|
- <?php
-
- /**
- * @version $Id: edit_fullinfo.php 1 8:38 2010年7月9日Z tianya $
- * @package DedeCMS.Member
- * @copyright Copyright (c) 2007 - 2020, DesDev, Inc.
- * @license http://help.dedecms.com/usersguide/license.html
- * @link http://www.dedecms.com
- */
- require_once(dirname(__FILE__) . '/config.php');
- require_once DEDEINC . '/membermodel.cls.php';
- require_once(DEDEINC . "/userlogin.class.php");
- CheckRank(0, 0);
- require_once(DEDEINC . '/enums.func.php');
- $menutype = 'config';
- if (!isset($dopost)) $dopost = '';
-
- if ($dopost == '') {
-
-
- $membermodel = new membermodel($cfg_ml->M_MbType);
- $modelform = $dsql->GetOne("SELECT * FROM #@__member_model WHERE id='$membermodel->modid' ");
- if (!is_array($modelform)) {
- showmsg('模型表单不存在', '-1');
- exit();
- }
- $row = $dsql->GetOne("SELECT * FROM " . $modelform['table'] . " WHERE mid=$cfg_ml->M_ID");
- if (!is_array($row)) {
- showmsg("你访问的记录不存在或未经审核", '-1');
- exit();
- }
- $postform = $membermodel->getForm('edit', $row, 'membermodel');
- include(DEDEMEMBER . "/templets/edit_fullinfo.htm");
- exit();
- }
- /*------------------------
- function __Save()
- ------------------------*/
- if ($dopost == 'save') {
- // 校验CSRF
- CheckCSRF();
-
- $membermodel = new membermodel($cfg_ml->M_MbType);
- $postform = $membermodel->getForm(true);
-
- //这里完成详细内容填写
- $dede_fields = empty($dede_fields) ? '' : trim($dede_fields);
- $dede_fieldshash = empty($dede_fieldshash) ? '' : trim($dede_fieldshash);
- $modid = empty($modid) ? 0 : intval(preg_replace("/[^\d]/", '', $modid));
-
- if (!empty($dede_fields)) {
- if ($dede_fieldshash != md5($dede_fields . $cfg_cookie_encode)) {
- showMsg('数据校验不对,程序返回', '-1');
- exit();
- }
- }
- $modelform = $dsql->GetOne("SELECT * FROM #@__member_model WHERE id='$modid' ");
- if (!is_array($modelform)) {
- showmsg('模型表单不存在', '-1');
- exit();
- }
-
- $inadd_f = '';
- if (!empty($dede_fields)) {
- $fieldarr = explode(';', $dede_fields);
- if (is_array($fieldarr)) {
- foreach ($fieldarr as $field) {
- if ($field == '') continue;
- $fieldinfo = explode(',', $field);
- if ($fieldinfo[1] == 'textdata') {
- ${$fieldinfo[0]} = FilterSearch(stripslashes(${$fieldinfo[0]}));
- ${$fieldinfo[0]} = addslashes(${$fieldinfo[0]});
- } else if ($fieldinfo[1] == 'img') {
- ${$fieldinfo[0]} = addslashes(${$fieldinfo[0]});
- } else {
- if (empty(${$fieldinfo[0]})) ${$fieldinfo[0]} = '';
- ${$fieldinfo[0]} = GetFieldValue(${$fieldinfo[0]}, $fieldinfo[1], 0, 'add', '', 'diy', $fieldinfo[0]);
- }
- if ($fieldinfo[0] == "birthday") ${$fieldinfo[0]} = GetDateMk(${$fieldinfo[0]});
- ${$fieldinfo[0]} = HtmlReplace(${$fieldinfo[0]}, -1);
- $inadd_f .= ',' . $fieldinfo[0] . " ='" . ${$fieldinfo[0]} . "'";
- }
- }
- }
- $inadd_f = preg_replace('/,/', '', $inadd_f, 1);
- $query = "UPDATE `{$membermodel->table}` set {$inadd_f} WHERE mid='{$cfg_ml->M_ID}'";
-
- // 清除缓存
- $cfg_ml->DelCache($cfg_ml->M_ID);
-
- if (!$dsql->ExecuteNoneQuery($query)) {
- ShowMsg("更新附加表 `{$membermodel->table}` 时出错,请联系管理员!", "javascript:;");
- exit();
- } else {
- ShowMsg('成功更新你的详细资料!', 'edit_fullinfo.php', 0, 5000);
- exit();
- }
- }
|