fenglin/bbs/update_profile_service.php

<?
        require_once "../lib/common.inc.php";
        require_once "../lib/db_open.inc.php";
        require_once "../lib//score_change.inc.php";
        require_once "../lib/send_mail.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "../lib/passwd.inc.php";
        require_once "./common_lib.inc.php";
        require_once "./session_init.inc.php";
        require_once "./reg_check.inc.php";

        force_login();

        $data = json_decode(file_get_contents("php://input"), true);

        $nickname = (isset($data["nickname"]) ? trim($data["nickname"]) : "");
        $realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
        $gender = (isset($data["gender"]) ? $data["gender"] : "");
        $gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
        $email = (isset($data["email"]) ? trim($data["email"]) : "");
        $year = (isset($data["year"]) ? intval($data["year"]) : 0);
        $month = (isset($data["month"]) ? intval($data["month"]) : 0);
        $day = (isset($data["day"]) ? intval($data["day"]) : 0);
        $qq = (isset($data["qq"]) ? trim($data["qq"]) : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if ($nickname == "" || preg_match("/[[:space:]]/", $nickname) || str_length($nickname) > 20)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "nickname",
                        "errMsg" => "不符合格式要求",
                ));
        }
        else if (!check_str($nickname) && !$_SESSION["BBS_priv"]->checklevel(P_ADMIN_M | P_ADMIN_S))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "nickname",
                        "errMsg" => "昵称不可用",
                ));
        }

        if ($realname == "" || preg_match("/[\t\r\n]/", $realname) || str_length($realname) > 10)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "realname",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($gender != "M" && $gender != "F")
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "gender",
                        "errMsg" => "未指定性别",
                ));
        }

        if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "email",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if (!checkdate($month, $day, $year))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "birthday",
                        "errMsg" => "非法日期",
                ));
        }
        else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "birthday",
                        "errMsg" => "需年满16周岁才能使用本站服务",
                ));
        }

        if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "qq",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Secure SQL statement
        $nickname = mysqli_real_escape_string($db_conn, $nickname);
        $realname = mysqli_real_escape_string($db_conn, $realname);
        
        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "SELECT nickname, email FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"] .
                        " FOR UPDATE";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $old_nickname = $row["nickname"];
                $old_email = $row["email"];
        }
        else
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "个人资料不存在";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_free_result($rs);

        // Update nickname
        if ($old_nickname != $nickname)
        {
                $sql = "SELECT DISTINCT UID FROM user_nickname WHERE nickname = '$nickname'";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Query nickname error: " . mysqli_error($db_conn);
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        
                $free_change = false;
                if ($row = mysqli_fetch_array($rs))
                {
                        if ($row["UID"] == $_SESSION["BBS_uid"]) // Re-use old nickname
                        {
                                $free_change = true;
                        }
                        else // Unavailable nickname
                        {
                                $result_set["return"]["code"] = -1;
                                array_push($result_set["return"]["errorFields"], array(
                                        "id" => "nickname",
                                        "errMsg" => "昵称已存在",
                                ));
        
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }
                mysqli_free_result($rs);

                if (!$free_change)
                {
                        $ret = score_change($_SESSION["BBS_uid"], -abs($BBS_nickname_change_fee), "更改昵称", $db_conn);
                        if ($ret < 0)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Query score error: " . mysqli_error($db_conn);
                
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                        else if ($ret > 0)
                        {
                                $result_set["return"]["code"] = -1;
                                array_push($result_set["return"]["errorFields"], array(
                                        "id" => "nickname",
                                        "errMsg" => "积分不足",
                                ));
                
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }

                $sql = "UPDATE user_nickname SET end_dt = NOW(), end_reason = 'C'
                                WHERE UID = " . $_SESSION["BBS_uid"] . " AND end_dt IS NULL";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update old nickname error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                $sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason)
                                VALUES(" . $_SESSION["BBS_uid"] . ", '$nickname', NOW(), 'C')";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Insert new nickname error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                $sql = "UPDATE user_pubinfo SET nickname = '$nickname' WHERE UID = " .
                                $_SESSION["BBS_uid"];

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update nickname error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        }

