<?php
/**
* 聊天室后台管理系统 – 安全修复完整版
* 修复session、mysql、ereg等已弃用函数,解决错误0022,空合并运算符、未定义的 getDBConnection()函数暂未修改
*/
// 错误报告设置
error_reporting(E_ALL);
ini_set(‘display_errors’, 1);
// 安全头设置
header(‘X-Frame-Options: DENY’);
header(‘X-Content-Type-Options: nosniff’);
header(‘Content-Type: text/html; charset=gb2312’);
session_start();
require_once(“roominc.php”);
// ==================== 安全验证 ====================
if ((isset($_SESSION[‘roomadminpass’]) && $_SESSION[‘roomadminpass’] == md5($loginpasswd)) ||
(isset($_POST[‘loginpassword’]) && $_POST[‘loginpassword’] == $loginpasswd)) {
$_SESSION[‘roomadminpass’] = md5($loginpasswd);
if (isset($_GET[‘logout’]) && $_GET[‘logout’]) {
$gologin = 1;
unset($_SESSION[‘roomadminpass’]);
session_destroy();
} else {
$gologin = 0;
}
} else {
$gologin = 1;
}
if ($gologin) {
goheader();
?>
<form method=”POST” name=”form1″ action=”roomadmin.php”>
<div align=”center”>
<table border=”0″ width=”80%” height=”200″>
<tr>
<td width=”100%” colspan=”2″ align=”center”><font color=”blue” size=”+1″>聊天室后台管理系统</font></td>
</tr>
<tr>
<td width=”45%” align=”right”>管理密码:</td>
<td width=”55%”><input type=”password” name=”loginpassword” size=”10″> (默认是”chatadmin”)<input type=”submit” value=”确定” name=”登录”></td>
</tr>
</table>
</div>
</form>
<?php
footer();
exit;
}
goheader();
// ==================== 参数处理 ====================
$port = isset($_REQUEST[‘port’]) ? intval($_REQUEST[‘port’]) : 0;
$roomid = isset($_REQUEST[‘roomid’]) ? intval($_REQUEST[‘roomid’]) : 0;
if ($roomid >= 10 || $port > 65535) {
goerror(“端口取值范围<65535,分房间号取值范围 0~9 ,请返回重新填写”);
}
if ($roomid == 0) {
$portkey = $port;
} else {
$portkey = $port * $zeroprefix + $roomid;
}
// ==================== 主界面显示 ====================
if ((!($port > 0 && (isset($_POST[‘roomid’]) || isset($_GET[‘roomid’])))) ||
(isset($_POST[‘ss’]) && $_POST[‘ss’] == “findport”)) {
?>
<script language=”javascript”>
function goadmin(ss){
if (ss == ‘newport’){
if (form1.port.value == ”){
alert(“请输入正确的端口号”);
form1.port.focus();
return false;
} else {
form1.target = “_self”;
}
} else if (ss == ‘restart’){
if (form1.port.value == ”){
alert(“请输入正确的端口号”);
form1.port.focus();
return false;
} else {
form1.target = “_blank”;
form1.roomid.value = ‘0’;
}
} else if (ss == ‘findport’ || form1.roomid.value == ”){
form1.target = “_self”;
}
return true;
}
</script>
<form method=”POST” name=”form1″ action=”roomadmin.php” onSubmit=”return goadmin(form1.ss.value)”>
<input type=”hidden” name=”act” value=”done”>
<input type=”hidden” name=”ss” value=””>
<div align=”center”>
<table border=”0″ width=”80%” height=”200″>
<tr>
<td width=”100%” colspan=”2″ align=”center”><font color=”blue” size=”+1″>聊天室后台管理系统</font></td>
</tr>
<tr>
<td colspan=”2″ align=”center”>(查询操作不填端口号则查询所有记录;新增和重启操作必须填写端口号)</td>
</tr>
<tr>
<td width=”50%” align=”right”>聊天室端口:</td>
<td width=”50%”><input type=”text” name=”port” maxlength=”4″ size=”10″> </td>
</tr>
<tr>
<td width=”50%” align=”right”>分房间号:</td>
<td width=”50%”><input type=”text” name=”roomid” maxlength=”4″ size=”10″ value=”0″>(第一个房间为0,其他子房间为1~9) </td>
</tr>
<tr>
<td colspan=”2″ align=”center”>
<input type=”submit” value=”新增” name=”tt” onClick=”javascript:form1.ss.value=’newport'”>
<input type=”submit” value=”查询” name=”tt” onClick=”javascript:form1.ss.value=’findport'”>
<input type=”submit” value=”重启” name=”tt” onClick=”javascript:form1.ss.value=’restart'”>
</td>
</tr>
</table>
</div>
</form>
<div align=”center”>
<table border=”1″ width=”50%” height=”100″>
<?php
echo “<tr><td>聊天室名</td><td>端口</td><td>分房号</td><td>状态</td><td>重配置</td><td>重启</td><td>停止</td><td>最高人限</td><td>当前人数</td><td>类型</td><td>进程号</td><td>在线列表</td><td>删除</td></tr>”;
$dbh = getDBConnection();
if ($port > 0) {
$sqlStr = “SELECT * FROM room WHERE port LIKE ‘” . mysqli_real_escape_string($dbh, $port) . “%'”;
} else {
$sqlStr = “SELECT * FROM room ORDER BY port”;
}
$rs = executeQuery($dbh, $sqlStr);
