:bug: 表名称用配置文件

public/app/ucenter/function.php

@@ -5,9 +5,9 @@ function ucenter_get($userid, $fields = "username")
 {
     //打开数据库
     $dns = "" . _FILE_DB_USERINFO_;
-    $dbh = new PDO($dns, "", "", array(PDO::ATTR_PERSISTENT => true));
+    $dbh = new PDO($dns, _DB_USERNAME_,_DB_PASSWORD_, array(PDO::ATTR_PERSISTENT => true));
     $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
-    $query = "select username from user where id= ? ";
+    $query = "SELECT username from "._TABLE_USER_INFO_." where id= ? ";
     $stmt = $dbh->prepare($query);
     $stmt->execute(array($userid));
     $fUser = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -22,11 +22,14 @@ function ucenter_get($userid, $fields = "username")
 
 function ucenter_getA($userid, $fields = "nickname")
 {
+    if(empty($userid)){
+        return "";
+    }
     //打开数据库
     $dns = _FILE_DB_USERINFO_;
-    $dbh = new PDO($dns, "", "", array(PDO::ATTR_PERSISTENT => true));
+    $dbh = new PDO($dns, _DB_USERNAME_,_DB_PASSWORD_, array(PDO::ATTR_PERSISTENT => true));
     $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
-    $query = "SELECT username,nickname FROM user WHERE userid= ? ";
+    $query = "SELECT username,nickname FROM "._TABLE_USER_INFO_." WHERE userid= ? ";
     $stmt = $dbh->prepare($query);
     $stmt->execute(array($userid));
     $fUser = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -48,7 +51,7 @@ class UserInfo
     public function __construct()
     {
         $dns = _FILE_DB_USERINFO_;
-        $this->dbh = new PDO($dns, "", "", array(PDO::ATTR_PERSISTENT => true));
+        $this->dbh = new PDO($dns,  _DB_USERNAME_,_DB_PASSWORD_, array(PDO::ATTR_PERSISTENT => true));
         $this->dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_WARNING);
         $this->buffer = array();
         $this->log = "";
@@ -63,9 +66,16 @@ class UserInfo
             return $this->buffer[$id];
         }
         if ($this->dbh) {
-            $query = "SELECT nickname,username FROM user WHERE id = ? or userid= ? ";
-            $stmt = $this->dbh->prepare($query);
-            $stmt->execute(array($id,$id));
+            if(is_integer($id)){
+                $query = "SELECT nickname,username FROM "._TABLE_USER_INFO_." WHERE id = ? ";
+                $stmt = $this->dbh->prepare($query);
+                $stmt->execute(array($id));
+            }else{
+                $query = "SELECT nickname,username FROM "._TABLE_USER_INFO_." WHERE  userid= ? ";
+                $stmt = $this->dbh->prepare($query);
+                $stmt->execute(array($id));
+            }
+
             $user = $stmt->fetchAll(PDO::FETCH_ASSOC);
             if (count($user) > 0) {
                 $this->buffer[$id] = array("nickname" => $user[0]["nickname"], "username" => $user[0]["username"]);
@@ -85,7 +95,7 @@ class UserInfo
             return 0;
         }
         if ($this->dbh) {
-            $query = "SELECT id FROM user WHERE  userid= ? ";
+            $query = "SELECT id FROM "._TABLE_USER_INFO_." WHERE  userid= ? ";
             $stmt = $this->dbh->prepare($query);
             $stmt->execute(array($uuid));
             $user = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -104,7 +114,7 @@ class UserInfo
             return false;
         }
         if ($this->dbh) {
-            $query = "SELECT id,userid,nickname,username FROM user WHERE  username= ? ";
+            $query = "SELECT id,userid,nickname,username FROM "._TABLE_USER_INFO_." WHERE  username= ? ";
             $stmt = $this->dbh->prepare($query);
             $stmt->execute(array($name));
             $user = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -119,7 +129,7 @@ class UserInfo
 	}
     public function getUserList($key){
         if ($this->dbh) {
-            $query = "SELECT id,userid,nickname,username FROM user WHERE  username like ? ";
+            $query = "SELECT id,userid,nickname,username FROM "._TABLE_USER_INFO_." WHERE  username like ? ";
             $stmt = $this->dbh->prepare($query);
             $stmt->execute(array($key."%"));
             $user = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -132,7 +142,7 @@ class UserInfo
     }
 	public function check_password($userid,$password){
 		if ($this->dbh) {
-            $query = "SELECT username FROM user WHERE  userid= ? and password = ? ";
+            $query = "SELECT username FROM "._TABLE_USER_INFO_." WHERE  userid= ? and password = ? ";
             $stmt = $this->dbh->prepare($query);
             $stmt->execute(array($userid,md5($password)));
             $user = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -148,14 +158,14 @@ class UserInfo
 
