1. 首頁
  2. 問答
  3. 我使用PHP做了一個論壇,並試圖讓用戶組

我使用PHP做了一個論壇,並試圖讓用戶組

2014-03-13 10 views
0

這是我的「config.php中」文件:我使用PHP做了一個論壇,並試圖讓用戶組

<?php 
/****************************************************** 
------------------Required Configuration--------------- 
Please edit the following variables so the forum can 
work correctly. 
******************************************************/ 

//We log to the DataBase 
mysql_connect('', '', ''); 
mysql_select_db(''); 

//Username of the Administrators 
$admin='Hexagon'; 
$mod='test1'; 

/****************************************************** 
-----------------Optional Configuration---------------- 
******************************************************/ 

//Forum Home Page 
$url_home = 'index.php'; 

//Design Name 
$design = 'default'; 


/****************************************************** 
----------------------Initialization------------------- 
******************************************************/ 
include('init.php'); 
    ?>

,這是我的「delete_topic.php」文件:

<?php 
//This page let delete a topic 
include('config.php'); 
if(isset($_GET['id'])) 
{ 
    $id = intval($_GET['id']); 
if(isset($_SESSION['username'])) 
{ 
    $dn1 = mysql_fetch_array(mysql_query('select count(t.id) as nb1, t.title, t.parent, c.name from topics as t, categories as c where t.id="'.$id.'" and t.id2=1 and c.id=t.parent group by t.id')); 
if($dn1['nb1']>0) 
{ 
if($_SESSION['username']==$admin) 
if($_SESSION['username']==$mod) 
{ 
?> 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
    <head> 
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
     <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" /> 
     <title>Delete a topic - <?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?> - <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> - Forum</title> 
    </head> 
    <body> 
     <div class="header"> 
      <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Forum" /></a> 
     </div> 
     <div class="content"> 
<?php 
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"')); 
$nb_new_pm = $nb_new_pm['nb_new_pm']; 
?> 
<div class="box"> 
    <div class="box_left"> 
     <a href="<?php echo $url_home; ?>">Forum Index</a> &gt; <a href="list_topics.php?parent=<?php echo $dn1['parent']; ?>"><?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?></a> &gt; <a href="read_topic.php?id=<?php echo $id; ?>"><?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?></a> &gt; Delete the topic 
    </div> 
    <div class="box_right"> 
     <a href="list_pm.php">Your messages(<?php echo $nb_new_pm; ?>)</a> - <a href="profile.php?id=<?php echo $_SESSION['userid']; ?>"><?php echo htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?></a> (<a href="login.php">Logout</a>) 
    </div> 
    <div class="clean"></div> 
</div> 
<?php 
if(isset($_POST['confirm'])) 
{ 
    if(mysql_query('delete from topics where id="'.$id.'"')) 
    { 
    ?> 
    <div class="message">The topic have successfully been deleted.<br /> 
    <a href="list_topics.php?parent=<?php echo $dn1['parent']; ?>">Go to "<?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?>"</a></div> 
    <?php 
    } 
    else 
    { 
     echo 'An error occured while deleting the topic.'; 
    } 
} 
else 
{ 
?> 
<form action="delete_topic.php?id=<?php echo $id; ?>" method="post"> 
    Are you sure you want to delete this topic? 
    <input type="hidden" name="confirm" value="true" /> 
    <input type="submit" value="Yes" /> <input type="button" value="No" onclick="javascript:history.go(-1);" /> 
</form> 
<?php 
} 
?> 
     </div> 
     <div class="foot"><a href="http://www.webestools.com/scripts_tutorials-code-source-26-simple-php-forum-script-php-forum-easy-simple-script-code-download-free-php-forum-mysql.html">Simple PHP Forum Script</a> - <a href="http://www.webestools.com/">Webestools</a></div> 
    </body> 
</html> 
<?php 
} 
else 
{ 
    echo '<h2>You don\'t have the right to delete this topic.</h2>'; 
} 
} 
else 
{ 
    echo '<h2>The topic you want to delete doesn\'t exist.</h2>'; 
} 
} 
else 
{ 
    echo '<h2>You must be logged as an administrator to access this page: <a href="login.php">Login</a> - <a href="signup.php">Sign Up</a></h2>'; 
} 
} 
else 
{ 
    echo '<h2>The ID of the topic you want to delete is not defined.</h2>'; 
} 

?>

尚未出於某種原因,$ mod組中的任何人都無法刪除主題。由於我需要版主能夠刪除主題並編輯帖子,但他們甚至無法刪除該主題,這一直讓我感到厭倦了一段時間。有什麼建議麼?這是我正在開發的一個非常重要的項目,對於我而言,我可以讓mod和管理員在兩者之間有所不同。 [順便說一句,該數據庫的信息在我的config.php文件中填寫]

來源

2014-03-13 Ian Blank

+0

如果格式化你的PHP代碼妥善它將使人們更容易幫助你。事實上,你可能也會幫助你自己。 – Tristan

回答

0

你的問題是在這裏..

if($_SESSION['username']==$admin) 
if($_SESSION['username']==$mod) 
{

發生了什麼事是,如果$管理條件不滿足,你發現自己允許刪除的塊...我想你可能想要這個,而不是

if($_SESSION['username']==$mod || $_SESSION['username']==$admin) 
{

也請開始使用mysqli,因爲mysql已被棄用。

來源

2014-03-13 04:15:58 Bryan

+0

可悲的是它沒有奏效。 –

+0

你有沒有開始見證並確保$ _SESSION變量具有你期望的內容? – Bryan

+0

和你的意思是不工作<你能看到表格或消息 – Bryan

1

理清這個問題了一個好辦法,就是讓一個字段在你的用戶(或構件)表和調用這個領域的「user_levels」,其中設置
管理員爲1,
主持人爲2,
其他成員作爲3或空或0(無論你喜歡)。
比你可以設置會話$_SESSION['user_levels']並經常檢查針對會話如下

if ($_SESSION['user_levels']==1 || $_SESSION['user_levels']==2) 
{ 
    // Grant him permission to delete the record 
} 
else 
{ 
    // tell him that he is not authorize to delete it 
}

來源

2014-03-13 04:57:47 Bangash

+0

好的...我會試試這個。謝謝 –

+0

@ user3394931如果您喜歡我的回答,請點擊答案左側的勾號接受答案。 謝謝。 – Bangash

相關問題

 相關問題