if (!$rs) {
goerror(“出错啦,请稍后再试。002”);
}
while ($row = mysqli_fetch_array($rs)) {
if ($row[“port”] > 65535) {
$roomid = $row[“port”] % $zeroprefix;
$port = floor($row[“port”] / $zeroprefix);
} else {
$roomid = 0;
$port = $row[“port”];
}
echo “<tr>
<td><a href=’roomadmin.php?port={$port}&roomid={$roomid}’>” . htmlspecialchars($row[‘roomname’]) . “</a></td>
<td>{$port}</td>
<td>{$roomid}</td>
<td><div id=’div{$port}{$roomid}’></div><script src=’statuscheck.php?port={$port}&roomid={$roomid}’ type=’text/javascript’ defer=’defer’></script></td>
<td><a href=’roomadmin.php?port={$port}&roomid={$roomid}’>重配置</a></td>
<td><a href=’roomadmin.php?act=done&ss=restart&port={$port}&roomid={$roomid}’ target=’_blank’>重启</a></td>
<td><a href=’roomadmin.php?act=done&ss=stop&port={$port}&roomid={$roomid}’ target=’_blank’>停止</a></td>
<td>” . $row[“maxnum”] . “</td>
<td>” . $row[“num”] . “</td>
<td>” . $row[“rtype”] . “</td>
<td>” . $row[“pid”] . “</td>
<td><a href=’listuser.php?port={$port}&roomid={$roomid}’ target=’_blank’>查看</a></td>
<td><a href=’roomadmin.php?act=done&ss=delete&port={$port}&roomid={$roomid}’ target=’_blank’>删除</a></td>
</tr>”;
}
mysqli_close($dbh);
?>
</table>
</div>
<?php
footer();
exit;
}
// ==================== 处理具体操作 ====================
$act = isset($_REQUEST[‘act’]) ? $_REQUEST[‘act’] : ”;
$ss = isset($_REQUEST[‘ss’]) ? $_REQUEST[‘ss’] : ”;
$dbh = getDBConnection();
// 查询房间信息
$sqlStr = “SELECT * FROM room WHERE port='” . mysqli_real_escape_string($dbh, $portkey) . “‘”;
$rs = executeQuery($dbh, $sqlStr);
if (!$rs) {
goerror(“出错啦,请稍后再试。002”);
}
$rownum = mysqli_num_rows($rs);
$row = $rownum > 0 ? mysqli_fetch_array($rs) : null;
// 查询主房间信息(用于子房间)
$sqlStr2 = “SELECT * FROM room WHERE port='” . mysqli_real_escape_string($dbh, $port) . “‘”;
$rs2 = executeQuery($dbh, $sqlStr2);
if (!$rs2) {
goerror(“出错啦,请稍后再试。003”);
}
$rownum2 = mysqli_num_rows($rs2);
$row2 = $rownum2 > 0 ? mysqli_fetch_array($rs2) : null;
// 处理不同操作类型
if ($ss == “restart”) {
if ($rownum == 0) {
goerror(“不存在该端口,请返回重新填写”);
}
?>
<form method=”post” action=”roomrestart.php”>
<input type=”hidden” name=”port” value=”<?= htmlspecialchars($port) ?>”>
<input type=”hidden” name=”userroompasswd” value=”<?= htmlspecialchars($row[“adminpasswd”]) ?>”>
<input type=”hidden” name=”roomid” value=”<?= htmlspecialchars($roomid) ?>”>
<div align=”center”>
<table border=”0″ width=”80%” height=”100″>
<tr>
<td width=”50%” align=”right”>端口号:</td>
<td width=”50%”><?= htmlspecialchars($port) ?></td>
</tr>
<tr>
<td width=”50%” align=”right”>分房间号:</td>
<td width=”50%”><?= htmlspecialchars($roomid) ?></td>
</tr>
<tr>
<td width=”50%” align=”right”>聊天室名:</td>
<td width=”50%”><?= htmlspecialchars($row[“roomname”]) ?></td>
</tr>
<tr>
<td width=”100%” colspan=”2″ align=”center”>
<input type=”submit” value=”马上重启聊天室”><br>
(注意:如果你使用了一室多房功能,那么该端口对应的主房间和所有分房间共有一个进程,它们会被同时启动)
</td>
</tr>
</table>
</div>
</form>
<?php
mysqli_close($dbh);
exit;
} elseif ($ss == “delete”) {
if ($rownum == 0) {
goerror(“不存在该端口,请返回重新填写”);
}
?>
<form method=”post” action=”roomdelete.php”>
<input type=”hidden” name=”port” value=”<?= htmlspecialchars($port) ?>”>
<input type=”hidden” name=”userroompasswd” value=”<?= htmlspecialchars($row[“adminpasswd”]) ?>”>
<input type=”hidden” name=”roomid” value=”<?= htmlspecialchars($roomid) ?>”>
<div align=”center”>
<table border=”0″ width=”80%” height=”100″>
<tr>
<td width=”50%” align=”right”>端口号:</td>
<td width=”50%”><?= htmlspecialchars($port) ?></td>
</tr>
<tr>
<td width=”50%” align=”right”>分房间号:</td>
<td width=”50%”><?= htmlspecialchars($roomid) ?></td>
</tr>
<tr>
<td width=”50%” align=”right”>聊天室名:</td>
<td width=”50%”><?= htmlspecialchars($row[“roomname”]) ?></td>
</tr>
<tr>
<td width=”100%” colspan=”2″ align=”center”><input type=”submit” value=”删除聊天室”></td>
</tr>
</table>
</div>
</form>
<?php
mysqli_close($dbh);
exit;
} elseif ($ss == “stop”) {
