baiyun_books/src/controller/user.php

<?php
use model\users;
use model\stock;
use model\records;
use model\template;

class user_controller {
    
    public function info() {
        $page = $_GET['page'] ?? 1;
        $this->template('个人资料', 'info');
    }
    
    public function record() {
        $page = $_GET['page'] ?? 1;
        $books = records::list_records_by_uid($_SESSION['user']['uid'], $page);
        $count = records::count_records_by_uid($_SESSION['user']['uid']);
        $stock = records::count_in_records_by_uid($_SESSION['user']['uid']);
        $this->template('借书记录', 'record', ['books' => $books, 'page' => $page, 'count' => $count, 'stock' => $stock]);
    }
    
    public function update() {
        $this->template('更新信息', 'update');
    }
    
    public function login() {
        $this->template('用户登录', 'login');
    }
    
    public function register() {
        $this->template('用户注册', 'register');
    }
    
    public function update_stock() {
        if (isset($_GET['sid']) && is_numeric($_GET['sid']) && isset($_GET['bid']) && is_numeric($_GET['bid'])) {
            if (stock::update_stock_state($_GET['sid'], 1))
                records::add_record($_GET['bid'], $_SESSION['user']['uid'], $_GET['sid'], time());
        } header('Location: /book/'.$_GET['bid'].'?page='.$_GET['page']);
    }
    
    public function update_record() {
        if (isset($_GET['rid']) && is_numeric($_GET['rid']) && isset($_GET['sid']) && is_numeric($_GET['sid'])) {
            if (records::update_record($_GET['rid'], time())) stock::update_stock_state($_GET['sid'], 0);
        } header('Location: /user/record?page='.$_GET['page']);
    }
    
    public function do_login() {
        $username = $_POST['username'];
        $password = $_POST['password'];
        if (!(strlen($username) <= 30 && preg_match('/^[a-zA-Z_][a-zA-Z0-9_]+$/u', $username)))
            exit(header('Location: /user/login?error=用户名不合规'));
        if ($user = users::get_user($username)) {
            if ($user['password'] == hash('sha256', $GLOBALS['config']['salt'].$password)) {
                $_SESSION['user'] = $user;
                header('Location: /user/info');
            } else header('Location: /user/login?error=密码错误');
        } else header('Location: /user/login?error=用户不存在');
    }
    
    public function do_logout() {
        session_destroy();
        header('Location: /user/login?error=注销成功');
    }
    
    public function do_update() {
        $sex = $_POST['sex'];
        $birthday = $_POST['birthday'];
        if (empty($password = $_POST['password']))
            $password = null;
        elseif ($password != $_POST['confirm'])
            exit(header('Location: /user/update?error=两次输入密码不一致'));
        
        if (users::update_user($_SESSION['user']['uid'], $password, $sex, $birthday, $_SESSION['user']['id_card'], $_SESSION['user']['borrow_num'], $_SESSION['user']['type'])) {
            session_destroy();
            header('Location: /user/login?error=更新成功，请重新登录');
        } else header('Location: /user/update?error=数据库错误');
    }
    
    public function do_register() {
        $username = $_POST['username'];
        if (!(strlen($username) <= 30 && preg_match('/^[a-zA-Z_][a-zA-Z0-9_]+$/u', $username)))
            exit(header('Location: /user/register?error=用户名不合规'));
        $id_card = $_POST['id_card'];
        if (strlen($id_card) < 10 || !is_numeric($id_card))
            exit(header('Location: /user/register?error=身份证不合规'));
        $password = $_POST['password'];
        if ($password != $_POST['confirm'])
            exit(header('Location: /user/register?error=两次输入密码不一致'));
        
        if (users::add_user($username, $password, 0, '1900-01-01', $id_card, 15, 0))
            header('Location: /user/login?error=注册成功，请登录');
        else header('Location: /user/register?error=数据库错误');
    }
    
    private function template($title, $name, $parameters = []) {
        template::render('users', $name, array_merge(['title' => $title], $parameters));
    }
    
}