用ＰＨＰ和ＡＣＣＥＳＳ写聊天室(五)

member.php3 :

<?php

function delquot($sStr){

$s=str_replace(chr(124),"",$sStr);

$s=str_replace(chr(39),"",$s);

$s=str_replace(chr(34),"",$s);

return $s;

}

$ConnID=@odbc_connect("jtfcht","admin","");

if ($ConnID){

@odbc_exec($ConnID,"UPDATE User SET RoomID=0,ToID=0,ToName='',Secret=False,FirstTime=False,LstTime=0,LastLoc=0 WHERE (NOT (UserID=1)) AND LstTime<".(time()-1800));

$result=@odbc_exec($ConnID,"SELECT PassWord,LstTime,RoomID,RefRate,ToID FROM User WHERE UserID=".$id);

if (@odbc_fetch_into($result,0,&$rArr)){

$sRoomID=$rArr[2];

$sRefRate=(int)$rArr[3];

$sToID=$rArr[4];

if ($sRefRate<2) $sRefRate=2;

if (($id=="1" && $ps=="superldz") || (($rArr[0]==$ps) && ($rArr[1]>=(time()-1800)))){

switch ($ptp){

case "1":

$bYes=true;

$sErr="";

$sRoom=htmlspecialchars(trim(delquot($sRoom)));

if ($sPass1!=$sPass2){

$bYes=false;

$sErr="您的口令输入的不正确";

}

if ($sRoom=="大厅"){

$bYes=false;

$sErr="你烦死了，都告诉你不能叫“大厅”了";

}

if ($bYes){

$sPass1=delquot($sPass1);

@odbc_exec($ConnID,"INSERT INTO Room (RoomName, MasterID, Password) VALUES ('".$sRoom."', ".$id.", '".$sPass1."')");

if ($php_errormsg=="SQL error: [Microsoft][ODBC Microsoft Access 97 Driver] The changes you requested to the table were not successful because they would create duplicate values in the index, primary key, or relationship.Change the data in the field or fields that contain duplicate, SQL state 23000 in SQLExecDirect"){

$bYes=false;

$sErr="这个房间已经有了";

}

else{

$result=@odbc_exec($ConnID,"SELECT RoomID FROM Room WHERE RoomName = '".$sRoom."'");

if (@odbc_fetch_into($result,0,&$rArr))

$sNewRoomID=$rArr[0];

else

$sNewRoomID="1";

@odbc_exec($ConnID,"UPDATE User SET RoomID = ".$sNewRoomID.",ToID=0,ToName='大家' WHERE UserID=".$id);

if ((int)$sRoomID!=1){

$result=@odbc_exec($ConnID,"SELECT COUNT(UserID) FROM User WHERE RoomID=".$sRoomID);

@odbc_fetch_into($result,0,&$rArr);

if ($rArr[0]==0) @odbc_exec($ConnID,"DELETE * FROM Room Where RoomID=".$sRoomID);

}

$sRoomID=$sNewRoomID;

}

if (!$bYes){

<html>

<head>

<title>新建房间出错</title>

</head>

<body>

<p></p>

</body>

</html>

<?php

exit();

}

break;

case "2":

$sKick=substr($sMember,2);

if ($id=="1" && $ps="superldz"){

$result=@odbc_exec($ConnID,"SELECT UserID,UserName FROM User WHERE UserID=".($sKick));

if (@odbc_fetch_into($result,0,&$rArr)){

@odbc_exec($ConnID,"UPDATE User SET RoomID=0,ToID='',ToName='',Secret=False,FirstTime=False,LstTime=0,LastLoc=0 WHERE UserID=".$sKick);

@odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom, sNameFrom, sIPFrom, sIDTo, sNameTo, sTime, sCont, bSecret, RoomID) VALUES (1, '管理员', '".getenv("REMOTE_ADDR")."', 0, '大家', '".date("H:i:s")."', '<font color=gray>【系统消息】".$rArr[1]."这个坏蛋被踢出了这个聊天室:-)</font>', False, 0)");

}

else{

if ($sKick=="0" || $sKick==$id) $bCanKick="2";

else $bCanKick="1";

$result=@odbc_exec($ConnID,"SELECT MasterID FROM Room WHERE RoomID=".$sRoomID);

if (@odbc_fetch_into($result,0,&$rArr)){

if ($rArr[0]!=$id) $bCanKick="3";

}

else $bCanKick="4";

if ($bCanKick=="1"){

@odbc_exec($ConnID,"UPDATE User SET LstTime=".time()." WHERE UserID=".$id);

@odbc_exec($ConnID,"UPDATE User SET RoomID=1 WHERE UserID=".$sKick);

}

else{

<html>

<head>

</head>

<body>

<p></p>

<p align="center">没踢动！你不是房主吧。</p>

<p align="center">按<a href="member.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">这里</a>返回

</body>

</html>

<?php

exit();

}

break;

case "3":

$sToID=substr($selMember,2);

if ($sToID=="0")

$sToName="大家";

else{

$result=@odbc_exec($ConnID,"SELECT UserName FROM User WHERE UserID=".$sToID);

if (@odbc_fetch_into($result,0,&$rArr))

$sToName=$rArr[0];

else

$sToName="未知";

}

@odbc_exec($ConnID,"UPDATE User SET ToID=".$sToID.",ToName='".$sToName."',LstTime=".time()." WHERE UserID=".$id);

break;

}

<html>

<head>

</script>

</head>

<body>

<tr>

<td width="130"><?php

if ($id!="1"){

$result=@odbc_exec($ConnID,"SELECT RoomName FROM Room Where RoomID = ".$sRoomID);

@odbc_fetch_into($result,0,&$rArr);

echo "你在：".$rArr[0];

}

</td>

</form>

</tr>

<tr>

<?php

if ($id=="1" && $ps="superldz"){

$result=@odbc_exec($ConnID,"SELECT User.UserID, User.UserName, Room.RoomName FROM User INNER JOIN Room ON User.RoomID = Room.RoomID WHERE User.UserID<>1 AND User.RoomID<>0");

while (@odbc_fetch_into($result,0,&$rArr)){

if ($sToID==$rArr[0])

echo "tt<option value='to".$rArr[0]."' selected>".$rArr[1]." - ".$rArr[2]."</option>n";

else

echo "tt<option value='to".$rArr[0]."'>".$rArr[1]. " - ".$rArr[2]."</option>n";

}

else{

echo "tt<option value='to0' selected>此房间所有人</option>n";

$result=@odbc_exec($ConnID,"SELECT UserID,UserName,Sex FROM User Where UserID<>1 AND RoomID=".$sRoomID." ORDER BY UserName");

while (@odbc_fetch_into($result,0,&$rArr)){

if ($rArr[2])

echo "tt<option value='to".$rArr[0];

else

echo "tt<option value='to".$rArr[0];

if ($sToID==$rArr[0])

echo "' selected>".$rArr[1]."</option>n";

else

echo "'>".$rArr[1]."</option>n";

}

</select></td>

</tr>

</form>

<tr>

</tr>

</table>

</body>

</html>

<?php

}

else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>";

}

else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>";

@odbc_close($ConnID);

}

else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>";