📄 manage.php
字号:
<?php
session_start();
include "include/query.php";
include "include/functions.php";
if($_GET["mode"]==msg_call)
{
$db = new db_query;
$db->connect();
if($_SESSION["userrank"]<getConfig("enable_call"))
{
echo "<script language=javascript>opener.showNotice('您的级别不允许呼叫聊友!');window.close()</script>";
exit;
}
if(!$db->result($db->query("select count(*) from `onlinelist` where `username` = '{$_POST["username"]}' and `roomid` = '{$_SESSION["roomid"]}'"),0,"count(*)"))
{
echo "<script language=javascript>opener.showNotice('<font color=\"blue\">{$_POST["username"]}</font> 不在聊天室中!');window.close();</script>";
exit;
}
$content = addslashes(htmlspecialchars($_POST["why"]));
$message = array("private"=>"","event"=>"","from_user"=>"","type"=>"","roomid"=>"","content"=>"","to_user"=>"","title"=>"","namecolor"=>"","saycolor"=>"","face"=>"");
$message["from_user"] = $_SESSION["username"];
$message["type"] = type_system;
$message["event"] = msg_call;
$message["roomid"] = $_SESSION["roomid"];
$message["to_user"] = $_POST["username"];
$message["content"] = $content;
addMessage($message,$db);
//送入消息列表
echo "<script language=javascript>opener.showNotice('呼叫 <font color=\"blue\">{$_POST["username"]}</font> 成功。');window.close()</script>";
$db->close();
exit;
}
if($_GET["mode"]==msg_clear)
{
if(!verifyMember(session_id(),$_SESSION["username"]))
{
header("location:notice.php?id=".not_login);
exit;
}
$db = new db_query;
$db->connect();
$message = array("private"=>"","event"=>"","from_user"=>"","type"=>"","roomid"=>"","content"=>"","to_user"=>"","title"=>"","namecolor"=>"","saycolor"=>"","face"=>"");
$message["from_user"] = $_SESSION["username"];
$message["type"] = type_system;
$message["event"] = msg_clear;
$message["roomid"] = $_SESSION["roomid"];
addMessage($message,$db);
UnOnline($_SESSION["username"]);
header("location:notice.php?id=".msg_clear);
$db->close();
exit;
}
if($_GET["mode"]==msg_rank)
{
$db = new db_query;
$db->connect();
//调整级别
//取得允许踢人的权限
//检测用户是否有调整级别的权限
if($_SESSION["username"]==$_POST["username"])
{
echo "<script language=javascript>opener.showNotice('不能对自己进行级别管理!');window.close();</script>";
exit;
}
if(!$db->result($db->query("select count(*) from `members` where `username` = '{$_POST["username"]}'"),0,"count(*)"))
{
echo "<script language=javascript>opener.showNotice('该用户不存在!');window.close();</script>";
exit;
}
$enableGrade = true;
if($_POST["grade"]>=getConfig("enable_kick"))
{
if($_SESSION["userrank"]<getConfig("enable_nolimit_grade"))
{
$enableGrade = false;
}
}
else
{
if($_SESSION["userrank"]<getConfig("enable_grade"))
{
$enableGrade = false;
}
}
if(!$enableGrade)
{
echo "<script language=javascript>opener.showNotice('请检查您是否有权限执行此操作!');window.close();</script>";
exit;
}
//检测对方级别
$hisRank = $db->result($db->query("select `rank` from `members` where `username` = '{$_POST["username"]}'"),0,"rank");
if($hisRank>=$_SESSION["userrank"])
{
echo "<script language=javascript>opener.showNotice('对方级别不比你低~');window.close();</script>";
