📄 ajax_im.php
字号:
$to_delete[] = $row['id'];
}
} else if($row['type'] == 'event') {
$output['events'][$j++] = Array('event'=>$row['message'], 'sender'=>$row['sender'], 'group'=>$reverse_list[$row['sender']], 'recipient'=>$row['recipient']);
$output['numEvents']++;
$to_delete[] = $row['id'];
}
}
if(count($to_delete) > 0)
$delete_new = @mysql_query("DELETE FROM ".SQL_PREFIX."messages WHERE id IN('".implode("','", $to_delete)."')");
print($json->encode($output));
} else {
$set_status = @mysql_query("UPDATE ".SQL_PREFIX."users SET is_online='0', last_ping='".time()."' WHERE username='".mysql_real_escape_string($from)."'");
print 'not_logged_in';
}
break;
case 'login':
///////////// login to the server /////////
// login parts (within array $_POST): //
// from - user logging in //
// pwd - password //
///////////////////////////////////////////
$query = @mysql_query("SELECT buddylist FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($from)."' AND password='".$pwd."'");
if(@mysql_num_rows($query) > 0) {
$user = mysql_fetch_assoc($query);
$set_status = @mysql_query("UPDATE ".SQL_PREFIX."users SET is_online='1' WHERE username='".mysql_real_escape_string($from)."'");
if(strlen($user['buddylist']) > 0) {
$buddylist = user_event($from, $user['buddylist'], 'status,1');
$output['buddy'] = $json->encode($buddylist);
} else {
$output['buddy'] = Array();
}
print($json->encode($output));
} else {
print 'invalid';
}
break;
case 'logout':
///////////// logout of the server ////////
// parts (within array $_POST): //
// from - user logging out //
// pwd - password //
///////////////////////////////////////////
$query = @mysql_query("SELECT buddylist FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($from)."' AND password='".$pwd."'");
if(@mysql_num_rows($query) > 0) {
$user = mysql_fetch_assoc($query);
$set_status = @mysql_query("UPDATE ".SQL_PREFIX."users SET is_online='0', last_ping='".time()."' WHERE username='".mysql_real_escape_string($from)."'");
$exit_rooms = @mysql_query("DELETE FROM ".SQL_PREFIX."chats WHERE user='".mysql_real_escape_string($from)."'");
$notify_buddies = user_event($from, $user['buddylist'], 'status,0');
print 'logged_out';
} else {
print 'invalid';
}
break;
case 'register':
///////////// register a new user /////////
// parts (within array $_POST): //
// from - username chosen //
// pwd - password chosen //
// email - email address //
///////////////////////////////////////////
$email = $_POST['email'];
if(preg_match('/^[a-z0-9_\\d]+$/', $from) !== false && strlen($from) >= 3 && strlen($from) <= 16) {
if(preg_match('/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/', $email) !== false) {
if(strlen($pwd) >= 4 && strlen($pwd) <= 16) {
if(mysql_num_rows(mysql_query("SELECT email FROM ".SQL_PREFIX."users WHERE email='".mysql_real_escape_string($email)."'")) == 0) {
$query = @mysql_query("SELECT username FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($from)."'");
if(@mysql_num_rows($query) == 0) {
$query = @mysql_query("INSERT INTO ".SQL_PREFIX."users (username, password, email) VALUES ('".mysql_real_escape_string($from)."', '".md5($pwd)."', '".mysql_real_escape_string($email)."')");
print 'user_registered';
} else {
print 'username_taken';
}
} else {
print 'email_already_used';
}
} else {
print 'password_bad_length';
}
} else {
print 'invalid_email';
}
} else {
print 'username_bad';
}
break;
case 'save':
//////// save the users buddylist /////////
// parts (within array $_POST): //
// from - user saving the buddylist //
// pwd - password //
// list - the buddylist //
///////////////////////////////////////////
$query = @mysql_query("SELECT username FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($from)."' AND password='".$pwd."'");
if(@mysql_num_rows($query) > 0) {
$query = @mysql_query("UPDATE ".SQL_PREFIX."users SET buddylist='".$_POST['list']."' WHERE username='".mysql_real_escape_string($from)."'");
print 'saved';
} else {
print 'not_logged_in';
}
break;
case 'isuser':
////////// check if user exists ///////////
// parts (within array $_POST): //
// from - user saving the buddylist //
// pwd - password //
// username - the username in question //
///////////////////////////////////////////
$query = @mysql_query("SELECT username FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($from)."' AND password='".$pwd."'");
if(@mysql_num_rows($query) > 0) {
