降级/升级脚本

时间:2019-07-12 08:46:09

标签: php sql mysqli

我写了一个代码来创建一个Session,并写了一个Session Arrays不同的东西,例如:用户名和等级。

然后,我编写了一个函数,用于检查“访问的个人资料名称和等级”以及“自己的名称和等级”,以确保您有足够的权力进行促销/降级。

我想知道是否有更智能的版本,或者这是我能写的最好的版本。

我想说我是PHP的新手。

代码可以正常工作。我只想要改善我的代码的想法和建议。

删除/升级按钮脚本:

<?php
        if (isset($_SESSION['besucht']) && $_SESSION['besucht'] == 1) {
            if (!empty($own_username) && $_SESSION['user-permissions']-1 == 6 || $_SESSION['user-permissions']-1 == 7) {
                if ($_SESSION['visit_user-permissions']-1 < 6 && $_SESSION['visit_user-permissions']-1 !=  $_SESSION['user-permissions']-1) {
                    echo('
                    <form action="./tools/php/demoter_promoter/index.php" method="POST">
                        <table style="width: 100%;">
                            <tr style="width: 100%;">
                                <td style="width: 50%;">
                                ');
                                if($visit_permissions-1 > 0) {
                                    echo('
                                    <button style="float: left;" title="Den Rank um 1 Degradieren" id="demoter" name="demoter" value="'.$visit_username.'">
                                        Demote
                                    </button>
                                    ');
                                }
                                echo('
                                </td>
                                <td style="width: 50%;">
                                ');
                                if($visit_permissions-1 < 5) {
                                    echo('
                                    <button style="float: right;" title="Den Rank um 1 Befördern" id="promoter" name="promoter" value="'.$visit_username.'">
                                        Promote
                                    </button>
                                    ');
                                }
                                echo('
                                </td>
                            </tr>
                        </table>
                    </form>
                    ');
                }
            }
        }
    ?>

促销功能:

<?php
    FUNCTION promote($user) {
        require('../connector/connector.php');
        $query = "SELECT * FROM `members` WHERE `username` = ?";
        $stmt = $db->prepare($query);
        $stmt->bind_param('s', $user);
        $stmt->execute();
        $result = $stmt->get_result();
        $stmt->close();
        $obj = $result->fetch_array();
        $permissions = $obj['permissions'];
        if ($permissions < 5) {
            $query = "UPDATE `members` SET `permissions` = ? WHERE `username` = '".$user."';";
            $stmt = $db->prepare($query);
            $permissions = $permissions + 1;
            $stmt->bind_param('s', $permissions);
            $stmt->execute();
            $stmt->close();
            back_to_home($db);
        }
        else {
            back_to_home($db);
        }
    }
?>

$user变量由$_SESSION['visit_user-username']设置

删除功能:

<?php
    FUNCTION demote($user) {
        require('../connector/connector.php');
        $query = "SELECT * FROM `members` WHERE `username` = ?";
        $stmt = $db->prepare($query);
        $stmt->bind_param('s', $user);
        $stmt->execute();
        $result = $stmt->get_result();
        $stmt->close();
        $obj = $result->fetch_array();
        $permissions = $obj['permissions'];
        if ($permissions != 0 && $permissions < 6) {
            $query = "UPDATE `members` SET `permissions` = ? WHERE `username` = '".$user."';";
            $stmt = $db->prepare($query);
            $permissions = $permissions - 1;
            $stmt->bind_param('s', $permissions);
            $stmt->execute();
            $stmt->close();
            back_to_home($db);
        }
        else {
            back_to_home($db);
        }
    }
?>

back_to_home功能是一个简单的功能,它可以取消所有$_SESSION['visit_user-*']的设置并发送回加注星标的页面。

---编辑---

这是我写的函数调用器:

<?php
    session_start();

    if(isset($_POST['promoter'])) {
        $user = "";
        $user = $_POST['promoter'];
        promote($user);
    }
    else {
        if(isset($_POST['demoter'])) {
            $user = "";
            $user = $_POST['demoter'];
            demote($user);
        }
        else {
            header('Location: ../../../');
            exit;
        }
    }
?>

这是我编写的“用户页面加载程序”功能:

<?php
    $value = "";
    $value = basename($_SERVER['REQUEST_URI']);
    if(isset($_SESSION['user-username']) && $value == "?logout") {
        require('./tools/php/pageloader/pages/logout.php');
    }
    else {
        $search  = '?';
        $replace = '';
        $subject = basename($_SERVER['REQUEST_URI']);
        $new_value = str_replace($search, $replace, $subject);
        $query = "SELECT * FROM `members` WHERE `username` = ?";
        $stmt = $db->prepare($query);
        $stmt->bind_param('s', $new_value);
        $stmt->execute();
        $result = $stmt->get_result();
        $stmt->close();
        $obj = $result->fetch_array();
        if ($obj['username'] != null && $obj['username'] == $new_value) {
            $_SESSION['visit_user-username'] = $obj['username'];
            $_SESSION['visit_user-e_mail'] = $obj['e_mail'];
            $_SESSION['visit_user-register_date'] = $obj['register_date'];
            $_SESSION['visit_user-last_login_date'] = $obj['last_login_date'];
            $_SESSION['visit_user-steam_id'] = $obj['steam_id'];
            $_SESSION['visit_user-permissions'] = $obj['permissions'] + 1;
            $_SESSION['visit_user-ban_status'] = $obj['banned'] + 1;
            require('./tools/php/pageloader/pages/usercheck.php');
        }
        else {
            //echo("<meta http-equiv='refresh' content='0; url=./'>");
        }
    }
?>

0 个答案:

没有答案