exit;
}
if($_POST["grade"]>=($_SESSION["userrank"]))
{
echo "<script language=javascript>opener.showNotice('只能调整到比你小一级的级别!');window.close()</script>";
exit;
}
if($_POST["grade"]>12&&$_POST["grade"]<0)
{
echo "<script language=javascript>opener.showNotice('只能调整对方级别在0-12的范围内!');window.close();</script>";
exit;
}
//通过检测
//执行升级操作
$db->query("update `members` set `rank` = '{$_POST["grade"]}' where `username` = '{$_POST["username"]}'");
//写进日志
$db->query("insert into `logs` set `type` = '".logtype_grade."',`user` = '{$_POST["username"]}',`manager` = '{$_SESSION["username"]}',`why` = '{$_POST["why"]}',`time` = '".date("Y-m-d H:i:s")."',`action`=5,`tags` = '{$hisRank},{$_POST["grade"]}'");
$db->close();
echo "<script language=javascript>opener.showNotice('调整级别成功!');window.close();</script>";
}
if($_GET["mode"]==msg_kick||$_GET["mode"]==msg_bomb||$_GET["mode"]==msg_lock||$_GET["mode"]==msg_warn)
{
$db = new db_query;
$db->connect();
//检测用户是否为该房间的主人
//房间主人允许踢,炸,警告,封锁。但是不允许级别管理。
$masters = $db->result($db->query("select `masters` from `rooms` where `id` = '{$_SESSION["roomid"]}'"),0,"masters");
$isMaster = false;
$heis_master = false;
if($masters!="")
{
$arrMasters = explode(",",$masters);
for($i=0;$i<count($arrMasters);$i++)
{
if($arrMasters[$i]==$_SESSION["username"])
{
$isMaster = true;
}
if($arrMasters[$i]==$_POST["username"])
{
$heis_master = true;
}
}
}
if($heis_master)
{
echo "<script language=javascript>opener.showNotice('该用户是房间主人,不允许对他进行操作。');window.close()</script>";
exit;
}
//检测用户权限
if($db->result($db->query("select `protected` from `members` where `username` = '{$_POST["username"]}'"),0,"protected"))
{
echo "<script language=javascript>opener.showNotice('该用户受系统保护,不允许对该用户进行操作。');window.close()</script>";
exit;
}
if($_POST["username"]==$_SESSION["username"])
{
echo "<script language=javascript>opener.showNotice('不允许自己管理自己!');window.close()</script>";
exit;
}
$cannot = false;
switch($_GET["mode"])
{
case msg_kick:
if($_SESSION["userrank"]<getConfig("enable_kick"))
{
$cannot = true;
}
break;
case msg_bomb:
if($_SESSION["userrank"]<getConfig("enable_bomb"))
{
$cannot = true;
}
break;
case msg_lock:
if($_SESSION["userrank"]<getConfig("enable_lock"))
{
$cannot = true;
}
break;
case msg_warn:
if($_SESSION["userrank"]<getConfig("enable_warn"))
{
$cannot = true;
}
break;
}
if($cannot&&!$isMaster)
{
echo "<script language=javascript>opener.showNotice('请检查您是否有权限执行此操作!');window.close()</script>";
exit;
}
$rank = $_SESSION["userrank"];
$manager = $_SESSION["username"];
$why = addslashes($_POST["why"]);
$to_user = $_POST["username"];
$roomid = $_SESSION["roomid"];
//用户是否在线
$isInChatRoom = $db->result($db->query("select count(*) from `onlinelist` where `username` = '{$to_user}' and `roomid` = '{$_SESSION["roomid"]}'"),0,"count(*)");
if(!$isInChatRoom)
{
echo "<script language=javascript>opener.showNotice('〖<font color=blue>{$to_user}</font>〗不在聊天室');window.close()</script>";
exit;
}
//用户级别是否比自己高?