if ($rownum == 0) {
goerror(“不存在该端口,请返回重新填写”);
}
?>
<form method=”post” action=”roomstop.php”>
<input type=”hidden” name=”port” value=”<?= htmlspecialchars($port) ?>”>
<input type=”hidden” name=”userroompasswd” value=”<?= htmlspecialchars($row[“adminpasswd”]) ?>”>
<input type=”hidden” name=”roomid” value=”<?= htmlspecialchars($roomid) ?>”>
<div align=”center”>
<table border=”0″ width=”80%” height=”100″>
<tr>
<td width=”50%” align=”right”>端口号:</td>
<td width=”50%”><?= htmlspecialchars($port) ?></td>
</tr>
<tr>
<td width=”50%” align=”right”>分房间号:</td>
<td width=”50%”><?= htmlspecialchars($roomid) ?></td>
</tr>
<tr>
<td width=”50%” align=”right”>聊天室名:</td>
<td width=”50%”><?= htmlspecialchars($row[“roomname”]) ?></td>
</tr>
<tr>
<td width=”100%” colspan=”2″ align=”center”>
<input type=”submit” value=”停止聊天室”><br>
(注意:如果你使用了一室多房功能,那么该端口对应的主房间和所有分房间共有一个进程,它们会被同时停止)
</td>
</tr>
</table>
</div>
</form>
<?php
mysqli_close($dbh);
exit;
} elseif ($ss == “newport”) {
if ($rownum >= 1) {
goerror(“已经存在端口为 {$port},ID为{$roomid} 的房间记录,请返回重新填写”);
} else if ($roomid > 0 && $rownum2 == 0) {
goerror(“主房间不存在,请先创建主房间”);
}
} else {
if ($rownum == 0) {
goerror(“不存在端口为 {$port},ID为{$roomid} 的房间记录,请返回重新填写”);
}
}
// ==================== 处理配置更新 ====================
if ($act == “DONE”) {
// 获取并过滤所有输入参数
$roomname = isset($_POST[‘roomname’]) ? mysqli_real_escape_string($dbh, $_POST[‘roomname’]) : ”;
$maxnum = isset($_POST[‘maxnum’]) ? intval($_POST[‘maxnum’]) : 0;
$userpasswd = isset($_POST[‘userpasswd’]) ? mysqli_real_escape_string($dbh, $_POST[‘userpasswd’]) : ”;
$bodycolor = isset($_POST[‘bodycolor’]) ? mysqli_real_escape_string($dbh, $_POST[‘bodycolor’]) : ”;
$bodyurl = isset($_POST[‘bodyurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘bodyurl’]) : ”;
$bottomcolor = isset($_POST[‘bottomcolor’]) ? mysqli_real_escape_string($dbh, $_POST[‘bottomcolor’]) : ”;
$bottomurl = isset($_POST[‘bottomurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘bottomurl’]) : ”;
$topcolor = isset($_POST[‘topcolor’]) ? mysqli_real_escape_string($dbh, $_POST[‘topcolor’]) : ”;
$adnote = isset($_POST[‘adnote’]) ? mysqli_real_escape_string($dbh, $_POST[‘adnote’]) : ”;
$scripturl = isset($_POST[‘scripturl’]) ? mysqli_real_escape_string($dbh, $_POST[‘scripturl’]) : ”;
$leaveurl = isset($_POST[‘leaveurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘leaveurl’]) : ”;
$fullurl = isset($_POST[‘fullurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘fullurl’]) : ”;
$unauthurl = isset($_POST[‘unauthurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘unauthurl’]) : ”;
$headurl = isset($_POST[‘headurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘headurl’]) : ”;
$lefturl = isset($_POST[‘lefturl’]) ? mysqli_real_escape_string($dbh, $_POST[‘lefturl’]) : ”;
$righturl = isset($_POST[‘righturl’]) ? mysqli_real_escape_string($dbh, $_POST[‘righturl’]) : ”;
$footurl = isset($_POST[‘footurl’]) ? mysqli_real_escape_string($dbh, $_POST[‘footurl’]) : ”;
$headheight = isset($_POST[‘headheight’]) ? mysqli_real_escape_string($dbh, $_POST[‘headheight’]) : ”;
$leftwidth = isset($_POST[‘leftwidth’]) ? mysqli_real_escape_string($dbh, $_POST[‘leftwidth’]) : ”;
$rightwidth = isset($_POST[‘rightwidth’]) ? mysqli_real_escape_string($dbh, $_POST[‘rightwidth’]) : ”;
$footheight = isset($_POST[‘footheight’]) ? mysqli_real_escape_string($dbh, $_POST[‘footheight’]) : ”;
$welcomemsg = isset($_POST[‘welcomemsg’]) ? mysqli_real_escape_string($dbh, $_POST[‘welcomemsg’]) : ”;
$setadm = isset($_POST[‘setadm’]) ? mysqli_real_escape_string($dbh, $_POST[‘setadm’]) : ”;
$setimg = isset($_POST[‘setimg’]) ? mysqli_real_escape_string($dbh, $_POST[‘setimg’]) : ”;
$setdoor = isset($_POST[‘setdoor’]) ? mysqli_real_escape_string($dbh, $_POST[‘setdoor’]) : ”;
$setsex = isset($_POST[‘setsex’]) ? mysqli_real_escape_string($dbh, $_POST[‘setsex’]) : ”;
