function showzx() { $zid = req('zid'); $start = req('start', 0); $perpage = req('perpage', 0); if ($start < 0) { $start = 0; } if (empty($perpage)) { $perpage = 30; } if (empty($zid)) { showjson('zid_not_exist'); } $db = MysqliDb::getInstance(); $data = $db->rawQueryOne("SELECT z.*, u.username FROM zixun z LEFT JOIN users u ON z.uid=u.uid WHERE z.zid='{$zid}'"); if ($db->count > 0) { $db->where("zid", $zid); $stats = $db->getOne("comment", "count(*) as cnt"); $data['total'] = $stats['cnt']; //if($start>=$data['total']) $start=0; $comment = $db->rawQuery("SELECT c.*,s.username FROM comment c LEFT JOIN users s ON c.uid=s.uid WHERE c.zid='{$zid}' ORDER BY c.cid LIMIT {$start},{$perpage}"); $data['count'] = $db->count; $data['comment'] = $comment; showjson('do_success', 0, array("zixun" => $data)); } showjson('show_error'); }
function login() { $password = req('password'); $username = req('username'); $db = MysqliDb::getInstance(); if ($password && $username) { $db->where('username', $username); if ($user = $db->getOne('users')) { if ($user['password'] == $password) { $auth = authcode("{$user['password']}\t{$user['uid']}", 'ENCODE'); showjson('do_success', 0, array("auth" => rawurlencode($auth))); } showjson('password_error'); } } showjson('login_error'); }
<?php require_once 'common.php'; //引入公共文件 $do = req('do'); $ac = req('ac'); //允许的方法 $acs = array('user', 'submit', 'view'); if (empty($ac) || !in_array($ac, $acs)) { showjson('error_ac'); } include_once S_ROOT . $ac . '.php'; if (function_exists($do)) { call_user_func($do); } showjson('error_do');
function checkauth() { global $_SGLOBAL; $auth = req('auth'); if ($auth) { $db = MysqliDb::getInstance(); @(list($password, $uid) = explode("\t", authcode($auth, 'DECODE'))); $_SGLOBAL['uid'] = intval($uid); if ($password && $_SGLOBAL['uid']) { $db->where('uid', $_SGLOBAL['uid']); if ($user = $db->getOne('users')) { if ($user['password'] == $password) { $_SGLOBAL['usertype'] = $user['usertype']; $_SGLOBAL['username'] = $user['username']; return; } } } } showjson('to_login'); }
function comment() { global $_SGLOBAL; checkauth(); //验证登陆 $op = req('op'); $db = MysqliDb::getInstance(); if ($op == 'add') { $setarr = array('uid' => $_SGLOBAL['uid']); $setarr['message'] = req('message'); $setarr['zid'] = req('zid', 0); if ($setarr['message'] && $setarr['zid']) { $id = $db->insert('comment', $setarr); //插入数据 if ($id) { showjson('do_success', 0, array("cid" => $id)); } showjson('submit_comment_error'); } showjson('zid_or_message_can_not_empty'); } elseif ($op == 'del') { $cid = req('cid', 0); if (empty($cid)) { showjson('non_normal_operation'); } $db->where('cid', $cid); if ($_SGLOBAL['usertype'] == 1) { //是否管理员 } else { $db->where('uid', $_SGLOBAL['uid']); } $result = $db->delete('comment'); //删除评论 if ($result) { showjson('do_success', 0); } showjson('comment_not_exist'); } }