0

我在互联网上找到了这个用于添加和删除用户的脚本,并对其进行了调整以使其适合我的使用。我知道这个脚本容易受到 sql 注入的影响,并且 mysql_* 已被贬值,但就我的目的而言,这并不重要,因为它永远不会在实时环境中发布。

我无法删除任何记录。我还想删除添加用户功能,因为如果要创建新用户,他们可以使用我创建的注册页面。

以下是脚本:

<?php //admin.php
session_start();
$user = $_SESSION['username'];
include ("connection.php");

$get = mysql_query ("SELECT * FROM Users WHERE username='$user'");
while ($row = mysql_fetch_assoc($get))
{
$admin = $row['admin']; 
}

if ($admin==0)
die("Your not an ADMIN!");
?>

下一个脚本:

<?php//conection.php
$mysql_hostname = "localhost";
$mysql_user = "root";
$mysql_password = "";
$mysql_database = "ninjaz_gaming";
$prefix = "";
$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
mysql_select_db($mysql_database, $bd) or die("Could not select database");
?>

删除和更新用户脚本:

<?php//urmuser.php
include('admin.php');
include('connection.php');

if (isset($_POST['id']) &&
isset($_POST['username']) &&
isset($_POST['password']) &&
isset($_POST['email']) &&
isset($_POST['birth']) &&
isset($_POST['age']) &&
isset($_POST['ircts3']) &&
isset($_POST['game']) &&
isset($_POST['gender']) &&
isset($_POST['name']) &&
isset($_POST['admin']))

{
$id = get_post('id');
$username = get_post('username');
$password = get_post(md5('password'));
$email = get_post('email');
$birth = get_post('birth');
$age = get_post('age');
$ircts3 = get_post('ircts3');
$game = get_post('game');
$gender = get_post('gender');
$name = get_post('name');
$administrator = get_post('admin');

if (isset($_POST['delete']) && $id != "") 
{
$query = "DELETE FROM Users WHERE id='$id'";

if (!mysql_query($query, $bd))
echo "DELETE failed: $query<br />" .
mysql_error() . "<br /><br />";
}
else
{
$query = "INSERT INTO Users VALUES" .
"('$id', '$username', '$password', '$email', '$birth', '$age', '$ircts3', '$game',    '$gender', '$name'. '$administrator')";

if (!mysql_query($query, $bd))
echo "INSERT failed: $query<br />" .
mysql_error() . "<br /><br />";
}
}

echo <<<_END
<form action="urmuser.php" method="post"><pre>
Id: <input type="text" name="id" />
Username: <input type="text" name="username" />
Password: <input type="text" name="password" />
E-mail: <input type="text" name="email" />
Birth Year: <input type="text" name="birth" />
Age: <input type="text" name="age" />
IRCTS3: <input type="text" name="ircts3" />
Game: <input type="text" name="game" />
Gender: <input type="text" name="gender" />
Name: <input type="text" name="name" />
Admin: <input type="text" name="admin" />
<input type="submit" value="ADD USER" />
</pre></form>
_END;

$query = "SELECT * FROM Users";
$result = mysql_query($query);

if (!$result) die ("Database access failed: " . mysql_error());
$rows = mysql_num_rows($result);

for ($j = 0 ; $j < $rows ; ++$j)
{
$row = mysql_fetch_row($result);
echo <<<_END
<pre>
Id: $row[0]
Username: $row[1]
Password: $row[2]
Email: $row[3]
Birth: $row[4]
Age: $row[5]
IRCTS3: $row[6]
Fav Game: $row[7]
Gender: $row[8]
Name: $row[9]
Admin: $row[10]
</pre>
<form action="urmuser.php" method="post">
<input type="hidden" name="delete" value="yes" />
<input type="hidden" name="id" value="$row[0]" />
<input type="submit" value="DELETE USER" /></form>
_END;
}

mysql_close($bd);

function get_post($var)
{
return mysql_real_escape_string($_POST[$var]);
}
?>
4

2 回答 2

1

正如我在您的代码中看到的,您删除了用户,如果查询结果为真,您再次添加它。

if (isset($_POST['delete']) && $id != "") {
    ##################################
    #####YOU DELETE THE USER HERE
    ##################################
    $query = "DELETE FROM Users WHERE id='$id'";

    if (!mysql_query($query, $bd))
        echo "DELETE failed: $query<br />" .
        mysql_error() . "<br /><br />";

    }else{
        ##################################
        ##### YOU ADD THE USER AGAIN IF IT WAS DELETE
        ##################################
        $query = "INSERT INTO Users VALUES" .
        "('$id','$username','$password','$email','$birth','$age','$ircts3','$game','$gender','$name'. '$administrator')";

    if (!mysql_query($query, $bd))
        echo "INSERT failed: $query<br />" . mysql_error() . "<br /><br />";

    }
}

这样用户就永远不会被删除。

::编辑::

你可以这样做

<?php
session_start();
include ("connection.php");

// check admin part
$isAdmin = 0;
$user = $_SESSION['username'];
$sql = "SELECT * FROM Users WHERE username = '$user' AND admin = 1";
$query = mysql_query($sql,$bd)or die(mysql_error());

if(mysql_num_rows($query)>0){
    $isAdmin = 1;
}

if(isset($_GET['id'])){
    if($isAdmin == 1){
        $delete_id = mysql_real_escape_string($_GET['id']);
        $sql = "DELETE FROM Users WHERE id = '$delete_id'";
        $query = mysql_query($sql,$bd)or die(mysql_error());
        echo "User id: {$_GET['id'] deleted}";
    }else{
        echo 'You are not an admin';
    }
}

$sql = "SELECT * FROM Users ORDER BY id ASC";
$query = mysql_query($sql,$bd)or die(mysql_error());

if(mysql_num_rows($query)>0){
    while($row = mysql_fetch_array($query)){
        echo '<a href="'.$_SERVER['PHP_SELF'].'?id="'.$row['id'].'">'.$row['id'].'</a> '.$row['username'];

    }
}else{
    echo "No results in database";
}

?>
于 2013-05-12T18:31:30.080 回答
0

The code to delete a user is inside the if that checks if all the fields for a new user are set, which obviously isn't the case when deleting a user.

if (isset($_POST['id']) &&
isset($_POST['username']) &&
isset($_POST['password']) &&
isset($_POST['email']) &&
isset($_POST['birth']) &&
isset($_POST['age']) &&
isset($_POST['ircts3']) &&
isset($_POST['game']) &&
isset($_POST['gender']) &&
isset($_POST['name']) &&
isset($_POST['admin']))
{
  $id = get_post('id');
  $username = get_post('username');
  $password = get_post(md5('password'));
  $email = get_post('email');
  $birth = get_post('birth');
  $age = get_post('age');
  $ircts3 = get_post('ircts3');
  $game = get_post('game');
  $gender = get_post('gender');
  $name = get_post('name');
  $administrator = get_post('admin');
  $query = "INSERT INTO Users VALUES" .
"('$id', '$username', '$password', '$email', '$birth', '$age', '$ircts3', '$game',    '$gender', '$name'. '$administrator')";

  if (!mysql_query($query, $bd))
  echo "INSERT failed: $query<br />" .
  mysql_error() . "<br /><br />";
  }
}
else if (isset($_POST['delete']) && isset($_POST['id']) 
{
$id = intval(get_post('id'));
$query = "DELETE FROM Users WHERE id='$id'";

if (!mysql_query($query, $bd))
echo "DELETE failed: $query<br />" .
mysql_error() . "<br /><br />";
}
于 2013-05-12T18:47:48.813 回答