DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 26 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
463 Commits
2 Branches
1.0GB
Tree: 263f7a8e79
DedeV6/public/user/edit_baseinfo.php

104 lines
3.4KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * @version        $Id: edit_baseinfo.php 1 8:38 2010年7月9日Z tianya $

  4.  * @package        DedeBIZ.User

  5.  * @copyright      Copyright (c) 2022, DedeBIZ.COM

  6.  * @license        https://www.dedebiz.com/license

  7.  * @link           https://www.dedebiz.com

  8.  */

  9. require_once(dirname(__FILE__)."/config.php");

  10. CheckRank(0, 0);

  11. $menutype = 'config';

  12. if (!isset($dopost)) $dopost = '';

  13. 

  14. $pwd2 = (empty($pwd2)) ? "" : $pwd2;

  15. $row = $dsql->GetOne("SELECT  * FROM `#@__member` WHERE mid='".$cfg_ml->M_ID."'");

  16. $face = $row['face'];

  17. if ($dopost == 'save') {

  18.     $svali = GetCkVdValue();

  19. 

  20.     //校验CSRF

  21.     CheckCSRF();

  22. 

  23.     if (strtolower($vdcode) != $svali || $svali == '') {

  24.         ReSETVdValue();

  25.         ShowMsg('验证码错误', '-1');

  26.         exit();

  27.     }

  28.     if (!is_array($row) || $row['pwd'] != md5($oldpwd)) {

  29.         ShowMsg('您输入的旧密码错误或没填写,不允许修改资料', '-1');

  30.         exit();

  31.     }

  32.     if ($userpwd != $userpwdok) {

  33.         ShowMsg('您两次输入的新密码不一致', '-1');

  34.         exit();

  35.     }

  36.     if ($userpwd == '') {

  37.         $pwd = $row['pwd'];

  38.     } else {

  39.         $pwd = md5($userpwd);

  40.         $pwd2 = substr(md5($userpwd), 5, 20);

  41.     }

  42.     $addupquery = '';

  43. 

  44.     //修改安全问题或Email

  45.     if ($email != $row['email'] || ($newsafequestion != 0 && $newsafeanswer != '')) {

  46.         if ($row['safequestion'] != 0 && ($row['safequestion'] != $safequestion || $row['safeanswer'] != $safeanswer)) {

  47.             ShowMsg('您的旧安全问题及答案不正确,不能修改Email或安全问题', '-1');

  48.             exit();

  49.         }

  50. 

  51.         //修改Email

  52.         if ($email != $row['email']) {

  53.             if (!CheckEmail($email)) {

  54.                 ShowMsg('Email格式不正确', '-1');

  55.                 exit();

  56.             } else {

  57.                 $addupquery .= ",email='$email'";

  58.             }

  59.         }

  60. 

  61.         //修改安全问题

  62.         if ($newsafequestion != 0 && $newsafeanswer != '') {

  63.             if (strlen($newsafeanswer) > 30) {

  64.                 ShowMsg('您的新安全问题的答案太长了,请保持在30字节以内', '-1');

  65.                 exit();

  66.             } else {

  67.                 $newsafequestion = HtmlReplace($newsafequestion, 1);

  68.                 $newsafeanswer = HtmlReplace($newsafeanswer, 1);

  69.                 $addupquery .= ",safequestion='$newsafequestion',safeanswer='$newsafeanswer'";

  70.             }

  71.         }

  72.     }

  73. 

  74.     //修改uname

  75.     if ($uname != $row['uname']) {

  76.         $rs = CheckUserID($uname, '昵称或公司名称', FALSE);

  77.         if ($rs != 'ok') {

  78.             ShowMsg($rs, '-1');

  79.             exit();

  80.         }

  81.         $addupquery .= ",uname='$uname'";

  82.     }

  83. 

  84.     //性别

  85.     if (!in_array($sex, array('男', '女', '保密'))) {

  86.         ShowMsg('请选择正常的性别', '-1');

  87.         exit();

  88.     }

  89. 

  90.     $query1 = "UPDATE `#@__member` SET pwd='$pwd',sex='$sex'{$addupquery} where mid='".$cfg_ml->M_ID."' ";

  91.     $dsql->ExecuteNoneQuery($query1);

  92. 

  93.     //如果是管理员,修改其后台密码

  94.     if ($cfg_ml->fields['matt'] == 10 && $pwd2 != "") {

  95.         $query2 = "UPDATE `#@__admin` SET pwd='$pwd2' where id='".$cfg_ml->M_ID."' ";

  96.         $dsql->ExecuteNoneQuery($query2);

  97.     }

  98.     //清除会员缓存

  99.     $cfg_ml->DelCache($cfg_ml->M_ID);

  100.     ShowMsg('成功更新您的基本资料', 'edit_baseinfo.php', 0, 5000);

  101.     exit();

  102. }

  103. include(DEDEMEMBER."/templets/edit_baseinfo.htm");