www.gusucode.com > PHPK留言墙仿QQ爱墙 1.1码程序 > source/admin.php

    <?php 
if(!defined('IN_LOVE')) {exit('Access Denied');}
session_start(); //要验证SESSION，看是不是管理员
if($_SESSION["admin"]!="ok")
{
	if(empty($_POST['Submit'])) 
	{
		include template('login.htm');
	} 
	else 
	{
		$username = getgpc('username');
		$password = getgpc('password');
		$seccode = getgpc('seccode');
		if(empty($username) or empty($password) or empty($seccode))
		{
			$messageid = 7;
			include template('message.htm');
			exit;
		}
		elseif(submitcheck())
		{
			$password = md5($password);
			$row_num = $db->num_rows($db->query("SELECT * FROM {$tablepre}admin where username='{$username}' AND password='{$password}'"));
			if($row_num > 0)
			{
 				$query = $db->query("SELECT username, id FROM {$tablepre}admin WHERE username='$username'");
 				$admin = $db->fetch_array($query);
 				$sql = "UPDATE {$tablepre}admin set oltime='$timestamp',lastip='$onlineip' where id='{$admin[id]}'";
				$db->query($sql);
 				$_SESSION['admin']="ok";
 				$_SESSION['adminuser']=$username;
 				$messageid = 6;
				include template('message.htm');
 				exit;
 			}
 			else
 			{
 				$messageid = 5;
				include template('message.htm');
			}
		}
		else
		{
			$messageid = 9998;
			include template('message.htm');
		}
	}
}
else
{	
	$m = getgpc('m');
	if($m=='editpass')
	{
		if(empty($_POST['Submit'])) 
		{
			$master = 1;
			include template('login.htm');
			exit;
		} 
		else 
		{
			if(submitcheck())
			{
				$pass = getgpc('pass');
				$password = getgpc('password');
				if($pass != $password)
				{
					$messageid = 8;
					include template('message.htm');
					exit;
				}
				else
				{
					$username = $_SESSION['adminuser'];
					$pass = md5($password);
					$res = $db->query("UPDATE `{$tablepre}admin` SET `password` = '$pass' WHERE `username` ='$username';");
					if($res)
					{
						$messageid = 4;
						include template('message.htm');
						exit;
					}
					else
					{
						$messageid = 9;
						include template('message.htm');
						exit;
					}
				}
			}
		}
	}
	elseif($m=='del')
	{
		$id = getgpc('id');
		$res = $db->query("DELETE FROM {$tablepre}love WHERE id = {$id}");
		if($res)
		{
			$messageid = 3;
			include template('message.htm');
  	  		exit;
		}
	}
	else
	{
		$page = getgpc('page');
		// 获取当前页数 
		if(isset($page))
		{ 
			$page = intval($page); 
		}
		else
		{ 
			$page = 1; 
		}
		$sql = "SELECT * FROM `{$tablepre}love`";
		$row = $db->num_rows($db->query($sql));
		$mpurl =$PHP_SELF.'?a=list&';
		$dispage =  page($row,$page_size,$page,$mpurl);
		$page_get_start = page_get_start($page,$page_size,$row);
		$sql = "SELECT * FROM {$tablepre}love LIMIT $page_get_start, $page_size";
		$lovelist = $db->fetch_all($sql);
		$a = 'Y/m/d H:i';
		$master = 1;
		include template('list.htm');
		$db->close();
		exit;
	}
}
?>