禁用昵称修改

This commit is contained in:
2024-10-19 12:48:09 +08:00
parent 94d7e894f7
commit a515d9296f

View File

@@ -26,13 +26,16 @@ $len=strlen($nick);
if ($len > 100) { if ($len > 100) {
$err_str = $err_str . "Nick Name Too Long!"; $err_str = $err_str . "Nick Name Too Long!";
$err_cnt++; $err_cnt++;
}else if ($len==0) $nick=$user_id; } else if ($len == 0)
$nick = $user_id;
$password = $_POST['opassword']; $password = $_POST['opassword'];
$sql = "SELECT `user_id`,`password` FROM `users` WHERE `user_id`=?"; $sql = "SELECT `user_id`,`password` FROM `users` WHERE `user_id`=?";
$result = pdo_query($sql, $user_id); $result = pdo_query($sql, $user_id);
$row = $result[0]; $row = $result[0];
if ($row && pwCheck($password,$row['password'])) $rows_cnt = 1; if ($row && pwCheck($password, $row['password']))
else $rows_cnt = 0; $rows_cnt = 1;
else
$rows_cnt = 0;
if ($rows_cnt == 0) { if ($rows_cnt == 0) {
$err_str = $err_str . "Old Password Wrong"; $err_str = $err_str . "Old Password Wrong";
@@ -77,24 +80,26 @@ if ($err_cnt>0){
exit(0); exit(0);
} }
if (strlen($_POST['npassword'])==0) $password=pwGen($_POST['opassword']); if (strlen($_POST['npassword']) == 0)
else $password=pwGen($_POST['npassword']); $password = pwGen($_POST['opassword']);
else
$password = pwGen($_POST['npassword']);
$nick = htmlentities($nick, ENT_QUOTES, "UTF-8"); $nick = htmlentities($nick, ENT_QUOTES, "UTF-8");
$school = (htmlentities($school, ENT_QUOTES, "UTF-8")); $school = (htmlentities($school, ENT_QUOTES, "UTF-8"));
$email = (htmlentities($email, ENT_QUOTES, "UTF-8")); $email = (htmlentities($email, ENT_QUOTES, "UTF-8"));
$sql = "UPDATE `users` SET" $sql = "UPDATE `users` SET"
. "`password`=?," . "`password`=?,"
."`nick`=?," //删除此行和81行含的,$nick禁用昵称修改 // . "`nick`=?," //删除此行和81行含的,$nick禁用昵称修改
. "`school`=?," . "`school`=?,"
. "`email`=?" . "`email`=?"
. "WHERE `user_id`=?" . "WHERE `user_id`=?"
; ;
//echo $sql; //echo $sql;
//exit(0); //exit(0);
pdo_query($sql,$password,$nick,$school,$email,$user_id); pdo_query($sql, $password, /*$nick,*/ $school, $email, $user_id);
if($nick!=""){ // if ($nick != "") {
$sql="update solution set nick=? where user_id=?"; // $sql = "update solution set nick=? where user_id=?";
pdo_query($sql,$nick,$user_id); // pdo_query($sql, $nick, $user_id);
} // }
header("Location: ./"); header("Location: ./");
?> ?>