public function act_edit_profile () {
global $ecs,$db;
checkLogin();
$user_id = intval($_SESSION['user_id']);
include_once('includes/lib_transaction.php');
$birthday = trim($_GET['birthdayYear']).'-'.trim($_GET['birthdayMonth']).'-'.trim($_GET['birthdayDay']);
$email = isset($_GET['email']) ? trim($_GET['email']): '';
$other['msn'] = $msn = isset($_GET['extend_field1']) ? trim($_GET['extend_field1']) : '';
$other['qq'] = $qq = isset($_GET['extend_field2']) ? trim($_GET['extend_field2']) : '';
$other['office_phone'] = $office_phone = isset($_GET['extend_field3']) ? trim($_GET['extend_field3']) : '';
$other['home_phone'] = $home_phone = isset($_GET['extend_field4']) ? trim($_GET['extend_field4']) : '';
$other['mobile_phone'] = $mobile_phone = isset($_GET['extend_field5']) ? trim($_GET['extend_field5']) : '';
/* 更新用户扩展字段的数据 */
$sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; //读出所有扩展字段的id
$fields_arr = $db->getAll($sql);
foreach ($fields_arr AS $val) //循环更新扩展用户信息
{
$extend_field_index = 'extend_field' . $val['id'];
if(isset($_GET[$extend_field_index]))
{
$temp_field_content = strlen($_GET[$extend_field_index]) > 100 ? mb_substr(htmlspecialchars($_GET[$extend_field_index]), 0, 99) : htmlspecialchars($_GET[$extend_field_index]);
$sql = 'SELECT * FROM ' . $ecs->table('reg_extend_info') . " WHERE reg_field_id = '$val[id]' AND user_id = '$user_id'";
if ($db->getOne($sql)) //如果之前没有记录,则插入
{
$sql = 'UPDATE '.$ecs->table('reg_extend_info')." SET content='$temp_field_content' WHERE reg_field_id='$val[id]' AND user_id = '$user_id'";
}
else
{
$sql = 'INSERT INTO '.$ecs->table('reg_extend_info')." (`user_id`, `reg_field_id`, `content`) VALUES ('$user_id', '$val[id]', '$temp_field_content')";
}
$db->query($sql);
}
}
if (!empty($office_phone) && !preg_match( '/^[\d|\_|\-|\s]+$/', $office_phone ))
{
$msg = rpcLang('user.php', 'office_phone_invalid');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
if (!empty($home_phone) && !preg_match( '/^[\d|\_|\-|\s]+$/', $home_phone) )
{
$msg = rpcLang('user.php', 'home_phone_invalid');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
if (!is_email($email))
{
$msg = rpcLang('user.php', 'msg_email_format');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
if (!empty($msn) && !is_email($msn))
{
$msg = rpcLang('user.php', 'msn_invalid');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
if (!empty($qq) && !preg_match('/^\d+$/', $qq))
{
$msg = rpcLang('user.php', 'qq_invalid');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
if (!empty($mobile_phone) && !preg_match('/^[\d-\s]+$/', $mobile_phone))
{
$msg = rpcLang('user.php', 'mobile_phone_invalid');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
$profile = array
(
'user_id' => $user_id,
'email' => isset($_GET['email']) ? trim($_GET['email']) : '',
'sex' => isset($_GET['sex']) ? intval($_GET['sex']) : 0,
'birthday' => $birthday,
'other' => isset($other) ? $other : array()
);
if (zy_edit_profile($profile))
{
$msg = rpcLang('user.php', 'edit_profile_success');
$code = '0';
}
else
{
if ($user->error == ERR_EMAIL_EXISTS)
{
$msg = rpcLang('user.php', 'email_exist');
$code = '1';
}
else
{
$msg = rpcLang('user.php', 'edit_profile_failed');
$code = '1';
}
}
jsonExit("{\"status\":\"$msg\",\"code\":\"$code\"}");
}
if (!empty($mobile_phone) && !preg_match('/^[\d-\s]+$/', $mobile_phone))
{
$msg = rpcLang('user.php', 'mobile_phone_invalid');
jsonExit("{\"status\":\"$msg\",\"code\":\"1\"}");
}
$profile = array
(
'user_id' => $user_id,
'email' => isset($_GET['email']) ? trim($_GET['email']) : '',
'sex' => isset($_GET['sex']) ? intval($_GET['sex']) : 0,
'birthday' => $birthday,
'other' => isset($other) ? $other : array()
);
if (zy_edit_profile($profile))
{
$msg = rpcLang('user.php', 'edit_profile_success');
$code = '0';
}
else
{
if ($user->error == ERR_EMAIL_EXISTS)
{
$msg = rpcLang('user.php', 'email_exist');
$code = '1';
}
else
{
$msg = rpcLang('user.php', 'edit_profile_failed');
$code = '1';