        // Update email
        if ($old_email != $email)
        {
                $sql = "SELECT UID FROM user_pubinfo WHERE email = '$email' FOR SHARE";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Query user email error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                if (mysqli_num_rows($rs) >= $BBS_max_user_per_email)
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "email",
                                "errMsg" => "该邮箱的使用次数已超过限制",
                        ));

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                mysqli_free_result($rs);

                // Generate verify code
                $verify_code = gen_passwd(10);

                $sql = "INSERT INTO user_modify_email_verify (UID, email, verify_code, dt, ip) VALUES(" .
                                $_SESSION["BBS_uid"] . ", '$email', '$verify_code', NOW(), '" . client_addr() . "')";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update email error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                //Send mail
                $from = "";
                $fromname = $BBS_name;
                $to = $email;
                $toname = $_SESSION["BBS_username"];
                $subject = $BBS_name . "修改邮件地址确认";
                $body = $_SESSION["BBS_username"] . ":\n    您好！\n" .
                                "    请访问以下链接确认更改注册邮件地址：\n" .
                                "https://$BBS_host_name/bbs/modify_email_verify.php?code=$verify_code\n\n" .
                                "    感谢您的大力支持！\n\n" .
                                $BBS_name . "\n" . date("Y年m月d日") . "\n";

                $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        }

        $sql = "UPDATE user_reginfo SET name = '$realname',
                        birthday = '$year-$month-$day', signup_ip='" . client_addr() .
                        "' WHERE UID = " . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update user reginfo error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "UPDATE user_pubinfo SET gender = '$gender', gender_pub = $gender_public,
                        qq = '$qq' WHERE UID =" . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update user pubinfo error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "INSERT INTO user_modify_log(UID, modify_dt, modify_ip, complete) VALUES(".
                        $_SESSION["BBS_uid"] . ", NOW(), '" . client_addr() . "', 1)";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Send mail
        $from = "";
        $fromname = $BBS_name;
        $to = $old_email;
        $toname = $_SESSION["BBS_username"];
        $subject = $BBS_name . "用户资料更改通知";
        $body = $_SESSION["BBS_username"] . ":\n    您好！\n" .
                        "    您在本站的注册资料已经于" . date("Y年m月d日 H:i:s") . "更改。\n" .
                        "    为了您的个人资料的安全，如果此情况与事实不符，请立即与我们联系。\n\n" .
                        $BBS_name . "\n" . date("Y年m月d日") . "\n";