$admintor = isset($_POST[‘admintor’]) ? mysqli_real_escape_string($dbh, $_POST[‘admintor’]) : ”;
$channels = isset($_POST[‘channels’]) ? mysqli_real_escape_string($dbh, $_POST[‘channels’]) : ”;
$rtype = isset($_POST[‘rtype’]) ? mysqli_real_escape_string($dbh, $_POST[‘rtype’]) : ”;
$keyfile = isset($_POST[‘keyfile’]) ? mysqli_real_escape_string($dbh, $_POST[‘keyfile’]) : ”;
$bindhost = isset($_POST[‘bindhost’]) ? mysqli_real_escape_string($dbh, $_POST[‘bindhost’]) : ”;
$bindserial = isset($_POST[‘bindserial’]) ? mysqli_real_escape_string($dbh, $_POST[‘bindserial’]) : ”;
$voicemode = isset($_POST[‘voicemode’]) ? mysqli_real_escape_string($dbh, $_POST[‘voicemode’]) : ”;
$voicesamples = isset($_POST[‘voicesamples’]) ? mysqli_real_escape_string($dbh, $_POST[‘voicesamples’]) : ”;
$videorate = isset($_POST[‘videorate’]) ? mysqli_real_escape_string($dbh, $_POST[‘videorate’]) : ”;
$videoframerate = isset($_POST[‘videoframerate’]) ? mysqli_real_escape_string($dbh, $_POST[‘videoframerate’]) : ”;
$videonum = isset($_POST[‘videonum’]) ? mysqli_real_escape_string($dbh, $_POST[‘videonum’]) : ”;
$voicenum = isset($_POST[‘voicenum’]) ? mysqli_real_escape_string($dbh, $_POST[‘voicenum’]) : ”;
$adminwebport = isset($_POST[‘adminwebport’]) ? mysqli_real_escape_string($dbh, $_POST[‘adminwebport’]) : ”;
$templatedir = isset($_POST[‘templatedir’]) ? mysqli_real_escape_string($dbh, $_POST[‘templatedir’]) : ”;
$needauth = isset($_POST[‘needauth’]) ? mysqli_real_escape_string($dbh, $_POST[‘needauth’]) : ”;
$extconfig = isset($_POST[‘extconfig’]) ? mysqli_real_escape_string($dbh, $_POST[‘extconfig’]) : ”;
// 设置默认值
if ($setadm != “1”) {$setadm = “0”;}
if ($setimg != “1”) {$setimg = “0”;}
if ($setsex != “1”) {$setsex = “0”;}
if ($setdoor != “1”) {$setdoor = “0”;}
if ($unauthurl == “”) {$unauthurl = “http://”.$_SERVER[‘HTTP_HOST’];}
if ($topcolor == “”) {$topcolor = “#EFF5FE”;}
if ($bodycolor == “”) {$bodycolor = “#FFFFFF”;}
if ($bottomcolor == “”) {$bottomcolor = “#EFF5FE”;}
if ($adnote == “”) {$adnote = “<center>欢迎光临<font color=#ff0000><big>$1</big></font>! 请文明聊天,切勿发布有关色情、政治、黑客等的信息。</center>”;}
if ($voicemode == “”) {$voicemode = “SUPER”;}
if ($voicesamples == “”) {$voicesamples = “8”;}
if ($videorate == “”) {$videorate = “28”;}
if ($videoframerate == “”) {$videoframerate = “6”;}
if ($videonum == “”) {$videonum = “9”;}
if ($voicenum == “”) {$voicenum = “2”;}
if ($adminwebport == “”) {$adminwebport = “80”;}
if ($templatedir == “”) {$templatedir = “”;}
if ($needauth == “”) {$needauth = “2”;}
if ($extconfig == “”) {$extconfig = “”;}
if ($headheight == “”) {$headheight = “35”;}
if ($leftwidth == “”) {$leftwidth = “0”;}
if ($rightwidth == “”) {$rightwidth = “180”;}
if ($footheight == “”) {$footheight = “0”;}
if ($welcomemsg == “”) {$welcomemsg = “”;}
if ($usertable == “”) {$usertable = “1”;}
// 验证必填字段
if (empty($roomname)) {
goerror(“聊天室名不能为空”);
}
if (!($maxnum > 0)) {
goerror(“聊天室最高在线不是合法的整数”);
}
if ($rtype != ‘T’ && $rtype != ‘A’ && $rtype != ‘V’) {
goerror(“聊天室类型选择有误,其值必须为文字(T)/语音(A)/视频(V)。”);
}
if (empty($keyfile)) {
goerror(“KEY文件名不能为空”);
}
if (empty($bindhost)) {
goerror(“绑定域名或IP不能为空”);
}
if (empty($bindserial) || strlen($bindserial) != 20) {
goerror(“绑定域名或IP的序列号不正确”);
}
// 检查聊天室名是否重复
$sqlStr = “SELECT port FROM room WHERE roomname='” . mysqli_real_escape_string($dbh, $roomname) . “‘ AND port<>'”.$portkey.”‘”;
$rs = executeQuery($dbh, $sqlStr);
if (!$rs) {
goerror(“出错啦,请稍后再试。002”);
}
if ($row = mysqli_fetch_array($rs)) {
if ($row[‘port’] > 65535) {
$tmproomid = $row[‘port’] % $zeroprefix;
$tmpport = floor($row[‘port’] / $zeroprefix);
} else {
$tmproomid = 0;
$tmpport = $row[‘port’];
}
goerror(“该聊天室名已经被端口为 “. $tmpport .”,ID为”.$tmproomid.” 的聊天室占用,请返回重新设置”);
}
// 子房间设置继承主房间
if ($roomid > 0) {
if ($maxnum > $row2[“maxnum”]) {
goerror(“最高在线不可以超过”.$row2[“maxnum”].”,请返回重新设置”);
}
$fullurl = $row2[“fullurl”] ?: “http://”.$_SERVER[‘HTTP_HOST’];