$query = @mysql_query("SELECT is_online FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($_POST['username'])."'");
if(mysql_num_rows($query) > 0) {
$userinfo = @mysql_fetch_assoc($query);
if($userinfo['is_online'] == 100) {
$check_friendship = @mysql_query("SELECT is_online FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($_POST['username'])."' AND buddylist LIKE '%\"".mysql_real_escape_string($from)."\"%'");
if(@mysql_num_rows($check_friendship) == 0) {
print '0';
} else {
print $userinfo['is_online'];
}
} else {
print $userinfo['is_online'];
}
} else {
print 'not_exists';
}
} else {
print 'not_logged_in';
}
break;
case 'reset':
//////// reset the users password /////////
// parts (within array $_POST): //
// from - the email for the account //
///////////////////////////////////////////
$from = str_replace(' AT ', '@', str_replace(' DOT ', '.', $from));
$query = @mysql_query("SELECT email FROM ".SQL_PREFIX."users WHERE email='".mysql_real_escape_string($from)."'");
if(@mysql_num_rows($query) > 0) {
$new_pass = generatePassword();
$query = @mysql_query("UPDATE ".SQL_PREFIX."users SET password='".md5($new_pass)."' WHERE email='".mysql_real_escape_string($from)."'");
mail($from, 'Your Reset Password', "You requested your password be reset -- your new password is below.\n\nNew Password: $new_pass", 'From: Reset Password <reset_password@'.$_SERVER['HTTP_HOST'].'>');
print 'pw_reset';
} else {
print 'no_email_on_record';
}
break;
case 'pwdchange':
//////// change the users password ////////
// parts (within array $_POST): //
// from - user changing the passwd //
// pwd - current password //
// newpwd - new password //
///////////////////////////////////////////
$query = @mysql_query("SELECT username FROM ".SQL_PREFIX."users WHERE username='".mysql_real_escape_string($from)."' AND password='".$pwd."'");
if(@mysql_num_rows($query) > 0) {
if(strlen($_POST['newpwd']) >= 4 && strlen($_POST['newpwd']) <= 16) {
$query = @mysql_query("UPDATE ".SQL_PREFIX."users SET password='".md5($_POST['newpwd'])."' WHERE username='".mysql_real_escape_string($from)."'");
print 'pw_changed';
} else {
print 'password_bad_length';
}
} else {
print 'invalid_pw';
}
break;
case 'joinroom':
///////////// join a chatroom /////////////
// parts (within array $_POST): //
// from - user saving the buddylist //
// pwd - password //
// room - the room to join //
///////////////////////////////////////////
$room = $_POST['room'];
$query = @mysql_query("SELECT id FROM ".SQL_PREFIX."chats WHERE user='".mysql_real_escape_string($from)."' AND room='".mysql_real_escape_string(strtolower($room))."'");
if(@mysql_num_rows($query) > 0) {
print 'already_joined';
} else {
$query = @mysql_query("SELECT username FROM ".SQL_PREFIX."users WHERE LOWER(username)='".mysql_real_escape_string(strtolower($room))."'");
if(@mysql_num_rows($query) == 0) {
if(preg_match('/^[^a-z0-9_\d]+$/', $room) == false) {
$query = @mysql_query("INSERT INTO ".SQL_PREFIX."chats (room, user) VALUES ('".mysql_real_escape_string(strtolower($room))."', '".mysql_real_escape_string($from)."')");
$get_users = @mysql_query("SELECT user FROM ".SQL_PREFIX."chats WHERE room='".mysql_real_escape_string(strtolower($room))."'");
while($row = @mysql_fetch_assoc($get_users))
$output['users'][] = $row['user'];
$notify_buddies = user_event($from, $output, 'chat,join,'.$room);
print($json->encode($output));
} else {
print 'invalid_chars';
}
} else {
print 'room_is_user';
}
}
break;
case 'leaveroom':
//////////// leave a chatroom /////////////
// parts (within array $_POST): //
// from - user saving the buddylist //
// pwd - password //
// room - the room to leave //
///////////////////////////////////////////
$room = $_POST['room'];
$query = mysql_query("SELECT id FROM ".SQL_PREFIX."chats WHERE user='".mysql_real_escape_string($from)."' AND room='".mysql_real_escape_string(strtolower($room))."'") ;
if(mysql_num_rows($query) > 0) {
$row = mysql_fetch_assoc($query);
$query = mysql_query("DELETE FROM ".SQL_PREFIX."chats WHERE id='".$row['id']."'");
$get_users = @mysql_query("SELECT user FROM ".SQL_PREFIX."chats WHERE room='".mysql_real_escape_string(strtolower($room))."'");
while($row = @mysql_fetch_assoc($get_users))
$output['users'][] = $row['user'];
$notify_buddies = user_event($from, $output, 'chat,left,'.$room);
print 'left';
}
break;
}
mysql_close();
?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -