fenglin/bbs/section_master_service.php

<?
        require_once "../lib/db_open.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "./session_init.inc.php";
        require_once "./check_sub.inc.php";

        $data = json_decode(file_get_contents("php://input"), true);

        $sid = (isset($data["sid"]) ? intval($data["sid"]) : 0);
        $op = (isset($data["op"]) ? intval($data["op"]) : 0);
        $username = (isset($data["username"]) ? trim($data["username"]) : "");
        $type = (isset($data["type"]) && $data["type"] == "1" ? 1 : 0);
        
        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if (!preg_match("/^[A-Za-z][A-Za-z0-9]{2,11}$/", $username))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "用户名不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (strcasecmp($username, $_SESSION["BBS_username"]) == 0)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "不能对自己操作",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_MAN_M)
                || ($type == 1 && (!$_SESSION["BBS_priv"]->checkpriv($sid, S_ADMIN))))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "没有权限",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Check user status
        $sql = "SELECT UID FROM user_list WHERE username = '$username' AND verified";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $uid = $row["UID"];
        }
        else
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "用户不存在或尚未验证",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        mysqli_free_result($rs);

        // Check section status
        $sql = "SELECT SID FROM section_config INNER JOIN section_class
                        WHERE SID = $sid AND section_config.enable AND section_class.enable";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (mysqli_num_rows($rs) == 0)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "版块不存在",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        mysqli_free_result($rs);

        // Check existing section master
        $has_major = false;
        $user_found = false;

        $sql = "SELECT UID, major FROM section_master
                        WHERE SID = $sid AND enable AND (NOW() BETWEEN begin_dt AND end_dt)";
        
        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);
        
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        while ($row = mysqli_fetch_array($rs))
        {
                if ($uid == $row["UID"])
                {
                        $user_found = true;
                }
        
                if (!$has_major && $row["major"])
                {
                        $has_major = true;
                }
        }
        mysqli_free_result($rs);
        
        if ($user_found && $op == 1)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "用户已经是版主",
                ));
        
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ((!$user_found) && ($op == 2 || $op == 3))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "未找到记录",
                ));
        
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        switch($op)
        {
                case 1: // Appoint
                        if ($type == 1 && $has_major)
                        {
                                $result_set["return"]["code"] = -1;
                                array_push($result_set["return"]["errorFields"], array(
                                        "id" => "master",
                                        "errMsg" => "只能有一位正版主",
                                ));

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        $sql = "INSERT INTO section_master(UID, SID, begin_dt, end_dt, enable, major)
                                        VALUES($uid, $sid, NOW(), ADDDATE(NOW(), INTERVAL 6 MONTH), 1, $type)";

                        $rs = mysqli_query($db_conn, $sql);
                        if ($rs == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Add section master error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        break; // case 1: Appoint
                case 2: // Dismiss
                        $sql = "UPDATE section_master SET enable = 0, end_dt = NOW()
                                        WHERE UID = $uid AND SID = $sid AND enable
                                        AND (NOW() BETWEEN begin_dt AND end_dt)";

                        $rs = mysqli_query($db_conn, $sql);
                        if ($rs == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        break; // case 2: Dismiss
                case 3: // Renew
                        $sql = "UPDATE section_master SET end_dt = ADDDATE(end_dt, INTERVAL 6 MONTH)
                                        WHERE UID = $uid AND SID = $sid AND enable
                                        AND (NOW() BETWEEN begin_dt AND end_dt)";

                        $rs = mysqli_query($db_conn, $sql);
                        if ($rs == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        break; // case 3 : Renew
                default: // Invalid Op
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "master",
                                "errMsg" => "非法操作",
                        ));

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));