$unauthurl = $row2[“unauthurl”] ?: “http://”.$_SERVER[‘HTTP_HOST’];
$headurl = $row2[“headurl”] ?: “about:blank”;
$lefturl = $row2[“lefturl”] ?: “about:blank”;
$righturl = $row2[“righturl”] ?: “about:blank”;
$footurl = $row2[“footurl”] ?: “about:blank”;
$headheight = $row2[“headheight”] ?: “35”;
$leftwidth = $row2[“leftwidth”] ?: “0”;
$rightwidth = $row2[“rightwidth”] ?: “180”;
$footheight = $row2[“footheight”] ?: “0”;
$welcomemsg = $row2[“welcomemsg”] ?: “”;
$setadm = $row2[“setadm”] ?: “1”;
$setimg = $row2[“setimg”] ?: “1”;
$setdoor = $row2[“setdoor”] ?: “1”;
$setsex = $row2[“setsex”] ?: “1”;
$rtype = $row2[“rtype”] ?: “”;
$keyfile = $row2[“keyfile”] ?: “”;
$bindhost = $row2[“host”] ?: “”;
$bindserial = $row2[“bindserial”] ?: “”;
$voicemode = $row2[“voicemode”] ?: “SUPER”;
$voicesamples = $row2[“voicesamples”] ?: “8”;
$videorate = $row2[“videorate”] ?: “28”;
$videoframerate = $row2[“videoframerate”] ?: “6”;
$videonum = $row2[“videonum”] ?: “9”;
$voicenum = $row2[“voicenum”] ?: “2”;
$adminwebport = $row2[“adminwebport”] ?: “80”;
$templatedir = $row2[“templatedir”] ?: “”;
$needauth = $row2[“needauth”] ?: “2”;
$extconfig = $row2[“extconfig”] ?: “”;
}
// 构建SQL语句
$fields = [
‘roomname’ => $roomname,
‘maxnum’ => $maxnum,
‘bodycolor’ => $bodycolor,
‘bodyurl’ => $bodyurl,
‘bottomcolor’ => $bottomcolor,
‘bottomurl’ => $bottomurl,
‘topcolor’ => $topcolor,
‘adnote’ => $adnote,
‘scripturl’ => $scripturl,
‘leaveurl’ => $leaveurl,
‘fullurl’ => $fullurl,
‘unauthurl’ => $unauthurl,
‘headurl’ => $headurl,
‘lefturl’ => $lefturl,
‘righturl’ => $righturl,
‘footurl’ => $footurl,
‘headheight’ => $headheight,
‘leftwidth’ => $leftwidth,
‘rightwidth’ => $rightwidth,
‘footheight’ => $footheight,
‘welcomemsg’ => $welcomemsg,
‘setadm’ => $setadm,
‘setimg’ => $setimg,
‘setdoor’ => $setdoor,
‘setsex’ => $setsex,
‘admintor’ => $admintor,
‘channels’ => $channels,
‘adminpasswd’ => $userpasswd,
‘rtype’ => $rtype,
‘port’ => $portkey,
‘host’ => $bindhost,
‘keyfile’ => $keyfile,
‘bindserial’ => $bindserial,
‘voicemode’ => $voicemode,
‘voicesamples’ => $voicesamples,
‘videorate’ => $videorate,
‘videoframerate’ => $videoframerate,
‘videonum’ => $videonum,
‘voicenum’ => $voicenum,
‘point’ => 0,
‘adminwebport’ => $adminwebport,
‘templatedir’ => $templatedir,
‘needauth’ => $needauth,
‘extconfig’ => $extconfig
];
// 使用预处理语句
$fieldNames = array_keys($fields);
$placeholders = array_fill(0, count($fields), ‘?’);
$sql = “INSERT INTO room (“.implode(‘,’, $fieldNames).”) VALUES (“.implode(‘,’, $placeholders).”)”;
$stmt = mysqli_prepare($dbh, $sql);
if (!$stmt) {
goerror(“SQL准备失败: ” . mysqli_error($dbh));
}
// 绑定参数
$types = str_repeat(‘s’, count($fields)); // 所有参数都作为字符串处理
$params = array_values($fields);
array_unshift($params, $types);
call_user_func_array([$stmt, ‘bind_param’], $params);
// 执行
if (mysqli_stmt_execute($stmt)) {
echo “<div align=’center’><h3>聊天室配置修改成功!</h3>”;
echo “<a href=’roomadmin.php?port={$port}&roomid={$roomid}’>查看修改结果</a> | “;
echo “<a href=’roomadmin.php’>返回查询主页</a></div>”;
} else {
error_log(“SQL执行错误: ” . mysqli_stmt_error($stmt));
goerror(“更新聊天室失败: ” . mysqli_stmt_error($stmt));
}
mysqli_stmt_close($stmt);
mysqli_close($dbh);
footer();
exit;
}
// ==================== 显示配置表单 ====================
if ($ss == “newport”) {
$roomname = “”;
$maxnum = “”;
$userpasswd = “”;
$bodycolor = “”;
$bodyurl = “”;
$bottomcolor = “”;
$bottomurl = “”;
$topcolor = “”;
$adnote = “”;
$scripturl = “”;
$leaveurl = “http://”.$_SERVER[‘HTTP_HOST’];
$fullurl = “http://”.$_SERVER[‘HTTP_HOST’];
$unauthurl = “http://”.$_SERVER[‘HTTP_HOST’];
$headurl = “”;
$lefturl = “”;
$righturl = “”;
$footurl = “”;
$headheight = “”;
$leftwidth = “”;
$rightwidth = “”;
$footheight = “”;
$welcomemsg = “”;
$setadm = “”;
$setimg = “”;
$setdoor = “”;
$setsex = “”;
$admintor = “”;
$channels = “”;
$rtype = “”;
$keyfile = $keyfilename;
$bindhost = $_SERVER[‘HTTP_HOST’];
