public function save()
{
$token = $this->input->post('token', TRUE);
if ($token != $_SESSION['token']) {
msg_url(L('edit_02'), 'javascript:history.back();');
}
$userinfo['nichen'] = $this->input->post('usernichen', TRUE, TRUE);
$userinfo['email'] = $this->input->post('useremail', TRUE, TRUE);
$userinfo['tel'] = $this->input->post('usertel', TRUE, TRUE);
$userinfo['qq'] = $this->input->post('userqq', TRUE, TRUE);
$userinfo['sex'] = intval($this->input->post('usersex'));
$userinfo['city'] = $this->input->post('usercity', TRUE, TRUE);
$userinfo['qianm'] = $this->input->post('userqianm', TRUE);
if (empty($userinfo['nichen']) || !is_username($userinfo['nichen'], 1)) {
msg_url(L('edit_03'), 'javascript:history.back();');
}
if (empty($userinfo['email']) || !is_email($userinfo['email'])) {
msg_url(L('edit_04'), 'javascript:history.back();');
}
if (empty($userinfo['tel']) || !is_tel($userinfo['tel'])) {
msg_url(L('edit_05'), 'javascript:history.back();');
}
if (!empty($userinfo['qq']) && !is_qq($userinfo['qq'])) {
msg_url(L('edit_06'), 'javascript:history.back();');
}
//判断昵称是否注册
$nichen = $this->db->query("select id from " . CS_SqlPrefix . "user where nichen='" . $userinfo['nichen'] . "' and id!=" . $_SESSION['cscms__id'] . "")->row();
if ($nichen) {
msg_url(L('edit_07'), 'javascript:history.back();');
}
//判断邮箱是否注册
$email = $this->db->query("select id from " . CS_SqlPrefix . "user where email='" . $userinfo['email'] . "' and id!=" . $_SESSION['cscms__id'] . "")->row();
if ($email) {
msg_url(L('edit_08'), 'javascript:history.back();');
}
//判断手机是否注册
$tel = $this->db->query("select id from " . CS_SqlPrefix . "user where tel='" . $userinfo['tel'] . "' and id!=" . $_SESSION['cscms__id'] . "")->row();
if ($tel) {
msg_url(L('edit_09'), 'javascript:history.back();');
}
//修改入库
$this->CsdjDB->get_update('user', $_SESSION['cscms__id'], $userinfo);
msg_url(L('edit_10'), 'javascript:history.back();');
}
if ($amount < 1) {
$amount = 1;
}
$company = dhtmlspecialchars($company);
$truename = dhtmlspecialchars($truename);
if (strlen($truename) < 2 * DT_CHARLEN) {
message($L['msg_type_truename']);
}
if (!is_mobile($mobile)) {
message($L['msg_type_mobile']);
}
$areaid = intval($areaid);
$address = dhtmlspecialchars($address);
preg_match("/^[0-9]{6}\$/", $postcode) or $postcode = '';
is_email($email) or $email = '';
is_qq($qq) or $qq = '';
$content = dhtmlspecialchars($content);
$user = $item['username'];
$title = addslashes($item['title']);
$db->query("INSERT INTO {$table_order} (id,user,title,amount,company,truename,mobile,areaid,address,postcode,email,qq,content,addtime,username,ip) VALUES ('{$itemid}','{$user}','{$title}','{$amount}','{$company}','{$truename}','{$mobile}','{$areaid}','{$address}','{$postcode}','{$email}','{$qq}','{$content}','{$DT_TIME}','{$_username}','{$DT_IP}')");
$db->query("UPDATE {$table} SET orders=orders+1 WHERE itemid={$itemid}");
message($L['msg_sign_success'], $linkurl, 3);
} else {
if ($_userid) {
$user = userinfo($_username);
$company = $user['company'];
$truename = $user['truename'];
$mobile = $user['mobile'];
$areaid = $user['areaid'];
$address = $user['address'];
$postcode = $user['postcode'];
public function ajax_profile()
{
if (!$this->input->is_ajax_request()) {
return;
}
header('Content-Type:application/json; charset=utf-8');
$fields = array('nickname', 'email', 'phone', 'qq', 'wechat');
$updates = array();
foreach ($fields as $field) {
if (!isset($_POST[$field])) {
echo json_encode(array('ack' => true, 'msg' => '缺少' . $field));
return;
} elseif ($_POST[$field] == $_SESSION[$field]) {
// 如果提交数据无修改
unset($_POST[$field]);
unset($fields[$field]);
} else {
