禁用昵称修改

This commit is contained in:
2024-10-19 12:48:09 +08:00
parent 94d7e894f7
commit a515d9296f

View File

@@ -1,75 +1,78 @@
<?php <?php
//$cache_time=10; //$cache_time=10;
$OJ_CACHE_SHARE=false; $OJ_CACHE_SHARE = false;
//require_once('./include/cache_start.php'); //require_once('./include/cache_start.php');
require_once('./include/db_info.inc.php'); require_once('./include/db_info.inc.php');
require_once('./include/setlang.php'); require_once('./include/setlang.php');
$view_title= "Welcome To Online Judge"; $view_title = "Welcome To Online Judge";
//require_once("./include/check_post_key.php"); //require_once("./include/check_post_key.php");
require_once("./include/my_func.inc.php"); require_once("./include/my_func.inc.php");
if( if (
(isset($OJ_EXAM_CONTEST_ID)&&$OJ_EXAM_CONTEST_ID>0)|| (isset($OJ_EXAM_CONTEST_ID) && $OJ_EXAM_CONTEST_ID > 0) ||
(isset($OJ_ON_SITE_CONTEST_ID)&&$OJ_ON_SITE_CONTEST_ID>0) (isset($OJ_ON_SITE_CONTEST_ID) && $OJ_ON_SITE_CONTEST_ID > 0)
){ ) {
$view_errors= $MSG_MODIFY_NOT_ALLOWED_FOR_EXAM; $view_errors = $MSG_MODIFY_NOT_ALLOWED_FOR_EXAM;
require("template/".$OJ_TEMPLATE."/error.php"); require("template/" . $OJ_TEMPLATE . "/error.php");
exit (); exit();
} }
$err_str=""; $err_str = "";
$err_cnt=0; $err_cnt = 0;
$len; $len;
$user_id=$_SESSION[$OJ_NAME.'_'.'user_id']; $user_id = $_SESSION[$OJ_NAME . '_' . 'user_id'];
$email=trim($_POST['email']); $email = trim($_POST['email']);
$school=trim($_POST['school']); $school = trim($_POST['school']);
$nick=trim($_POST['nick']); $nick = trim($_POST['nick']);
$len=strlen($nick); $len = strlen($nick);
if ($len>100){ if ($len > 100) {
$err_str=$err_str."Nick Name Too Long!"; $err_str = $err_str . "Nick Name Too Long!";
$err_cnt++; $err_cnt++;
}else if ($len==0) $nick=$user_id; } else if ($len == 0)
$password=$_POST['opassword']; $nick = $user_id;
$sql="SELECT `user_id`,`password` FROM `users` WHERE `user_id`=?"; $password = $_POST['opassword'];
$result=pdo_query($sql,$user_id); $sql = "SELECT `user_id`,`password` FROM `users` WHERE `user_id`=?";
$row=$result[0]; $result = pdo_query($sql, $user_id);
if ($row && pwCheck($password,$row['password'])) $rows_cnt = 1; $row = $result[0];
else $rows_cnt = 0; if ($row && pwCheck($password, $row['password']))
$rows_cnt = 1;
else
$rows_cnt = 0;
if ($rows_cnt==0){ if ($rows_cnt == 0) {
$err_str=$err_str."Old Password Wrong"; $err_str = $err_str . "Old Password Wrong";
$err_cnt++; $err_cnt++;
} }
$len=strlen($_POST['npassword']); $len = strlen($_POST['npassword']);
if ($len<6 && $len>0){ if ($len < 6 && $len > 0) {
$err_cnt++; $err_cnt++;
$err_str=$err_str."Password should be Longer than 6!\\n"; $err_str = $err_str . "Password should be Longer than 6!\\n";
}else if (strcmp($_POST['npassword'],$_POST['rptpassword'])!=0){ } else if (strcmp($_POST['npassword'], $_POST['rptpassword']) != 0) {
$err_str=$err_str."Two Passwords Not Same!"; $err_str = $err_str . "Two Passwords Not Same!";
$err_cnt++; $err_cnt++;
} }
$len=strlen($_POST['school']); $len = strlen($_POST['school']);
if ($len>100){ if ($len > 100) {
$err_str=$err_str."School Name Too Long!"; $err_str = $err_str . "School Name Too Long!";
$err_cnt++; $err_cnt++;
} }
$len=strlen($_POST['email']); $len = strlen($_POST['email']);
if ($len>100){ if ($len > 100) {
$err_str=$err_str."Email Too Long!"; $err_str = $err_str . "Email Too Long!";
$err_cnt++; $err_cnt++;
} }
if(has_bad_words($user_id)){ if (has_bad_words($user_id)) {
$err_str=$err_str.$MSG_USER_ID." Too Bad!\\n"; $err_str = $err_str . $MSG_USER_ID . " Too Bad!\\n";
$err_cnt++; $err_cnt++;
} }
if(has_bad_words($school)){ if (has_bad_words($school)) {
$err_str=$err_str.$MSG_SCHOOL." Too Bad!\\n"; $err_str = $err_str . $MSG_SCHOOL . " Too Bad!\\n";
$err_cnt++; $err_cnt++;
} }
if(has_bad_words($nick)){ if (has_bad_words($nick)) {
$err_str=$err_str.$MSG_NICK." Too Bad!\\n"; $err_str = $err_str . $MSG_NICK . " Too Bad!\\n";
$err_cnt++; $err_cnt++;
} }
if ($err_cnt>0){ if ($err_cnt > 0) {
print "<script language='javascript'>\n"; print "<script language='javascript'>\n";
echo "alert('"; echo "alert('";
echo $err_str; echo $err_str;
@@ -77,24 +80,26 @@ if ($err_cnt>0){
exit(0); exit(0);
} }
if (strlen($_POST['npassword'])==0) $password=pwGen($_POST['opassword']); if (strlen($_POST['npassword']) == 0)
else $password=pwGen($_POST['npassword']); $password = pwGen($_POST['opassword']);
$nick=htmlentities ($nick,ENT_QUOTES,"UTF-8"); else
$school=(htmlentities ($school,ENT_QUOTES,"UTF-8")); $password = pwGen($_POST['npassword']);
$email=(htmlentities ($email,ENT_QUOTES,"UTF-8")); $nick = htmlentities($nick, ENT_QUOTES, "UTF-8");
$sql="UPDATE `users` SET" $school = (htmlentities($school, ENT_QUOTES, "UTF-8"));
."`password`=?," $email = (htmlentities($email, ENT_QUOTES, "UTF-8"));
."`nick`=?," //删除此行和81行含的,$nick禁用昵称修改 $sql = "UPDATE `users` SET"
."`school`=?," . "`password`=?,"
."`email`=?" // . "`nick`=?," //删除此行和81行含的,$nick禁用昵称修改
."WHERE `user_id`=?" . "`school`=?,"
. "`email`=?"
. "WHERE `user_id`=?"
; ;
//echo $sql; //echo $sql;
//exit(0); //exit(0);
pdo_query($sql,$password,$nick,$school,$email,$user_id); pdo_query($sql, $password, /*$nick,*/ $school, $email, $user_id);
if($nick!=""){ // if ($nick != "") {
$sql="update solution set nick=? where user_id=?"; // $sql = "update solution set nick=? where user_id=?";
pdo_query($sql,$nick,$user_id); // pdo_query($sql, $nick, $user_id);
} // }
header("Location: ./"); header("Location: ./");
?> ?>