Changeset 59
- Timestamp:
- 06/25/05 16:41:52 (7 years ago)
- Files:
-
- trunk/soda/www/auth/user_info.php (modified) (3 diffs)
- trunk/soda/www/TODO (added)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/soda/www/auth/user_info.php
r57 r59 1 1 2 <?php 2 if (($_SESSION['CAFFEINE_ADMIN'] == true) && 3 ($_POST['op'] == "deposit")) { 4 $result = mysql_query("UPDATE users SET balance=balance+{$_POST['amount']} WHERE uid={$_POST['uid']};"); 5 $result = mysql_query("INSERT INTO moneys (time,uid_source,uid_dest,amount) VALUES (NOW(),-1,{$_POST['uid']},{$_POST['amount']});"); 3 4 preg_match("/(.*)@.*/", apache_getenv('REMOTE_USER'), $remote_user); 5 print "<!-- remote_user $remote_user[1] -->\n"; 6 7 if ($_POST['op'] == "deposit") 8 { 9 $result = mysql_query("SELECT * FROM users WHERE username='{$remote_user[1]}';"); 10 11 $remote_user = mysql_fetch_row($result); 12 if ($remote_user[15] == 't' ) 13 { 14 $result = mysql_query("UPDATE users SET balance=balance+{$_POST['amount']} WHERE uid={$_POST['uid']};"); 15 $result = mysql_query("INSERT INTO moneys (time,uid_source,uid_dest,amount) VALUES (NOW(),-1,{$_POST['uid']},{$_POST['amount']});"); 16 } 17 else 18 { 19 print "$remote_user[2] is not authorized to add money\n"; 20 } 6 21 } 7 ?>8 9 <?php10 if ($_SESSION['CAFFEINE_ADMIN'] == true)11 {12 22 ?> 13 23 <table border="0" cellspacing="5" cellpadding="5"> … … 22 32 </tr> </form> </table> 23 33 <?php 24 } 25 else 34 if ($_POST['f_user'] != "") 26 35 { 27 $f_user = $_SESSION['CAFFEINE_UNAME']; 28 } 29 if ($f_user != "") 30 { 31 $result = mysql_query("SELECT * FROM users WHERE username='$f_user';"); 32 if (mysql_num_rows($result) == 1) { 36 $result = mysql_query("SELECT * FROM users WHERE username='$_POST[f_user]';"); 37 if (mysql_num_rows($result) == 1) 38 { 33 39 $user = mysql_fetch_row($result); 34 40 ?> … … 56 62 <br> 57 63 <?php 58 if ($CAFFEINE_ADMIN != ""){64 { 59 65 ?> 60 66 <table border="0" cellspacing="5" cellpadding="5">
