include "clientdb.inc";
/*** All invocations of this script must include
*** an action; 'login' and 'logout' are currently
*** supported.
*** All actions result in a json object with a
*** status ('ok' | 'fail'); logins also include
*** the username and last login.
***/
$action = $_POST["action"];
$result = null;
if ($action == "login") {
$user = $_POST["name"];
$pass = $_POST["pass"];
if (is_valid_user($user, $pass)) {
session_start();
update_login($user);
$_SESSION["username"] = $user;
$_SESSION["last_login"] = last_login($user);
session_write_close();
$result = array('status' => 'ok', 'user' => $user, 'last_login' => $_SESSION["last_login"]);
} else {
$result = array('status' => 'fail');
}
} elseif ($action == "logout") {
session_start();
session_unset();
session_destroy();
$result = array('status' => 'ok');
} else {
$result = array('status' => 'fail');
}
public function update_userinfo()
{
//$sql = "SELECT `id` as `uid` , `name` , `timeline` , `level`, `cover` , `picture` FROM `user` WHERE `id` = '" . intval( $_SESSION['uid'] ) . "' LIMIT 1";
$request_body = file_get_contents('php://input');
//json_flag
$data = json_decode($request_body);
//json_flag
// $name = z(t($_GET['name'])); //jsonp_flag
// $gender = z(t($_GET['gender'])); //jsonp_flag
// $mobi = z(t($_GET['mobile'])); //jsonp_flag
// $birthday = z(t($_GET['birthday'])); //json_flag
// $email = z(t($_GET['email'])); //json_flag
// //$email = z(t(v('email')));
// //$celluuid = z(t(v('celluuid')));
$name = $data->{'name'};
//json_flag
$gender = $data->{'gender'};
//json_flag
$mobi = $data->{'mobile'};
//json_flag
$birthday = $data->{'birthday'};
//json_flag
$email = $data->{'email'};
//json_flag
$user = update_login($_SESSION['username'], $name, $gender, $mobi, $birthday, $email);
if ($user) {
//$user['refresh_time'] = date("m月d日 H:i");
$this->send_result($user);
} else {
return $this->send_error(OP_API_USER_ERROR, 'NO SUCH UID');
}
}
