<?php
require 'func/base.php';
require 'func/sql.class.php';
$sqlhelper = new func\SqlHelper();
$uname = $sqlhelper->getSql($_POST['username']);
$pwd = $sqlhelper->getSql($_POST['pwd']);
$email = $sqlhelper->getSql($_POST['email']);
$age = $sqlhelper->getSql($_POST['age']);
$role = $sqlhelper->getSql($_POST['role']);
$sql = "insert into users(name,pwd,email,tel,age,role) values('{$uname}','{$pwd}','{$email}','{$tel}',{$age},{$role})";
if ($sqlhelper->update($sql)) {
$sql = "select id,name from users where name = '{$uname}'";
$ret = $sqlhelper->query($sql);
if ($role == 1) {
$_SESSION[SESSION_UER_ID] = $ret[0]['id'];
$_SESSION[SESSION_UER_NAME] = $ret[0]['name'];
header("Location: index.php");
} else {
header("Location: index.php");
}
} else {
error_log($sqlhelper->sqlerror);
header("Location: regedit.php");
}
<?php
require 'func/base.php';
require 'func/sql.class.php';
$type = $_POST["type"];
$userid = $_SESSION[SESSION_UER_ID];
$sqlhelper = new func\SqlHelper();
if ($type == "send") {
$ruserid = $_POST["ruserid"];
$content = $_POST["content"];
$content = htmlspecialchars($content);
// 取消html特殊字符,当文本显示
$sql = "insert into chat_log(suser_id,ruser_id,content,cdate,issread,isrread) values({$userid},{$ruserid},'" . $sqlhelper->getSql($content) . "',now(),1,1)";
if ($sqlhelper->update($sql)) {
$ret = array("code" => 0, "data" => "ok");
echo json_encode($ret);
} else {
$ret = array("code" => 1, "data" => "更新错误" . $sqlhelper->sqlerror);
echo json_encode($ret);
}
} elseif ($type == "slist") {
$beg = time();
$isall = $_POST["isall"];
$isnorun = $_POST["isnorun"];
$ruserid = $_POST["ruserid"];
$users = getUserOnline($userid);
$recs = null;
$lists = null;
dojump($userid);
// 更新最近发送请求的时间
$lists = getListInfo($userid, $ruserid);
<?php
require 'func/base.php';
require 'func/sql.class.php';
$userid = $_SESSION[SESSION_UER_ID];
$sqlhelper = new func\SqlHelper();
$event = $_POST["event"];
if ($event == "loadPage") {
$name = $_POST["name"];
$tel = $_POST["tel"];
$email = $_POST["email"];
$age = $_POST["age"];
$type = $_POST["type"];
$page = (int) $_POST["page"];
$sql = " select * from users u where not exists(select 1 from usership s where s.userid = {$userid} and s._userid=u.id) and id <> {$userid} ";
if (!empty($name)) {
$sql = $sql . "and name like '%" . $sqlhelper->getSql($name) . "%'";
}
if (!empty($tel)) {
$sql = $sql . "and tel like '%" . $sqlhelper->getSql($tel) . "%'";
}
if (!empty($email)) {
$sql = $sql . "and email like '%" . $sqlhelper->getSql($email) . "%'";
}
if (!empty($age)) {
if ($age == 1) {
$sql = $sql . ' and age <=18 ';
} elseif ($age == 2) {
$sql = $sql . ' and age >18 and age <=30 ';
} elseif ($age == 3) {
$sql = $sql . ' and age >30 and age <=40 ';
<?php
require 'func/base.php';
require 'func/sql.class.php';
if (!($userid = $_SESSION[SESSION_UER_ID])) {
header("Location: login.php");
}
$username = $_SESSION[SESSION_UER_NAME];
$sql = "select * from users u where id<> {$userid} and exists(select 1 from usership s where s.userid = {$userid} and s._userid=u.id) ";
$sqlhelper = new func\SqlHelper();
$ret = $sqlhelper->query($sql);
?>
<html>
<head>
<title>首页</title>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<link rel="stylesheet" type="text/css" href="css/index.css">
<script type="text/javascript" src="js/lib/jquery.js"></script>
<script type="text/javascript" src="js/index.js"></script>
<script type="text/javascript">
$(document).ready(function() {
window.app = new APP({ruserid:-1,rusername:"",userid:<?php
echo $userid;
?>
||-1,username:'******' });
app.getListInfo();
});
</script>
<?php
require 'func/base.php';
require 'func/sql.class.php';
$sqlhelper = new func\SqlHelper();
$username = $sqlhelper->getSql($_POST['username']);
$pwd = $sqlhelper->getSql($_POST['pwd']);
$sql = "select max(id) id from users where name = '{$username}' and pwd = '{$pwd}' and role=1";
$ret = $sqlhelper->query($sql);
if ($ret && $ret[0]['id']) {
$_SESSION[SESSION_UER_NAME] = $username;
$_SESSION[SESSION_UER_ID] = $ret[0]['id'];
header("Location: index.php");
} else {
error_log($sqlhelper->sqlerror);
header("Location: login.php");
}