$updates[$field] = $_POST[$field];
}
}
if (empty($updates)) {
echo json_encode(array('ack' => false, 'msg' => '个人资料无修改'));
return;
}
// 验证
$this->load->library('form_validation');
$this->form_validation->set_message('required', '必须填写{field}');
$this->form_validation->set_message('min_length', '{field}至少{param}个字符');
$this->form_validation->set_message('max_length', '{field}至多{param}个字符');
$this->form_validation->set_message('valid_email', '{field}无效');
$this->form_validation->set_message('is_unique', '{field}已存在');
$this->form_validation->set_error_delimiters('', '');
// 为了is_unique载入db
$this->load->database();
isset($_POST['nickname']) && $this->form_validation->set_rules('nickname', '昵称', 'trim|min_length[2]|max_length[20]|is_unique[admin_user.username]|is_unique[admin_user.nickname]');
isset($_POST['email']) && $this->form_validation->set_rules('email', 'Email', 'required|valid_email');
isset($_POST['phone']) && $this->form_validation->set_rules('phone', '手机', array('required', 'is_natural', 'exact_length[11]', 'is_unique[admin_user.phone]', array('is_phone', function ($str) {
if (!is_phone($str)) {
$this->form_validation->set_message('is_phone', '{field}无效');
return false;
}
return true;
})));
isset($_POST['qq']) && $this->form_validation->set_rules('qq', 'QQ', array('is_qq', function ($str) {
if (empty($str)) {
$updates['qq'] = 0;
} elseif (!is_qq($str)) {
$this->form_validation->set_message('is_qq', '{field}无效');
return false;
}
return true;
}));
isset($_POST['wechat']) && $this->form_validation->set_rules('wechat', '微信', array('is_wechat', function ($str) {
if (!is_wechat($str)) {
$this->form_validation->set_message('is_wechat', '{field}无效');
return false;
}
return true;
}));
if (!$this->form_validation->run()) {
echo json_encode(array('ack' => false, 'msg' => $this->form_validation->error_string()));
return;
}
$this->load->model('user_model');
$this->user_model->update($_SESSION['uid'], $updates);
// 修改了个人资料,需要更新session
$this->user_model->update_session();
echo json_encode(array('ack' => true, 'msg' => '修改成功'));
return;
}
private function _validate_userinfo(&$data)
{
if (isset($data['username'])) {
$data['username'] = strtolower(trim($data['username']));
if (!is_username($data['username'])) {
return '用户名不合法';
}
}
if (isset($data['email'])) {
$data['email'] = strtolower(trim($data['email']));
if (!$data['email']) {
return 'Email不合法';
}
}
if (isset($data['phone'])) {
$data['phone'] = (int) $data['phone'];
if (!is_phone($data['phone'])) {
return '手机号不合法';
}
}
if (isset($data['password'])) {
if (!is_password($data['password'])) {
return '密码不合法';
}
}
if (isset($data['qq'])) {
$data['qq'] = (int) $data['qq'];
!is_qq($data['qq']) && ($data['qq'] = 0);
}
isset($data['wechat']) && !is_wechat($data['wechat']) && ($data['wechat'] = '');
return true;
}
if ($_username) {
dheader($go);
}
$filename = get_chat_file(get_chat_id($chatuser, $touser));
if (is_file($filename)) {
dheader($go);
}
require DT_ROOT . '/include/post.func.php';
strlen($truename) > 2 or dalert('请填写联系人', 'goback');
is_telephone($telephone) or dalert('请填写联系电话', 'goback');
$truename = htmlspecialchars($truename);
$word = '您好,我是' . $truename . ',电话:' . $telephone;
if (is_email($email)) {
$word .= ',电子邮箱:' . $email;
}
if (is_qq($qq)) {
$word .= ',QQ:' . $qq;
}
file_put($filename, '<?php exit;?>');
if ($fp = fopen($filename, 'a')) {
fwrite($fp, $DT_TIME . '|' . $chatuser . '|' . $word . "\n");
fclose($fp);
}
$db->query("UPDATE {$DT_PRE}member SET chat=chat+1 WHERE username='******'");
dheader($go);
break;
default:
if (isset($touser) && check_name($touser)) {
if ($touser == $_username) {
dalert('不能与自己对话', 'chat.php');
}
