我写了一个代码来创建一个Session,并写了一个Session Arrays不同的东西,例如:用户名和等级。
然后,我编写了一个函数,用于检查“访问的个人资料名称和等级”以及“自己的名称和等级”,以确保您有足够的权力进行促销/降级。
我想知道是否有更智能的版本,或者这是我能写的最好的版本。
我想说我是PHP的新手。
代码可以正常工作。我只想要改善我的代码的想法和建议。
删除/升级按钮脚本:
<?php
if (isset($_SESSION['besucht']) && $_SESSION['besucht'] == 1) {
if (!empty($own_username) && $_SESSION['user-permissions']-1 == 6 || $_SESSION['user-permissions']-1 == 7) {
if ($_SESSION['visit_user-permissions']-1 < 6 && $_SESSION['visit_user-permissions']-1 != $_SESSION['user-permissions']-1) {
echo('
<form action="./tools/php/demoter_promoter/index.php" method="POST">
<table style="width: 100%;">
<tr style="width: 100%;">
<td style="width: 50%;">
');
if($visit_permissions-1 > 0) {
echo('
<button style="float: left;" title="Den Rank um 1 Degradieren" id="demoter" name="demoter" value="'.$visit_username.'">
Demote
</button>
');
}
echo('
</td>
<td style="width: 50%;">
');
if($visit_permissions-1 < 5) {
echo('
<button style="float: right;" title="Den Rank um 1 Befördern" id="promoter" name="promoter" value="'.$visit_username.'">
Promote
</button>
');
}
echo('
</td>
</tr>
</table>
</form>
');
}
}
}
?>
促销功能:
<?php
FUNCTION promote($user) {
require('../connector/connector.php');
$query = "SELECT * FROM `members` WHERE `username` = ?";
$stmt = $db->prepare($query);
$stmt->bind_param('s', $user);
$stmt->execute();
$result = $stmt->get_result();
$stmt->close();
$obj = $result->fetch_array();
$permissions = $obj['permissions'];
if ($permissions < 5) {
$query = "UPDATE `members` SET `permissions` = ? WHERE `username` = '".$user."';";
$stmt = $db->prepare($query);
$permissions = $permissions + 1;
$stmt->bind_param('s', $permissions);
$stmt->execute();
$stmt->close();
back_to_home($db);
}
else {
back_to_home($db);
}
}
?>
$user变量由$_SESSION['visit_user-username']设置
删除功能:
<?php
FUNCTION demote($user) {
require('../connector/connector.php');
$query = "SELECT * FROM `members` WHERE `username` = ?";
$stmt = $db->prepare($query);
$stmt->bind_param('s', $user);
$stmt->execute();
$result = $stmt->get_result();
$stmt->close();
$obj = $result->fetch_array();
$permissions = $obj['permissions'];
if ($permissions != 0 && $permissions < 6) {
$query = "UPDATE `members` SET `permissions` = ? WHERE `username` = '".$user."';";
$stmt = $db->prepare($query);
$permissions = $permissions - 1;
$stmt->bind_param('s', $permissions);
$stmt->execute();
$stmt->close();
back_to_home($db);
}
else {
back_to_home($db);
}
}
?>
back_to_home功能是一个简单的功能,它可以取消所有$_SESSION['visit_user-*']的设置并发送回加注星标的页面。
---编辑---
这是我写的函数调用器:
<?php
session_start();
if(isset($_POST['promoter'])) {
$user = "";
$user = $_POST['promoter'];
promote($user);
}
else {
if(isset($_POST['demoter'])) {
$user = "";
$user = $_POST['demoter'];
demote($user);
}
else {
header('Location: ../../../');
exit;
}
}
?>
这是我编写的“用户页面加载程序”功能:
<?php
$value = "";
$value = basename($_SERVER['REQUEST_URI']);
if(isset($_SESSION['user-username']) && $value == "?logout") {
require('./tools/php/pageloader/pages/logout.php');
}
else {
$search = '?';
$replace = '';
$subject = basename($_SERVER['REQUEST_URI']);
$new_value = str_replace($search, $replace, $subject);
$query = "SELECT * FROM `members` WHERE `username` = ?";
$stmt = $db->prepare($query);
$stmt->bind_param('s', $new_value);
$stmt->execute();
$result = $stmt->get_result();
$stmt->close();
$obj = $result->fetch_array();
if ($obj['username'] != null && $obj['username'] == $new_value) {
$_SESSION['visit_user-username'] = $obj['username'];
$_SESSION['visit_user-e_mail'] = $obj['e_mail'];
$_SESSION['visit_user-register_date'] = $obj['register_date'];
$_SESSION['visit_user-last_login_date'] = $obj['last_login_date'];
$_SESSION['visit_user-steam_id'] = $obj['steam_id'];
$_SESSION['visit_user-permissions'] = $obj['permissions'] + 1;
$_SESSION['visit_user-ban_status'] = $obj['banned'] + 1;
require('./tools/php/pageloader/pages/usercheck.php');
}
else {
//echo("<meta http-equiv='refresh' content='0; url=./'>");
}
}
?>