set["return"]["code"] = -1;
36			array_push($result_set["return"]["errorFields"], array(
37			"id" => "realname",
38			"errMsg" => "不符合格式要求",
39			));
40			}
41
42			if ($gender != "M" && $gender != "F")
43			{
44			$result_set["return"]["code"] = -1;
45			array_push($result_set["return"]["errorFields"], array(
46			"id" => "gender",
47			"errMsg" => "未指定性别",
48			));
49			}
50
51			if (!checkdate($month, $day, $year))
52			{
53			$result_set["return"]["code"] = -1;
54			array_push($result_set["return"]["errorFields"], array(
55			"id" => "birthday",
56			"errMsg" => "非法日期",
57			));
58			}
59			else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
60			{
61			$result_set["return"]["code"] = -1;
62			array_push($result_set["return"]["errorFields"], array(
63			"id" => "birthday",
64			"errMsg" => "需年满16周岁才能使用本站服务",
65			));
66			}
67
68			if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
69			{
70			$result_set["return"]["code"] = -1;
71			array_push($result_set["return"]["errorFields"], array(
72			"id" => "qq",
73			"errMsg" => "不符合格式要求",
74			));
75			}
76
77			if ($result_set["return"]["code"] != 0)
78			{
79			mysqli_close($db_conn);
80			exit(json_encode($result_set));
81			}
82
83			// Begin transaction
84			$rs = mysqli_query($db_conn, "SET autocommit=0");
85			if ($rs == false)
86			{
87			$result_set["return"]["code"] = -2;
88			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
89
90			mysqli_close($db_conn);
91			exit(json_encode($result_set));
92			}
93
94			$rs = mysqli_query($db_conn, "BEGIN");
95			if ($rs == false)
96			{
97			$result_set["return"]["code"] = -2;
98			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
99
100			mysqli_close($db_conn);
101			exit(json_encode($result_set));
102			}
103
104			$sql = "SELECT email FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
105
106			$rs = mysqli_query($db_conn, $sql);
107			if ($rs == false)
108			{
109			$result_set["return"]["code"] = -2;
110			$result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);
111
112			mysqli_close($db_conn);
113			exit(json_encode($result_set));
114			}
115
116			if($row = mysqli_fetch_array($rs))
117			{
118			$email = $row["email"];
119			}
120			else
121			{
122			$result_set["return"]["code"] = -2;
123			$result_set["return"]["message"] = "个人资料不存在";
124
125			mysqli_close($db_conn);
126			exit(json_encode($result_set));
127			}
128
129			mysqli_free_result($rs);
130
131			$sql = "UPDATE user_reginfo SET name = '" . mysqli_real_escape_string($db_conn, $realname) .
132			"', birthday = '$year-$month-$day', signup_ip='" . client_addr() .
133			"' WHERE UID = " . $_SESSION["BBS_uid"];
134
135			$rs = mysqli_query($db_conn, $sql);
136			if ($rs == false)
137			{
138			$result_set["return"]["code"] = -2;
139			$result_set["return"]["message"] = "Update user reginfo error: " . mysqli_error($db_conn);
140
141			mysqli_close($db_conn);
142			exit(json_encode($result_set));
143			}
144
145			$sql = "UPDATE user_pubinfo SET gender = '$gender', gender_pub = $gender_public,
146			qq = '$qq' WHERE UID =" . $_SESSION["BBS_uid"];
147
148			$rs = mysqli_query($db_conn, $sql);
149			if ($rs == false)
150			{
151			$result_set["return"]["code"] = -2;
152			$result_set["return"]["message"] = "Update user pubinfo error: " . mysqli_error($db_conn);
153
154			mysqli_close($db_conn);
155			exit(json_encode($result_set));
156			}
157
158			$sql = "INSERT INTO user_modify_log(UID, modify_dt, modify_ip, complete) VALUES(".
159			$_SESSION["BBS_uid"] . ", NOW(), '" . client_addr() . "', 1)";
160
161			$rs = mysqli_query($db_conn, $sql);
162			if ($rs == false)
163			{
164			$result_set["return"]["code"] = -2;
165			$result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
166
167			mysqli_close($db_conn);
168			exit(json_encode($result_set));
169			}
170
171			//Send mail
172			$from = "";
173			$fromname = $BBS_name;
174			$to = $email;
175			$toname = $_SESSION["BBS_username"];
176			$subject = $BBS_name . "用户资料更改通知";
177	sysadm	1.2	$body = $_SESSION["BBS_username"] . ":\n 您好！\n" .
178			" 您在本站的注册资料已经于" . date("Y年m月d日 H:i:s") . "更改。\n" .
179	sysadm	1.3	" 为了您的个人资料的安全，如果此情况与事实不符，请立即与我们联系。\n\n" .
180	sysadm	1.1	$BBS_name . "\n" . date("Y年m月d日") . "\n";
181
182			$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
183			if ($ret == false)
184			{
185			$result_set["return"]["code"] = -2;
186			$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
187
188			mysqli_close($db_conn);
189			exit(json_encode($result_set));
190			}
191
192			// Commit transaction
193			$rs = mysqli_query($db_conn, "COMMIT");
194			if ($rs == false)
195			{
196			$result_set["return"]["code"] = -2;
197			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
198
199			mysqli_close($db_conn);
200			exit(json_encode($result_set));
201			}
202
203			mysqli_close($db_conn);
204			exit(json_encode($result_set));
205			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1