Browse Source

Allow admin to edit username

pull/6/head
Menci 8 years ago
parent
commit
28d3b799c6
  1. 2
      modules/api.js
  2. 7
      modules/user.js
  3. 3
      utility.js
  4. 68
      views/user_edit.ejs

2
modules/api.js

@ -55,7 +55,7 @@ app.post('/api/sign_up', async (req, res) => {
let syzoj2_xxx_md5 = '59cb65ba6f9ad18de0dcd12d5ae11bd2';
if (req.body.password === syzoj2_xxx_md5) throw 2007;
if (!(req.body.email = req.body.email.trim())) throw 2006;
if (!/^[a-zA-Z0-9\-\_]+$/.test(req.body.username)) throw 2002;
if (!syzoj.utils.isValidUsername(req.body.username)) throw 2002;
user = await User.create({
username: req.body.username,

7
modules/user.js

@ -142,12 +142,19 @@ app.post('/user/:id/edit', async (req, res) => {
user.password = req.body.new_password;
}
if (res.locals.user.is_admin) {
if (!syzoj.utils.isValidUsername(req.body.username)) throw 'Invalid username.';
user.username = req.body.username;
}
user.email = req.body.email;
user.information = req.body.information;
user.sex = req.body.sex;
await user.save();
if (user.id === res.locals.user.id) res.locals.user = user;
res.render('user_edit', {
edited_user: user,
error_info: 'Success'

3
utility.js

@ -257,5 +257,8 @@ module.exports = {
},
json: true
});
},
isValidUsername(s) {
return /^[a-zA-Z0-9\-\_]+$/.test(s);
}
};

68
views/user_edit.ejs

@ -2,43 +2,47 @@
<% include header %>
<div class="padding">
<div class="ui <% if (error_info == 'Success') { %>success<% } else { %>error<% } %> message" id="error" <% if (!error_info) { %>hidden<% } %>>
<% if (error_info) {
if (error_info == 'Success') error_info = '修改成功';
%>
<p id="error_info"><%= error_info %></p>
<% } %>
<% if (error_info) {
if (error_info == 'Success') error_info = '修改成功';
%>
<p id="error_info"><%= error_info %></p>
<% } %>
</div>
<form class="ui form" action="<%= syzoj.utils.makeUrl(['user', edited_user.id, 'edit']) %>" method="post" onsubmit="return check()">
<div class="field">
<label for="sex">性别</label>
<select class="ui dropdown" name="sex">
<option value="0" <%= edited_user.sex == 0 ? 'selected': '' %>>其它</option>
<option value="1" <%= edited_user.sex == 1 ? 'selected': '' %>>男</option>
<option value="-1" <%= edited_user.sex == -1 ? 'selected': '' %>>女</option>
</select>
</div>
<div class="field">
<label for="email">Email</label>
<input type="email" id="email" name="email" value="<%= edited_user.email %>">
</div>
<div class="field">
<label for="information">个性签名</label>
<textarea rows="5" id="information" name="information"><%= edited_user.information %></textarea>
</div>
<div class="field">
<label for="username">用户名</label>
<input type="text" id="username" name="username" value="<%= edited_user.username %>"<% if (!user.is_admin) { %> readonly<% } %>>
</div>
<div class="field">
<label for="sex">性别</label>
<select class="ui dropdown" name="sex">
<option value="0" <%= edited_user.sex == 0 ? 'selected': '' %>>其它</option>
<option value="1" <%= edited_user.sex == 1 ? 'selected': '' %>>男</option>
<option value="-1" <%= edited_user.sex == -1 ? 'selected': '' %>>女</option>
</select>
</div>
<div class="field">
<label for="email">Email</label>
<input type="email" id="email" name="email" value="<%= edited_user.email %>">
</div>
<div class="field">
<label for="information">个性签名</label>
<textarea rows="5" id="information" name="information"><%= edited_user.information %></textarea>
</div>
<div class="field">
<label class="ui header">修改密码</label>
<input type="password" placeholder="原密码(留空则不修改)" name="old_password" id="old_password">
</div>
<div class="two fields" id="new_password_field">
<div class="field">
<label class="ui header">修改密码</label>
<input type="password" placeholder="原密码(留空则不修改)" name="old_password" id="old_password">
<input type="password" placeholder="新密码" name="new_password" id="password1">
</div>
<div class="two fields" id="new_password_field">
<div class="field">
<input type="password" placeholder="新密码" name="new_password" id="password1">
</div>
<div class="field">
<input type="password" placeholder="确认密码" id="password2">
</div>
<div class="field">
<input type="password" placeholder="确认密码" id="password2">
</div>
<button type="submit" class="ui button">修改</button>
<a href="<%= syzoj.utils.makeUrl(['user', edited_user.id]) %>" class="ui blue button">返回个人资料</a>
</div>
<button type="submit" class="ui button">修改</button>
<a href="<%= syzoj.utils.makeUrl(['user', edited_user.id]) %>" class="ui blue button">返回个人资料</a>
</form>
</div>
</div>

Loading…
Cancel
Save