/**
* 获得安全的表单数据
* @access public
* @param $type 'login'、'register'、'open'
* @return array
*/
public static function getInputData($type = null)
{
$InputData = array();
switch ($type) {
case 'login':
foreach ($_POST as $key => $value) {
$_POST[$key] = trim($value);
}
if (!empty($_POST['u'])) {
if (Juser_is_mail($_POST['u'])) {
$InputData['mail'] = strtolower($_POST['u']);
#数据库仅记录小写的邮箱
}
}
if (!empty($_POST['p'])) {
if (Juser_is_password($_POST['p'])) {
$InputData['password'] = $_POST['p'];
}
}
return $InputData;
case 'register':
foreach ($_POST as $key => $value) {
$_POST[$key] = trim($value);
}
#用户昵称设定 禁止使用管理员、作者昵称以及博客名
if (!empty($_POST['n']) && mb_strlen($_POST['n'], 'UTF-8') < 16) {
$fobidName = array_merge(Juser_get_admin_name(), array('admin', 'administrator', 'writer', 'visitor', Option::get('blogname')));
$UserName = strip_tags($_POST['n']);
$InputData['name'] = str_replace($fobidName, '**', $UserName);
} else {
$InputData['name'] = '路人乙';
}
#注册邮箱不允许使用管理员的邮箱
if (!empty($_POST['u']) && Juser_is_mail($_POST['u']) && !in_array($_POST['u'], Juser_get_admin_mail())) {
$InputData['mail'] = strtolower($_POST['u']);
#数据库仅记录小写的邮箱
} else {
$InputData['mail'] = false;
}
if (!empty($_POST['p']) && !empty($_POST['rp']) && $_POST['p'] == $_POST['rp'] && Juser_is_password($_POST['p'])) {
$InputData['password'] = $_POST['p'];
} else {
$InputData['password'] = false;
}
if (!empty($_POST['url']) && Juser_is_url($_POST['url'])) {
$InputData['url'] = rtrim($_POST['url'], '/') . '/';
}
return $InputData;
default:
return false;
break;
}
}
/**
* Juser会员中心修改资料或修改密码操作方法
* @param null
* @return mixed
*/
public function doChange($UserInfo = null)
{
if (!IS_POST || !IS_AJAX || !$UserInfo) {
emDirect(BLOG_URL . '?plugin=juser&a=UserCenter');
}
$InputData = array();
foreach ($_POST as $key => $value) {
$_POST[$key] = trim($value);
}
#用户昵称处理
if (!empty($_POST['n']) && mb_strlen($_POST['n'], 'UTF-8') < 8 && $UserInfo['name'] != $_POST['n']) {
$fobidName = array_merge(Juser_get_admin_name(), array('admin', 'administrator', 'writer', 'visitor', Option::get('blogname')));
$UserName = strip_tags($_POST['n']);
$InputData['name'] = str_replace($fobidName, '**', $UserName);
}
#url
if (!empty($_POST['url']) && Juser_is_url($_POST['url']) && $UserInfo['url'] != $_POST['url']) {
$InputData['url'] = rtrim($_POST['url'], '/') . '/';
}
#qq
if (!empty($_POST['qq']) && Juser_is_uid($_POST['qq']) && $UserInfo['qq'] != $_POST['qq']) {
$InputData['qq'] = $_POST['qq'];
}
#phone
if (!empty($_POST['phone']) && Juser_is_phone($_POST['phone']) && $UserInfo['phone'] != $_POST['phone']) {
$InputData['phone'] = $_POST['phone'];
}
#修改密码动作
$isChangePwd = !empty($_POST['op']) || !empty($_POST['p']) || !empty($_POST['rp']);
if ($isChangePwd) {
if (empty($_POST['op']) || !Juser_is_password($_POST['op'])) {
$this->ajaxReturn(array('code' => '501', 'info' => '原密码格式错误'));
}
if (empty($_POST['p']) || !Juser_is_password($_POST['p'])) {
$this->ajaxReturn(array('code' => '501', 'info' => '新密码格式错误'));
}
if (empty($_POST['rp']) || !Juser_is_password($_POST['rp'])) {
$this->ajaxReturn(array('code' => '501', 'info' => '重复新密码格式错误'));
}
if ($_POST['rp'] != $_POST['p']) {
$this->ajaxReturn(array('code' => '501', 'info' => '原密码和新密码不一致'));
}
if ($_POST['p'] == $_POST['op']) {
$this->ajaxReturn(array('code' => '501', 'info' => '密码未修改'));
}
#效验原始密码 能执行到此步骤则用户一定存在
$isCheck = Juser::checkPassword($_POST['op'], $UserInfo['password']);
if ($isCheck) {
$InputData['password'] = Juser::genPassword($_POST['p']);
} else {
$this->ajaxReturn(array('code' => '501', 'info' => '效验原密码失败'));
}
}
if (!$InputData) {
$this->ajaxReturn(array('code' => '501', 'info' => '资料未修改'));
}
#执行写入数据
$InputData['id'] = $UserInfo['id'];
$JuserModel = Juser::getJuserModel();
$ret = $JuserModel->data($InputData)->save();
if (!$ret) {
$this->ajaxReturn(array('code' => '501', 'info' => '操作失败,服务器异常'));
}
if ($isChangePwd) {
$this->ajaxReturn(array('code' => '200', 'info' => '密码修改成功'));
}
$this->ajaxReturn(array('code' => '200', 'info' => '资料修改成功'));
}
