/**
* modify user's information
* @route({"POST","/current"})
*
* @param({"password", "$._POST.password"}) modify password, optional
* @param({"alias", "$._POST.alias"}) modify alias, optional
* @param({"avatar", "$._FILES.avatar.tmp_name"}) modify avatar, optional
* @param({"token", "$._COOKIE.token"}) used for auth
*
* @throws({"phprs\util\exceptions\Forbidden","res", "403 Forbidden", {"error":"Forbidden"}}) invalid cookie
*
* @throws({"AliasConflict","status", "409 Conflict", {"error":"AliasConflict"}}) alias conflict
*
*/
public function updateUser($token, $alias = null, $password = null, $avatar = null)
{
$token = $this->factory->create('Tokens')->getToken($token);
Verify::isTrue(isset($token['uid']) && $token['uid'] != 0, new Forbidden("invalid uid {$token['uid']}"));
if ($avatar) {
$avatar = $this->uploadAvatar($avatar);
}
$uid = $token['uid'];
$pdo = $this->db;
$pdo->beginTransaction();
try {
if ($alias || $avatar) {
$sets = array();
$params = array();
if ($alias) {
$res = Sql::select('uid')->from('pre_common_member_profile')->where('realname = ? AND uid <> ?', $alias, $uid)->forUpdate()->get($pdo);
Verify::isTrue(count($res) == 0, new AliasConflict("alias {$alias} conflict"));
$params['realname'] = $alias;
}
if ($avatar) {
$params['avatar'] = $avatar;
}
Sql::update('pre_common_member_profile')->setArgs($params)->where('uid = ?', $uid)->exec($pdo);
}
if ($password !== null) {
Sql::update('uc_members')->setArgs(['password' => $password, 'salt' => ''])->where('uid=?', $uid)->exec($pdo);
}
$pdo->commit();
} catch (Exception $e) {
Logger::warning("updateUser({$uid}) failed with " . $e->getMessage());
$pdo->rollBack();
throw $e;
}
}