fenglin/bbs/update_profile_service.php

<?
        require_once "../lib/common.inc.php";
        require_once "../lib/db_open.inc.php";
        require_once "../lib//score_change.inc.php";
        require_once "../lib/send_mail.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "../lib/passwd.inc.php";
        require_once "./common_lib.inc.php";
        require_once "./session_init.inc.php";
        require_once "./reg_check.inc.php";

        force_login();

        $data = json_decode(file_get_contents("php://input"), true);

        $nickname = (isset($data["nickname"]) ? trim($data["nickname"]) : "");
        $realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
        $gender = (isset($data["gender"]) ? $data["gender"] : "");
        $gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
        $email = (isset($data["email"]) ? trim($data["email"]) : "");
        $year = (isset($data["year"]) ? intval($data["year"]) : 0);
        $month = (isset($data["month"]) ? intval($data["month"]) : 0);
        $day = (isset($data["day"]) ? intval($data["day"]) : 0);
        $qq = (isset($data["qq"]) ? trim($data["qq"]) : "");

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if ($nickname == "" || preg_match("/[[:space:]]/", $nickname) || str_length($nickname) > 20)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "nickname",
                        "errMsg" => "不符合格式要求",
                ));
        }
        else if (!check_str($nickname) && !$_SESSION["BBS_priv"]->checklevel(P_ADMIN_M | P_ADMIN_S))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "nickname",
                        "errMsg" => "昵称不可用",
                ));
        }

        if ($realname == "" || preg_match("/[\t\r\n]/", $realname) || str_length($realname) > 10)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "realname",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($gender != "M" && $gender != "F")
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "gender",
                        "errMsg" => "未指定性别",
                ));
        }

        if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "email",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if (!checkdate($month, $day, $year))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "birthday",
                        "errMsg" => "非法日期",
                ));
        }
        else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "birthday",
                        "errMsg" => "需年满16周岁才能使用本站服务",
                ));
        }

        if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "qq",
                        "errMsg" => "不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Secure SQL statement
        $nickname = mysqli_real_escape_string($db_conn, $nickname);
        $realname = mysqli_real_escape_string($db_conn, $realname);
        
        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "SELECT nickname, email FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $old_nickname = $row["nickname"];
                $old_email = $row["email"];
        }
        else
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "个人资料不存在";

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_free_result($rs);

        // Update nickname
        if ($old_nickname != $nickname)
        {
                $sql = "SELECT DISTINCT UID FROM user_nickname WHERE nickname = '$nickname'";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Query nickname error: " . mysqli_error($db_conn);
        
                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        
                $free_change = false;
                if ($row = mysqli_fetch_array($rs))
                {
                        if ($row["UID"] == $_SESSION["BBS_uid"]) // Re-use old nickname
                        {
                                $free_change = true;
                        }
                        else // Unavailable nickname
                        {
                                $result_set["return"]["code"] = -1;
                                array_push($result_set["return"]["errorFields"], array(
                                        "id" => "nickname",
                                        "errMsg" => "昵称已存在",
                                ));
        
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }
                mysqli_free_result($rs);

                if (!$free_change)
                {
                        $ret = score_change($_SESSION["BBS_uid"], -abs($BBS_nickname_change_fee), "更改昵称", $db_conn);
                        if ($ret < 0)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Query score error: " . mysqli_error($db_conn);
                
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                        else if ($ret > 0)
                        {
                                $result_set["return"]["code"] = -1;
                                array_push($result_set["return"]["errorFields"], array(
                                        "id" => "nickname",
                                        "errMsg" => "积分不足",
                                ));
                
                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }
                }

                $sql = "UPDATE user_nickname SET end_dt = NOW(), end_reason = 'C'
                                WHERE UID = " . $_SESSION["BBS_uid"] . " AND end_dt IS NULL";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update old nickname error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                $sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason)
                                VALUES(" . $_SESSION["BBS_uid"] . ", '$nickname', NOW(), 'C')";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Insert new nickname error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                $sql = "UPDATE user_pubinfo SET nickname = '$nickname' WHERE UID = " .
                                $_SESSION["BBS_uid"];

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update nickname error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        }

        // Update email
        if ($old_email != $email)
        {
                $sql = "SELECT UID FROM user_pubinfo WHERE email = '$email'";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Query user email error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                if (mysqli_num_rows($rs) >= $BBS_max_user_per_email)
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "email",
                                "errMsg" => "该邮箱的使用次数已超过限制",
                        ));

