fenglin/bbs/section_service_master.php

<?php
        require_once "../lib/db_open.inc.php";
        require_once "../lib/str_process.inc.php";
        require_once "./session_init.inc.php";
        require_once "./check_sub.inc.php";

        $data = json_decode(file_get_contents("php://input"), true);

        $sid = (isset($data["sid"]) ? intval($data["sid"]) : 0);
        $op = (isset($data["op"]) ? intval($data["op"]) : 0);
        $username = (isset($data["username"]) ? trim($data["username"]) : "");
        $type = (isset($data["type"]) && $data["type"] == "1" ? 1 : 0);

        $result_set = array(
                "return" => array(
                        "code" => 0,
                        "message" => "",
                        "errorFields" => array(),
                )
        );

        header("Content-Type:application/json; charset=utf-8");

        // Validate input data
        if (!preg_match("/^[A-Za-z][A-Za-z0-9_]{2,11}$/", $username))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "用户名不符合格式要求",
                ));
        }

        if ($result_set["return"]["code"] != 0)
        {
                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_MAN_M)
                || ($type == 1 && (!$_SESSION["BBS_priv"]->checkpriv($sid, S_ADMIN))))
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "没有权限",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Begin transaction
        $rs = mysqli_query($db_conn, "SET autocommit=0");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        $rs = mysqli_query($db_conn, "BEGIN");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        // Check user status
        $sql = "SELECT UID FROM user_list WHERE username = '$username' AND verified";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($row = mysqli_fetch_array($rs))
        {
                $uid = $row["UID"];
        }
        else
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "username",
                        "errMsg" => "用户不存在或尚未验证",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        mysqli_free_result($rs);

        // Check section status
        $sql = "SELECT SID FROM section_config INNER JOIN section_class
                        WHERE SID = $sid AND section_config.enable AND section_class.enable";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if (mysqli_num_rows($rs) == 0)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "版块不存在",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }
        mysqli_free_result($rs);

        // Check existing section master
        $has_major = false;
        $user_found = false;
        $user_type = 0;

        $sql = "SELECT UID, major FROM section_master
                        WHERE SID = $sid AND enable AND (NOW() BETWEEN begin_dt AND end_dt)
                        FOR UPDATE";

        $rs = mysqli_query($db_conn, $sql);
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        while ($row = mysqli_fetch_array($rs))
        {
                if ($uid == $row["UID"])
                {
                        $user_found = true;
                        $user_type = $row["major"];
                }

                if (!$has_major && $row["major"])
                {
                        $has_major = true;
                }
        }
        mysqli_free_result($rs);

        if ($user_found && $op == 1)
        {
                $result_set["return"]["code"] = -1;
                array_push($result_set["return"]["errorFields"], array(
                        "id" => "master",
                        "errMsg" => "用户已经是版主",
                ));

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        if ($op == 2 || $op == 3)
        {
                if (!$user_found)
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "master",
                                "errMsg" => "未找到记录",
                        ));

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }

                if ($user_type == 1 && (!$_SESSION["BBS_priv"]->checkpriv($sid, S_ADMIN)))
                {
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "master",
                                "errMsg" => "没有管理员权限",
                        ));

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));
                }
        }

        switch($op)
        {
                case 1: // Appoint
                        if ($type == 1 && $has_major)
                        {
                                $result_set["return"]["code"] = -1;
                                array_push($result_set["return"]["errorFields"], array(
                                        "id" => "master",
                                        "errMsg" => "只能有一位正版主",
                                ));

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        $sql = "INSERT INTO section_master(UID, SID, begin_dt, end_dt, enable, major)
                                        VALUES($uid, $sid, NOW(), ADDDATE(NOW(), INTERVAL 6 MONTH), 1, $type)";

                        $rs = mysqli_query($db_conn, $sql);
                        if ($rs == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Add section master error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        break; // case 1: Appoint
                case 2: // Dismiss
                        $sql = "UPDATE section_master SET enable = 0, end_dt = NOW()
                                        WHERE UID = $uid AND SID = $sid AND enable
                                        AND (NOW() BETWEEN begin_dt AND end_dt)";

                        $rs = mysqli_query($db_conn, $sql);
                        if ($rs == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        break; // case 2: Dismiss
                case 3: // Renew
                        $sql = "UPDATE section_master SET end_dt = ADDDATE(end_dt, INTERVAL 6 MONTH)
                                        WHERE UID = $uid AND SID = $sid AND enable
                                        AND (NOW() BETWEEN begin_dt AND end_dt)";

                        $rs = mysqli_query($db_conn, $sql);
                        if ($rs == false)
                        {
                                $result_set["return"]["code"] = -2;
                                $result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);

                                mysqli_close($db_conn);
                                exit(json_encode($result_set));
                        }

                        break; // case 3 : Renew
                default: // Invalid Op
                        $result_set["return"]["code"] = -1;
                        array_push($result_set["return"]["errorFields"], array(
                                "id" => "master",
                                "errMsg" => "非法操作",
                        ));

                        mysqli_close($db_conn);
                        exit(json_encode($result_set));

                        break; // default: Invalid Op
        }

        // Commit transaction
        $rs = mysqli_query($db_conn, "COMMIT");
        if ($rs == false)
        {
                $result_set["return"]["code"] = -2;
                $result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);

                mysqli_close($db_conn);
                exit(json_encode($result_set));
        }

        mysqli_close($db_conn);
        exit(json_encode($result_set));
1	sysadm	1.1	<?php
2			require_once "../lib/db_open.inc.php";
3			require_once "../lib/str_process.inc.php";
4			require_once "./session_init.inc.php";
5			require_once "./check_sub.inc.php";
6
7			$data = json_decode(file_get_contents("php://input"), true);
8
9			$sid = (isset($data["sid"]) ? intval($data["sid"]) : 0);
10			$op = (isset($data["op"]) ? intval($data["op"]) : 0);
11			$username = (isset($data["username"]) ? trim($data["username"]) : "");
12			$type = (isset($data["type"]) && $data["type"] == "1" ? 1 : 0);
13	sysadm	1.2
14	sysadm	1.1	$result_set = array(
15			"return" => array(
16			"code" => 0,
17			"message" => "",
18			"errorFields" => array(),
19			)
20			);
21
22			header("Content-Type:application/json; charset=utf-8");
23
24			// Validate input data
25	sysadm	1.5	if (!preg_match("/^[A-Za-z][A-Za-z0-9_]{2,11}$/", $username))
26	sysadm	1.1	{
27			$result_set["return"]["code"] = -1;
28			array_push($result_set["return"]["errorFields"], array(
29			"id" => "username",
30			"errMsg" => "用户名不符合格式要求",
31			));
32			}
33
34			if ($result_set["return"]["code"] != 0)
35			{
36			mysqli_close($db_conn);
37			exit(json_encode($result_set));
38			}
39
40			if (!$_SESSION["BBS_priv"]->checkpriv($sid, S_MAN_M)
41			\|\| ($type == 1 && (!$_SESSION["BBS_priv"]->checkpriv($sid, S_ADMIN))))
42			{
43			$result_set["return"]["code"] = -1;
44			array_push($result_set["return"]["errorFields"], array(
45			"id" => "master",
46			"errMsg" => "没有权限",
47			));
48
49			mysqli_close($db_conn);
50			exit(json_encode($result_set));
51			}
52
53			// Begin transaction
54			$rs = mysqli_query($db_conn, "SET autocommit=0");
55			if ($rs == false)
56			{
57			$result_set["return"]["code"] = -2;
58			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
59
60			mysqli_close($db_conn);
61			exit(json_encode($result_set));
62			}
63	sysadm	1.2
64	sysadm	1.1	$rs = mysqli_query($db_conn, "BEGIN");
65			if ($rs == false)
66			{
67			$result_set["return"]["code"] = -2;
68			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
69
70			mysqli_close($db_conn);
71			exit(json_encode($result_set));
72			}
73
74			// Check user status
75			$sql = "SELECT UID FROM user_list WHERE username = '$username' AND verified";
76
77			$rs = mysqli_query($db_conn, $sql);
78			if ($rs == false)
79			{
80			$result_set["return"]["code"] = -2;
81			$result_set["return"]["message"] = "Query user error: " . mysqli_error($db_conn);
82
83			mysqli_close($db_conn);
84			exit(json_encode($result_set));
85			}
86
87			if ($row = mysqli_fetch_array($rs))
88			{
89			$uid = $row["UID"];
90			}
91			else
92			{
93			$result_set["return"]["code"] = -1;
94			array_push($result_set["return"]["errorFields"], array(
95			"id" => "username",
96			"errMsg" => "用户不存在或尚未验证",
97			));
98
99			mysqli_close($db_conn);
100			exit(json_encode($result_set));
101			}
102			mysqli_free_result($rs);
103
104			// Check section status
105			$sql = "SELECT SID FROM section_config INNER JOIN section_class
106			WHERE SID = $sid AND section_config.enable AND section_class.enable";
107
108			$rs = mysqli_query($db_conn, $sql);
109			if ($rs == false)
110			{
111			$result_set["return"]["code"] = -2;
112			$result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);
113
114			mysqli_close($db_conn);
115			exit(json_encode($result_set));
116			}
117
118			if (mysqli_num_rows($rs) == 0)
119			{
120			$result_set["return"]["code"] = -1;
121			array_push($result_set["return"]["errorFields"], array(
122			"id" => "master",
123			"errMsg" => "版块不存在",
124			));
125
126			mysqli_close($db_conn);
127			exit(json_encode($result_set));
128			}
129			mysqli_free_result($rs);
130
131			// Check existing section master
132			$has_major = false;
133			$user_found = false;
134			$user_type = 0;
135
136			$sql = "SELECT UID, major FROM section_master
137			WHERE SID = $sid AND enable AND (NOW() BETWEEN begin_dt AND end_dt)