$userRank = $db->result($db->query("select `rank` from `members` where `username` = '{$to_user}'"),0,"rank");
if(!(($_SESSION["userrank"]>$userRank)||($isMaster&&$userRank<12)))
{
echo "<script language=javascript>opener.showNotice('对方级别比你高,操作失败!');window.close()</script>";
exit;
}
//封锁IP
if($_GET["mode"]==msg_lock)
{
//记录IP
$ip = $db->result($db->query("select `loginip` from `onlinelist` where `username` = '{$_POST["username"]}'"),0,"loginip");
echo $ip;
$isLocked = $db->result($db->query("select count(*) from `lockedip` where `ip` = '{$ip}'"),0,"count(*)");
if($isLocked)
{
echo "<script language=javascript>opener.showNotice('该用户的IP已经被封锁了!');window.close();</script>";
exit;
}
else
{
$db->query("insert into `lockedip` set `ip` = '{$ip}',`locktime` = '".time()."',`username` = '{$_POST["username"]}',`time` = '".date("Y-m-d H:i:s")."'");
}
}
$message = array("private"=>"","event"=>"","from_user"=>"","type"=>"","roomid"=>"","content"=>"","to_user"=>"","title"=>"","namecolor"=>"","saycolor"=>"","face"=>"");
$message["type"] = type_system;
$message["from_user"] = $manager;
$message["to_user"] = $to_user;
$message["content"] = $why;
$message["event"] = $_GET["mode"];
$message["roomid"] = $roomid;
addMessage($message,$db);
$tm = date("H:i:s");
if($_GET["mode"]!=msg_warn)
{
$db->query("update `members` set `lastkicktime` = '".time()."' where `username` = '{$to_user}'");
}
//写入日志
$db->query("insert into `logs` set `time` = '".date("Y-m-d H:i:s")."',`type` = ".logtype_manage.",`action` = '".$_GET["mode"]."',`user` = '{$to_user}',`manager` = '{$manager}',`why` = '{$why}'");
$db->close();
echo "<script language=javascript>";
echo "opener.showNotice('操作完全成功。');";
echo "opener.writeMessage('".$message["content"]."','{$message["from_user"]}','{$message["to_user"]}','{$tm}','{$message["title"]}','{$message["saycolor"]}','{$message["namecolor"]}','{$message["private"]}',1,'{$message["event"]}','{$message["face"]}');";
echo "window.close();";
echo "</script>";
exit;
}
if($_GET["mode"]==msg_forbid)
{
$db = new db_query;
$db->connect();
if($_SESSION["username"]==$_POST["username"])
{
echo "<script language=javascript>opener.showNotice('不允许对自己进行管理操作。');window.close()</script>";
exit;
}
if($_SESSION["userrank"]<getConfig("enable_forbid"))
{
echo "<script language=javascript>opener.showNotice('您的级别无法完成此操作。');window.close()</script>";
exit;
}
if(!$db->result($db->query("select count(*) from `members` where `username` = '{$_POST["username"]}'"),0,"count(*)"))
{
echo "<script language=javascript>opener.showNotice('系统找不到该用户。');window.close()</script>";
exit;
}
if($_SESSION["userrank"]<=$db->result($db->query("select `rank` from `members` where `username` = '{$_POST["username"]}'"),0,"rank"))
{
echo "<script language=javascript>opener.showNotice('对方级别不比你底。');window.close()</script>";
exit;
}
$db->query("update `members` set `forbid` = 1 where `username` = '{$_POST["username"]}'");
$db->query("insert into `logs` set `type` = '".logtype_names."',`action` = ".msg_forbid.",`user` = '{$_POST["username"]}',`manager` = '{$_SESSION["username"]}',`time` = '".date("Y-m-d H:i:s")."',`why` = '".addslashes($_POST["why"])."'");
$db->close();
echo "<script language=javascript>opener.showNotice('禁用用户 <font color=\"blue\">{$_POST["username"]}</font> 成功!');window.close()</script>";
exit;
}
if($_GET["mode"]==msg_ungrade)
{
$db = new db_query;
$db->connect();
if($_SESSION["username"]==$_POST["username"])
{
echo "<script language=javascript>opener.showNotice('不允许对自己进行管理操作。');window.close()</script>";
exit;
}
if($_SESSION["userrank"]<getConfig("enable_unauto_grade"))
{
echo "<script language=javascript>opener.showNotice('您的级别无法完成此操作。');window.close()</script>";
exit;
}
if(!$db->result($db->query("select count(*) from `members` where `username` = '{$_POST["username"]}'"),0,"count(*)"))
{
echo "<script language=javascript>opener.showNotice('系统找不到该用户。');window.close()</script>";
exit;
}
if($_SESSION["userrank"]<=$db->result($db->query("select `rank` from `members` where `username` = '{$_POST["username"]}'"),0,"rank"))
{
echo "<script language=javascript>opener.showNotice('对方级别不比你底。');window.close()</script>";
exit;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -