</tr> </table> <hr size="1" width="80%" align="center" color="#000000" /> <?php //Deal with messages. if ($message == "dataerror"){ DoError(1,""); } elseif ($message == "nomatcherror"){ DoError(0,"No match found to perform action."); } elseif ($message == "loginerror"){ DoError(0,"You must be logged in as an administrator to perform this action."); } elseif ($message == "messagesuccess"){ DoError(0,"Message has been marked as unread."); } $uid = finduserid($cookie_id); //Now, let's show the messages, 10 at a time. if ($totmessagequery = mysql_query ("SELECT messageid FROM message WHERE viewed='1' AND recipient='$uid'")){ $totmessages = mysql_num_rows ($totmessagequery); } else { DoError(1,""); } if ($mid == ""){ $mid = 1; } $startfrom = (($mid * 10) - 10); $endat = 10;
<?php header('Content-Type: application/json'); include "dbconnect.php"; include "finduserid.php"; $sessionid = $con->real_escape_string($_GET['sessionid']); $memberid = $con->real_escape_string($_GET['memberid']); $groupid = $con->real_escape_string($_GET['groupid']); $type = $con->real_escape_string($_GET['type']); $response = array("status" => "failed", "description" => "some problems"); $userid = finduserid($sessionid, $con, $type); if ($userid != 0) { if ($groupid != "" || $groupid != 0 || $memberid != "" || $memberid != 0) { //เช็คว่า userid เป็น admin ในกลุ่มนั้น $sqlcheckadmin = "SELECT * FROM `has_user` WHERE `has_user`.`user_id` = '{$userid}' AND `has_user`.`role_id` = 1 AND `has_user`.`group_id` = '{$groupid}'"; $querycheckadmin = $con->query($sqlcheckadmin); if ($querycheckadmin->num_rows > 0) { //เช็คว่า memberid เป็นสถานะ member จริง $sqlcheckmember = "SELECT * FROM `has_user` WHERE (`role_id` = '2' OR `role_id` = '4' OR `role_id` = '3') AND `user_id` = '{$memberid}' AND `has_user`.`group_id` = '{$groupid}'"; $querycheckmember = $con->query($sqlcheckmember); if ($querycheckmember->num_rows > 0) { $sqlupdatestatus = "DELETE FROM `workingalert`.`has_user` WHERE `has_user`.`user_id` = '{$memberid}' "; if ($con->query($sqlupdatestatus)) { $response = array("status" => "success", "description" => "fire user success"); } else { $response = array("status" => "failed", "description" => "update database failed"); } } else { $response = array("status" => "failed", "description" => "user is not in this group"); } } else {