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
                mysqli_free_result($rs);

                // Generate verify code
                $verify_code = gen_passwd(10);

                $sql = "INSERT INTO user_modify_email_verify (UID, email, verify_code, dt, ip) VALUES(" .
                                $_SESSION["BBS_uid"] . ", '$email', '$verify_code', NOW(), '" . client_addr() . "')";

                $rs = mysqli_query($db_conn, $sql);
                if ($rs == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Update email error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                //Send mail
                $from = "";
                $fromname = $BBS_name;
                $to = $email;
                $toname = $_SESSION["BBS_username"];
                $subject = $BBS_name . "修改邮件地址确认";
                $body = $_SESSION["BBS_username"] . ":\n    您好！\n" .
                                "    请访问以下链接确认更改注册邮件地址：\n" .
                                "https://$BBS_host_name/bbs/modify_email_verify.php?code=$verify_code\n\n" .
                                "    感谢您的大力支持！\n\n" .
                                $BBS_name . "\n" . date("Y年m月d日") . "\n";

                $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
                if ($ret == false)
                {
                        $result_set["return"]["code"] = -2;
                        $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        }

        $sql = "UPDATE user_reginfo SET name = '$realname',
                        birthday = '$year-$month-$day', signup_ip='" . client_addr() .
                        "' WHERE UID = " . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update user reginfo error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "UPDATE user_pubinfo SET gender = '$gender', gender_pub = $gender_public,
                        qq = '$qq' WHERE UID =" . $_SESSION["BBS_uid"];

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Update user pubinfo error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $sql = "INSERT INTO user_modify_log(UID, modify_dt, modify_ip, complete) VALUES(".
                        $_SESSION["BBS_uid"] . ", NOW(), '" . client_addr() . "', 1)";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        //Send mail
        $from = "";
        $fromname = $BBS_name;
        $to = $old_email;
        $toname = $_SESSION["BBS_username"];
        $subject = $BBS_name . "用户资料更改通知";
        $body = $_SESSION["BBS_username"] . ":\n    您好！\n" .
                        "    您在本站的注册资料已经于" . date("Y年m月d日 H:i:s") . "更改。\n" .
                        "    为了您的个人资料的安全，如果此情况与事实不符，请立即与我们联系。\n\n" .
                        $BBS_name . "\n" . date("Y年m月d日") . "\n";

