del_ok.jsp

这是一个用JAVA语言编写的BBS论坛程序

<%
/*
 * Copyright:  Copyright (c) 2004 
 * @author http://hi.baidu.com/lael80*/
%>
<%@ page contentType="text/html; charset=gb2312" errorPage=""%>
<jsp:useBean id="workDB" scope="page" class="javabean.Conn"/>
<jsp:useBean id="workFC" scope="page" class="javabean.Func"/>
<%
if(!workFC.cNULL(String.valueOf(session.getAttribute("u_name")))){
  response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>您的权限不够"));
  return;
}
int action=0;
int id=0;
String tablename="",tableid="",tableforum="";

try{
  action=Integer.parseInt(request.getParameter("action"));
  if(action!=1&&action!=2){
    response.sendRedirect("result.jsp?errcodes=<li>"+workFC.GBtoUni("错误的参数"));
    return;
  }
}catch(Exception e){
  response.sendRedirect("result.jsp?errcodes=<li>"+workFC.GBtoUni("错误的参数"));
  return;
}
try{
  id=Integer.parseInt(request.getParameter("id"));
}catch(Exception e){
  response.sendRedirect("result.jsp?errcodes=<li>"+workFC.GBtoUni("错误的参数"));
  return;
}
switch(action){
  case 1  : tablename="user_topic";tableid="topic_id";tableforum="topic_forum"; break;
  case 2  : tablename="user_reply";tableid="reply_id";tableforum="reply_forum"; break;
  default : tablename="";tableid="";tableforum="";    break;
}
if(workDB.queryCount("select count("+tableid+") from "+tablename+" where "+tableid+"="+id)==0){
  response.sendRedirect("result.jsp?errcodes=<li>"+workFC.GBtoUni("错误的参数"));
  return;
}else{
  //贴子作者
  String user_name=workDB.queryData("select user_name from "+tablename+" where "+tableid+"="+id);
  //贴子所在论坛
  int forum=Integer.parseInt(workDB.queryData("select "+tableforum+" from "+tablename+" where "+tableid+"="+id));
  //操作者等级
  int admin=Integer.parseInt(workDB.queryData("select user_type from user_info where user_name='"+session.getAttribute("u_name")+"'"));
  //贴子作者等级
  int author=Integer.parseInt(workDB.queryData("select user_type from user_info where user_name='"+workFC.GBtoUni(user_name)+"'"));
  if(admin==0){
    response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>您的权限不够"));
    return;
  }else if(admin!=forum&&admin!=100){//不是管理员或不是该版版主不能删除
    response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>您的权限不够,只有该版版主和管理员有此权限"));
    return;
  }else if(admin==author&&admin!=100&&!session.getAttribute("u_name").equals(user_name)){ 
    //除了自己，不能删除其它版主或管理员的贴子
    response.sendRedirect("result.jsp?errcodes="+workFC.GBtoUni("<li>您的权限不够,不能同级或越级删除"));
    return;
  }else{
    workDB.executeUpdate("delete from "+tablename+" where "+tableid+"="+id);
    if(action==1){
      workDB.executeUpdate("delete from user_reply where topic_id="+id);
      response.sendRedirect("topic.jsp?forum="+forum+"&pageid=1");
    }else response.sendRedirect(request.getHeader("Referer"));
  }
}
%>