<?php
/**
* 修改资料
*
* @version $id:edit_baseinfo.php 8:38 2010年7月9日 tianya $
* @package DedeBIZ.User
* @copyright Copyright (c) 2022 DedeBIZ.COM
* @license GNU GPL v2 (https://www.dedebiz.com/license)
* @link https://www.dedebiz.com
*/
require_once(dirname(__FILE__)."/config.php");
CheckRank(0, 0);//禁止游客操作
$menutype = 'config';
if (!isset($dopost)) $dopost = '';
$pwd2 = (empty($pwd2)) ? "" : $pwd2;
$row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='".$cfg_ml->M_ID."'");
$face = $row['face'];
$newface = isset($newface)? $newface : '';
if ($dopost == 'save') {
//校验CSRF
CheckCSRF();
if ($userpwd != $userpwdok) {
ShowMsg('您两次输入的新密码不一致', 'edit_baseinfo.php');
exit();
}
$addupquery = '';
$admaddupquery = '';
$pp = "pwd";
$pwd = '';
if ($userpwd == '') {
if (function_exists('password_hash')) {
$pp = "pwd_new";
$pwd = $row['pwd_new'];
$addupquery = ',pwd=\'\'';
} else {
$pwd = $row['pwd'];
}
} else {
if (function_exists('password_hash'))
{
$pp = "pwd_new";
$pwd = password_hash($userpwd, PASSWORD_BCRYPT);
$pwd2 = password_hash($userpwd, PASSWORD_BCRYPT);
$addupquery = ',pwd=\'\'';
$admaddupquery = ',pwd=\'\'';
} else {
$pwd = md5($userpwd);
$pwd2 = substr(md5($userpwd), 5, 20);
}
}
//修改头像
$target_file = $cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}/newface.png";
if (!empty($newface) && file_exists($target_file)) {
$rnd = mt_rand(10000, 99999);
rename($target_file, $cfg_basedir.$cfg_user_dir."/{$cfg_ml->M_ID}/face{$rnd}.png");
$target_url = $cfg_mediasurl.'/userup'."/{$cfg_ml->M_ID}/face{$rnd}.png";
$addupquery = ",face='{$target_url}'";
@unlink($target_file);
}
//修改安全问题或邮箱
if ($email != $row['email'] || ($newsafequestion != 0 && $newsafeanswer != '')) {
if ($row['safequestion'] != 0 && ($row['safequestion'] != $safequestion || $row['safeanswer'] != $safeanswer)) {
ShowMsg('您的旧安全问题及答案不正确,不能修改邮箱或安全问题', 'edit_baseinfo.php');
exit();
}
//修改邮箱
if (!empty($email)) {
if ($email != $row['email']) {
if (!CheckEmail($email)) {
ShowMsg('邮箱格式不正确', 'edit_baseinfo.php');
exit();
} else {
$addupquery .= ",email='$email',spacesta='-10'";
}
}
}
//修改安全问题
if ($newsafequestion != 0 && $newsafeanswer != '') {
if (strlen($newsafeanswer) > 30) {
ShowMsg('您的新安全问题的答案太长了,请保持在30字节以内', 'edit_baseinfo.php');
exit();
} else {
$newsafequestion = HtmlReplace($newsafequestion, 1);
$newsafeanswer = HtmlReplace($newsafeanswer, 1);
$addupquery .= ",safequestion='$newsafequestion',safeanswer='$newsafeanswer'";
}
}
}
//修改uname
if ($uname != $row['uname']) {
$rs = CheckUserID($uname, '昵称或公司名称', FALSE);
if ($rs != 'ok') {
ShowMsg($rs, 'edit_baseinfo.php');
exit();
}
$addupquery .= ",uname='$uname'";
}
//性别
if (!in_array($sex, array('男', '女', '保密'))) {
ShowMsg('请选择正常的性别', 'edit_baseinfo.php');
exit();
}
$query1 = "UPDATE `#@__member` SET $pp='$pwd',sex='$sex'{$addupquery} WHERE mid='".$cfg_ml->M_ID."' ";
$dsql->ExecuteNoneQuery($query1);
//如果是管理员,修改其后台密码
if ($cfg_ml->fields['matt'] == 10 && $pwd2 != "") {
$query2 = "UPDATE `#@__admin` SET $pp='$pwd2'{$admaddupquery} WHERE id='".$cfg_ml->M_ID."' ";
$dsql->ExecuteNoneQuery($query2);
}
//清除会员缓存
$cfg_ml->DelCache($cfg_ml->M_ID);
ShowMsg('成功更新您的基本资料', 'edit_baseinfo.php', 0, 5000);
exit();
}
include(DEDEMEMBER."/templets/edit_baseinfo.htm");
?>