国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

235 lines
11KB

  1. <?php
  2. /**
  3. * 会员管理操作
  4. *
  5. * @version $Id: member_do.php 1 13:47 2010年7月19日Z tianya $
  6. * @package DedeBIZ.Administrator
  7. * @copyright Copyright (c) 2021, DedeBIZ.COM
  8. * @license https://www.dedebiz.com/license
  9. * @link https://www.dedebiz.com
  10. */
  11. require_once(dirname(__FILE__) . "/config.php");
  12. require_once(DEDEINC . "/oxwindow.class.php");
  13. if (empty($dopost)) $dopost = '';
  14. if (empty($fmdo)) $fmdo = '';
  15. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';
  16. /*----------------
  17. function __DelMember()
  18. 删除会员
  19. ----------------*/
  20. if ($dopost == "delmember") {
  21. CheckPurview('member_Del');
  22. if ($fmdo == 'yes') {
  23. $id = preg_replace("#[^0-9]#", '', $id);
  24. $safecodeok = substr(md5($cfg_cookie_encode . $randcode), 0, 24);
  25. if ($safecodeok != $safecode) {
  26. ShowMsg("请填写正确的安全验证串!", "member_do.php?id={$id}&dopost=delmember");
  27. exit();
  28. }
  29. if (!empty($id)) {
  30. //删除用户信息
  31. $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='$id' LIMIT 1 ");
  32. $rs = 0;
  33. if ($row['matt'] == 10) {
  34. $nrow = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id' LIMIT 1 ");
  35. //已经删除关连的管理员帐号
  36. if (!is_array($nrow)) $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");
  37. } else {
  38. $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");
  39. }
  40. if ($rs > 0) {
  41. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid='$id' LIMIT 1");
  42. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid='$id' LIMIT 1");
  43. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid='$id' LIMIT 1");
  44. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid='$id' LIMIT 1");
  45. //删除用户相关数据
  46. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid='$id' ");
  47. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid='$id' ");
  48. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid='$id' ");
  49. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid='$id' Or fromid='$id' ");
  50. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid='$id' Or fid='$id' ");
  51. $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid='$id' ");
  52. $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid='$id'");
  53. } else {
  54. ShowMsg("无法删除此会员,如果这个会员是<b>[管理员]</b>,<br />必须先删除这个<b>[管理员]</b>才能删除此帐号!", $ENV_GOBACK_URL, 0, 5000);
  55. exit();
  56. }
  57. }
  58. ShowMsg("成功删除一个会员!", $ENV_GOBACK_URL);
  59. exit();
  60. }
  61. $randcode = mt_rand(10000, 99999);
  62. $safecode = substr(md5($cfg_cookie_encode . $randcode), 0, 24);
  63. $wintitle = "会员管理-删除会员";
  64. $wecome_info = "<a href='" . $ENV_GOBACK_URL . "'>会员管理</a>::删除会员";
  65. $win = new OxWindow();
  66. $win->Init("member_do.php", "js/blank.js", "POST");
  67. $win->AddHidden("fmdo", "yes");
  68. $win->AddHidden("dopost", $dopost);
  69. $win->AddHidden("id", $id);
  70. $win->AddHidden("randcode", $randcode);
  71. $win->AddHidden("safecode", $safecode);
  72. $win->AddTitle("你确实要删除(ID:" . $id . ")这个会员?");
  73. $win->AddMsgItem("安全验证串:<input name='safecode' type='text' id='safecode' size='16' style='width:200px' />&nbsp;(复制本代码: <font color='red'>$safecode</font> )", "30");
  74. $winform = $win->GetWindow("ok");
  75. $win->Display();
  76. } else if ($dopost == "delmembers") {
  77. CheckPurview('member_Del');
  78. if ($fmdo == 'yes') {
  79. $safecodeok = substr(md5($cfg_cookie_encode . $randcode), 0, 24);
  80. if ($safecodeok != $safecode) {
  81. ShowMsg("请填写正确的安全验证串!", "member_do.php?id={$id}&dopost=delmembers");
  82. exit();
  83. }
  84. if (!empty($id)) {
  85. //删除用户信息
  86. $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid IN (" . str_replace("`", ",", $id) . ") And matt<>10 ");
  87. if ($rs > 0) {
  88. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  89. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  90. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  91. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  92. //删除用户相关数据
  93. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  94. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  95. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  96. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid IN (" . str_replace("`", ",", $id) . ") Or fromid IN (" . str_replace("`", ",", $id) . ") ");
  97. $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid IN (" . str_replace("`", ",", $id) . ") Or fid IN (" . str_replace("`", ",", $id) . ") ");
  98. $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid IN (" . str_replace("`", ",", $id) . ") ");
