You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
99 lines
4.1 KiB
99 lines
4.1 KiB
<?php
|
|
use model\users;
|
|
use model\stock;
|
|
use model\records;
|
|
use model\template;
|
|
|
|
class user_controller {
|
|
|
|
public function info() {
|
|
$page = $_GET['page'] ?? 1;
|
|
$this->template('个人资料', 'info');
|
|
}
|
|
|
|
public function record() {
|
|
$page = $_GET['page'] ?? 1;
|
|
$books = records::list_records_by_uid($_SESSION['user']['uid'], $page);
|
|
$count = records::count_records_by_uid($_SESSION['user']['uid']);
|
|
$stock = records::count_in_records_by_uid($_SESSION['user']['uid']);
|
|
$this->template('借书记录', 'record', ['books' => $books, 'page' => $page, 'count' => $count, 'stock' => $stock]);
|
|
}
|
|
|
|
public function update() {
|
|
$this->template('更新信息', 'update');
|
|
}
|
|
|
|
public function login() {
|
|
$this->template('用户登录', 'login');
|
|
}
|
|
|
|
public function register() {
|
|
$this->template('用户注册', 'register');
|
|
}
|
|
|
|
public function update_stock() {
|
|
if (isset($_GET['sid']) && is_numeric($_GET['sid']) && isset($_GET['bid']) && is_numeric($_GET['bid'])) {
|
|
if (stock::update_stock_state($_GET['sid'], 1))
|
|
records::add_record($_GET['bid'], $_SESSION['user']['uid'], $_GET['sid'], time());
|
|
} header('Location: /book/'.$_GET['bid'].'?page='.$_GET['page']);
|
|
}
|
|
|
|
public function update_record() {
|
|
if (isset($_GET['rid']) && is_numeric($_GET['rid']) && isset($_GET['sid']) && is_numeric($_GET['sid'])) {
|
|
if (records::update_record($_GET['rid'], time())) stock::update_stock_state($_GET['sid'], 0);
|
|
} header('Location: /user/record?page='.$_GET['page']);
|
|
}
|
|
|
|
public function do_login() {
|
|
$username = $_POST['username'];
|
|
$password = $_POST['password'];
|
|
if (!(strlen($username) <= 30 && preg_match('/^[a-zA-Z_][a-zA-Z0-9_]+$/u', $username)))
|
|
exit(header('Location: /user/login?error=用户名不合规'));
|
|
if ($user = users::get_user($username)) {
|
|
if ($user['password'] == hash('sha256', $GLOBALS['config']['salt'].$password)) {
|
|
$_SESSION['user'] = $user;
|
|
header('Location: /user/info');
|
|
} else header('Location: /user/login?error=密码错误');
|
|
} else header('Location: /user/login?error=用户不存在');
|
|
}
|
|
|
|
public function do_logout() {
|
|
session_destroy();
|
|
header('Location: /user/login?error=注销成功');
|
|
}
|
|
|
|
public function do_update() {
|
|
$sex = $_POST['sex'];
|
|
$birthday = $_POST['birthday'];
|
|
if (empty($password = $_POST['password']))
|
|
$password = null;
|
|
elseif ($password != $_POST['confirm'])
|
|
exit(header('Location: /user/update?error=两次输入密码不一致'));
|
|
|
|
if (users::update_user($_SESSION['user']['uid'], $password, $sex, $birthday, $_SESSION['user']['id_card'], $_SESSION['user']['borrow_num'], $_SESSION['user']['type'])) {
|
|
session_destroy();
|
|
header('Location: /user/login?error=更新成功,请重新登录');
|
|
} else header('Location: /user/update?error=数据库错误');
|
|
}
|
|
|
|
public function do_register() {
|
|
$username = $_POST['username'];
|
|
if (!(strlen($username) <= 30 && preg_match('/^[a-zA-Z_][a-zA-Z0-9_]+$/u', $username)))
|
|
exit(header('Location: /user/register?error=用户名不合规'));
|
|
$id_card = $_POST['id_card'];
|
|
if (strlen($id_card) < 10 || !is_numeric($id_card))
|
|
exit(header('Location: /user/register?error=身份证不合规'));
|
|
$password = $_POST['password'];
|
|
if ($password != $_POST['confirm'])
|
|
exit(header('Location: /user/register?error=两次输入密码不一致'));
|
|
|
|
if (users::add_user($username, $password, 0, '1900-01-01', $id_card, 15, 0))
|
|
header('Location: /user/login?error=注册成功,请登录');
|
|
else header('Location: /user/register?error=数据库错误');
|
|
}
|
|
|
|
private function template($title, $name, $parameters = []) {
|
|
template::render('users', $name, array_merge(['title' => $title], $parameters));
|
|
}
|
|
|
|
}
|