📄 player.php
字号:
<?php
require("../../class/connect.php");
include("../../class/db_sql.php");
include("../../class/config.php");
include("../../class/functions.php");
$link=db_connect();
$empire=new mysqlquery();
//验证用户
$logininid=getcvar('loginuserid');
$loginin=getcvar('loginusername');
$loginrnd=getcvar('loginrnd');
$loginlevel=getcvar('loginlevel');
$editor=1;
is_login($logininid,$loginin,$loginrnd);
//验证权限
CheckLevel($logininid,$loginin,$classid,"player");
//验证文件
function CheckPlayerFilename($filename){
if(strstr($filename,"\\")||strstr($filename,"/")||strstr($filename,".."))
{
printerror("PlayerFileNotExist","history.go(-1)");
}
//文件是否存在
if(!file_exists("../../DownSys/play/".$filename))
{
printerror("PlayerFileNotExist","history.go(-1)");
}
}
//------------------增加播放器
function AddPlayer($add,$userid,$username){
global $empire,$dbtbpre;
if(!$add[player]||!$add[filename])
{
printerror("EmptyPlayerName","history.go(-1)");
}
CheckPlayerFilename($add[filename]);
$sql=$empire->query("insert into {$dbtbpre}enewsplayer(player,filename,bz) values('".addslashes($add[player])."','".addslashes($add[filename])."','".addslashes($add[bz])."');");
$id=$empire->lastid();
if($sql)
{
//操作日志
insert_dolog("id=$id<br>player=$add[player]");
printerror("AddPlayerSuccess","player.php");
}
else
{printerror("DbError","history.go(-1)");}
}
//----------------修改播放器
function EditPlayer($add,$userid,$username){
global $empire,$dbtbpre;
$add[id]=(int)$add[id];
if(!$add[player]||!$add[filename]||!$add[id])
{
printerror("EmptyPlayerName","history.go(-1)");
}
CheckPlayerFilename($add[filename]);
$sql=$empire->query("update {$dbtbpre}enewsplayer set player='".addslashes($add[player])."',filename='".addslashes($add[filename])."',bz='".addslashes($add[bz])."' where id='$add[id]'");
if($sql)
{
//操作日志
insert_dolog("id=$add[id]<br>player=$add[player]");
printerror("EditPlayerSuccess","player.php");
}
else
{printerror("DbError","history.go(-1)");}
}
//---------------删除播放器
function DelPlayer($id,$userid,$username){
global $empire,$dbtbpre;
$id=(int)$id;
if(!$id)
{
printerror("NotDelPlayerID","history.go(-1)");
}
$r=$empire->fetch1("select id,player from {$dbtbpre}enewsplayer where id='$id'");
if(!$r[id])
{
printerror("NotDelPlayerID","history.go(-1)");
}
$sql=$empire->query("delete from {$dbtbpre}enewsplayer where id='$id'");
if($sql)
{
//操作日志
insert_dolog("id=$id<br>player=$r[player]");
printerror("DelPlayerSuccess","player.php");
}
else
{printerror("DbError","history.go(-1)");}
}
$enews=$_POST['enews'];
if(empty($enews))
{$enews=$_GET['enews'];}
//增加播放器
if($enews=="AddPlayer")
{
AddPlayer($_POST,$logininid,$loginin);
}
//修改播放器
elseif($enews=="EditPlayer")
{
EditPlayer($_POST,$logininid,$loginin);
}
//删除播放器
elseif($enews=="DelPlayer")
{
$id=$_GET['id'];
DelPlayer($id,$logininid,$loginin);
}
$sql=$empire->query("select id,player,filename,bz from {$dbtbpre}enewsplayer order by id");
//风格
$loginadminstyleid=(int)getcvar('loginadminstyleid');
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>增加播放器</title>
<link href="../adminstyle/<?=$loginadminstyleid?>/adminstyle.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1">
<tr>
<td>位置:<a href="player.php">管理播放器</a></td>
</tr>
</table>
<form name="addplayerform" method="post" action="player.php">
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" class="tableborder">
<tr class="header">
<td height="25" colspan="4">增加播放器: <input type=hidden name=enews value=AddPlayer></td>
</tr>
<tr>
<td width="14%" height="25" bgcolor="#FFFFFF">播放器名称</td>
<td width="33%" bgcolor="#FFFFFF">文件名</td>
<td width="13%" bgcolor="#FFFFFF">说明</td>
<td width="40%" bgcolor="#FFFFFF"> </td>
</tr>
<tr>
<td height="25" bgcolor="#FFFFFF">
<input name="player" type="text" id="player" value="">
</td>
<td bgcolor="#FFFFFF">e/DownSys/play/
<input name="filename" type="text" id="filename" value="">
<a href="#ecms" onclick="window.open('ChangePlayerFile.php?returnform=opener.document.addplayerform.filename.value','','width=400,height=500,scrollbars=yes');">[选择]</a></td>
<td bgcolor="#FFFFFF"><input name="bz" type="text" id="bz"></td>
<td bgcolor="#FFFFFF"><input type="submit" name="Submit" value="增加"></td>
</tr>
</table>
</form>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" class="tableborder">
<tr class="header">
<td width="8%">
<div align="center">ID</div></td>
<td width="14%" height="25">播放器名称</td>
<td width="33%">文件名</td>
<td width="13%">说明</td>
<td width="32%" height="25"> 操作</td>
</tr>
<?
while($r=$empire->fetch($sql))
{
?>
<form name="playerform<?=$r[id]?>" method=post action=player.php>
<input type=hidden name=enews value=EditPlayer>
<input type=hidden name=id value=<?=$r[id]?>>
<tr bgcolor="#FFFFFF">
<td><div align="center"><?=$r[id]?></div></td>
<td height="25"> <input name="player" type="text" value="<?=htmlspecialchars(stripSlashes($r[player]))?>">
</td>
<td>e/DownSys/play/
<input name="filename" type="text" value="<?=htmlspecialchars(stripSlashes($r[filename]))?>">
<a href="#ecms" onclick="window.open('ChangePlayerFile.php?returnform=opener.document.playerform<?=$r[id]?>.filename.value','','width=400,height=500,scrollbars=yes');">[选择]</a></td>
<td><input name="bz" type="text" value="<?=htmlspecialchars(stripSlashes($r[bz]))?>"></td>
<td height="25"> <div align="left">
<input type="submit" name="Submit3" value="修改">
<input type="button" name="Submit4" value="删除" onclick="if(confirm('确认要删除?')){self.location.href='player.php?enews=DelPlayer&id=<?=$r[id]?>';}">
</div></td>
</tr>
</form>
<?
}
db_close();
$empire=null;
?>
</table>
</body>
</html>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -