<?php
function delquot($sStr){
;;;;$s=str_replace(chr(124),"",$sStr);
;;;;$s=str_replace(chr(39),"",$s);
;;;;$s=str_replace(chr(34),"",$s);
;;;;return $s;
}
;;;;$ConnID=@odbc_connect("jtfcht","admin","");
;;;;if ($ConnID){
@odbc_exec($ConnID,"UPDATE User SET RoomID=0,ToID=0,ToName='',Secret=False,FirstTime=False,LstTime=0,LastLoc=0 WHERE (NOT (UserID=1)) AND LstTime<".(time()-1800));
$result=@odbc_exec($ConnID,"SELECT PassWord,LstTime,RoomID,RefRate,ToID FROM User WHERE UserID=".$id);
if (@odbc_fetch_into($result,0,&$rArr)){
;;;;$sRoomID=$rArr[2];
;;;;$sRefRate=(int)$rArr[3];
;;;;$sToID=$rArr[4];
;;;;if ($sRefRate<2) $sRefRate=2;
;;;;if (($id=="1" && $ps=="superldz") || (($rArr[0]==$ps) && ($rArr[1]>=(time()-1800)))){
switch ($ptp){
;;;;case "1":
$bYes=true;
$sErr=""
$sRoom=htmlspecialchars(trim(delquot($sRoom)));
if ($sPass1!=$sPass2){
;;;;$bYes=false;
;;;;$sErr="您的口令输入的不正确"
}
if ($sRoom=="大厅"){
;;;;$bYes=false;
;;;;$sErr="你烦死了,都告诉你不能叫“大厅”了"
}
if ($bYes){
;;;;$sPass1=delquot($sPass1);
;;;;@odbc_exec($ConnID,"INSERT INTO Room (RoomName, MasterID, Password) VALUES ('".$sRoom."', ".$id.", '".$sPass1."')");
;;;;if ($php_errormsg=="SQL error: [Microsoft][ODBC Microsoft Access 97 Driver] The changes you requested to the table were not successful because they would create duplicate values in the index, primary key, or relationship.;;Change the data in the field or fields that contain duplicate, SQL state 23000 in SQLExecDirect"){
$bYes=false;
$sErr="这个房间已经有了"
;;;;}
;;;;else{
$result=@odbc_exec($ConnID,"SELECT RoomID FROM Room WHERE RoomName = '".$sRoom."'");
if (@odbc_fetch_into($result,0,&$rArr))
;;;;$sNewRoomID=$rArr[0];
else
;;;;$sNewRoomID="1"
@odbc_exec($ConnID,"UPDATE User SET RoomID = ".$sNewRoomID.",ToID=0,ToName='大家' WHERE UserID=".$id);
if ((int)$sRoomID!=1){
;;;;$result=@odbc_exec($ConnID,"SELECT COUNT(UserID) FROM User WHERE RoomID=".$sRoomID);
;;;;@odbc_fetch_into($result,0,&$rArr);
;;;;if ($rArr[0]==0) @odbc_exec($ConnID,"DELETE * FROM Room Where RoomID=".$sRoomID);
}
$sRoomID=$sNewRoomID;
;;;;}
}
if (!$bYes){
?>
<html>
<head>
<title>新建房间出错</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="main.css" type="text/css">
</head>
<body>
<p> </p>
<p align="center"><?php echo $sErr; ?></p>
<p align="center">请重新<a href="newroom.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">新建</a>
</body>
</html>
<?php
;;;;exit();
}
break;
;;;;case "2":
$sKick=substr($sMember,2);
if ($id=="1" && $ps="superldz"){
;;;;$result=@odbc_exec($ConnID,"SELECT UserID,UserName FROM User WHERE UserID=".($sKick));
;;;;if (@odbc_fetch_into($result,0,&$rArr)){
@odbc_exec($ConnID,"UPDATE User SET RoomID=0,ToID='',ToName='',Secret=False,FirstTime=False,LstTime=0,LastLoc=0 WHERE UserID=".$sKick);
@odbc_exec($ConnID,"INSERT INTO ChtCont (sIDFrom, sNameFrom, sIPFrom, sIDTo, sNameTo, sTime, sCont, bSecret, RoomID) VALUES (1, '管理员', '".getenv("REMOTE_ADDR")."', 0, '大家', '".date("H:i:s")."', '<font color=gray>【系统消息】".$rArr[1]."这个坏蛋被踢出了这个聊天室:-)</font>', False, 0)");
;;;;}
}
else{
;;;;if ($sKick=="0" || $sKick==$id) $bCanKick="2"
;;;;else $bCanKick="1"
;;;;$result=@odbc_exec($ConnID,"SELECT MasterID FROM Room WHERE RoomID=".$sRoomID);
;;;;if (@odbc_fetch_into($result,0,&$rArr)){
if ($rArr[0]!=$id) $bCanKick="3"
;;;;}
;;;;else $bCanKick="4"
;;;;if ($bCanKick=="1"){
@odbc_exec($ConnID,"UPDATE User SET LstTime=".time()." WHERE UserID=".$id);
@odbc_exec($ConnID,"UPDATE User SET RoomID=1 WHERE UserID=".$sKick);
;;;;}
;;;;else{
?>
<html>
<head>
<title>踢人出错</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="main.css" type="text/css">
</head>
<body>
<p> </p>