     public function signIn($username,$password){
 		if ($this->dbh) {
-            $query = "SELECT userid,id FROM user WHERE  (username= ? and password = ?) or (email= ? and password = ?) ";
+            $query = "SELECT userid,id FROM "._TABLE_USER_INFO_." WHERE  (username= ? and password = ?) or (email= ? and password = ?) ";
             $stmt = $this->dbh->prepare($query);
             $stmt->execute(array($username,md5($password),$username,md5($password)));
             $user = $stmt->fetch(PDO::FETCH_ASSOC);
             if ($user) {
                 return $user;
             } else {
-                $query = "SELECT userid,id,password FROM user WHERE  username= ?";
+                $query = "SELECT userid,id,password FROM "._TABLE_USER_INFO_." WHERE  username= ?";
                 $stmt = $this->dbh->prepare($query);
                 $stmt->execute(array($username));
                 $user = $stmt->fetch(PDO::FETCH_ASSOC);

public/app/ucenter/index.php

@@ -67,7 +67,7 @@ $post_username = "";
 $post_password = "";
 $post_email = "";
 if (isset($_POST["op"]) && $_POST["op"] == "new") {
-	PDO_Connect( _FILE_DB_USERINFO_);
+	PDO_Connect( _FILE_DB_USERINFO_ , _DB_USERNAME_ , _DB_PASSWORD_);
 	//建立账号
     $op = "new";
     $post_username = trim($_POST["username"]);
@@ -80,7 +80,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
 		$post_error = true;
     }
 	else{
-        $query = "select count(*) as co from user where username = ?" ;
+        $query = "SELECT count(*) as co from "._TABLE_USER_INFO_." where username = ?" ;
         $iFetch = PDO_FetchOne($query,array($post_username));
         if ($iFetch > 0) { //username is existed
             $error_username = $_local->gui->account_existed;
@@ -91,7 +91,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
         $error_email = $_local->gui->email . $_local->gui->cannot_empty;
 		$post_error = true;
     }else{
-		$query = "select count(*) as co from user where email = ?" ;
+		$query = "SELECT count(*) as co from "._TABLE_USER_INFO_." where email = ?" ;
 		$iFetch = PDO_FetchOne($query,array($post_email));
 		if ($iFetch > 0) { //username is existed
 			$error_email = $_local->gui->email . "已经存在";
@@ -117,7 +117,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
         $md5_password = md5($post_password);
         $new_userid = UUID::v4();
 
-				$query = "INSERT INTO user ('id','userid','username','password','nickname','email') VALUES (NULL," . $PDO->quote($new_userid) . "," . $PDO->quote($post_username) . "," . $PDO->quote($md5_password) . "," . $PDO->quote($post_nickname) . "," . $PDO->quote($post_email) . ")";
+				$query = "INSERT INTO "._TABLE_USER_INFO_." ('id','userid','username','password','nickname','email') VALUES (NULL," . $PDO->quote($new_userid) . "," . $PDO->quote($post_username) . "," . $PDO->quote($md5_password) . "," . $PDO->quote($post_nickname) . "," . $PDO->quote($post_email) . ")";
 				$stmt = @PDO_Execute($query);
 				if (!$stmt || ($stmt && $stmt->errorCode() != 0)) {
 					$error = PDO_ErrorInfo();
@@ -142,7 +142,7 @@ if (isset($_POST["op"]) && $_POST["op"] == "new") {
         } else if (isset($_POST["password"])) {
             $md5_password = md5($_POST["password"]);
             PDO_Connect(_FILE_DB_USERINFO_);
-            $query = "select * from user where (\"username\"=" . $PDO->quote($_POST["username"]) . " or \"email\"=" . $PDO->quote($_POST["username"]) . " ) and \"password\"=" . $PDO->quote($md5_password);
+            $query = "SELECT * from "._TABLE_USER_INFO_." where (\"username\"=" . $PDO->quote($_POST["username"]) . " or \"email\"=" . $PDO->quote($_POST["username"]) . " ) and \"password\"=" . $PDO->quote($md5_password);
             $Fetch = PDO_FetchAll($query);
             $iFetch = count($Fetch);
             if ($iFetch > 0) {