Exemple #1
0
    $method != 'POST' and message(-1, 'Method error');
    empty($group['allowdeleteuser']) and message(-1, '您无权删除用户');
    $u = user_read($_uid);
    empty($u) and message(-1, '用户不存在或者已经被删除。');
    $u['gid'] < 6 and message(-1, '不允许删除管理组,请先调整用户用户组。');
    $r = user_delete($_uid);
    $r === FALSE ? message(-1, '删除失败') : message(0, '删除成功');
} elseif ($action == 'banip') {
    $method != 'POST' and message(-1, 'Method error');
    $_ip = xn_urldecode(param(2));
    empty($_ip) and message(-1, 'IP 为空');
    $_ip = long2ip(ip2long($_ip));
    // 安全过滤
    $day = intval(xn_urldecode(param(3)));
    empty($group['allowbanuser']) and message(-1, '您无权禁止 IP');
    $arr = explode('.', $_ip);
    $arr[0] == '0' and message(-1, 'IP 地址不能以 0 开头。');
    $banip = banip_read_by_ip($_ip);
    if ($day == -1) {
        $r = banip_delete($banip['banid']);
    } else {
        $day == 0 and $day = 3650;
        $arr = array('ip0' => $arr[0], 'ip1' => $arr[1], 'ip2' => $arr[2], 'ip3' => $arr[3], 'uid' => $uid, 'create_date' => $time, 'uid' => $uid, 'expiry' => $time + 86400 * $day);
        if (empty($banip)) {
            $r = banip_create($arr);
        } else {
            $r = banip_update($banip['banid'], $arr);
        }
    }
    $r === FALSE ? message(-1, '操作失败') : message(0, '操作成功');
}
} elseif ($action == 'update') {
    $method != 'POST' and message(-1, 'Method error');
    $banid = param(2, 0);
    $ip0 = param('ip0', 0);
    $ip1 = param('ip1', 0);
    $ip2 = param('ip2', 0);
    $ip3 = param('ip3', 0);
    $expiry = param('expiry');
    $expiry = strtotime($expiry);
    $ip0 = mid($ip0, 0, 255);
    $ip1 = mid($ip1, 0, 255);
    $ip2 = mid($ip2, 0, 255);
    $ip3 = mid($ip3, 0, 255);
    $banip = banip_read($banid);
    if (empty($banip)) {
        $r = banip_create(array('banid' => $banid, 'ip0' => $ip0, 'ip1' => $ip1, 'ip2' => $ip2, 'ip3' => $ip3, 'expiry' => $expiry));
        $r !== FALSE ? message(0, '创建成功') : message(-1, '创建失败');
    }
    $r = banip_update($banid, array('ip0' => $ip0, 'ip1' => $ip1, 'ip2' => $ip2, 'ip3' => $ip3, 'expiry' => $expiry));
    $r !== FALSE ? message(0, '更新成功') : message(-1, '更新失败');
} elseif ($action == 'enable') {
    $method != 'POST' and message(-1, 'Method error');
    $banip_on = param('banip_on', 0);
    $r = conf_set('banip_on', $banip_on);
    $r !== FALSE ? message(0, '更新成功') : message(-1, '更新失败,请检查 conf/conf.php 是否可写!');
} elseif ($action == 'delete') {
    $method != 'POST' and message(-1, 'Method error');
    $banid = param(2, 0);
    $banip = banip_read($banid);
    empty($banip) and message(0, '已经删除');
    $r = banip_delete($banid);