由于php168程序对用户组权限

heikedz · 发表于 2010-5-20 22:48:30

<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center" class="MainTable">
<tr>
<td height="100" valign="top" class="Main">
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center" class="dragTable">
<tr>
<td class="head"> 积分购买级别,从购买之日起，有效期为<b><font color="#FF0000">{$webdb[groupTime]}</font></b>天,你现在的级别是“<b><font color="#0000FF">{$ltitle[$lfjdb[groupid]]}</font></b>”
{$lfjdb[C][endtime]}</td>
</tr>
<tr>
<td class="middle">
<table width="100%" border="0" cellspacing="5" cellpadding="5">
<tr>
<td height="25">
<table width="100%" border="0" cellspacing="1" cellpadding="6">
<tr align="center">
<td width="10%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">GID</td>
<td width="41%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">用户组名称</td>
<td width="32%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">需要积分</td>
<td width="17%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">购买</td>
</tr>

<tr align="center">
<td width="10%" style="line-height:23px;">$rs[gid] </td>
<td width="41%" style="line-height:23px;">$rs[grouptitle]</td>
<td width="32%" style="line-height:23px;">$rs[levelnum]</td>
<td width="17%" style="line-height:23px;"><a href="?job=buy&gid=$rs[gid]#buy">购买</a></td>
</tr>

</table>

<a name='buy'></a>
<table width="100%" border="0" cellspacing="1" cellpadding="6"><form name="form2" method="post" action="?action=buy">
<tr>
<td style="border-bottom:1px solid #ccc;background:#F6F6F6;">你目前的{$webdb[MoneyName]}有
<img src="p_w_picpath/money.gif"> <b><font color="#0000FF">{$lfjdb[money]}</font></b>{$webdb[MoneyDW]}</td>
</tr>
<tr>
<td align="center"> 你现在的级别是“<b><font color="#0000FF">{$ltitle[$lfjdb[groupid]]}</font></b>”，{$lfjdb[C][endtime]}你要购买的级别是“{$rsdb[grouptitle]}”,需要积分“{$rsdb[levelnum]}”<br>
<input type="submit" name="Submit3" value="立即购买">
<input type="hidden" name="action" value="buy">
<input type="hidden" name="gid" value="$gid">
</td>
</tr>
<tr>
<td> </td>
</tr></form>
</table>

</td>
</tr>
</table>
</td>
</tr>
<tr>
<td class="foot">
<h3 class="L"></h3>
<h3 class="R"></h3>
</td>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center" class="dragTable" >
<tr>
<td class="head">相关信息</td>
</tr>
<tr>
<td class="middle">
<table width="100%" border="0" cellspacing="5" cellpadding="0" style="margin:10px 0 20px 5px;">
<tr>
<td style="line-height:25px;">1.购买用户级别,需要积分购买,你当前拥有的积分数是 <b><font color="#FF0000">{$lfjdb[money]}</font></b>
个 <br>
2.如果你的积分不足,你可以用金币兑换积分.<a href="money.php?job=list"><b><font color="#FF0000">立即兑换</font></b></a><br>
3.管理员不能购买级别,因为管理员的级别是最高的.</td>
</tr>
</table>
</td>
</tr><tr><td class="foot"></td></tr>
</table>
</td>
</tr>
</table>

----------------------------------------------------------------------------------------------------------------
member/buygroup.php：
---------------------------------------------------------------------------------------------------------------

<?php
require("global.php");
if(!$lfjid){
showerr("你还没登录");
}
$lfjdb[money]=get_money($lfjuid);
if($job=="buy"||$action=='buy'){
$rsdb=$db->get_one("SELECT * FROM {$pre}group WHERE gid='$gid'");
if(!$rsdb){
showerr("资料有误");
}
}
if($action=='buy')
{
if($lfjdb[groupid]==3||$lfjdb[groupid]==4){
showerr("你是管理员,不可以购买比你低的级别");
}
if($lfjdb[money]<$rsdb[levelnum]){
showerr("你的积分不足$rsdb[levelnum]");
}
$lfjdb[C][endtime]=$timestamp+$webdb[groupTime]*3600*24;
$config=addslashes(serialize($lfjdb[C]));
$db->query("UPDATE {$pre}memberdata SET config='$config',groupid='$gid' WHERE uid='$lfjuid'");
add_user($lfjuid,-$rsdb[levelnum]);
refreshto("$FROMURL","恭喜你,升级成功",1);
}
$query = $db->query("SELECT * FROM {$pre}group WHERE gptype=0 AND gid!=8");
while($rs = $db->fetch_array($query)){
$listdb[]=$rs;
}
if($lfjdb[C][endtime]&&$lfjdb[groupid]!=8){
$lfjdb[C][endtime]=date("Y-m-d",$lfjdb[C][endtime]);
$lfjdb[C][endtime]="截止日期为:{$lfjdb[C][endtime]}，";
}else{
$lfjdb[C][endtime]='';
}
require(dirname(__FILE__)."/"."head.php");
require(dirname(__FILE__)."/"."template/buygroup.htm");
require(dirname(__FILE__)."/"."foot.php");
?>

--------------------------------------------------------------------------------------------------------------------