        $ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
        if ($ret == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	<?
2	require_once "../lib/common.inc.php";
3	require_once "../lib/db_open.inc.php";
4	require_once "../lib//score_change.inc.php";
5	require_once "../lib/send_mail.inc.php";
6	require_once "../lib/str_process.inc.php";
7	require_once "../lib/passwd.inc.php";
8	require_once "./common_lib.inc.php";
9	require_once "./session_init.inc.php";
10	require_once "./reg_check.inc.php";
11
12	force_login();
13
14	$data = json_decode(file_get_contents("php://input"), true);
15
16	$nickname = (isset($data["nickname"]) ? trim($data["nickname"]) : "");
17	$realname = (isset($data["realname"]) ? trim($data["realname"]) : "");
18	$gender = (isset($data["gender"]) ? $data["gender"] : "");
19	$gender_public = (isset($data["gender_public"]) && $data["gender_public"] == "1" ? 1 : 0);
20	$email = (isset($data["email"]) ? trim($data["email"]) : "");
21	$year = (isset($data["year"]) ? intval($data["year"]) : 0);
22	$month = (isset($data["month"]) ? intval($data["month"]) : 0);
23	$day = (isset($data["day"]) ? intval($data["day"]) : 0);
24	$qq = (isset($data["qq"]) ? trim($data["qq"]) : "");
25
26	$result_set = array(
27	"return" => array(
28	"code" => 0,
29	"message" => "",
30	"errorFields" => array(),
31	)
32	);
33
34	header("Content-Type:application/json; charset=utf-8");
35
36	// Validate input data
37	if ($nickname == "" \|\| preg_match("/[[:space:]]/", $nickname) \|\| str_length($nickname) > 20)
38	{
39	$result_set["return"]["code"] = -1;
40	array_push($result_set["return"]["errorFields"], array(
41	"id" => "nickname",
42	"errMsg" => "不符合格式要求",
43	));
44	}
45	else if (!check_str($nickname) && !$_SESSION["BBS_priv"]->checklevel(P_ADMIN_M \| P_ADMIN_S))
46	{
47	$result_set["return"]["code"] = -1;
48	array_push($result_set["return"]["errorFields"], array(
49	"id" => "nickname",
50	"errMsg" => "昵称不可用",
51	));
52	}
53
54	if ($realname == "" \|\| preg_match("/[\t\r\n]/", $realname) \|\| str_length($realname) > 10)
55	{
56	$result_set["return"]["code"] = -1;
57	array_push($result_set["return"]["errorFields"], array(
58	"id" => "realname",
59	"errMsg" => "不符合格式要求",
60	));
61	}
62
63	if ($gender != "M" && $gender != "F")
64	{
65	$result_set["return"]["code"] = -1;
66	array_push($result_set["return"]["errorFields"], array(
67	"id" => "gender",
68	"errMsg" => "未指定性别",
69	));
70	}
71
72	if (!preg_match("/^[A-Za-z0-9_.-]+@([A-Za-z0-9-]+[.])+[A-Za-z0-9-]+$/", $email))
73	{
74	$result_set["return"]["code"] = -1;
75	array_push($result_set["return"]["errorFields"], array(
76	"id" => "email",
77	"errMsg" => "不符合格式要求",
78	));
79	}
80
81	if (!checkdate($month, $day, $year))
82	{
83	$result_set["return"]["code"] = -1;
84	array_push($result_set["return"]["errorFields"], array(
85	"id" => "birthday",
86	"errMsg" => "非法日期",
87	));
88	}
89	else if ((new DateTimeImmutable("$year-$month-$day")) > (new DateTimeImmutable("-16 year")))
90	{
91	$result_set["return"]["code"] = -1;
92	array_push($result_set["return"]["errorFields"], array(
93	"id" => "birthday",
94	"errMsg" => "需年满16周岁才能使用本站服务",
95	));
96	}
97
98	if ($qq != "" && !preg_match("/^[0-9]{5,11}$/", $qq))
99	{
100	$result_set["return"]["code"] = -1;
101	array_push($result_set["return"]["errorFields"], array(
102	"id" => "qq",
103	"errMsg" => "不符合格式要求",
104	));
105	}
106
107	if ($result_set["return"]["code"] != 0)
108	{
109	mysqli_close($db_conn);
110	exit(json_encode($result_set));
111	}
112
113	// Secure SQL statement
114	$nickname = mysqli_real_escape_string($db_conn, $nickname);
115	$realname = mysqli_real_escape_string($db_conn, $realname);
116
117	// Begin transaction
118	$rs = mysqli_query($db_conn, "SET autocommit=0");
119	if ($rs == false)
120	{
121	$result_set["return"]["code"] = -2;
122	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
123
124	mysqli_close($db_conn);
125	exit(json_encode($result_set));
126	}
127
128	$rs = mysqli_query($db_conn, "BEGIN");
129	if ($rs == false)
130	{
131	$result_set["return"]["code"] = -2;
132	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
133
134	mysqli_close($db_conn);
135	exit(json_encode($result_set));
136	}
137
138	$sql = "SELECT nickname, email FROM user_pubinfo WHERE UID = " . $_SESSION["BBS_uid"];
139
140	$rs = mysqli_query($db_conn, $sql);
141	if ($rs == false)
142	{
143	$result_set["return"]["code"] = -2;
144	$result_set["return"]["message"] = "Query user info error: " . mysqli_error($db_conn);
145
146	mysqli_close($db_conn);
147	exit(json_encode($result_set));
148	}
149
150	if ($row = mysqli_fetch_array($rs))
151	{
152	$old_nickname = $row["nickname"];
153	$old_email = $row["email"];
154	}
155	else
156	{
157	$result_set["return"]["code"] = -2;
158	$result_set["return"]["message"] = "个人资料不存在";
159
160	mysqli_close($db_conn);
161	exit(json_encode($result_set));
162	}
163
164	mysqli_free_result($rs);
165
166	// Update nickname
167	if ($old_nickname != $nickname)
168	{
169	$sql = "SELECT DISTINCT UID FROM user_nickname WHERE nickname = '$nickname'";
170
171	$rs = mysqli_query($db_conn, $sql);
172	if ($rs == false)
173	{
174	$result_set["return"]["code"] = -2;
175	$result_set["return"]["message"] = "Query nickname error: " . mysqli_error($db_conn);
176
177	mysqli_close($db_conn);
178	exit(json_encode($result_set));
179	}
180
181	$free_change = false;
182	if ($row = mysqli_fetch_array($rs))
183	{
184	if ($row["UID"] == $_SESSION["BBS_uid"]) // Re-use old nickname
185	{
186	$free_change = true;
187	}
188	else // Unavailable nickname
189	{
190	$result_set["return"]["code"] = -1;
191	array_push($result_set["return"]["errorFields"], array(
192	"id" => "nickname",
193	"errMsg" => "昵称已存在",
194	));
195
196	mysqli_close($db_conn);
197	exit(json_encode($result_set));
198	}
199	}
200	mysqli_free_result($rs);
201
202	if (!$free_change)
203	{
204	$ret = score_change($_SESSION["BBS_uid"], -abs($BBS_nickname_change_fee), "更改昵称", $db_conn);
205	if ($ret < 0)
206	{
207	$result_set["return"]["code"] = -2;
208	$result_set["return"]["message"] = "Query score error: " . mysqli_error($db_conn);
209
210	mysqli_close($db_conn);
211	exit(json_encode($result_set));
212	}
213	else if ($ret > 0)
214	{
215	$result_set["return"]["code"] = -1;
216	array_push($result_set["return"]["errorFields"], array(
217	"id" => "nickname",
218	"errMsg" => "积分不足",
219	));
220
221	mysqli_close($db_conn);
222	exit(json_encode($result_set));
223	}
224	}
225
226	$sql = "UPDATE user_nickname SET end_dt = NOW(), end_reason = 'C'
227	WHERE UID = " . $_SESSION["BBS_uid"] . " AND end_dt IS NULL";
228
229	$rs = mysqli_query($db_conn, $sql);
230	if ($rs == false)
231	{
232	$result_set["return"]["code"] = -2;
233	$result_set["return"]["message"] = "Update old nickname error: " . mysqli_error($db_conn);
234
235	mysqli_close($db_conn);
236	exit(json_encode($result_set));
237	}
238
239	$sql = "INSERT INTO user_nickname(UID, nickname, begin_dt, begin_reason)
240	VALUES(" . $_SESSION["BBS_uid"] . ", '$nickname', NOW(), 'C')";
241
242	$rs = mysqli_query($db_conn, $sql);
243	if ($rs == false)
244	{
245	$result_set["return"]["code"] = -2;
246	$result_set["return"]["message"] = "Insert new nickname error: " . mysqli_error($db_conn);
247
248	mysqli_close($db_conn);
249	exit(json_encode($result_set));
250	}
251
252	$sql = "UPDATE user_pubinfo SET nickname = '$nickname' WHERE UID = " .
253	$_SESSION["BBS_uid"];
254
255	$rs = mysqli_query($db_conn, $sql);
256	if ($rs == false)
257	{
258	$result_set["return"]["code"] = -2;
259	$result_set["return"]["message"] = "Update nickname error: " . mysqli_error($db_conn);
260
261	mysqli_close($db_conn);
262	exit(json_encode($result_set));
263	}
264	}
265
266	// Update email
267	if ($old_email != $email)
268	{
269	$sql = "SELECT UID FROM user_pubinfo WHERE email = '$email'";
270
271	$rs = mysqli_query($db_conn, $sql);
272	if ($rs == false)
273	{
274	$result_set["return"]["code"] = -2;
275	$result_set["return"]["message"] = "Query user email error: " . mysqli_error($db_conn);
