From ea1043566442f002f1aee18ceaab7a5c8eee6b0f Mon Sep 17 00:00:00 2001 From: printempw Date: Wed, 3 Feb 2016 18:13:20 +0800 Subject: [PATCH] update ajax.php to add new action of profile.php --- ajax.php | 92 ++++++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 69 insertions(+), 23 deletions(-) diff --git a/ajax.php b/ajax.php index 2a43d83f..c69400a1 100644 --- a/ajax.php +++ b/ajax.php @@ -3,29 +3,38 @@ * @Author: printempw * @Date: 2016-01-16 23:01:33 * @Last Modified by: prpr - * @Last Modified time: 2016-02-03 10:29:58 + * @Last Modified time: 2016-02-03 18:03:57 + * + * - login, register, logout + * - upload, change, delete * * All ajax requests will be handled here */ header('Access-Control-Allow-Origin: *'); -session_start(); +header('Content-type: application/json'); + $dir = dirname(__FILE__); require "$dir/includes/autoload.inc.php"; require "$dir/config.php"; - database::checkConfig(); +session_start(); + if (isset($_POST['uname'])) { $user = new user($_POST['uname']); } else { utils::raise('1', 'Empty username.'); } -$action = isset($_GET['action']) ? $_GET['action'] : "login"; +$action = isset($_GET['action']) ? $_GET['action'] : null; $json = null; +/** + * Handle requests from index.php + * @var [type] + */ if ($action == "login") { - if (checkInput()) { + if (checkPost()) { if (!$user->is_registered) { $json['errno'] = 1; $json['msg'] = "Non-existent user."; @@ -42,7 +51,7 @@ if ($action == "login") { } } } else if ($action == "register") { - if (checkInput()) { + if (checkPost()) { if (!$user->is_registered) { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; @@ -69,10 +78,25 @@ if ($action == "login") { } else { $json['errno'] = 1; - $json['msg'] = "User already existed."; + $json['msg'] = "User already registered."; } } -} else if ($action == "upload") { +} + +function checkPost() { + global $json; + if (!isset($_POST['passwd'])) { + $json['errno'] = 1; + $json['msg'] = "Empty password!"; + return false; + } + return true; +} + +/** + * Handle request from user/index.php + */ +if ($action == "upload") { if (utils::getValue('token', $_SESSION) == $user->getToken()) { if (checkFile()) { if ($file = utils::getValue('skin_file', $_FILES)) { @@ -109,21 +133,6 @@ if ($action == "login") { } } -function checkInput() { - global $json; - if (!$_POST['uname']) { - $json['errno'] = 1; - $json['msg'] = 'Empty username!'; - return false; - } - if (!$_POST['passwd']) { - $json['errno'] = 1; - $json['msg'] = "Empty password!"; - return false; - } - return true; -} - function checkFile() { global $json; @@ -177,4 +186,41 @@ function checkFile() { return true; } +/** + * Handle requests from user/profile.php + */ +if ($action == "change") { + if (checkPost()) { + if (isset($_POST['new_passwd'])) { + if ($user->checkPasswd($_POST['passwd'])) { + $user->changePasswd($_POST['new_passwd']); + $json['errno'] = 0; + $json['msg'] = "Password updated successfully."; + } else { + $json['errno'] = 1; + $json['msg'] = "Incorrect usename or password."; + } + } else { + $json['errno'] = 1; + $json['msg'] = "New password required."; + } + } +} else if ($action == "delete") { + if (isset($_SESSION['token']) && $_SESSION['token'] == $user->getToken()) { + if (checkPost()) { + $user->unRegister(); + $json['errno'] = 0; + $json['msg'] = "Account successfully deleted."; + } + } else { + $json['errno'] = 1; + $json['msg'] = "Invalid token."; + } +} + +if (!$action) { + $json['errno'] = 1; + $json['msg'] = "Invalid parameters."; +} + echo json_encode($json);