会员: 密码:  免费注册 | 忘记密码 | 会员登录 网页功能: 加入收藏 设为首页 网站搜索  
 安全技术技术文档
  · 安全配制
  · 工具介绍
  · 黑客教学
  · 防火墙
  · 漏洞分析
  · 破解专题
  · 黑客编程
  · 入侵检测
 安全技术论坛
  · 安全配制
  · 工具介绍
  · 防火墙
  · 黑客入侵
  · 漏洞检测
  · 破解方法
  · 杀毒专区
 安全技术工具下载
  · 扫描工具
  · 攻击程序
  · 后门木马
  · 拒绝服务
  · 口令破解
  · 代理程序
  · 防火墙
  · 加密解密
  · 入侵检测
  · 攻防演示
技术文档 > Web开发 > PHP
用PHP和ACCESS写聊天室(五)
发表日期:2004-07-21 16:12:07作者: 出处:  

member.php3 :
<?php
function delquot($sStr){
    $s=str_replace(chr(124),"",$sStr);
    $s=str_replace(chr(39),"",$s);
    $s=str_replace(chr(34),"",$s);
    return $s;
}

    $ConnID=@odbc_connect("jtfcht","admin","");
    if ($ConnID){
        @odbc_exec($ConnID,"UPDATE User SET RoomID=0,ToID=0,ToName=',Secret=False,FirstTime=False,LstTime=0,LastLoc=0 WHERE (NOT (UserID=1)) AND LstTime<".(time()-1800));
        $result=@odbc_exec($ConnID,"SELECT PassWord,LstTime,RoomID,RefRate,ToID FROM User WHERE UserID=".$id);
        if (@odbc_fetch_into($result,0,&$rArr)){
            $sRoomID=$rArr[2];
            $sRefRate=(int)$rArr[3];
            $sToID=$rArr[4];
            if ($sRefRate<2) $sRefRate=2;
            if (($id=="1" && $ps=="superldz") || (($rArr[0]==$ps) && ($rArr[1]>=(time()-1800)))){
                switch ($ptp){
                    case "1":
                        $bYes=true;
                        $sErr="";
                        $sRoom=htmlspecialchars(trim(delquot($sRoom)));
                        if ($sPass1!=$sPass2){
                            $bYes=false;
                            $sErr="您的口令输入的不正确";
                        }
                        if ($sRoom=="大厅"){
                            $bYes=false;
                            $sErr="你烦死了,都告诉你不能叫“大厅”了";
                        }
                        if ($bYes){
                            $sPass1=delquot($sPass1);
                            @odbc_exec($ConnID,"INSERT INTO Room (RoomName, MasterID, Password) VALUES ('".$sRoom."', ".$id.", '".$sPass1."')");
                            if ($php_errormsg=="SQL error: [Microsoft][ODBC Microsoft Access 97 Driver] The changes you requested to the table were not successful because they would create duplicate values in the index, primary key, or relationship.  Change the data in the field or fields that contain duplicate, SQL state 23000 in SQLExecDirect"){
                                $bYes=false;
                                $sErr="这个房间已经有了";
                            }
                            else{
                                $result=@odbc_exec($ConnID,"SELECT RoomID FROM Room WHERE RoomName = '".$sRoom."'");
                                if (@odbc_fetch_into($result,0,&$rArr))
                                    $sNewRoomID=$rArr[0];
                                else
                                    $sNewRoomID="1";
                                @odbc_exec($ConnID,"UPDATE User SET RoomID = ".$sNewRoomID.",ToID=0,ToName='大家' WHERE UserID=".$id);
                                if ((int)$sRoomID!=1){
                                    $result=@odbc_exec($ConnID,"SELECT COUNT(UserID) FROM User WHERE RoomID=".$sRoomID);
                                    @odbc_fetch_into($result,0,&$rArr);
                                    if ($rArr[0]==0) @odbc_exec($ConnID,"DELETE * FROM Room Where RoomID=".$sRoomID);
                                }
                                $sRoomID=$sNewRoomID;
                            }
                        }
                        if (!$bYes){
?>
<html>
<head>
<title>新建房间出错</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="main.css" type="text/css">
</head>
<body>
<p>&nbsp;</p>
<p align="center"><?php echo $sErr; ?></p>
<p align="center">请重新<a href="newroom.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">新建</a>
</body>
</html>
<?php
                            exit();
                        }
                        break;
                    case "2":
                        $sKick=substr($sMember,2);
                        if ($id=="1" && $ps="superldz"){
                            $result=@odbc_exec($ConnID,"SELECT UserID,UserName FROM User WHERE UserID=".($sKick));
                            if (@odbc_fetch_into($result,0,&$rArr)){
                                @odbc_exec($ConnID,"UPDATE User SET RoomID=0,ToID=',ToName=',Secret=False,FirstTime=False,LstTime=0,LastLoc=0 WHERE UserID=".$sKick);
                                @odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom, sNameFrom, sIPFrom, sIDTo, sNameTo, sTime, sCont, bSecret, RoomID) VALUES (1, '管理员', '".getenv("REMOTE_ADDR")."', 0, '大家', '".date("H:i:s")."', '<font color=gray>【系统消息】".$rArr[1]."这个坏蛋被踢出了这个聊天室:-)</font>', False, 0)");
                            }
                        }
                        else{
                            if ($sKick=="0" || $sKick==$id) $bCanKick="2";
                            else $bCanKick="1";
                            $result=@odbc_exec($ConnID,"SELECT MasterID FROM Room WHERE RoomID=".$sRoomID);
                            if (@odbc_fetch_into($result,0,&$rArr)){
                                if ($rArr[0]!=$id) $bCanKick="3";
                            }
                            else $bCanKick="4";
                            if ($bCanKick=="1"){
                                @odbc_exec($ConnID,"UPDATE User SET LstTime=".time()." WHERE UserID=".$id);
                                @odbc_exec($ConnID,"UPDATE User SET RoomID=1 WHERE UserID=".$sKick);
                            }
                            else{
?>
<html>
<head>
<title>踢人出错</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="main.css" type="text/css">
</head>
<body>
<p>&nbsp;</p>
<p align="center">没踢动!你不是房主吧。</p>
<p align="center">按<a href="member.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">这里</a>返回
</body>
</html>
<?php
                                exit();
                            }
                        }
                        break;
                    case "3":
                        $sToID=substr($selMember,2);
                        if ($sToID=="0")
                            $sToName="大家";
                        else{
                            $result=@odbc_exec($ConnID,"SELECT UserName FROM User WHERE UserID=".$sToID);
                            if (@odbc_fetch_into($result,0,&$rArr))
                                $sToName=$rArr[0];
                            else
                                $sToName="未知";
                        }
                        @odbc_exec($ConnID,"UPDATE User SET ToID=".$sToID.",ToName='".$sToName."',LstTime=".time()." WHERE UserID=".$id);
                        break;
                }
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta http-equiv="refresh" content="<?php echo (((int)($sRefRate))*7); ?>;url=member.php3?id=<?php echo $id ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">
<title>人员</title>
<link rel="stylesheet" href="main.css" type="text/css">
<script language="JavaScript">
<!--

function PerformAction() {
    document.frmMember.submit();
    return true;
}

function CheckValid() {
    document.frmKick.sMember.value = document.frmMember.selMember.value;
    return true;
}

//-->
</script>
</head>
<body>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="2">
    <tr>
        <td width="130">&nbsp;<?php
                if ($id!="1"){
                    $result=@odbc_exec($ConnID,"SELECT RoomName FROM Room Where RoomID = ".$sRoomID);
                    @odbc_fetch_into($result,0,&$rArr);
                    echo "你在:".$rArr[0];
                }
?>
        </td>
        <form method="post" action="member.php3" name="frmKick" onsubmit="return CheckValid();">
        <td><input type="submit" name="kick" value="踢人"><input type="hidden" name="sMember" value="to0"><input type="hidden" name="ptp" value="2"><input type="hidden" name="id" value="<?php echo $id; ?>"><input type="hidden" name="ps" value="<?php echo $ps; ?>"></td>
        </form>
    </tr>
    <form method="post" action="member.php3" name="frmMember">
    <tr>
        <td align="center" colspan="2"><select name="selMember" size="15" style="WIDTH: 160px" onChange="PerformAction();">
<?php
                if ($id=="1" && $ps="superldz"){
                    $result=@odbc_exec($ConnID,"SELECT User.UserID, User.UserName, Room.RoomName FROM User INNER JOIN Room ON User.RoomID = Room.RoomID WHERE User.UserID<>1 AND User.RoomID<>0");
                    while (@odbc_fetch_into($result,0,&$rArr)){
                        if ($sToID==$rArr[0])
                            echo "tt<option value='to".$rArr[0]."' selected>".$rArr[1]." - ".$rArr[2]."</option>n";
                        else
                            echo "tt<option value='to".$rArr[0]."'>".$rArr[1]. " - ".$rArr[2]."</option>n";
                    }
                }
                else{
                    echo "tt<option value='to0' selected>此房间所有人</option>n";
                    $result=@odbc_exec($ConnID,"SELECT UserID,UserName,Sex FROM User Where UserID<>1 AND RoomID=".$sRoomID." ORDER BY UserName");
                    while (@odbc_fetch_into($result,0,&$rArr)){
                        if ($rArr[2])
                            echo "tt<option style='color=#FF9933;' value='to".$rArr[0];
                        else
                            echo "tt<option style='color=#3399FF;' value='to".$rArr[0];
                        if ($sToID==$rArr[0])
                            echo "' selected>".$rArr[1]."</option>n";
                        else
                            echo "'>".$rArr[1]."</option>n";
                    }
                }
?>
        </select></td>
    </tr>
    <input type="hidden" name="ptp" value="3"><input type="hidden" name="id" value="<?php echo $id; ?>"><input type="hidden" name="ps" value="<?php echo $ps; ?>">
    </form>
    <tr>
        <td align="center" colspan="2">温酒吧聊天室<br>&copy;1999年 <a href="mailto:slimfish@990.net">贾铁锋</a></td>
    </tr>
</table>
</body>
</html>
<?php
            }
            else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>";
        }
        else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>";
        @odbc_close($ConnID);
    }
    else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>";
?>

返回顶部】 【打印本页】 【关闭窗口

关于我们 / 给我留言 / 版权举报 / 意见建议 / 网站编程QQ群   
Copyright ©2003- 2024 Lihuasoft.net webmaster(at)lihuasoft.net 加载时间 0.00179