  99. $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid IN (" . str_replace("`", ",", $id) . ")");
  100. } else {
  101. ShowMsg("无法删除此会员,如果这个会员是管理员关连的ID,<br />必须先删除这个管理员才能删除此帐号!", $ENV_GOBACK_URL, 0, 3000);
  102. exit();
  103. }
  104. }
  105. ShowMsg("成功删除这些会员!", $ENV_GOBACK_URL);
  106. exit();
  107. }
  108. $randcode = mt_rand(10000, 99999);
  109. $safecode = substr(md5($cfg_cookie_encode . $randcode), 0, 24);
  110. $wintitle = "会员管理-删除会员";
  111. $wecome_info = "<a href='" . $ENV_GOBACK_URL . "'>会员管理</a>::删除会员";
  112. $win = new OxWindow();
  113. $win->Init("member_do.php", "js/blank.js", "POST");
  114. $win->AddHidden("fmdo", "yes");
  115. $win->AddHidden("dopost", $dopost);
  116. $win->AddHidden("id", $id);
  117. $win->AddHidden("randcode", $randcode);
  118. $win->AddHidden("safecode", $safecode);
  119. $win->AddTitle("你确实要删除(ID:" . $id . ")这个会员?");
  120. $win->AddMsgItem(" 安全验证串:<input name='safecode' type='text' id='safecode' size='16' style='width:200px' /> (复制本代码: <font color='red'>$safecode</font>)", "30");
  121. $winform = $win->GetWindow("ok");
  122. $win->Display();
  123. }
  124. /*----------------
  125. function __Recommend()
  126. 推荐会员
  127. ----------------*/ else if ($dopost == "recommend") {
  128. CheckPurview('member_Edit');
  129. $id = preg_replace("#[^0-9]#", "", $id);
  130. if ($matt == 0) {
  131. $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=1 WHERE mid='$id' AND matt<>10 LIMIT 1");
  132. ShowMsg("成功设置一个会员推荐!", $ENV_GOBACK_URL);
  133. exit();
  134. } else {
  135. $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=0 WHERE mid='$id' AND matt<>10 LIMIT 1");
  136. ShowMsg("成功取消一个会员推荐!", $ENV_GOBACK_URL);
  137. exit();
  138. }
  139. }
  140. /*----------------
  141. function __EditUser()
  142. 更改会员
  143. ----------------*/ else if ($dopost == 'edituser') {
  144. CheckPurview('member_Edit');
  145. if (!isset($_POST['id'])) exit('Request Error!');
  146. $pwdsql = empty($pwd) ? '' : ",pwd='" . md5($pwd) . "'";
  147. if (empty($sex)) $sex = '男';
  148. $uptime = GetMkTime($uptime);
  149. if ($matt == 10 && $oldmatt != 10) {
  150. ShowMsg("对不起,为安全起见,不支持直接把前台会员转为管理的操作!", "-1");
  151. exit();
  152. }
  153. $query = "UPDATE `#@__member` SET
  154. email = '$email',
  155. uname = '$uname',
  156. sex = '$sex',
  157. matt = '$matt',
  158. money = '$money',
  159. scores = '$scores',
  160. rank = '$rank',
  161. spacesta='$spacesta',
  162. uptime='$uptime',
  163. exptime='$exptime'
  164. $pwdsql
  165. WHERE mid='$id' AND matt<>10 ";
  166. $rs = $dsql->ExecuteNoneQuery2($query);
  167. if ($rs == 0) {
  168. $query = "UPDATE `#@__member` SET
  169. email = '$email',
  170. uname = '$uname',
  171. sex = '$sex',
  172. money = '$money',
  173. scores = '$scores',
  174. rank = '$rank',
  175. spacesta='$spacesta',
  176. uptime='$uptime',
  177. exptime='$exptime'
  178. $pwdsql
  179. WHERE mid='$id' ";
  180. $rs = $dsql->ExecuteNoneQuery2($query);
  181. }
  182. ShowMsg('成功更改会员资料!', 'member_view.php?id=' . $id);
  183. exit();
  184. }
  185. /*--------------
  186. function __LoginCP()
  187. 登录会员的控制面板
  188. ----------*/ else if ($dopost == "memberlogin") {
  189. CheckPurview('member_Edit');
  190. PutCookie('DedeUserID', $id, 1800);
  191. PutCookie('DedeLoginTime', time(), 1800);
  192. if (empty($jumpurl)) header("location:../member/index.php");
  193. else header("location:$jumpurl");
  194. } else if ($dopost == "deoperations") {
  195. $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));
  196. $nid = explode(',', $nid);
  197. if (is_array($nid)) {
  198. foreach ($nid as $var) {
  199. $query = "DELETE FROM `#@__member_operation` WHERE aid = '$var'";
  200. $dsql->ExecuteNoneQuery($query);
  201. }
  202. ShowMsg("删除成功!", "member_operations.php");
  203. exit();
  204. }
  205. } else if ($dopost == "upoperations") {
  206. $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));
  207. $nid = explode(',', $nid);
  208. if (is_array($nid)) {
  209. foreach ($nid as $var) {
  210. $query = "UPDATE `#@__member_operation` SET sta = '1' WHERE aid = '$var'";
  211. $dsql->ExecuteNoneQuery($query);
  212. ShowMsg("设置成功!", "member_operations.php");
  213. exit();
  214. }
  215. }
  216. } else if ($dopost == "okoperations") {
  217. $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));
  218. $nid = explode(',', $nid);
  219. if (is_array($nid)) {
  220. foreach ($nid as $var) {
  221. $query = "UPDATE `#@__member_operation` SET sta = '2' WHERE aid = '$var'";
  222. $dsql->ExecuteNoneQuery($query);
  223. ShowMsg("设置成功!", "member_operations.php");
  224. exit();
  225. }
  226. }
  227. }