require_once "query/message.php";
$DOJSS = $_COOKIE['DOJSS'];
$name = safe($_POST['name']);
$pwd = safe($_POST['password']);
$user = checkDOJSS($DOJSS);
if (!checkName($name)) {
send(1, $err['invalidName']);
}
if ($user) {
if ($user->name == $name) {
send(2, $warning['sameMsg']);
}
if ($u = getUserByName($name)) {
if ($u->id != $user->id) {
send(1, $err['sameName']);
}
}
if (dc_decrypt($user->password, $key_pwd) != $pwd) {
send(1, $err['wrongPwd']);
}
$uid = $user->id;
mysql_query("UPDATE `users` SET \n\t\t\t`name` = '{$name}'\n\t\tWHERE `id` = {$uid} ");
if (mysql_affected_rows()) {
send(0, $tip['changedName'], "\$('#myName').html('{$name}');");
} else {
send(1, $err['notSaved']);
}
} else {
send(1, $err['wrongDOJSS']);
}
function checkDOJSS($dojss)
{
global $key_log;
$res = json_decode(dc_decrypt($dojss, $key_log));
if ($res == '') {
return false;
}
if (isset($res->i)) {
$i = $res->i;
} else {
$i = "";
}
if (isset($res->p)) {
$p = $res->p;
} else {
$p = "";
}
$o = getUserByID($i);
if ($o == null) {
return false;
}
if (md5($o->password) != $p) {
return false;
}
return $o;
}