Location: PHPKode > projects > Flea IM > release1.21/data/service.php
<?
require('function.php');
header("Content-type: text/xml;charset=utf-8");
$t=$_GET['t'];
$ranNum = rand(0,90000)+10000;
switch ((int)$t)
{
	case 0: 
		$email=GetSafeStr($_POST['email']);
		$pass=GetSafeStr($_POST['pass']);
		$us=$_POST['us'];
		$num=0;
		if($email==''||$pass==''){
			$num=4;
		}else{
			$where="useremail='".$email."' and userpass='".md5($pass)."'";
			$oRs=$DB->getOne("select * from user where ".$where);
			if($oRs){

				if(session_is_registered("userid"))session_unregister("userid");
				session_register("userid");
				$_SESSION['userid']=$oRs['userid'];
				if(session_is_registered("username"))session_unregister("username");
				session_register("username");
				$_SESSION['username']=$oRs['username'];
				if(session_is_registered("useremail"))session_unregister("useremail");
				session_register("useremail");
				$_SESSION['useremail']=$oRs['useremail'];
				if(session_is_registered("userpower"))session_unregister("userpower");
				session_register("userpower");
				$_SESSION['userpower']=$oRs['userpower'];
				if(session_is_registered("syscode"))session_unregister("syscode");
				session_register("syscode");
				$_SESSION['syscode']=$ranNum;
				$num=1;
				$DB->Query("update user set syscode='".$ranNum."' where ".$where);
				UpdateUserOnlineTime($_SESSION['userid']);
				UpdateUserProfile($oRs['userid'],'','','',$us);
			}else {
				$num=2;
			}
		}		
		echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
		echo "<result>\n";
		echo "<num>$num</num>\n";
		echo "<code>".(int)$ranNum."</code>\n";
		echo "</result>";
		break;
	case 1: 
		$num = $DB->getOne("select count(*) from user where useremail = '".GetSafeStr($_POST["email"])."'",true);
		echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
		echo "<result>\n";
		echo "<num>$num</num>\n";
		echo "</result>";
		break;
	case 2: 
		UpdateUserOnlineTime($_SESSION['userid']);
		UpdateUserProfile($_SESSION['userid'],'','','',7);
		$_SESSION['userid']='';
		$_SESSION['username']='';
		$_SESSION['useremail']='';
		$_SESSION['syscode']='';
		break;
	case 3: 
		$fromid = GetSafeStr($_POST["from"]);
		$toid = GetSafeStr($_POST["to"]);
		$msgcontent = GetSafeStr($_POST["content"]);
		$typeid = GetSafeStr($_POST["type"]);
		$DB->Query("insert into usermsg (fromid,toid,msgcontent,typeid,msgaddtime) values ('".$fromid."','".$toid."','".$msgcontent."','".$typeid."','".toDay."')");
		break;
	case 4: 
		$username = GetSafeStr($_POST["username"]);
		$usersign = GetSafeStr($_POST["usersign"]);
		$userface = GetSafeStr($_POST["userface"]);
		$userstatus = GetSafeStr($_POST["userstatus"]);
		UpdateUserProfile($_SESSION['userid'],$username,$usersign,$userface,$userstatus);
		break;
	case 5: 
		$toid = GetSafeStr($_POST["to"]);
		AddFriend($_SESSION['userid'],$toid) ;
		break;
	case 6: 
		$toid = GetSafeStr($_POST["to"]);
		DelFriend($_SESSION['userid'],$toid);
		break;
	case 7: 
		$toid = GetSafeStr($_POST["to"]);
		$isblock = GetSafeStr($_POST["s"]);
		$DB->Query("update userfriend set isblocked = ".$isblock." where userid = ".$_SESSION['userid']." and friendid = ".$toid);
		break;
	case 8: 
		$toid = GetSafeStr($_POST["to"]);
		$customname = GetSafeStr($_POST["n"]);
		$DB->Query("update userfriend set customname = '".$customname."' where userid = ".$_SESSION['userid']." and friendid = ".$toid);
		break;
	case 9: 
		$groupname = GetSafeStr($_POST["n"]);
		if(round($DB->getOne("select count(*) from usergroup where groupname='".$groupname."' and (userid=-1 or userid=".$_SESSION['userid'].")",true))<1){ 
			$DB->getOne("insert into usergroup (userid,groupname) values (".$_SESSION['userid'].",'".$groupname."')");
		}
		break;
	case 10: 
		$gid = GetSafeStr($_POST["id"]);
		$DB->Query("update userfriend set groupid=1 where userid = ".$_SESSION['userid']." and groupid=".$gid);
		$DB->Query("delete from usergroup where id=".$gid." and userid=".$_SESSION['userid']);
		break;
	case 11: 
		$gid = GetSafeStr($_POST["id"]);
		$groupname = GetSafeStr($_POST["n"]);
		$DB->Query("update usergroup set groupname='".$groupname."' where id=".$gid." and userid=".$_SESSION['userid']);
		break;
	case 12: 
		$id = GetSafeStr($_POST["id"]);
		$gid = GetSafeStr($_POST["gid"]);
		$DB->Query("update userfriend set groupid=".$gid." where userid = ".$_SESSION['userid']." and friendid=".$id);
		break;
}
$DB->Close();
?>
Return current item: Flea IM