0

我有一个相当奇怪的问题,对于我这样的人来说,无法弄清楚!

基本上,我有允许上传文档的用户,然后将其与他们的个人资料相关联。

如果用户决定删除一个文档,这里唯一被删除的是文档,而不是包含的内容,例如评论、标题等 - 就好像什么都没发生过一样 - 当然除了 - 物理文档已被删除已删除 - 但是没有 sql 条目。

mydocs.php:

if ($_SESSION['USERID'] != "" && $_SESSION['USERID'] >= 0 && is_numeric($_SESSION['USERID']))
{
    if($_REQUEST['submitdelete']!="")
    {
        $deletedoc = $_POST['deletedoc'];
        $svcount = count($deletedoc);
        for ($i = 0; $i < $svcount; $i++)
        {
            if ($deletedoc[$i] != "" && $deletedoc[$i] >= 0 && is_numeric($deletedoc[$i]))
            {       
                $query = "SELECT * FROM docs WHERE DID='".mysql_real_escape_string($deletedoc[$i])."'";
                $executequery = $conn->execute($query);
                $theuserid = $executequery->fields['USERID'];
                $doc_name = $executequery->fields['doc_name'];

                if(mysql_affected_rows()>=1)
                {                   
                    $docpath = $config['docdir']."/".$doc_name;
                    @chmod($docpath, 0777);

                    if (file_exists($docpath))
                    {
                        @unlink($docpath);
                    }

                    if($theuserid == $_SESSION['USERID'])
                    {
                        $deletefrom[] = "docs";
                        $deletefrom[] = "docs_comments";
                        $deletefrom[] = "docs_favorited";

                        for($j=0;$j < count($deletefrom);$j++)
                        {
                            $query = "DELETE FROM ".$deletefrom[$j]." WHERE DID='$deletedoc[$i]'";
                            $conn->Execute($query);
                        }

                        $tempthumbs = $config['thumbdir']."/".$deletedoc[$i].".jpg";
                        if(file_exists($tempthumbs)) 
                        {
                            @unlink($tempthumbs);
                        }

                        if ($svcount > 1)
                        {
                            $message = $lang['643'];
                        }
                        else
                        {
                            $message = $lang['644'];
                        }
                    } 
                    else
                    {
                        if ($svcount > 1)
                        {
                            $error = $lang['645'];
                        }
                        else
                        {
                            $error = $lang['646'];
                        }
                    }

                }
            }
        }
    }

mydocs.tpl:

<form id="deleteform" name="deleteform" action="{$baseurl}/mydocs.php" method="post">
                        {section name=i loop=$docs}
                        {insert name=seo_clean_titles assign=title value=a title=$docs[i].title}
                        <div class="column {if $smarty.section.i.iteration % 6 == 0}last{/if}">
                            <div class="image"><a href="{$baseurl}/doc/{$docs[i].DID}/{$title}"><img src="{$vthumburl}/{$docs[i].doc_name|truncate:-4:"":true}.jpg" alt="{$docs[i].title|stripslashes|truncate:25:"...":true}" ></a></div>
                            <h3><a href="{$baseurl}/doc/{$docs[i].DID}/{$title}">{$docs[i].title|stripslashes|truncate:17:"...":true}</a>
                            <br />{$lang485}: <input type="checkbox" name="deletedoc[]" value="{$docs[i].DID}">
                            <br /><a href="{$baseurl}/mydocsedit.php?DID={$docs[i].DID}">{$lang318}</a></h3>
                        </div>
                        {/section}  <div class="btndelete">
                        <input type="submit" value="&nbsp;" name="submitdelete"></div>
                        </form>

紧急等待解决方案/帮助。

提前谢谢了!

4

1 回答 1

1

代码没有问题。

出于某种原因,connect.php 对 sql 数据库使用了只写权限。

将其更改为所有权限,现在它可以工作了。

现在来保护它。

于 2013-11-12T10:03:44.340 回答