$bindserial = $serial;
$voicemode = “SUPER”;
$voicesamples = “8”;
$videorate = “28”;
$videoframerate = “6”;
$videonum = “9”;
$voicenum = “2”;
$adminwebport = “80”;
$templatedir = “”;
$needauth = “2”;
$extconfig = “”;
} else {
$roomname = htmlspecialchars($row[“roomname”] ?? “”);
$maxnum = htmlspecialchars($row[“maxnum”] ?? “”);
$userpasswd = htmlspecialchars($row[“adminpasswd”] ?? “”);
$bodycolor = htmlspecialchars($row[“bodycolor”] ?? “”);
$bodyurl = htmlspecialchars($row[“bodyurl”] ?? “”);
$bottomcolor = htmlspecialchars($row[“bottomcolor”] ?? “”);
$bottomurl = htmlspecialchars($row[“bottomurl”] ?? “”);
$topcolor = htmlspecialchars($row[“topcolor”] ?? “”);
$adnote = htmlspecialchars($row[“adnote”] ?? “”);
$scripturl = htmlspecialchars($row[“scripturl”] ?? “”);
$leaveurl = htmlspecialchars($row[“leaveurl”] ?? “”);
$fullurl = htmlspecialchars($row[“fullurl”] ?? “”);
$unauthurl = htmlspecialchars($row[“unauthurl”] ?? “”);
$headurl = htmlspecialchars($row[“headurl”] ?? “”);
$lefturl = htmlspecialchars($row[“lefturl”] ?? “”);
$righturl = htmlspecialchars($row[“righturl”] ?? “”);
$footurl = htmlspecialchars($row[“footurl”] ?? “”);
$headheight = htmlspecialchars($row[“headheight”] ?? “”);
$leftwidth = htmlspecialchars($row[“leftwidth”] ?? “”);
$rightwidth = htmlspecialchars($row[“rightwidth”] ?? “”);
$footheight = htmlspecialchars($row[“footheight”] ?? “”);
$welcomemsg = htmlspecialchars($row[“welcomemsg”] ?? “”);
$setadm = htmlspecialchars($row[“setadm”] ?? “”);
$setimg = htmlspecialchars($row[“setimg”] ?? “”);
$setdoor = htmlspecialchars($row[“setdoor”] ?? “”);
$setsex = htmlspecialchars($row[“setsex”] ?? “”);
$admintor = htmlspecialchars($row[“admintor”] ?? “”);
$channels = htmlspecialchars($row[“channels”] ?? “”);
$rtype = htmlspecialchars($row[“rtype”] ?? “”);
$keyfile = htmlspecialchars($row[“keyfile”] ?? “”);
$bindhost = htmlspecialchars($row[“host”] ?? “”);
$bindserial = htmlspecialchars($row[“bindserial”] ?? “”);
$voicemode = htmlspecialchars($row[“voicemode”] ?? “”);
$voicesamples = htmlspecialchars($row[“voicesamples”] ?? “”);
$videorate = htmlspecialchars($row[“videorate”] ?? “”);
$videoframerate = htmlspecialchars($row[“videoframerate”] ?? “”);
$videonum = htmlspecialchars($row[“videonum”] ?? “”);
$voicenum = htmlspecialchars($row[“voicenum”] ?? “”);
$adminwebport = htmlspecialchars($row[“adminwebport”] ?? “”);
$templatedir = htmlspecialchars($row[“templatedir”] ?? “”);
$needauth = htmlspecialchars($row[“needauth”] ?? “”);
$extconfig = htmlspecialchars($row[“extconfig”] ?? “”);
}
// 显示表单
?>
<script language=”javascript”>
function trim(string){
return string.replace(/^\s+|\s+$/g, ”);
}
function notNull(fieldname, string){
string.value = trim(string.value);
if(string.value == “”){
alert(“请填写”+fieldname+”!”);
string.focus();
return false;
}
return true;
}
function check_url(urlname, urlobj) {
val = urlobj.value;
if ((val != “”) && (val != “链接”)) {
if ((val.indexOf(‘http://’) == -1) || (val.indexOf(‘.’) == -1)) {
alert(urlname+’ 不是正确的URL格式,请输入正确的URL格式。’);
urlobj.focus();
return false;
}
}
return true;
}
function validform(theform) {
if(notNull(“聊天室名”,theform.roomname) &&
notNull(“最高在线人数”,theform.maxnum) &&
check_url(“输入区背景图形”,theform.bottomurl) &&
check_url(“聊天区背景图形”,theform.bodyurl) &&
check_url(“离开的连接”,theform.leaveurl) &&
check_url(“非授权用户登录跳转URL”,theform.unauthurl) &&
check_url(“满员跳转URL”,theform.fullurl)) {
return true;
}
return false;
}
</script>
<form method=”post” action=”roomadmin.php” onSubmit=”return validform(this)” name=”myform”>
<input type=”hidden” name=”act” value=”DONE”>
<input type=”hidden” name=”ss” value=”<?= htmlspecialchars($ss) ?>”>
<input type=”hidden” name=”port” value=”<?= htmlspecialchars($port) ?>”>
<input type=”hidden” name=”roomid” value=”<?= htmlspecialchars($roomid) ?>”>
<div align=”center”>
<table border=”0″ width=”80%” height=”100″>
<tr>
