function member_modify_action() { $OK = TRUE; if (empty($_POST['member_nicename'])) { $OK = FALSE; set_clue('請記得填寫暱稱!'); } if (!empty($_POST['member_password_check']) && $_POST['member_password'] !== $_POST['member_password_check']) { $OK = FALSE; set_clue('兩次輸入的密碼設定並不相符!'); } if (!email_check($_POST['member_email'])) { $OK = FALSE; set_clue('請填寫正確的電子郵件位址!'); } if ($OK) { $original_password = member_info('password'); $member_email = strtolower($_POST['member_email']); $member_url = url_input($_POST['member_url']); $member_password = hash('sha256', $_POST['member_password']); if ($original_password != $member_password && empty($_POST['member_password_check']) && !empty($_POST['member_password'])) { $member_password = $original_password; set_clue('因無輸入確認欄位,密碼並沒有變更。'); } elseif (empty($_POST['member_pass_check']) && empty($_POST['member_password'])) { $member_password = $original_password; } $member_nicename = $_POST['member_nicename']; $member_text = trim($_POST['member_text']); $change['key'] = array('member_email', 'member_url', 'member_password', 'member_nicename', 'member_text'); $change['value'] = array($member_email, $member_url, $member_password, $member_nicename, $member_text); $where['key'] = 'id'; $where['value'] = $_SESSION["member_id"]; inset('members', $change, $where); set_clue('已經修改好您的註冊資料'); unset($_SESSION['modify']); header('location: ' . OUT_PATH . 'modify'); } else { if (!isset($_SESSION['modify'])) { $_SESSION['modify'] = array(); } $_SESSION['modify']['login'] = $_POST['member_login']; $_SESSION['modify']['email'] = $_POST['member_email']; $_SESSION['modify']['nicename'] = $_POST['member_nicename']; $_SESSION['modify']['url'] = $_POST['member_url']; $_SESSION['modify']['intro'] = $_POST['member_text']; header('location: ' . OUT_PATH . 'modify'); } }
$ok = TRUE; if (empty($author)) { $ok = FALSE; hint('You forgot filling your name.'); } if ($author == ADMIN && !$admin) { $ok = FALSE; hint('The name "' . $author . '" has been reserved for admin.'); } if (empty($content)) { $ok = FALSE; hint('You should say something.'); } if ($ok) { $mail = $_POST['mail']; $homepage = url_input($_POST['homepage']); $title = htmlspecialchars($_POST['title'], ENT_COMPAT, 'UTF-8', false); $content = htmlspecialchars($_POST['content'], ENT_COMPAT, 'UTF-8', false); $id = $_POST['id']; $stmt = $db->prepare("\n\t\t\t\tUPDATE post SET title = :TITLE, change = datetime('now'), content = :CONTENT, author = :AUTHOR, mail = :MAIL, homepage = :HOMEPAGE WHERE id = :ID;\n\t\t\t\t"); $stmt->bindValue(':TITLE', $title); $stmt->bindValue(':CONTENT', $content); $stmt->bindValue(':AUTHOR', $author); $stmt->bindValue(':MAIL', $mail); $stmt->bindValue(':HOMEPAGE', $homepage); $stmt->bindValue(':ID', $id); $stmt->execute(); unset($_SESSION['modify']); header('location: ' . URL); } else { header('location: ' . URL . '?edit=' . $_POST['id']);