138			FOR UPDATE";
139	sysadm	1.2
140	sysadm	1.1	$rs = mysqli_query($db_conn, $sql);
141			if ($rs == false)
142			{
143			$result_set["return"]["code"] = -2;
144			$result_set["return"]["message"] = "Query section master error: " . mysqli_error($db_conn);
145	sysadm	1.2
146	sysadm	1.1	mysqli_close($db_conn);
147			exit(json_encode($result_set));
148			}
149	sysadm	1.2
150	sysadm	1.1	while ($row = mysqli_fetch_array($rs))
151			{
152			if ($uid == $row["UID"])
153			{
154			$user_found = true;
155			$user_type = $row["major"];
156			}
157	sysadm	1.2
158	sysadm	1.1	if (!$has_major && $row["major"])
159			{
160			$has_major = true;
161			}
162			}
163			mysqli_free_result($rs);
164	sysadm	1.2
165	sysadm	1.1	if ($user_found && $op == 1)
166			{
167			$result_set["return"]["code"] = -1;
168			array_push($result_set["return"]["errorFields"], array(
169			"id" => "master",
170			"errMsg" => "用户已经是版主",
171			));
172	sysadm	1.2
173	sysadm	1.1	mysqli_close($db_conn);
174			exit(json_encode($result_set));
175			}
176
177			if ($op == 2 \|\| $op == 3)
178			{
179			if (!$user_found)
180			{
181			$result_set["return"]["code"] = -1;
182			array_push($result_set["return"]["errorFields"], array(
183			"id" => "master",
184			"errMsg" => "未找到记录",
185			));
186	sysadm	1.2
187	sysadm	1.1	mysqli_close($db_conn);
188			exit(json_encode($result_set));
189			}
190
191			if ($user_type == 1 && (!$_SESSION["BBS_priv"]->checkpriv($sid, S_ADMIN)))
192			{
193			$result_set["return"]["code"] = -1;
194			array_push($result_set["return"]["errorFields"], array(
195			"id" => "master",
196			"errMsg" => "没有管理员权限",
197			));
198	sysadm	1.2
199	sysadm	1.1	mysqli_close($db_conn);
200			exit(json_encode($result_set));
201			}
202			}
203
204			switch($op)
205			{
206			case 1: // Appoint
207			if ($type == 1 && $has_major)
208			{
209			$result_set["return"]["code"] = -1;
210			array_push($result_set["return"]["errorFields"], array(
211			"id" => "master",
212			"errMsg" => "只能有一位正版主",
213			));
214
215			mysqli_close($db_conn);
216			exit(json_encode($result_set));
217			}
218
219			$sql = "INSERT INTO section_master(UID, SID, begin_dt, end_dt, enable, major)
220			VALUES($uid, $sid, NOW(), ADDDATE(NOW(), INTERVAL 6 MONTH), 1, $type)";
221
222			$rs = mysqli_query($db_conn, $sql);
223			if ($rs == false)
224			{
225			$result_set["return"]["code"] = -2;
226			$result_set["return"]["message"] = "Add section master error: " . mysqli_error($db_conn);
227
228			mysqli_close($db_conn);
229			exit(json_encode($result_set));
230			}
231
232			break; // case 1: Appoint
233			case 2: // Dismiss
234			$sql = "UPDATE section_master SET enable = 0, end_dt = NOW()
235			WHERE UID = $uid AND SID = $sid AND enable
236			AND (NOW() BETWEEN begin_dt AND end_dt)";
237
238			$rs = mysqli_query($db_conn, $sql);
239			if ($rs == false)
240			{
241			$result_set["return"]["code"] = -2;
242			$result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);
243
244			mysqli_close($db_conn);
245			exit(json_encode($result_set));
246			}
247
248			break; // case 2: Dismiss
249			case 3: // Renew
250			$sql = "UPDATE section_master SET end_dt = ADDDATE(end_dt, INTERVAL 6 MONTH)
251			WHERE UID = $uid AND SID = $sid AND enable
252			AND (NOW() BETWEEN begin_dt AND end_dt)";
253
254			$rs = mysqli_query($db_conn, $sql);
255			if ($rs == false)
256			{
257			$result_set["return"]["code"] = -2;
258			$result_set["return"]["message"] = "Update section master error: " . mysqli_error($db_conn);
259
260			mysqli_close($db_conn);
261			exit(json_encode($result_set));
262			}
263
264			break; // case 3 : Renew
265			default: // Invalid Op
266			$result_set["return"]["code"] = -1;
267			array_push($result_set["return"]["errorFields"], array(
268			"id" => "master",
269			"errMsg" => "非法操作",
270			));
271
272			mysqli_close($db_conn);
273			exit(json_encode($result_set));
274
275			break; // default: Invalid Op
276			}
277
278			// Commit transaction
279			$rs = mysqli_query($db_conn, "COMMIT");
280			if ($rs == false)
281			{
282			$result_set["return"]["code"] = -2;
283			$result_set["return"]["message"] = "Mysqli error: " . mysqli_error($db_conn);
284
285			mysqli_close($db_conn);
286			exit(json_encode($result_set));
287			}
288	sysadm	1.2
289	sysadm	1.1	mysqli_close($db_conn);
290			exit(json_encode($result_set));
webmaster@leafok.com	ViewVC Help
Powered by ViewVC 1.3.0-beta1