276
277	mysqli_close($db_conn);
278	exit(json_encode($result_set));
279	}
280
281	if (mysqli_num_rows($rs) >= $BBS_max_user_per_email)
282	{
283	$result_set["return"]["code"] = -1;
284	array_push($result_set["return"]["errorFields"], array(
285	"id" => "email",
286	"errMsg" => "该邮箱的使用次数已超过限制",
287	));
288
289	mysqli_close($db_conn);
290	exit(json_encode($result_set));
291	}
292	mysqli_free_result($rs);
293
294	// Generate verify code
295	$verify_code = gen_passwd(10);
296
297	$sql = "INSERT INTO user_modify_email_verify (UID, email, verify_code, dt, ip) VALUES(" .
298	$_SESSION["BBS_uid"] . ", '$email', '$verify_code', NOW(), '" . client_addr() . "')";
299
300	$rs = mysqli_query($db_conn, $sql);
301	if ($rs == false)
302	{
303	$result_set["return"]["code"] = -2;
304	$result_set["return"]["message"] = "Update email error: " . mysqli_error($db_conn);
305
306	mysqli_close($db_conn);
307	exit(json_encode($result_set));
308	}
309
310	//Send mail
311	$from = "";
312	$fromname = $BBS_name;
313	$to = $email;
314	$toname = $_SESSION["BBS_username"];
315	$subject = $BBS_name . "修改邮件地址确认";
316	$body = $_SESSION["BBS_username"] . ":\n 您好！\n" .
317	" 请访问以下链接确认更改注册邮件地址：\n" .
318	"https://$BBS_host_name/bbs/modify_email_verify.php?code=$verify_code\n\n" .
319	" 感谢您的大力支持！\n\n" .
320	$BBS_name . "\n" . date("Y年m月d日") . "\n";
321
322	$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
323	if ($ret == false)
324	{
325	$result_set["return"]["code"] = -2;
326	$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
327
328	mysqli_close($db_conn);
329	exit(json_encode($result_set));
330	}
331	}
332
333	$sql = "UPDATE user_reginfo SET name = '$realname',
334	birthday = '$year-$month-$day', signup_ip='" . client_addr() .
335	"' WHERE UID = " . $_SESSION["BBS_uid"];
336
337	$rs = mysqli_query($db_conn, $sql);
338	if ($rs == false)
339	{
340	$result_set["return"]["code"] = -2;
341	$result_set["return"]["message"] = "Update user reginfo error: " . mysqli_error($db_conn);
342
343	mysqli_close($db_conn);
344	exit(json_encode($result_set));
345	}
346
347	$sql = "UPDATE user_pubinfo SET gender = '$gender', gender_pub = $gender_public,
348	qq = '$qq' WHERE UID =" . $_SESSION["BBS_uid"];
349
350	$rs = mysqli_query($db_conn, $sql);
351	if ($rs == false)
352	{
353	$result_set["return"]["code"] = -2;
354	$result_set["return"]["message"] = "Update user pubinfo error: " . mysqli_error($db_conn);
355
356	mysqli_close($db_conn);
357	exit(json_encode($result_set));
358	}
359
360	$sql = "INSERT INTO user_modify_log(UID, modify_dt, modify_ip, complete) VALUES(".
361	$_SESSION["BBS_uid"] . ", NOW(), '" . client_addr() . "', 1)";
362
363	$rs = mysqli_query($db_conn, $sql);
364	if ($rs == false)
365	{
366	$result_set["return"]["code"] = -2;
367	$result_set["return"]["message"] = "Add log error: " . mysqli_error($db_conn);
368
369	mysqli_close($db_conn);
370	exit(json_encode($result_set));
371	}
372
373	//Send mail
374	$from = "";
375	$fromname = $BBS_name;
376	$to = $old_email;
377	$toname = $_SESSION["BBS_username"];
378	$subject = $BBS_name . "用户资料更改通知";
379	$body = $_SESSION["BBS_username"] . ":\n 您好！\n" .
380	" 您在本站的注册资料已经于" . date("Y年m月d日 H:i:s") . "更改。\n" .
381	" 为了您的个人资料的安全，如果此情况与事实不符，请立即与我们联系。\n\n" .
382	$BBS_name . "\n" . date("Y年m月d日") . "\n";
383
384	$ret = send_mail($from, $fromname, $to, $toname, $subject, $body, $db_conn);
385	if ($ret == false)
386	{
387	$result_set["return"]["code"] = -2;
388	$result_set["return"]["message"] = "Add email error: " . mysqli_error($db_conn);
389
390	mysqli_close($db_conn);
391	exit(json_encode($result_set));
392	}
393
394	// Commit transaction
395	$rs = mysqli_query($db_conn, "COMMIT");
396	if ($rs == false)
397	{
398	$result_set["return"]["code"] = -2;
399	$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
400
401	mysqli_close($db_conn);
402	exit(json_encode($result_set));
403	}
404
405	mysqli_close($db_conn);
406	exit(json_encode($result_set));
407	?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1