我目前正在尝试更新表apikey中的列users
但是当我从PHP运行查询时,似乎将等级设置为0并且根本不会改变apikey上的某些内容。
这是代码。
<?php
ob_start();
require_once('includes/db.php');
require_once('includes/init.php');
if(!($user->LoggedIn())){
header('location: login.php');
die();
}
if(!($user->isAdmin($odb))){
header('location: index.php');
}
if(!($user->notBanned($odb))){
header('location: logout.php');
die();
}
if(!isset($_GET['id'])){
header('location: index.php');
}
$id = $_GET['id'];
$SQLGetInfo = $odb->prepare("SELECT * FROM `users` WHERE `id` = :id LIMIT 1");
$SQLGetInfo->execute(array(':id' => $_GET['id']));
$userInfo = $SQLGetInfo -> fetch(PDO::FETCH_ASSOC);
$username = $userInfo['username'];
$password = $userInfo['password'];
$api = $userInfo['apikey'];
$email = $userInfo['email'];
$rank = $userInfo['rank'];
$membership = $userInfo['membership'];
$status = $userInfo['status'];
?>
<?php
if(isset($_POST['rBtn'])){
$sql = $odb->prepare("DELETE FROM `keys` WHERE `number` = :id");
$sql->execute(array(':id' => $id));
header('location: users.php');
}
if(isset($_POST['updateBtn'])){
$update = false;
if($username != $_POST['api']){
if(ctype_alnum($_POST['api']) && strlen($_POST['api']) >= 4 && strlen($_POST['api']) <= 35){
$SQL = $odb->prepare("UPDATE `apikey`.`users` SET `apikey` = :api WHERE `users`.`ID` = :id");
$SQL->execute(array(':api' => $_POST['api'], ':apikey' => $id));
$update = true;
$username = $_POST['username'];
} else {
echo '<div class="alert alert-danger"><p>Key has to be alphanumeric 4 > 35</p></div>';
}
}
if(!empty($_POST['password'])){
$SQL = $odb->prepare("UPDATE `users` SET `password` = :password WHERE `ID` = :id");
$SQL->execute(array(':password' => SHA1($_POST['password']), ':id' => $id));
$update = true;
$password = SHA1($_POST['password']);
}
if($email != $_POST['email']){
if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)){
$SQL = $odb->prepare("UPDATE `users` SET `email` = :email WHERE `ID` = :id");
$SQL->execute(array(':email' => $_POST['email'], ':id' => $id));
$update = true;
$email = $_POST['email'];
} else {
echo '<div class="alert alert-danger"><p>You entered an invalid email!</p></div>';
}
}
if($rank != $_POST['rank']){
$SQL = $odb->prepare("UPDATE `users` SET `rank` = :rank WHERE `ID` = :id");
$SQL->execute(array(':rank' => $_POST['rank'], ':id' => $id));
$update = true;
$rank = $_POST['rank'];
}
if($membership != $_POST['plan']){
if($_POST['plan'] == 0){
$SQL = $odb->prepare("UPDATE `users` SET `expire` = '0', `membership` = '0' WHERE `ID` = :id");
$SQL->execute(array(':id' => $id));
$update = true;
$membership = $_POST['plan'];
} else {
$getPlanInfo = $odb->prepare("SELECT `unit`,`length` FROM `plans` WHERE `ID` = :plan");
$getPlanInfo->execute(array(':plan' => $_POST['plan']));
$plan = $getPlanInfo->fetch(PDO::FETCH_ASSOC);
$unit = $plan['unit'];
$length = $plan['length'];
$newExpire = strtotime("+{$length} {$unit}");
$updateSQL = $odb->prepare("UPDATE `users` SET `expire` = :expire, `membership` = :plan WHERE `id` = :id");
$updateSQL->execute(array(':expire' => $newExpire, ':plan' => $_POST['plan'], ':id' => $id));
$update = true;
$membership = $_POST['plan'];
}
}
if($status != $_POST['status']){
$SQL = $odb->prepare("UPDATE `users` SET `status` = :status WHERE `ID` = :id");
$SQL->execute(array(':status' => $_POST['status'], ':id' => $id));
$update = true;
$status = $_POST['status'];
}
if($update == true){
echo '<div class="alert alert-success"><p>The key has been updated. You will be taken back to the key-manager!</p></div>';
echo '<meta http-equiv="refresh" content="2;url=edit-user-api.php">';
} else {
echo '<div class="alert alert-danger"><p>Nothing seems to have changed..</p></div>';
}
}
if(isset($_POST['clearlBtn'])){
$SQL = $odb->prepare("DELETE FROM `loginip` WHERE `username` = :username");
$SQL->execute(array(':username' => $username));
echo '<div class="alert alert-success"><p>Login logs were deleted from the account.</p></div>';
}
?>