        $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
        if ($ret == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.1	<?
2			require_once "../lib/common.inc.php";
3			require_once "../lib/db_open.inc.php";
4	sysadm	1.6	require_once "../lib//score_change.inc.php";
5	sysadm	1.1	require_once "../lib/send_mail.inc.php";
6			require_once "../lib/str_process.inc.php";
7			require_once "../lib/passwd.inc.php";
8			require_once "./common_lib.inc.php";
9			require_once "./session_init.inc.php";
10	sysadm	1.6	require_once "./reg_check.inc.php";
11	sysadm	1.1
12			force_login();
13
14			$data = json_decode(file_get_contents("php://input"), true);
15
16	sysadm	1.6	$nickname = (isset($data["nickname"]) ? trim($data["nickname"]) : "");
17	sysadm	1.1	$realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
18			$gender = (isset($data["gender"]) ? $data["gender"] : "");
19			$gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
20	sysadm	1.5	$email = (isset($data["email"]) ? trim($data["email"]) : "");
21	sysadm	1.1	$year = (isset($data["year"]) ? intval($data["year"]) : 0);
22			$month = (isset($data["month"]) ? intval($data["month"]) : 0);
23			$day = (isset($data["day"]) ? intval($data["day"]) : 0);
24	sysadm	1.5	$qq = (isset($data["qq"]) ? trim($data["qq"]) : "");
25	sysadm	1.1
26			$result_set = array(
27			"return" => array(
28			"code" => 0,
29			"message" => "",
30			"errorFields" => array(),
31			)
32			);
33
34			header("Content-Type:application/json; charset=utf-8");
35
36			// Validate input data
37	sysadm	1.6	if ($nickname == "" \|\| preg_match("/[[:space:]]/", $nickname) \|\| str_length($nickname) > 20)
38			{
39			$result_set["return"]["code"] = -1;
40			array_push($result_set["return"]["errorFields"], array(
41			"id" => "nickname",
42			"errMsg" => "不符合格式要求",
43			));
44			}
45			else if (!check_str($nickname) && !$_SESSION["BBS_priv"]->checklevel(P_ADMIN_M \| P_ADMIN_S))
46			{
47			$result_set["return"]["code"] = -1;
48			array_push($result_set["return"]["errorFields"], array(
49			"id" => "nickname",
50			"errMsg" => "昵称不可用",
51			));
52			}
53
54	sysadm	1.1	if ($realname == "" \|\| preg_match("/[\t\r\n]/", $realname) \|\| str_length($realname) > 10)
55			{
56			$result_set["return"]["code"] = -1;
57			array_push($result_set["return"]["errorFields"], array(
58			"id" => "realname",
59			"errMsg" => "不符合格式要求",
60			));
61			}
62
63			if ($gender != "M" && $gender != "F")
64			{
65			$result_set["return"]["code"] = -1;
66			array_push($result_set["return"]["errorFields"], array(
67			"id" => "gender",
68			"errMsg" => "未指定性别",
69			));
70			}
71
72	sysadm	1.4	if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
73			{
74			$result_set["return"]["code"] = -1;
75			array_push($result_set["return"]["errorFields"], array(
76			"id" => "email",
77			"errMsg" => "不符合格式要求",
78			));
79			}
80
81	sysadm	1.1	if (!checkdate($month, $day, $year))
82			{
83			$result_set["return"]["code"] = -1;
84			array_push($result_set["return"]["errorFields"], array(
85			"id" => "birthday",
86			"errMsg" => "非法日期",
87			));
88			}
89			else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
90			{
91			$result_set["return"]["code"] = -1;
92			array_push($result_set["return"]["errorFields"], array(
93			"id" => "birthday",
94			"errMsg" => "需年满16周岁才能使用本站服务",
95			));
96			}
97
98			if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
99			{
100			$result_set["return"]["code"] = -1;
101			array_push($result_set["return"]["errorFields"], array(
102			"id" => "qq",
103			"errMsg" => "不符合格式要求",
104			));
105			}
106
107			if ($result_set["return"]["code"] != 0)
108			{
109			mysqli_close($db_conn);
110			exit(json_encode($result_set));
111			}
112
113	sysadm	1.4	// Secure SQL statement
114	sysadm	1.6	$nickname = mysqli_real_escape_string($db_conn, $nickname);
115	sysadm	1.4	$realname = mysqli_real_escape_string($db_conn, $realname);
116
117	sysadm	1.1	// Begin transaction
118			$rs = mysqli_query($db_conn, "SET autocommit=0");
119			if ($rs == false)
120			{
121			$result_set["return"]["code"] = -2;
122			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
123
124			mysqli_close($db_conn);
125			exit(json_encode($result_set));
126			}
127
128			$rs = mysqli_query($db_conn, "BEGIN");
129			if ($rs == false)
130			{
131			$result_set["return"]["code"] = -2;
132			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
133
134			mysqli_close($db_conn);
135			exit(json_encode($result_set));
136			}
137
138	sysadm	1.7	$sql = "SELECT nickname, email FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"] .
139			" FOR UPDATE";
140	sysadm	1.1
141			$rs = mysqli_query($db_conn, $sql);
142			if ($rs == false)
143			{
144			$result_set["return"]["code"] = -2;
145			$result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);
146
147			mysqli_close($db_conn);
148			exit(json_encode($result_set));
149			}
150
151	sysadm	1.6	if ($row = mysqli_fetch_array($rs))
152	sysadm	1.1	{
153	sysadm	1.6	$old_nickname = $row["nickname"];
154	sysadm	1.4	$old_email = $row["email"];
155	sysadm	1.1	}
156			else
157			{
158			$result_set["return"]["code"] = -2;
159			$result_set["return"]["message"] = "个人资料不存在";
160
161			mysqli_close($db_conn);
162			exit(json_encode($result_set));
163			}
164
165			mysqli_free_result($rs);
166
167	sysadm	1.6	// Update nickname
168			if ($old_nickname != $nickname)
169			{
170			$sql = "SELECT DISTINCT UID FROM user_nickname WHERE nickname = '$nickname'";
171
172			$rs = mysqli_query($db_conn, $sql);
173			if ($rs == false)
174			{
175			$result_set["return"]["code"] = -2;
176			$result_set["return"]["message"] = "Query nickname error: " . mysqli_error($db_conn);
177
178			mysqli_close($db_conn);
179			exit(json_encode($result_set));
180			}
181
182			$free_change = false;
183			if ($row = mysqli_fetch_array($rs))
184			{
185			if ($row["UID"] == $_SESSION["BBS_uid"]) // Re-use old nickname
186			{
187			$free_change = true;
188			}
189			else // Unavailable nickname
190			{
191			$result_set["return"]["code"] = -1;
192			array_push($result_set["return"]["errorFields"], array(
193			"id" => "nickname",
194			"errMsg" => "昵称已存在",
195			));
196
197			mysqli_close($db_conn);
198			exit(json_encode($result_set));
199			}
200			}
201			mysqli_free_result($rs);
202
203			if (!$free_change)
204			{
205			$ret = score_change($_SESSION["BBS_uid"], -abs($BBS_nickname_change_fee), "更改昵称", $db_conn);
206			if ($ret < 0)
207			{
208			$result_set["return"]["code"] = -2;
209			$result_set["return"]["message"] = "Query score error: " . mysqli_error($db_conn);
210
211			mysqli_close($db_conn);
212			exit(json_encode($result_set));
213			}
214			else if ($ret > 0)
215			{
216			$result_set["return"]["code"] = -1;
217			array_push($result_set["return"]["errorFields"], array(
218			"id" => "nickname",
219			"errMsg" => "积分不足",
220			));
221
222			mysqli_close($db_conn);
223			exit(json_encode($result_set));
224			}
225			}
226
227			$sql = "UPDATE user_nickname SET end_dt = NOW(), end_reason = 'C'
228			WHERE UID = " . $_SESSION["BBS_uid"] . " AND end_dt IS NULL";
229
230			$rs = mysqli_query($db_conn, $sql);
231			if ($rs == false)
232			{
233			$result_set["return"]["code"] = -2;
234			$result_set["return"]["message"] = "Update old nickname error: " . mysqli_error($db_conn);
235
236			mysqli_close($db_conn);
237			exit(json_encode($result_set));
238			}
239
240			$sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason)
241			VALUES(" . $_SESSION["BBS_uid"] . ", '$nickname', NOW(), 'C')";
242
243			$rs = mysqli_query($db_conn, $sql);
244			if ($rs == false)
245			{
246			$result_set["return"]["code"] = -2;
247			$result_set["return"]["message"] = "Insert new nickname error: " . mysqli_error($db_conn);
248
249			mysqli_close($db_conn);
250			exit(json_encode($result_set));
251			}
252
253			$sql = "UPDATE user_pubinfo SET nickname = '$nickname' WHERE UID = " .
254			$_SESSION["BBS_uid"];
255
256			$rs = mysqli_query($db_conn, $sql);
257			if ($rs == false)
258			{
259			$result_set["return"]["code"] = -2;
260			$result_set["return"]["message"] = "Update nickname error: " . mysqli_error($db_conn);
261
262			mysqli_close($db_conn);
263			exit(json_encode($result_set));
264			}
265			}
266
267	sysadm	1.4	// Update email
268			if ($old_email != $email)
269			{
270	sysadm	1.7	$sql = "SELECT UID FROM user_pubinfo WHERE email = '$email' FOR SHARE";
271	sysadm	1.4
272			$rs = mysqli_query($db_conn, $sql);
273			if ($rs == false)
274			{
275			$result_set["return"]["code"] = -2;
276			$result_set["return"]["message"] = "Query user email error: " . mysqli_error($db_conn);
277
278			mysqli_close($db_conn);
279			exit(json_encode($result_set));
280			}
281
282			if (mysqli_num_rows($rs) >= $BBS_max_user_per_email)
283			{
284			$result_set["return"]["code"] = -1;
285			array_push($result_set["return"]["errorFields"], array(
286			"id" => "email",
287			"errMsg" => "该邮箱的使用次数已超过限制",
288			));
289
290			mysqli_close($db_conn);
291			exit(json_encode($result_set));
292			}
293			mysqli_free_result($rs);
294
295			// Generate verify code
296			$verify_code = gen_passwd(10);
297
298			$sql = "INSERT INTO user_modify_email_verify (UID, email, verify_code, dt, ip) VALUES(" .
299			$_SESSION["BBS_uid"] . ", '$email', '$verify_code', NOW(), '" . client_addr() . "')";
300
301			$rs = mysqli_query($db_conn, $sql);
302			if ($rs == false)
303			{
304			$result_set["return"]["code"] = -2;
305			$result_set["return"]["message"] = "Update email error: " . mysqli_error($db_conn);
306
307			mysqli_close($db_conn);
308			exit(json_encode($result_set));
309			}
310
311			//Send mail
312			$from = "";
313			$fromname = $BBS_name;
314			$to = $email;
315			$toname = $_SESSION["BBS_username"];
316			$subject = $BBS_name . "修改邮件地址确认";
317			$body = $_SESSION["BBS_username"] . ":\n 您好！\n" .
318			" 请访问以下链接确认更改注册邮件地址：\n" .
319			"https://$BBS_host_name/bbs/modify_email_verify.php?code=$verify_code\n\n" .
320			" 感谢您的大力支持！\n\n" .
321			$BBS_name . "\n" . date("Y年m月d日") . "\n";
322
323			$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
324			if ($ret == false)
325			{
326			$result_set["return"]["code"] = -2;
327			$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
328
329			mysqli_close($db_conn);
330			exit(json_encode($result_set));
331			}
332			}
333
334			$sql = "UPDATE user_reginfo SET name = '$realname',
335			birthday = '$year-$month-$day', signup_ip='" . client_addr() .
336	sysadm	1.1	"' WHERE UID = " . $_SESSION["BBS_uid"];
337
338			$rs = mysqli_query($db_conn, $sql);
339			if ($rs == false)
340			{
341			$result_set["return"]["code"] = -2;
342			$result_set["return"]["message"] = "Update user reginfo error: " . mysqli_error($db_conn);
343
344			mysqli_close($db_conn);
345			exit(json_encode($result_set));
346			}
347
348			$sql = "UPDATE user_pubinfo SET gender = '$gender', gender_pub = $gender_public,
349			qq = '$qq' WHERE UID =" . $_SESSION["BBS_uid"];
350
351			$rs = mysqli_query($db_conn, $sql);
352			if ($rs == false)
353			{
354			$result_set["return"]["code"] = -2;
355			$result_set["return"]["message"] = "Update user pubinfo error: " . mysqli_error($db_conn);
356
357			mysqli_close($db_conn);
358			exit(json_encode($result_set));
359			}
360
361			$sql = "INSERT INTO user_modify_log(UID, modify_dt, modify_ip, complete) VALUES(".
362			$_SESSION["BBS_uid"] . ", NOW(), '" . client_addr() . "', 1)";
363
364			$rs = mysqli_query($db_conn, $sql);
365			if ($rs == false)
366			{
367			$result_set["return"]["code"] = -2;
368			$result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
369
370			mysqli_close($db_conn);
371			exit(json_encode($result_set));
372			}
373
374			//Send mail
375			$from = "";
376			$fromname = $BBS_name;
377	sysadm	1.4	$to = $old_email;
378	sysadm	1.1	$toname = $_SESSION["BBS_username"];
379			$subject = $BBS_name . "用户资料更改通知";
380	sysadm	1.2	$body = $_SESSION["BBS_username"] . ":\n 您好！\n" .
381			" 您在本站的注册资料已经于" . date("Y年m月d日 H:i:s") . "更改。\n" .
382	sysadm	1.3	" 为了您的个人资料的安全，如果此情况与事实不符，请立即与我们联系。\n\n" .
383	sysadm	1.1	$BBS_name . "\n" . date("Y年m月d日") . "\n";
384
385			$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
386			if ($ret == false)
387			{
388			$result_set["return"]["code"] = -2;
389			$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
390
391			mysqli_close($db_conn);
392			exit(json_encode($result_set));
393			}
394
395			// Commit transaction
396			$rs = mysqli_query($db_conn, "COMMIT");
397			if ($rs == false)
398			{
399			$result_set["return"]["code"] = -2;
400			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
401
402			mysqli_close($db_conn);
403			exit(json_encode($result_set));
404			}
405
406			mysqli_close($db_conn);
407			exit(json_encode($result_set));
408			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1