堆栈内存溢出
  简体   繁体   English

我正在使用PHP建立论坛,并试图建立用户组

[英]I'm using PHP to make a forum, and trying to make usergroups

 原文  2014-03-13 03:55:06       php/ usergroups

问题描述

This is my "config.php" file: 这是我的“ config.php”文件: 

    <?php
/******************************************************
------------------Required Configuration---------------
Please edit the following variables so the forum can
work correctly.
******************************************************/

//We log to the DataBase
mysql_connect('', '', '');
mysql_select_db('');

//Username of the Administrators
$admin='Hexagon';
$mod='test1';

/******************************************************
-----------------Optional Configuration----------------
******************************************************/

//Forum Home Page
$url_home = 'index.php';

//Design Name
$design = 'default';


/******************************************************
----------------------Initialization-------------------
******************************************************/
include('init.php');
    ?>

and this is my "delete_topic.php" file: 这是我的“ delete_topic.php”文件: 

<?php
//This page let delete a topic
include('config.php');
if(isset($_GET['id']))
{
    $id = intval($_GET['id']);
if(isset($_SESSION['username']))
{
    $dn1 = mysql_fetch_array(mysql_query('select count(t.id) as nb1, t.title, t.parent, c.name from topics as t, categories as c where t.id="'.$id.'" and t.id2=1 and c.id=t.parent group by t.id'));
if($dn1['nb1']>0)
{
if($_SESSION['username']==$admin)
if($_SESSION['username']==$mod)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
        <title>Delete a topic - <?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?> - <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> - Forum</title>
    </head>
    <body>
        <div class="header">
            <a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Forum" /></a>
        </div>
        <div class="content">
<?php
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
$nb_new_pm = $nb_new_pm['nb_new_pm'];
?>
<div class="box">
    <div class="box_left">
        <a href="<?php echo $url_home; ?>">Forum Index</a> &gt; <a href="list_topics.php?parent=<?php echo $dn1['parent']; ?>"><?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?></a> &gt; <a href="read_topic.php?id=<?php echo $id; ?>"><?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?></a> &gt; Delete the topic
    </div>
    <div class="box_right">
        <a href="list_pm.php">Your messages(<?php echo $nb_new_pm; ?>)</a> - <a href="profile.php?id=<?php echo $_SESSION['userid']; ?>"><?php echo htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?></a> (<a href="login.php">Logout</a>)
    </div>
    <div class="clean"></div>
</div>
<?php
if(isset($_POST['confirm']))
{
    if(mysql_query('delete from topics where id="'.$id.'"'))
    {
    ?>
    <div class="message">The topic have successfully been deleted.<br />
    <a href="list_topics.php?parent=<?php echo $dn1['parent']; ?>">Go to "<?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?>"</a></div>
    <?php
    }
    else
    {
        echo 'An error occured while deleting the topic.';
    }
}
else
{
?>
<form action="delete_topic.php?id=<?php echo $id; ?>" method="post">
    Are you sure you want to delete this topic?
    <input type="hidden" name="confirm" value="true" />
    <input type="submit" value="Yes" /> <input type="button" value="No" onclick="javascript:history.go(-1);" />
</form>
<?php
}
?>
        </div>
        <div class="foot"><a href="http://www.webestools.com/scripts_tutorials-code-source-26-simple-php-forum-script-php-forum-easy-simple-script-code-download-free-php-forum-mysql.html">Simple PHP Forum Script</a> - <a href="http://www.webestools.com/">Webestools</a></div>
    </body>
</html>
<?php
}
else
{
    echo '<h2>You don\'t have the right to delete this topic.</h2>';
}
}
else
{
    echo '<h2>The topic you want to delete doesn\'t exist.</h2>';
}
}
else
{
    echo '<h2>You must be logged as an administrator to access this page: <a href="login.php">Login</a> - <a href="signup.php">Sign Up</a></h2>';
}
}
else
{
    echo '<h2>The ID of the topic you want to delete is not defined.</h2>';
}

?>

yet for some reason anyone in the $mod group cannot delete topics. 但是由于某些原因,$ mod组中的任何人都无法删除主题。 This has been irking me for some time, as I need moderators to be able to delete topics, and edit posts, but they can't even delete the topic. 这让我很讨厌,因为我需要主持人删除主题和编辑帖子,但他们甚至无法删除主题。 Any suggestions? 有什么建议么? This is a really big project I'm working on and it is important to me that I can have mods AND admins as to differ between the two. 这是我正在从事的一个非常大的项目,对我来说很重要的一点是,我可以拥有mods和admin,以使两者之间有所不同。 [btw, the database info is filled out in MY config.php file] [顺便说一句,数据库信息填写在MY config.php文件中]

2 个解决方案

解决方案1
 1  2014-03-13 04:57:47

A good way to sort this problem out, is to make a field in your users ( or members) table and call this field "user_levels", where set the 解决此问题的一种好方法是在用户(或成员)表中创建一个字段,并将此字段称为“ user_levels”,在其中设置
Admin as 1, 管理员为1
Moderator as 2, 主持人为2
other members as 3 or empty or 0 (whatever you like). 其他成员为3或为空或为0(随心所欲)。
Than you can set a session $_SESSION['user_levels'] and always check against that session as follows 比您可以设置会话$_SESSION['user_levels']并始终按以下方式检查该会话 

if ($_SESSION['user_levels']==1 || $_SESSION['user_levels']==2) 
{ 
   // Grant him permission to delete the record 
} 
else 
{ 
   // tell him that he is not authorize to delete it 
}

解决方案2
 0  2014-03-13 04:15:58

Your problem is here.. 您的问题在这里。 

if($_SESSION['username']==$admin)
if($_SESSION['username']==$mod)
{

What's happening is if the $admin conditional is not satisfied, you're finding yourself out of the block that allows deleting... I think you may want this instead 发生的情况是,如果不满足$ admin条件,您将发现自己已超出允许删除的范围...我想您可能希望这样做 

if($_SESSION['username']==$mod || $_SESSION['username']==$admin)
{

Also please start using mysqli as mysql is deprecated. 另外,由于不建议使用mysql,请开始使用mysqli。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我正在尝试建立一个论坛 - I'm trying to make a forum 我正在尝试使用PHP和mysql创建一个点击计数器 - I'm trying to make a click counter using PHP and mysql 我正在尝试刷新PHP变量 - I'm trying to make a PHP variable refresh PHP:试图在两个单独的字符串数组中找到一个通用的匹配文本。 主要思想:为论坛创建用户组 - PHP: Trying to find a common matching text inside two separate string arrays. Main Idea: Making usergroups for a forum 我正在尝试使一个函数(按钮)将图像上传到CodeIgniter(PHP)中的数据库。 但是我出错了 - I'm trying to make a function (button) to upload images to my database in CodeIgniter (PHP). But I'm getting an error 我正在尝试使用PHP中的GD库使图像透明,但运行以下代码,只有一部分是透明的 - I'm trying to make a image transparent using GD library from PHP but running following code, only a portion will be transparent 我正在尝试对formstack api进行php Curl调用,但我一无所获 - I'm trying to make a php Curl call to formstack api, but I get nothing 我正在尝试使用php $ _GET语句在屏幕上显示一条消息,但它们只是空白 - I'm trying to make a message appear on screen with the php $_GET statements but they're just coming up blank 我正在尝试使 php 的同一页面显示取决于从 DB 中获取的 ID - I'm trying to make same page of php shows up depends of the ID taken from DB 我正在尝试使用PHP创建一个编辑表单 - I am trying to make a Edit form Using PHP
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM