Example #1
0
 public function set_additional_field($field, $value)
 {
     $db_prefix = \Control\Core::conf()->db_prefix;
     $this->db = \Control\Core::db();
     if ($this->db->Execute("SELECT `{$field}` FROM {$this->conf->db_prefix}users_additional_data WHERE `id`='{$this->id}'")->RecordCount() == 1) {
         $this->db->Execute("UPDATE {$this->conf->db_prefix}users_additional_data SET `{$field}`='{$value}' WHERE `id`='{$this->id}'");
     } else {
         $this->db->Execute("INSERT INTO {$this->conf->db_prefix}users_additional_data SET `{$field}`='{$value}', `id`='{$this->id}'");
     }
 }
Example #2
0
 public function editProfileAction()
 {
     $conf = \Control\Core::conf();
     $db = \Control\Core::db();
     $live = \Control\Live::getInstance();
     $user = $live->user;
     $time = time();
     $fields = explode($conf->ac_sep, $_POST['fields']);
     $new_values = str_replace($conf->ac_con, '&', $_POST['new_values']);
     $new_values = explode($conf->ac_sep, $new_values);
     $values_sql = array();
     for ($i = 0; $i < count($fields); $i++) {
         $field = data::quote_smart($fields[$i]);
         switch ($field) {
             case 'pass':
                 $pass = $new_values[$i];
                 break;
             case 'pass2':
                 $pass2 = $new_values[$i];
                 break;
             default:
                 $value = data::quote_smart($new_values[$i]);
                 $values_sql[] = sprintf("`%s`='%s'", $field, $value);
         }
     }
     if (!empty($pass) && !empty($pass2)) {
         // если изменился пароль, генерируем хэш
         if ($pass == $pass2) {
             $hash = $_SESSION['user_hash'] = md5($user->id . ':' . $user->login . ':' . md5($pass) . ':' . $user->salt);
             $values_sql[] = sprintf("`hash`='%s'", $hash);
         } else {
             echo 'Пароли не совпадают.';
             exit;
         }
     }
     $values_sql = implode(',', $values_sql);
     $db->Execute("UPDATE {$conf->db_prefix}users SET {$values_sql} WHERE `id`='{$user->id}'");
 }