コード例 #1
0
 /**
  * Juser会员中心修改资料或修改密码操作方法
  * @param null
  * @return mixed
  */
 public function doChange($UserInfo = null)
 {
     if (!IS_POST || !IS_AJAX || !$UserInfo) {
         emDirect(BLOG_URL . '?plugin=juser&a=UserCenter');
     }
     $InputData = array();
     foreach ($_POST as $key => $value) {
         $_POST[$key] = trim($value);
     }
     #用户昵称处理
     if (!empty($_POST['n']) && mb_strlen($_POST['n'], 'UTF-8') < 8 && $UserInfo['name'] != $_POST['n']) {
         $fobidName = array_merge(Juser_get_admin_name(), array('admin', 'administrator', 'writer', 'visitor', Option::get('blogname')));
         $UserName = strip_tags($_POST['n']);
         $InputData['name'] = str_replace($fobidName, '**', $UserName);
     }
     #url
     if (!empty($_POST['url']) && Juser_is_url($_POST['url']) && $UserInfo['url'] != $_POST['url']) {
         $InputData['url'] = rtrim($_POST['url'], '/') . '/';
     }
     #qq
     if (!empty($_POST['qq']) && Juser_is_uid($_POST['qq']) && $UserInfo['qq'] != $_POST['qq']) {
         $InputData['qq'] = $_POST['qq'];
     }
     #phone
     if (!empty($_POST['phone']) && Juser_is_phone($_POST['phone']) && $UserInfo['phone'] != $_POST['phone']) {
         $InputData['phone'] = $_POST['phone'];
     }
     #修改密码动作
     $isChangePwd = !empty($_POST['op']) || !empty($_POST['p']) || !empty($_POST['rp']);
     if ($isChangePwd) {
         if (empty($_POST['op']) || !Juser_is_password($_POST['op'])) {
             $this->ajaxReturn(array('code' => '501', 'info' => '原密码格式错误'));
         }
         if (empty($_POST['p']) || !Juser_is_password($_POST['p'])) {
             $this->ajaxReturn(array('code' => '501', 'info' => '新密码格式错误'));
         }
         if (empty($_POST['rp']) || !Juser_is_password($_POST['rp'])) {
             $this->ajaxReturn(array('code' => '501', 'info' => '重复新密码格式错误'));
         }
         if ($_POST['rp'] != $_POST['p']) {
             $this->ajaxReturn(array('code' => '501', 'info' => '原密码和新密码不一致'));
         }
         if ($_POST['p'] == $_POST['op']) {
             $this->ajaxReturn(array('code' => '501', 'info' => '密码未修改'));
         }
         #效验原始密码 能执行到此步骤则用户一定存在
         $isCheck = Juser::checkPassword($_POST['op'], $UserInfo['password']);
         if ($isCheck) {
             $InputData['password'] = Juser::genPassword($_POST['p']);
         } else {
             $this->ajaxReturn(array('code' => '501', 'info' => '效验原密码失败'));
         }
     }
     if (!$InputData) {
         $this->ajaxReturn(array('code' => '501', 'info' => '资料未修改'));
     }
     #执行写入数据
     $InputData['id'] = $UserInfo['id'];
     $JuserModel = Juser::getJuserModel();
     $ret = $JuserModel->data($InputData)->save();
     if (!$ret) {
         $this->ajaxReturn(array('code' => '501', 'info' => '操作失败,服务器异常'));
     }
     if ($isChangePwd) {
         $this->ajaxReturn(array('code' => '200', 'info' => '密码修改成功'));
     }
     $this->ajaxReturn(array('code' => '200', 'info' => '资料修改成功'));
 }
コード例 #2
0
ファイル: JuserRouter.class.php プロジェクト: jjonline/juser
 /**
  * 获得安全的表单数据
  * @access public
  * @param $type 'login'、'register'、'open'
  * @return array
  */
 public static function getInputData($type = null)
 {
     $InputData = array();
     switch ($type) {
         case 'login':
             foreach ($_POST as $key => $value) {
                 $_POST[$key] = trim($value);
             }
             if (!empty($_POST['u'])) {
                 if (Juser_is_mail($_POST['u'])) {
                     $InputData['mail'] = strtolower($_POST['u']);
                     #数据库仅记录小写的邮箱
                 }
             }
             if (!empty($_POST['p'])) {
                 if (Juser_is_password($_POST['p'])) {
                     $InputData['password'] = $_POST['p'];
                 }
             }
             return $InputData;
         case 'register':
             foreach ($_POST as $key => $value) {
                 $_POST[$key] = trim($value);
             }
             #用户昵称设定  禁止使用管理员、作者昵称以及博客名
             if (!empty($_POST['n']) && mb_strlen($_POST['n'], 'UTF-8') < 16) {
                 $fobidName = array_merge(Juser_get_admin_name(), array('admin', 'administrator', 'writer', 'visitor', Option::get('blogname')));
                 $UserName = strip_tags($_POST['n']);
                 $InputData['name'] = str_replace($fobidName, '**', $UserName);
             } else {
                 $InputData['name'] = '路人乙';
             }
             #注册邮箱不允许使用管理员的邮箱
             if (!empty($_POST['u']) && Juser_is_mail($_POST['u']) && !in_array($_POST['u'], Juser_get_admin_mail())) {
                 $InputData['mail'] = strtolower($_POST['u']);
                 #数据库仅记录小写的邮箱
             } else {
                 $InputData['mail'] = false;
             }
             if (!empty($_POST['p']) && !empty($_POST['rp']) && $_POST['p'] == $_POST['rp'] && Juser_is_password($_POST['p'])) {
                 $InputData['password'] = $_POST['p'];
             } else {
                 $InputData['password'] = false;
             }
             if (!empty($_POST['url']) && Juser_is_url($_POST['url'])) {
                 $InputData['url'] = rtrim($_POST['url'], '/') . '/';
             }
             return $InputData;
         default:
             return false;
             break;
     }
 }