public static function answer($qid, $aid) { Security::requireLoggedIn(); $validAnswers = DB::fetchAll(DB::query("\n SELECT\n `aid`\n FROM\n `alternative`\n WHERE\n `qid`=?\n ", $qid)); $valid = false; foreach ($validAnswers as $answer) { if ($answer['aid'] == $aid) { $valid = true; } } if ($valid == false) { return; } $correct = DB::fetchField(DB::query("\n SELECT\n `correct`\n FROM\n `alternative`\n WHERE\n `qid`=?\n AND `aid`=?\n ", $qid, $aid)); DB::query("\n INSERT INTO\n `user_answer` (`uid`, `qid`, `aid`, `correct`)\n VALUES (?, ?, ?, ?)\n ", $_SESSION['uid'], $qid, $aid, $correct); $correct_answer = $correct == 0 ? DB::fetchField(DB::query("\n SELECT\n `aid`\n FROM\n `alternative`\n WHERE\n `qid`=?\n AND `correct`=?\n ", $qid, 1)) : $aid; $answer_explanation = DB::fetchField(DB::query("\n SELECT\n `answer_explanation`\n FROM\n `question`\n WHERE\n `qid`=?\n ", $qid)); return array('correct' => $correct == 1, 'answer' => $correct_answer, 'explanation' => $answer_explanation); }
public static function login($email, $password) { $_SESSION['uid'] = DB::fetchField(DB::query("\n SELECT\n `uid`\n FROM\n `user`\n WHERE\n (\n `email`=?\n OR\n `name`=?\n )\n AND `password`=?\n ", $email, $email, $password)); return self::get($_SESSION['uid']); }
public static function setModerator($gid, $uid, $moderator) { Security::requireLoggedIn(); if ($uid == $_SESSION['uid']) { return false; } $isAdmin = DB::fetchField(DB::query("\n SELECT\n COUNT(*)\n FROM\n `user_group`\n WHERE\n `gid`=?\n AND `uid`=?\n AND `administrator`=?\n ", $gid, $_SESSION['uid'], 1)); if ($isAdmin) { DB::query("\n UPDATE\n `user_group`\n SET\n `moderator`=?\n WHERE\n `gid`=?\n AND `uid`=?\n ", $moderator, $gid, $uid); return true; } return false; }
$press = $data = $db->fetchRow("SELECT * FROM press WHERE pre_id='{$id}' LIMIT 1"); } } if ($is_ok && $is_post) { $r = $to_url = $error = ''; $press = array('pre_status' => !empty($_POST['pre_status']) ? 1 : 0, 'pre_pass' => !empty($_POST['pre_pass']) ? $_POST['pre_pass'] : '', 'pre_title' => !empty($_POST['pre_title']) ? $_POST['pre_title'] : '', 'pre_content' => !empty($_POST['pre_content']) ? $_POST['pre_content'] : ''); if ($is_edit && !$data) { $error = '没有找到内容'; } elseif ($is_edit && $data['pre_status'] == $press['pre_status'] && $data['pre_pass'] == $press['pre_pass'] && $data['pre_title'] == $press['pre_title'] && $data['pre_content'] == $press['pre_content']) { $to_url = $base_url . '?a=view&p=' . $id; $r = 1; } elseif (empty($press['pre_title'])) { $error = '请填写标题'; } elseif (empty($press['pre_content'])) { $error = '请填写内容'; } elseif ($db->fetchField("SELECT pre_id FROM press WHERE pre_title='" . $db->escape($press['pre_title']) . "' " . ($is_edit ? " AND pre_id!='{$id}' " : '') . " LIMIT 1")) { $error = '标题已存在,请更换'; } else { if (!$is_edit) { $press['pre_time'] = KC_TIME; } $r = $db->update($press, 'press', $is_edit ? " WHERE pre_id='{$id}'" : ''); $to_url = $r ? $base_url . "?a=view&p=" . ($is_edit ? $id : $db->insert_id()) : ''; $error = $r ? '' : '保存失败'; } $is_json && exit(json_encode(array('s' => $r ? 1 : 0, 'url' => $to_url, 'm' => $error))); if ($to_url) { header("Location: {$to_url}"); exit; } }