                        break; // default: Invalid Op
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        
        mysqli_close($db_conn);
        exit(json_encode($result_set));
?>
1	sysadm	1.1	<?
2			require_once "../lib/db_open.inc.php";
3			require_once "../lib/str_process.inc.php";
4			require_once "./session_init.inc.php";
5			require_once "./check_sub.inc.php";
6
7			$data = json_decode(file_get_contents("php://input"), true);
8
9			$sid = (isset($data["sid"]) ? intval($data["sid"]) : 0);
10			$op = (isset($data["op"]) ? intval($data["op"]) : 0);
11			$username = (isset($data["username"]) ? trim($data["username"]) : "");
12			$type = (isset($data["type"]) && $data["type"] == "1" ? 1 : 0);
13
14			$result_set = array(
15			"return" => array(
16			"code" => 0,
17			"message" => "",
18			"errorFields" => array(),
19			)
20			);
21
22			header("Content-Type:application/json; charset=utf-8");
23
24			// Validate input data
25			if (!preg_match("/^[A-Za-z][A-Za-z0-9]{2,11}$/", $username))
26			{
27			$result_set["return"]["code"] = -1;
28			array_push($result_set["return"]["errorFields"], array(
29			"id" => "username",
30			"errMsg" => "用户名不符合格式要求",
31			));
32			}
33
34			if ($result_set["return"]["code"] != 0)
35			{
36			mysqli_close($db_conn);
37			exit(json_encode($result_set));
38			}
39
40			if (strcasecmp($username, $_SESSION["BBS_username"]) == 0)
41			{
42			$result_set["return"]["code"] = -1;
43			array_push($result_set["return"]["errorFields"], array(
44			"id" => "master",
45			"errMsg" => "不能对自己操作",
46			));
47
48			mysqli_close($db_conn);
49			exit(json_encode($result_set));
50			}
51
52			if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_MAN_M)
53			\|\| ($type == 1 && (!$_SESSION["BBS_priv"]->checkpriv($sid, S_ADMIN))))
54			{
55			$result_set["return"]["code"] = -1;
56			array_push($result_set["return"]["errorFields"], array(
57			"id" => "master",
58			"errMsg" => "没有权限",
59			));
60
61			mysqli_close($db_conn);
62			exit(json_encode($result_set));
63			}
64
65			// Begin transaction
66			$rs = mysqli_query($db_conn, "SET autocommit=0");
67			if ($rs == false)
68			{
69			$result_set["return"]["code"] = -2;
70			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
71
72			mysqli_close($db_conn);
73			exit(json_encode($result_set));
74			}
75
76			$rs = mysqli_query($db_conn, "BEGIN");
77			if ($rs == false)
78			{
79			$result_set["return"]["code"] = -2;
80			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
81
82			mysqli_close($db_conn);
83			exit(json_encode($result_set));
84			}
85
86			// Check user status
87			$sql = "SELECT UID FROM user_list WHERE username = '$username' AND verified";
88
89			$rs = mysqli_query($db_conn, $sql);
90			if ($rs == false)
91			{
92			$result_set["return"]["code"] = -2;
93			$result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);
94
95			mysqli_close($db_conn);
96			exit(json_encode($result_set));
97			}
98
99			if ($row = mysqli_fetch_array($rs))
100			{
101			$uid = $row["UID"];
102			}
103			else
104			{
105			$result_set["return"]["code"] = -1;
106			array_push($result_set["return"]["errorFields"], array(
107			"id" => "username",
108			"errMsg" => "用户不存在或尚未验证",
109			));
110
111			mysqli_close($db_conn);
112			exit(json_encode($result_set));
113			}
114			mysqli_free_result($rs);
115
116			// Check section status
117			$sql = "SELECT SID FROM section_config INNER JOIN section_class
118			WHERE SID = $sid AND section_config.enable AND section_class.enable";
119
120			$rs = mysqli_query($db_conn, $sql);
121			if ($rs == false)
122			{
123			$result_set["return"]["code"] = -2;
124			$result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);
125
126			mysqli_close($db_conn);
127			exit(json_encode($result_set));
128			}
129
130			if (mysqli_num_rows($rs) == 0)
131			{
132			$result_set["return"]["code"] = -1;
133			array_push($result_set["return"]["errorFields"], array(
134			"id" => "master",
135			"errMsg" => "版块不存在",
136			));
137
138			mysqli_close($db_conn);
139			exit(json_encode($result_set));
140			}
141			mysqli_free_result($rs);
142
143			// Check existing section master
144			$has_major = false;
145			$user_found = false;
146
147			$sql = "SELECT UID, major FROM section_master
148			WHERE SID = $sid AND enable AND (NOW() BETWEEN begin_dt AND end_dt)";
149
150			$rs = mysqli_query($db_conn, $sql);
151			if ($rs == false)
152			{
153			$result_set["return"]["code"] = -2;
154			$result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);
155
156			mysqli_close($db_conn);
157			exit(json_encode($result_set));
158			}
159
160			while ($row = mysqli_fetch_array($rs))
161			{
162			if ($uid == $row["UID"])
163			{
164			$user_found = true;
165			}
166
167			if (!$has_major && $row["major"])
168			{
169			$has_major = true;
170			}
171			}
172			mysqli_free_result($rs);
173
174			if ($user_found && $op == 1)
175			{
176			$result_set["return"]["code"] = -1;
177			array_push($result_set["return"]["errorFields"], array(
178			"id" => "master",
179			"errMsg" => "用户已经是版主",
180			));
181
182			mysqli_close($db_conn);
183			exit(json_encode($result_set));
184			}
185
186			if ((!$user_found) && ($op == 2 \|\| $op == 3))
187			{
188			$result_set["return"]["code"] = -1;
189			array_push($result_set["return"]["errorFields"], array(
190			"id" => "master",
191			"errMsg" => "未找到记录",
192			));
193
194			mysqli_close($db_conn);
195			exit(json_encode($result_set));
196			}
197
198			switch($op)
199			{
200			case 1: // Appoint
201			if ($type == 1 && $has_major)
202			{
203			$result_set["return"]["code"] = -1;
204			array_push($result_set["return"]["errorFields"], array(
205			"id" => "master",
206			"errMsg" => "只能有一位正版主",
207			));
208
209			mysqli_close($db_conn);
210			exit(json_encode($result_set));
211			}
212
213			$sql = "INSERT INTO section_master(UID, SID, begin_dt, end_dt, enable, major)
214			VALUES($uid, $sid, NOW(), ADDDATE(NOW(), INTERVAL 6 MONTH), 1, $type)";
215
216			$rs = mysqli_query($db_conn, $sql);
217			if ($rs == false)
218			{
219			$result_set["return"]["code"] = -2;
220			$result_set["return"]["message"] = "Add section master error: " . mysqli_error($db_conn);
221
222			mysqli_close($db_conn);
223			exit(json_encode($result_set));
224			}
225
226			break; // case 1: Appoint
227			case 2: // Dismiss
228			$sql = "UPDATE section_master SET enable = 0, end_dt = NOW()
229			WHERE UID = $uid AND SID = $sid AND enable
230			AND (NOW() BETWEEN begin_dt AND end_dt)";
231
232			$rs = mysqli_query($db_conn, $sql);
233			if ($rs == false)
234			{
235			$result_set["return"]["code"] = -2;
236			$result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);
237
238			mysqli_close($db_conn);
239			exit(json_encode($result_set));
240			}
241
242			break; // case 2: Dismiss
243			case 3: // Renew
244			$sql = "UPDATE section_master SET end_dt = ADDDATE(end_dt, INTERVAL 6 MONTH)
245			WHERE UID = $uid AND SID = $sid AND enable
246			AND (NOW() BETWEEN begin_dt AND end_dt)";
247
248			$rs = mysqli_query($db_conn, $sql);
249			if ($rs == false)
250			{
251			$result_set["return"]["code"] = -2;
252			$result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);
253
254			mysqli_close($db_conn);
255			exit(json_encode($result_set));
256			}
257
258			break; // case 3 : Renew
259			default: // Invalid Op
260			$result_set["return"]["code"] = -1;
261			array_push($result_set["return"]["errorFields"], array(
262			"id" => "master",
263			"errMsg" => "非法操作",
264			));
265
266			mysqli_close($db_conn);
267			exit(json_encode($result_set));
268
269			break; // default: Invalid Op
270			}
271
272			// Commit transaction
273			$rs = mysqli_query($db_conn, "COMMIT");
274			if ($rs == false)
275			{
276			$result_set["return"]["code"] = -2;
277			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
278
279			mysqli_close($db_conn);
280			exit(json_encode($result_set));
281			}
282
283			mysqli_close($db_conn);
284			exit(json_encode($result_set));
285			?>
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1