S2OJ/web/app/controllers/user_info_edit.php

213 lines
7.8 KiB
PHP
Raw Normal View History

2016-07-18 16:39:37 +00:00
<?php
if (!Auth::check()) {
redirectToLogin();
}
2022-04-03 10:18:17 +00:00
if (!validateUsername($_GET['username']) || !($user = queryUser($_GET['username']))) {
become404Page();
}
if (!isSuperUser($myUser) && $myUser['username'] != $user['username']) {
become403Page();
}
2016-07-18 16:39:37 +00:00
function handlePost() {
global $myUser, $user;
if ($user['username'] == Auth::id()) {
if (!isset($_POST['old_password'])) {
return '无效表单';
}
$old_password = $_POST['old_password'];
if (!validatePassword($old_password) || !checkPassword($user, $old_password)) {
return "失败:密码错误。";
}
2016-07-18 16:39:37 +00:00
}
2020-06-25 12:41:16 +00:00
if ($_POST['ptag']) {
2016-07-18 16:39:37 +00:00
$password = $_POST['password'];
2020-06-25 12:41:16 +00:00
if (!validatePassword($password)) {
2016-07-18 16:39:37 +00:00
return "失败:无效密码。";
}
$password = getPasswordToStore($password, $user['username']);
DB::update("update user_info set password = '$password' where username = '{$user['username']}'");
2016-07-18 16:39:37 +00:00
}
$email = $_POST['email'];
2020-06-25 12:41:16 +00:00
if (!validateEmail($email)) {
2016-07-18 16:39:37 +00:00
return "失败:无效电子邮箱。";
}
$esc_email = DB::escape($email);
DB::update("update user_info set email = '$esc_email' where username = '{$user['username']}'");
2016-07-18 16:39:37 +00:00
2020-06-25 12:41:16 +00:00
if ($_POST['Qtag']) {
2016-07-18 16:39:37 +00:00
$qq = $_POST['qq'];
2020-06-25 12:41:16 +00:00
if (!validateQQ($qq)) {
2016-07-18 16:39:37 +00:00
return "失败无效QQ。";
}
$esc_qq = DB::escape($qq);
DB::update("update user_info set qq = '$esc_qq' where username = '{$user['username']}'");
2020-06-25 12:41:16 +00:00
} else {
DB::update("update user_info set QQ = NULL where username = '{$user['username']}'");
2020-06-25 12:41:16 +00:00
}
if ($_POST['sex'] == "U" || $_POST['sex'] == 'M' || $_POST['sex'] == 'F') {
2016-07-18 16:39:37 +00:00
$sex = $_POST['sex'];
$esc_sex = DB::escape($sex);
DB::update("update user_info set sex = '$esc_sex' where username = '{$user['username']}'");
2016-07-18 16:39:37 +00:00
}
if (validateMotto($_POST['motto'])) {
$esc_motto = DB::escape($_POST['motto']);
DB::update("update user_info set motto = '$esc_motto' where username = '{$user['username']}'");
2016-07-18 16:39:37 +00:00
}
return "ok";
}
if (isset($_POST['change'])) {
die(handlePost());
}
2022-09-18 04:58:35 +00:00
?>
2016-07-18 16:39:37 +00:00
<?php
$REQUIRE_LIB['dialog'] = '';
$REQUIRE_LIB['md5'] = '';
2022-09-18 04:58:35 +00:00
?>
2016-07-18 16:39:37 +00:00
<?php echoUOJPageHeader(UOJLocale::get('modify my profile')) ?>
<h2 class="page-header">
<?php if ($user['username'] == Auth::id()): ?>
<?= UOJLocale::get('modify my profile') ?>
<?php else: ?>
修改 <?= $user['username'] ?> 的个人信息
<?php endif ?>
</h2>
<?php if (isSuperUser($myUser)): ?>
<p>您正在使用管理特权修改 <?= $user['username'] ?> 的个人信息。</p>
<?php endif ?>
2016-07-18 16:39:37 +00:00
<form id="form-update" class="form-horizontal">
<?php if ($user['username'] == Auth::id()): ?>
2016-07-18 16:39:37 +00:00
<h4><?= UOJLocale::get('please enter your password for authorization') ?></h4>
<div id="div-old_password" class="form-group">
<label for="input-old_password" class="col-sm-2 control-label"><?= UOJLocale::get('password') ?></label>
<div class="col-sm-3">
<input type="password" class="form-control" name="old_password" id="input-old_password" placeholder="<?= UOJLocale::get('enter your password') ?>" maxlength="20" />
<span class="help-block" id="help-old_password"></span>
</div>
</div>
<?php endif ?>
2016-07-18 16:39:37 +00:00
<h4><?= UOJLocale::get('please enter your new profile') ?></h4>
<div id="div-password" class="form-group">
<label for="input-password" class="col-sm-2 control-label"><?= UOJLocale::get('new password') ?></label>
<div class="col-sm-3">
<input type="password" class="form-control" id="input-password" name="password" placeholder="<?= UOJLocale::get('enter your new password') ?>" maxlength="20" />
<input type="password" class="form-control top-buffer-sm" id="input-confirm_password" placeholder="<?= UOJLocale::get('re-enter your new password') ?>" maxlength="20" />
