battles/user_anketa.php

75 lines
2.6 KiB
PHP

<?php
session_start();
if (empty($_SESSION['uid'])) {
header('Location: /index.php');
exit();
}
require_once 'functions.php';
if ($user->battle) {
header('Location: /fbattle.php');
exit();
}
use Krugozor\Database\Mysql\Mysql as Mysql;
$db = Mysql::create("192.168.20.100", "battles", "bottle-neck-horse")
->setDatabaseName("battles")
->setCharset("utf8");
define('INFO_CHAR_LIMIT', 1500);
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$oldpsw = filter_input(INPUT_POST, 'oldpsw', FILTER_SANITIZE_SPECIAL_CHARS);
$newpsw = filter_input(INPUT_POST, 'newpsw', FILTER_SANITIZE_SPECIAL_CHARS);
$color = filter_input(INPUT_POST, 'color', FILTER_VALIDATE_INT);
$hobbie = filter_input(INPUT_POST, 'hobbie', FILTER_SANITIZE_STRING);
$hobbie = str_replace("\\n", "<br />", $hobbie);
$hobbie = str_replace("\\r", "", $hobbie);
$hobbie = str_replace("&lt;br&nbsp;/&gt;", "<br />", $hobbie);
if ($name || $color || $hobbie) {
switch ($color) {
case 1:
$color = 'blue';
break;
case 2:
$color = 'green';
break;
default:
$color = 'black';
break;
}
if (strlen($hobbie) > INFO_CHAR_LIMIT) {
err('Максимальная длинна поля Хобби: ' . INFO_CHAR_LIMIT . ' символов!');
} else {
$values = ['realname' => $name, 'color' => $color, 'info' => $hobbie];
$db->query('UPDATE users SET ?As WHERE id = ?i', $values, $user->id);
}
}
if ($oldpsw && $newpsw) {
if (password_verify($oldpsw, $user->pass)) {
db::c()->query('UPDATE `users` SET `pass` = "?s" WHERE `id` = ?i', password_hash($newpsw, PASSWORD_DEFAULT), $user->id);
} else {
err('Неверный текущий пароль!');
}
}
Template::header('Анкета');
?>
<a href="main.php">← на главную</a>
<h1>Анкета персонажа <?= $user->login ?></h1>
<form method="post">
<input name="name" placeholder="Реальное имя" value="<?= $user->realname ?>"><br>
<select name="color" id="color">
<option value="0" selected>Чёрный</option>
<option value="1">Синий</option>
<option value="2">Зелёный</option>
</select><label for="color"></label><br>
<textarea name="hobbie" placeholder="Хобби"><?= $user->info ?></textarea><br>
<input name="submit" type="submit">
</form>
<h1>Безопасность</h1>
<form method="post">
<input placeholder="Старый пароль" name="oldpsw">
<input placeholder="Новый пароль" name="newpsw">
<input type="submit">
</form>