首页 › KO技术综合区「KO. PROGRAM」 › ASP&PHP更名程序...

wxm750218 发表于 2009-1-4 17:42:56

ASP&PHP更名程序...

ASP代码<!--#include file="conn.asp"-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>人物角色名称修改</title>
<link href="css.css" rel="stylesheet" type="text/css" />
<script language="javascript">
function check1()
{
if (form1.username.value==''||form1.rusername.value==''||form1.strid.value==''||form1.psw.value=='')
{
alert('error!');
return false;
}
else
{
if(form1.rusername.value.length>10)
{
alert('太长了!');
return false;
}
else

return true;
}
}
</script>
<%
if request.Form("submit")<>"" then
strid=TRIM(Request.Form("strid"))
psw=TRIM(Request.Form("psw"))
username=TRIM(Request.Form("username"))
rusername=TRIM(Request.Form("rusername"))
if len(rusername)>10 then
Response.write("<script>alert('输入的角色名太长了！');window.history.back();</script>")
Response.End()
end if

'==========
Sql="Select * from Account_char where strAccountID='"& strid &"' and (strcharID1='"& username &"' or strcharID2='"& username &"' or strcharID3='"& username &"')"
set ors=conn.execute(Sql)
if ors.eof then
Response.write("<script>alert('输入的信息不正确！');window.history.back();</script>")
Response.End()
end if
Sql="Select * from TB_USER where strAccountid='"& strid &"' and strpasswd='"& psw &"'"
set ors=conn.execute(Sql)
if ors.eof then
Response.write("<script>alert('输入的密码不正确！');window.history.back();</script>")
Response.End()
end if

'===============
Sql="Select * from USERDATA where struserID='" & username & "'"
set ors=conn.Execute(Sql)
if ors.eof then
Response.write("<script>alert('输入的角色名有误！');window.history.back();</script>")
Response.End()
end if
if ors("knights")<>0 then
Response.write("<script>alert('该角色未退出骑士团！');window.history.back();</script>")
Response.End()
end if
ors.close
set ors=nothing
Sql="Select * from userdata where struserID='"& rusername &"'"
set ors=conn.Execute(Sql)
if not ors.eof then
Response.write("<script>alert('输入的新角色名已经存在！');window.history.back();</script>")
Response.End()
end if
ors.close
set ors=nothing

Sql="Select * from namechanges where newname='"& username &"'"
set ors=conn.Execute(Sql)
if not ors.eof then
Response.write("<script>alert('一个角色只能修改一次！');window.history.back();</script>")
Response.End()
end if
ors.close
set ors=nothing


Sql="insert into namechanges (newname)values ('"& rusername &"')"
conn.Execute(Sql)


Sql="update ACCOUNT_CHAR set strCharID1='"& rusername &"' where strCharID1='"& username &"'"
conn.execute(Sql)
Sql="update ACCOUNT_CHAR set strCharID2='"& rusername &"' where strCharID2='"& username &"'"
conn.execute(Sql)
Sql="update ACCOUNT_CHAR set strCharID3='"& rusername &"' where strCharID3='"& username &"'"
conn.execute(Sql)
Sql="update USERDATA set strUserID='"& rusername &"' where strUserID='"& username &"'"
conn.Execute(Sql)
Response.write("<script>alert('角色名修改成功！');</script>")
end if

%>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">

<tr>
<td> </td>
</tr>
<tr>
<td><form id="form1" name="form1" method="post" action="">
<table width="500" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td>帐号:</td>
<td><input name="strid" type="text" id="strid" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td>密码:</td>
<td><input name="psw" type="text" id="psw" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td>原角色名称： </td>
<td><input name="username" type="text" id="username" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td>新角色名称:</td>
<td><input name="rusername" type="text" id="rusername" /></td>
</tr>
<tr>
<td> </td>
<td>(不要含有特殊符号,修改前保证人物已经下线,并没有团)</td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="提交" /></td>
</tr>
</table>
</form></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><div align="center"></div></td>
</tr>
</table>
</body>
</html>PHP更名：<?php
include('./include/anti_inject.php');
?>
<?php
//$link=mssql_connect($servername,$dbuser,$dbpass);
//mssql_select_db($dbname,$link);
$connect = odbc_connect("$dbname", "$dbuser", "$dbpass") or die("Sql Servera baglanilamiyor, odbc_error()");
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Knightonline-角色更名系统</title>
<script language="javascript">
function check1()
{
if (form1.username.value==''||form1.rusername.value==''||form1.strid.value==''||form1.psw.value=='')
{
alert('error!');
return false;
}
else
{
if(form1.rusername.value.length>10)
{
alert('您输入的新角色名超过10个字符的限制，请重新输入!');
return false;
}
else

return true;
}
}
</script>
<?php
if($_POST["Submit"]!="")
{
$strid=trim($_POST["strid"]);
$psw=trim($_POST["psw"]);
$username=trim($_POST["username"]);
$rusername=trim($_POST["rusername"]);