<span class="help-block" id="help-password"><?= UOJLocale::get('leave it blank if you do not want to change the password') ?></span>
</div>
</div>
<div id="div-email" class="form-group">
<label for="input-email" class="col-sm-2 control-label"><?= UOJLocale::get('email') ?></label>
<div class="col-sm-3">
<input type="email" class="form-control" name="email" id="input-email" value="<?=$user['email']?>" placeholder="<?= UOJLocale::get('enter your email') ?>" maxlength="50" />
2016-07-18 16:39:37 +00:00
<span class="help-block" id="help-email"></span>
</div>
</div>
<div id="div-qq" class="form-group">
<label for="input-qq" class="col-sm-2 control-label"><?= UOJLocale::get('QQ') ?></label>
<div class="col-sm-3">
<input type="text" class="form-control" name="qq" id="input-qq" value="<?= $user['qq'] != 0 ? $user['qq'] : '' ?>" placeholder="<?= UOJLocale::get('enter your QQ') ?>" maxlength="50" />
2016-07-18 16:39:37 +00:00
<span class="help-block" id="help-qq"></span>
</div>
</div>
<div id="div-sex" class="form-group">
<label for="input-sex" class="col-sm-2 control-label"><?= UOJLocale::get('sex') ?></label>
<div class="col-sm-3">
<select class="form-control" id="input-sex" name="sex">
<option value="U"<?= $user['sex'] == 'U' ? ' selected="selected"' : ''?>><?= UOJLocale::get('refuse to answer') ?></option>
<option value="M"<?= $user['sex'] == 'M' ? ' selected="selected"' : ''?>><?= UOJLocale::get('male') ?></option>
<option value="F"<?= $user['sex'] == 'F' ? ' selected="selected"' : ''?>><?= UOJLocale::get('female') ?></option>
2016-07-18 16:39:37 +00:00
</select>
</div>
</div>
<div id="div-motto" class="form-group">
<label for="input-motto" class="col-sm-2 control-label"><?= UOJLocale::get('motto') ?></label>
<div class="col-sm-3">
<textarea class="form-control" id="input-motto" name="motto"><?=HTML::escape($user['motto'])?></textarea>
<span class="help-block" id="help-motto">格言支持 Markdown 语法。</span>
2016-07-18 16:39:37 +00:00
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-3">
<p class="form-control-static"><strong><?= UOJLocale::get('change avatar help') ?></strong></p>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-3">
<button type="submit" id="button-submit" class="btn btn-secondary"><?= UOJLocale::get('submit') ?></button>
2016-07-18 16:39:37 +00:00
</div>
</div>
</form>
<script type="text/javascript">
function validateUpdatePost() {
var ok = true;
ok &= getFormErrorAndShowHelp('email', validateEmail);
<?php if ($user['username'] == Auth::id()): ?>
2016-07-18 16:39:37 +00:00
ok &= getFormErrorAndShowHelp('old_password', validatePassword);
<?php endif ?>
2016-07-18 16:39:37 +00:00
if ($('#input-password').val().length > 0)
ok &= getFormErrorAndShowHelp('password', validateSettingPassword);
if ($('#input-qq').val().length > 0)
ok &= getFormErrorAndShowHelp('qq', validateQQ);
ok &= getFormErrorAndShowHelp('motto', validateMotto);
return ok;
}
function submitUpdatePost() {
if (!validateUpdatePost())
return;
$.post('', {
2016-07-18 16:39:37 +00:00
change : '',
etag : $('#input-email').val().length,
ptag : $('#input-password').val().length,
Qtag : $('#input-qq').val().length,
email : $('#input-email').val(),
password : md5($('#input-password').val(), "<?= getPasswordClientSalt() ?>"),
<?php if ($user['username'] == Auth::id()): ?>
2016-07-18 16:39:37 +00:00
old_password : md5($('#input-old_password').val(), "<?= getPasswordClientSalt() ?>"),
<?php endif ?>
2016-07-18 16:39:37 +00:00
qq : $('#input-qq').val(),
sex : $('#input-sex').val(),
motto : $('#input-motto').val()
}, function(msg) {
if (msg == 'ok') {
BootstrapDialog.show({
title : '修改成功',
message : '用户信息修改成功',
type : BootstrapDialog.TYPE_SUCCESS,
buttons : [{
label: '好的',
action: function(dialog) {
dialog.close();
}
}],
onhidden : function(dialog) {
window.location.href = '/user/<?=$user['username']?>';
2016-07-18 16:39:37 +00:00
}
});
} else {
BootstrapDialog.show({
title : '修改失败',
message : msg,
type : BootstrapDialog.TYPE_DANGER,
buttons: [{
label: '好的',
action: function(dialog) {
dialog.close();
}
}],
});
}
});
}
$(document).ready(function(){$('#form-update').submit(function(e) {submitUpdatePost();e.preventDefault();});
});
</script>
<?php echoUOJPageFooter() ?>