<td colspan=”2″ height=”40″ align=”center” valign=”top”><font color=”blue”>聊天室基本配置</font></td>
</tr>
<tr>
<td width=”20%” align=”left”>端口号:</td>
<td width=”80%”><?= htmlspecialchars($port) ?></td>
</tr>
<tr>
<td width=”20%” align=”left”>端口ID:</td>
<td width=”80%”><?= htmlspecialchars($roomid) ?></td>
</tr>
<tr>
<td width=”20%” align=”left”>聊天室名:</td>
<td width=”80%”><input type=”text” name=”roomname” size=”50″ maxlength=”40″ value=”<?= $roomname ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>最高在线人数<font color=”red”>**</font>:</td>
<td width=”80%”><input type=”text” name=”maxnum” size=”10″ maxlength=”4″ value=”<?= $maxnum ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>聊天室类型<font color=”blue”>**</font>:</td>
<td width=”80%”>
文字<input type=”radio” name=”rtype” value=”T” <?= ($rtype == ‘T’) ? ‘checked’ : ” ?>>
语音<input type=”radio” name=”rtype” value=”A” <?= ($rtype == ‘A’) ? ‘checked’ : ” ?>>
视频<input type=”radio” name=”rtype” value=”V” <?= ($rtype == ‘V’) ? ‘checked’ : ” ?>>
(此选项必须与授权KEY文件名相匹配)
</td>
</tr>
<tr>
<td width=”20%” align=”left”>端口绑定主机名<font color=”red”>**</font>:</td>
<td width=”80%”><input type=”text” name=”bindhost” size=”30″ maxlength=”80″ value=”<?= $bindhost ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>主机名绑定序列号<font color=”red”>**</font>:</td>
<td width=”80%”><input type=”text” name=”bindserial” size=”30″ maxlength=”20″ value=”<?= $bindserial ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>端口授权KEY文件<font color=”red”>**</font>:</td>
<td width=”80%”><input type=”text” name=”keyfile” size=”30″ maxlength=”50″ value=”<?= $keyfile ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>用户管理密码<font color=”red”>**</font>:</td>
<td width=”80%”><input type=”text” name=”userpasswd” size=”20″ maxlength=”50″ value=”<?= $userpasswd ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>聊天区背景颜色:</td>
<td width=”80%”><input type=”text” name=”bodycolor” size=”10″ maxlength=”7″ value=”<?= $bodycolor ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>聊天区背景图形URL:</td>
<td width=”80%”><input type=”text” name=”bodyurl” size=”50″ maxlength=”255″ value=”<?= $bodyurl ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>输入区背景颜色:</td>
<td width=”80%”><input type=”text” name=”bottomcolor” size=”10″ maxlength=”7″ value=”<?= $bottomcolor ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>输入区背景图形URL:</td>
<td width=”80%”><input type=”text” name=”bottomurl” size=”50″ maxlength=”255″ value=”<?= $bottomurl ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>在线列表背景颜色:</td>
<td width=”80%”><input type=”text” name=”topcolor” size=”10″ maxlength=”7″ value=”<?= $topcolor ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>语音模式:</td>
<td width=”80%”><input type=”text” name=”voicemode” size=”10″ maxlength=”10″ value=”<?= $voicemode ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>语音质量:</td>
<td width=”80%”><input type=”text” name=”voicesamples” size=”10″ maxlength=”2″ value=”<?= $voicesamples ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>视频速率:</td>
<td width=”80%”><input type=”text” name=”videorate” size=”10″ maxlength=”3″ value=”<?= $videorate ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>视频帧速率:</td>
<td width=”80%”><input type=”text” name=”videoframerate” size=”10″ maxlength=”2″ value=”<?= $videoframerate ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>视频窗口数:</td>
<td width=”80%”><input type=”text” name=”videonum” size=”10″ maxlength=”1″ value=”<?= $videonum ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>麦克风数<font color=”blue”>**</font>:</td>
<td width=”80%”><input type=”text” name=”voicenum” size=”10″ maxlength=”1″ value=”<?= $voicenum ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>欢迎词:</td>
<td width=”80%”><input type=”text” name=”adnote” size=”50″ value=”<?= $adnote ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>聊天室脚本HTML:</td>
