Home Explore Help
Register Sign In
iapt-platform
/
mint
mirror of https://github.com/iapt-platform/mint.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: 1a54d60802
Branches Tags
mint
/
app
/
group
/
member_del.php

member_del.php 3.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. <?php
    2. 

  2. require_once "../config.php";
    3. 

  3. require_once "../public/_pdo.php";
    4. 

  4. require_once '../public/function.php';
    5. 

  5. 

  6. $respond = array("status" => 0, "message" => "");
    7. 

  7. if (!isset($_COOKIE["userid"])) {
    8. 

  8.     $respond['status'] = 1;
    9. 

  9.     $respond['message'] = "尚未登录";
    10. 

  10.     echo json_encode($respond, JSON_UNESCAPED_UNICODE);
    11. 

  11.     exit;
    12. 

  12. }
    13. 

  13. if (isset($_POST["groupid"])) {
    14. 

  14.     PDO_Connect("" . _FILE_DB_GROUP_);
    15. 

  15.     $mypower = 100;
    16. 

  16.     # 先查是否有删人权限
    17. 

  17.     $query = "SELECT * from group_info where id=?";
    18. 

  18.     $fc = PDO_FetchRow($query, array($_POST["groupid"]));
    19. 

  19.     if ($fc) {
    20. 

  20.         if ($fc["parent"] == 0) {
    21. 

  21.             if ($fc["owner"] == $_COOKIE["userid"]) {
    22. 

  22.                 $mypower = 0;
    23. 

  23.             }
    24. 

  24.         } else {
    25. 

  25.             $query = "SELECT owner  from group_info where id=?";
    26. 

  26.             $g_parent = PDO_FetchRow($query, array($fc["parent"]));
    27. 

  27.             if ($g_parent && $g_parent["owner"] == $_COOKIE["userid"]) {
    28. 

  28.                 $mypower = 0;
    29. 

  29.             }
    30. 

  30.         }
    31. 

  31.     }
    32. 

  32.     if ($mypower != 0) {
    33. 

  33.         #非拥有者,看看是不是管理员
    34. 

  34.         $query = "SELECT power from group_member where user_id=? and group_id=? ";
    35. 

  35.         $power = PDO_FetchRow($query, array($_COOKIE["userid"], $_POST["groupid"]));
    36. 

  36.         if ($power) {
    37. 

  37.             $mypower = (int) $power["power"];
    38. 

  38.         }
    39. 

  39.         if ($mypower > 1) {
    40. 

  40.             $respond['status'] = 1;
    41. 

  41.             $respond['message'] = "no power to remove memeber";
    42. 

  42.             echo json_encode($respond, JSON_UNESCAPED_UNICODE);
    43. 

  43.             exit;
    44. 

  44.         }
    45. 

  45.     }
    46. 

  46. 

  47.     # 查询被删除人的权限
    48. 

  48.     $query = "SELECT power from group_member where user_id=? and group_id=? ";
    49. 

  49.     $power = PDO_FetchRow($query, array($_POST["userid"], $_POST["groupid"]));
    50. 

  50.     $userpower = 0;
    51. 

  51.     if ($power) {
    52. 

  52.         $userpower = (int) $power["power"];
    53. 

  53.     }
    54. 

  54.     #操作人的权限不足
    55. 

  55.     if ($mypower >= $userpower) {
    56. 

  56.         $respond['status'] = 1;
    57. 

  57.         $respond['message'] = "can not removed";
    58. 

  58.         echo json_encode($respond, JSON_UNESCAPED_UNICODE);
    59. 

  59.         exit;
    60. 

  60.     }
    61. 

  61. 

  62.     $query = "SELECT * from group_info where id=?";
    63. 

  63.     $fc = PDO_FetchRow($query, array($_POST["groupid"]));
    64. 

  64.     if ($fc) {
    65. 

  65.         $idList = array();
    66. 

  66.         $idList[] = $_POST["userid"];
    67. 

  67.         $idList[] = $_POST["groupid"];
    68. 

  68.         if ($fc["parent"] == 0) {
    69. 

  69.             //group
    70. 

  70.             $level = 0;
    71. 

  71.             #查询project
    72. 

  72.             $query = "SELECT id from group_info where parent=?";
    73. 

  73.             $g_project = PDO_FetchAll($query, array($_POST["groupid"]));
    74. 

  74.             foreach ($g_project as $key => $parentid) {
    75. 

  75.                 # code...
    76. 

  76.                 $idList[] = $parentid["id"];
    77. 

  77.             }
    78. 

  78.         }
    79. 

  79.     }
    80. 

  80.     #删除
    81. 

  81.     $place_holders = implode(',', array_fill(0, count($idList), '?'));
    82. 

  82.     $query = "DELETE from group_member where user_id=? and group_id IN ($place_holders)";
    83. 

  83.     PDO_Execute($query, $idList);
    84. 

  84. 

  85.     if (!$sth || ($sth && $sth->errorCode() != 0)) {
    86. 

  86.         $error = PDO_ErrorInfo();
    87. 

  87.         $respond['status'] = 1;
    88. 

  88.         $respond['message'] = $error[2];
    89. 

  89.     }
    90. 

  90. } else {
    91. 

  91.     $respond['status'] = 1;
    92. 

  92.     $respond['message'] = "参数不足";
    93. 

  93. }
    94. 

  94. echo json_encode($respond, JSON_UNESCAPED_UNICODE);
    95.