<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center" class="MainTable">
<tr>
<td height="100" valign="top" class="Main">
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center" class="dragTable">
<tr>
<td class="head">金币购买级别,从购买之日起，有效期为<b><font color="#FF0000">{$webdb[groupTime]}</font></b>天,你现在的级别是“<b><font color="#0000FF">{$ltitle[$lfjdb[groupid]]}</font></b>”
{$lfjdb[C][endtime]}</td>
</tr>
<tr>
<td class="middle">
<table width="100%" border="0" cellspacing="5" cellpadding="5">
<tr>
<td height="25">
<table width="100%" border="0" cellspacing="1" cellpadding="6">
<tr align="center">
<td width="10%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">GID</td>
<td width="41%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">用户组名称</td>
<td width="32%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">需要金币</td>
<td width="17%" style="border-bottom:1px solid #ccc;background:#F6F6F6;line-height:21px;">购买</td>
</tr>

<tr align="center">
<td width="10%" style="line-height:23px;">$rs[gid] </td>
<td width="41%" style="line-height:23px;">$rs[grouptitle]</td>
<td width="32%" style="line-height:23px;">$rs[levelnum]</td>
<td width="17%" style="line-height:23px;"><a href="?job=buy&gid=$rs[gid]#buy">购买</a></td>
</tr>

</table>

<a name='buy'></a>
<table width="100%" border="0" cellspacing="1" cellpadding="6"><form name="form2" method="post" action="?action=buy">
<tr>
<td style="border-bottom:1px solid #ccc;background:#F6F6F6;">你目前的{$webdb[MoneyName]}有
<img src="p_w_picpath/money.gif"> <b><font color="#0000FF">{$lfjdb[money]}</font></b>{$webdb[MoneyDW]}</td>
</tr>
<tr>
<td align="center"> 你现在的级别是“<b><font color="#0000FF">{$ltitle[$lfjdb[groupid]]}</font></b>”，{$lfjdb[C][endtime]}你要购买的级别是“{$rsdb[grouptitle]}”,需要金币“{$rsdb[levelnum]}”<br>
<input type="submit" name="Submit3" value="立即购买">
<input type="hidden" name="action" value="buy">
<input type="hidden" name="gid" value="$gid">
</td>
</tr>
<tr>
<td> </td>
</tr></form>
</table>

</td>
</tr>
</table>
</td>
</tr>
<tr>
<td class="foot">
<h3 class="L"></h3>
<h3 class="R"></h3>
</td>
</tr>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center" class="dragTable" >
<tr>
<td class="head">相关信息</td>
</tr>
<tr>
<td class="middle">
<table width="100%" border="0" cellspacing="5" cellpadding="0" style="margin:10px 0 20px 5px;">
<tr>
<td style="line-height:25px;">1.购买用户级别,需要金币购买,你当前拥有的金币是 <b><font color="#FF0000">{$lfjdb[moneycard]}</font></b>
个 <br>
2.如果你的积分不足,你可以用金币兑换积分.<a href="money.php?job=list"><b><font color="#FF0000">立即兑换</font></b></a><br>
3.管理员不能购买级别,因为管理员的级别是最高的.</td>
</tr>
</table>
</td>
</tr><tr><td class="foot"></td></tr>
</table>
</td>
</tr>
</table>


##################################################################

<?php
require("global.php");
if(!$lfjid){
showerr("你还没登录");
}
$lfjdb[money]=get_money($lfjuid);
if($job=="buy"||$action=='buy'){
$rsdb=$db->get_one("SELECT * FROM {$pre}group WHERE gid='$gid'");
if(!$rsdb){
showerr("资料有误");
}
}
if($action=='buy')
{
if($lfjdb[groupid]==3||$lfjdb[groupid]==4){
showerr("你是管理员,不可以购买比你低的级别");
}
if($lfjdb[moneycard]<$rsdb[levelnum]){
showerr("你的金币不足$rsdb[levelnum]");
}
$lfjdb[C][endtime]=$timestamp+$webdb[groupTime]*3600*24;
$config=addslashes(serialize($lfjdb[C]));
$db->query("UPDATE {$pre}memberdata SET config='$config',groupid='$gid' WHERE uid='$lfjuid'");
$db->query("UPDATE {$pre}memberdata SET moneycard=moneycard-'$rsdb[levelnum]' WHERE uid='$lfjuid'");
add_user($lfjuid,$rsdb[levelnum]);
refreshto("$FROMURL","恭喜你,升级成功",1);
}
$query = $db->query("SELECT * FROM {$pre}group WHERE gptype=0 AND gid!=8");
while($rs = $db->fetch_array($query)){
$listdb[]=$rs;
}
if($lfjdb[C][endtime]&&$lfjdb[groupid]!=8){
$lfjdb[C][endtime]=date("Y-m-d",$lfjdb[C][endtime]);
$lfjdb[C][endtime]="截止日期为:{$lfjdb[C][endtime]}，";
}else{
$lfjdb[C][endtime]='';
}
require(dirname(__FILE__)."/"."head.php");
require(dirname(__FILE__)."/"."template/buygroup.htm");
require(dirname(__FILE__)."/"."foot.php");
?>

		自动登录	找回密码
密码			立即注册

[分享] 由于php168程序对用户组权限