<td width=”80%”><input type=”text” name=”scripturl” size=”50″ value=”<?= $scripturl ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>离开的URL:</td>
<td width=”80%”><input type=”text” name=”leaveurl” size=”50″ maxlength=”255″ value=”<?= $leaveurl ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>满员跳转URL<font color=”blue”>**</font>:</td>
<td width=”80%”><input type=”text” name=”fullurl” size=”50″ maxlength=”255″ value=”<?= $fullurl ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>非授权用户登录跳转URL<font color=”blue”>**</font>:</td>
<td width=”80%”><input type=”text” name=”unauthurl” size=”50″ maxlength=”255″ value=”<?= $unauthurl ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>是否标志管理员<font color=”blue”>**</font>:</td>
<td width=”80%”>
是<input type=”radio” name=”setadm” value=”1″ <?= ($setadm == ‘1’) ? ‘checked’ : ” ?>>
否<input type=”radio” name=”setadm” value=”0″ <?= ($setadm == ‘0’) ? ‘checked’ : ” ?>>
(管理员名字后面是否加红星)
</td>
</tr>
<tr>
<td width=”20%” align=”left”>是否允许图音<font color=”blue”>**</font>:</td>
<td width=”80%”>
是<input type=”radio” name=”setimg” value=”1″ <?= ($setimg == ‘1’) ? ‘checked’ : ” ?>>
否<input type=”radio” name=”setimg” value=”0″ <?= ($setimg == ‘0’) ? ‘checked’ : ” ?>>
(是否在聊天室里允许发送图音)
</td>
</tr>
<tr>
<td width=”20%” align=”left”>是否允许关门<font color=”blue”>**</font>:</td>
<td width=”80%”>
是<input type=”radio” name=”setdoor” value=”1″ <?= ($setdoor == ‘1’) ? ‘checked’ : ” ?>>
否<input type=”radio” name=”setdoor” value=”0″ <?= ($setdoor == ‘0’) ? ‘checked’ : ” ?>>
(是否允许管理执行关门功能)
</td>
</tr>
<tr>
<td width=”20%” align=”left”>是否区分性别<font color=”blue”>**</font>:</td>
<td width=”80%”>
是<input type=”radio” name=”setsex” value=”1″ <?= ($setsex == ‘1’) ? ‘checked’ : ” ?>>
否<input type=”radio” name=”setsex” value=”0″ <?= ($setsex == ‘0’) ? ‘checked’ : ” ?>>
(聊天室里是否显示男为绿色、女为红色、保密为兰色)
</td>
</tr>
<tr>
<td width=”20%” align=”left”>管理后台端口:</td>
<td width=”80%”><input type=”text” name=”adminwebport” size=”10″ maxlength=”5″ value=”<?= $adminwebport ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left”>模板文件目录:</td>
<td width=”80%”>
<input type=”text” name=”templatedir” size=”50″ maxlength=”255″ value=”<?= $templatedir ?>”>
<select name=”templatedirselect” onchange=”document.myform.templatedir.value=this.value;”>
<option value=”” selected>选择模板</option>
<option value=””>通用聊天</option>
<option value=”vipchat”>嘉宾聊天</option>
<option value=”classroom”>网络教室</option>
</select>
</td>
</tr>
<tr>
<td width=”20%” align=”left”>是否需用户密码验证<font color=”blue”>**</font>:</td>
<td width=”80%”><input type=”text” name=”needauth” size=”50″ maxlength=”1″ value=”<?= $needauth ?>”></td>
</tr>
<tr>
<td width=”20%” align=”left” valign=”top”>附加配置项<font color=”blue”>**</font>:</td>
<td width=”80%”><textarea rows=”8″ name=”extconfig” cols=”50″><?= $extconfig ?></textarea></td>
</tr>
<tr>
<td width=”20%” align=”left” valign=”top”>房间管理员和级别:</td>
<td width=”80%”><textarea rows=”8″ name=”admintor” cols=”50″><?= $admintor ?></textarea></td>
</tr>
<tr>
<td width=”20%” align=”left” valign=”top”>快速通道设置:</td>
<td width=”80%”><textarea rows=”8″ name=”channels” cols=”50″><?= $channels ?></textarea></td>
</tr>
<tr>
<td colspan=”2″ height=”40″ align=”center” valign=”bottom”>
<input type=”submit” value=”配置修改确定” name=”s1″>
<input type=”reset” value=”重置” name=”s2″>
</td>
</tr>
<tr>
<td colspan=”2″ height=”40″ valign=”bottom”>
说明:<br>
1、关于管理员的配置,管理名、密码和级别之间用”|”分隔,如: admin|password|1 每个名字一行,注意后面不要留空格。如果管理员名字为注册的用户名,要在名字前面加上星号。级别0表示有踢名字权限;1表示有踢名字和IP权限;9表示有1级权限并有不被踢的权限。<br>
2、关于快速通道的设置,端口号和聊天室名之间用”|”分隔,如: 2000|聊天室名称 每个室一行,注意后面不要留空格。<br>
3、<font color=”red”>**</font> 标志的项表示必须填写项。<br>
4、<font color=”blue”>**</font> 标志的项表示如果有改动,需要重启聊天室进程才能生效。<br>
5、聊天室类型选项中可选择文字、语音、视频,分别用T、A、V表示。设置时必须与端口使用的相应授权KEY文件对应,KEY文件格式为<br>key_[运行IP]_[T|A|V][端口号](如格式:key_10.0.0.1_V2000 表示授权10.0.0.1主机运行的视频聊天室KEY)。
</td>
</tr>
</table>
</div>
</form>
<?php
footer();
?>
暂无评论内容