$strid = test($strid);
$psw = test($psw);
$username = test($username);
$rusername = test($rusername);

if(!($strid && $psw && $username && $rusername)){
      echo "<script>alert('请不要非法注入！');</script>";
      echo '<meta http-equiv="refresh" content="0" />';
      die();
}
//必须包含中文
if(!preg_match('/[^\x00-\x80]/',$rusername)){
      echo "<script>alert('必须包含中文！');</script>";
      echo '<meta http-equiv="refresh" content="0" />';
      die();
}

if(strlen($rusername)>10)
      {
      echo "<script>alert('输入的角色名太长了！');</script>";
      echo '<meta http-equiv="refresh" content="0" />';
      die();
      }
//------------------------------------------------------------

$sql="Select * from currentuser where strACCOUNTID='".$strid."' ";

$result=odbc_exec($connect,$sql) or die("error");
$num=odbc_fetch_row($result);

if($num==true)
      {
echo "<script>alert('该帐号未退出游戏!');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();
}

//--------------------------------------------------------------------------
$sql="Select * from Account_char where strAccountID='".$strid."' and (strcharID1='".$username."' or strcharID2='".$username."' or strcharID3='".$username."')";

$result=odbc_exec($connect,$sql) or die("error");
$num=odbc_fetch_row($result);

if($num==false)
      {
echo "<script>alert('输入的信息不正确！');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();
}
$sql="Select * from TB_USER where strAccountid='".$strid."' and strpasswd='".$psw."'";

$result=odbc_exec($connect,$sql) or die("error");
$num=odbc_fetch_row($result);

if($num==false)
      {
echo "<script>alert('输入的密码不正确！');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();
      }

//===============
$sql="Select * from USERDATA where struserID='".$username."'";

$result=odbc_exec($connect,$sql) or die("error");
$num=odbc_fetch_row($result);

if($num==false)
      {
echo "<script>alert('输入的角色名有误！');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();

      }
      $knights=odbc_result($result,"knights");

if($knights!="0")
      {
echo "<script>alert('该角色未退出骑士团！');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();
      }else{


$sql="Select * from userdata where struserID='".$rusername."'";

$result=odbc_exec($connect,$sql) or die("error");
$num=odbc_fetch_row($result);

$name2=odbc_result($result,"struserID");

if($name2!="")
      {
echo "<script>alert('输入的新角色名已经存在！');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();

      }

$sql="Select * from namechanges where newname='".$username."'";
$result=odbc_exec($connect,$sql) or die("error");
$num=odbc_fetch_row($result);

if($num==true)
      {
echo "<script>alert('一个角色只能修改一次！');</script>";
echo '<meta http-equiv="refresh" content="0" />';
die();
      }
$sql="insert into namechanges (newname,oldname)values ('".$rusername."','".$username."')";
odbc_exec($connect,$sql);


$sql="update ACCOUNT_CHAR set strCharID1='".$rusername."' where strCharID1='".$username."'";
odbc_exec($connect,$sql);
$sql="update ACCOUNT_CHAR set strCharID2='".$rusername."' where strCharID2='".$username."'";
odbc_exec($connect,$sql);
$sql="update ACCOUNT_CHAR set strCharID3='".$rusername."' where strCharID3='".$username."'";
odbc_exec($connect,$sql);
$sql="update USERDATA set strUserID='".$rusername."' where strUserID='".$username."'";

odbc_exec($connect,$sql);

echo "<script>alert('角色名修改成功！');</script>";
echo '<meta http-equiv="refresh" content="0;URL=index.php" />';
die();


      }


}
?>            
<form id="form1" name="form1" method="post" action="">
      <div align="right"><strong>帐号: </strong></div>
    </div></td>
    <td width="50%"><input type="TEXT" name="strid" maxlength="12" id="strid" /></td>
</tr>
<tr>
    <td>
      <div align="right"><strong>密码 : </strong></div>
    </div></td>
    <td><input type="PASSWORD" name="psw"maxlength="21" id="psw"/></td>
</tr>
<tr>
    <td>
      <div align="right"><strong>原角色名 : </strong></div>
    </div></td>
      <td><input type="text" name="username"maxlength="10" id="username"/></td>
      </tr>
<tr>
         <td>
             <div align="right"><strong>新角色名: </strong></div>
         </div></td>
      <td><input type="text" name="rusername" maxlength="10" id="rusername" /></td>
      </tr>
<tr>
    <td> </td>
    <td><input type="submit" name="Submit" value="提交" />
      
<label>
<input type="reset" name="button" id="button" value="重置" />
</label></td>
</tr>
</FORM>
   骑士在线更名系统<br /><br />
    提示：每个角色只能更名一次，请勿做无谓的尝试，新角色名必须含有中文名称<br />
               更名前请确保：要修改名字的帐号已经下线,要更改的角色没有加入团
                           

查看完整版本: ASP&PHP更名程序...