<p align="center">没踢动!你不是房主吧。</p>
<p align="center">按<a href="member.php3?id=<?php echo $id; ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">这里</a>返回
</body>
</html>
<?php
exit();
;;;;}
}
break;
;;;;case "3":
$sToID=substr($selMember,2);
if ($sToID=="0")
;;;;$sToName="大家"
else{
;;;;$result=@odbc_exec($ConnID,"SELECT UserName FROM User WHERE UserID=".$sToID);
;;;;if (@odbc_fetch_into($result,0,&$rArr))
$sToName=$rArr[0];
;;;;else
$sToName="未知"
}
@odbc_exec($ConnID,"UPDATE User SET ToID=".$sToID.",ToName='".$sToName."',LstTime=".time()." WHERE UserID=".$id);
break;
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta http-equiv="refresh" content="<?php echo (((int)($sRefRate))*7); ?>;url=member.php3?id=<?php echo $id ?>&ps=<?php echo $ps; ?>&at=<?php echo time(); ?>">
<title>人员</title>
<link rel="stylesheet" href="main.css" type="text/css">
<script language="JavaScript">
<!--
function PerformAction() {
;;;;document.frmMember.submit();
;;;;return true;
}
function CheckValid() {
;;;;document.frmKick.sMember.value = document.frmMember.selMember.value;
;;;;return true;
}
//-->
</script>
</head>
<body>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="2">
;;;;<tr>
<td width="130"> <?php
if ($id!="1"){
;;;;$result=@odbc_exec($ConnID,"SELECT RoomName FROM Room Where RoomID = ".$sRoomID);
;;;;@odbc_fetch_into($result,0,&$rArr);
;;;;echo "你在:".$rArr[0];
}
?>
</td>
<form method="post" action="member.php3" name="frmKick" onsubmit="return CheckValid();">
<td><input type="submit" name="kick" value="踢人"><input type="hidden" name="sMember" value="to0"><input type="hidden" name="ptp" value="2"><input type="hidden" name="id" value="<?php echo $id; ?>"><input type="hidden" name="ps" value="<?php echo $ps; ?>"></td>
</form>
;;;;</tr>
;;;;<form method="post" action="member.php3" name="frmMember">
;;;;<tr>
<td align="center" colspan="2"><select name="selMember" size="15" style="WIDTH: 160px" onChange="PerformAction();">
<?php
if ($id=="1" && $ps="superldz"){
;;;;$result=@odbc_exec($ConnID,"SELECT User.UserID, User.UserName, Room.RoomName FROM User INNER JOIN Room ON User.RoomID = Room.RoomID WHERE User.UserID<>1 AND User.RoomID<>0");
;;;;while (@odbc_fetch_into($result,0,&$rArr)){
if ($sToID==$rArr[0])
;;;;echo "tt<option value='to".$rArr[0]."' selected>".$rArr[1]." - ".$rArr[2]."</option>n"
else
;;;;echo "tt<option value='to".$rArr[0]."'>".$rArr[1]. " - ".$rArr[2]."</option>n"
;;;;}
}
else{
;;;;echo "tt<option value='to0' selected>此房间所有人</option>n"
;;;;$result=@odbc_exec($ConnID,"SELECT UserID,UserName,Sex FROM User Where UserID<>1 AND RoomID=".$sRoomID." ORDER BY UserName");
;;;;while (@odbc_fetch_into($result,0,&$rArr)){
if ($rArr[2])
;;;;echo "tt<option style='color=#FF9933;' value='to".$rArr[0];
else
;;;;echo "tt<option style='color=#3399FF;' value='to".$rArr[0];
if ($sToID==$rArr[0])
;;;;echo "' selected>".$rArr[1]."</option>n"
else
;;;;echo "'>".$rArr[1]."</option>n"
;;;;}
}
?>
</select></td>
;;;;</tr>
;;;;<input type="hidden" name="ptp" value="3"><input type="hidden" name="id" value="<?php echo $id; ?>"><input type="hidden" name="ps" value="<?php echo $ps; ?>">
;;;;</form>
;;;;<tr>
<td align="center" colspan="2">温酒吧聊天室<br>©1999年 <a href="mailto:slimfish@990.net">贾铁锋</a></td>
;;;;</tr>
</table>
</body>
</html>
<?php
;;;;}
;;;;else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>"
}
else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>"
@odbc_close($ConnID);
;;;;}
;;;;else echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=gb2312'><title>人员</title><link rel='stylesheet' href='main.css' type='text/css'></head><body></body></html>"
?>
标签: