DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
275 Commits
3 Branches
110MB
Tree: 66f402eac8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '66f402eac8'
${ noResults }
DedeV6/src/dede/member_toadmin.php

96 lines
4.2KB
Raw Blame History 

  1. <?php

  2. 

  3. /**

  4.  * 升级为管理员

  5.  *

  6.  * @version        $Id: member_toadmin.php 1 14:09 2010年7月20日Z tianya $

  7.  * @package        DedeBIZ.Administrator

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        https://www.dedebiz.com/license

  10.  * @link           https://www.dedebiz.com

  11.  */

  12. require_once(dirname(__FILE__) . "/config.php");

  13. CheckPurview('member_Edit');

  14. if (empty($dopost)) $dopost = '';

  15. if (empty($fmdo)) $fmdo = '';

  16. 

  17. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';

  18. $row = array();

  19. /*----------------

  20. function __Toadmin()

  21. 升级为管理员

  22. ----------------*/

  23. if ($dopost == "toadmin") {

  24.     $pwd = trim($pwd);

  25.     if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {

  26.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符!', '-1', 0, 3000);

  27.         exit();

  28.     }

  29.     $safecodeok = substr(md5($cfg_cookie_encode . $randcode), 0, 24);

  30.     if ($safecodeok != $safecode) {

  31.         ShowMsg("请填写正确的安全验证串!", "member_toadmin.php?id={$id}");

  32.         exit();

  33.     }

  34.     $pwdm = '';

  35.     if ($pwd != '') {

  36.         $inputpwd = ",pwd";

  37.         $inputpwdv = ",'" . substr(md5($pwd), 5, 20) . "'";

  38.         $pwdm = ",pwd='" . md5($pwd) . "'";

  39.     } else {

  40.         $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  41.         $password = $row['pwd'];

  42.         $inputpwd = ",pwd";

  43.         $pwd = substr($password, 5, 20);

  44.         $inputpwdv = ",'" . $pwd . "'";

  45.         $pwdm = ",pwd='" . $password . "'";

  46.     }

  47.     $typeids = (empty($typeids)) ? "" : $typeids;

  48.     if ($typeids == '') {

  49.         ShowMsg("请为该管理员指定管理栏目!", "member_toadmin.php?id={$id}");

  50.         exit();

  51.     }

  52.     $typeid = join(',', $typeids);

  53.     if ($typeid == '0') $typeid = '';

  54.     if ($id != 1) {

  55.         $query = "INSERT INTO `#@__admin`(id,usertype,userid$inputpwd,uname,typeid,tname,email)

  56.                     VALUES('$id','$usertype','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  57.     } else {

  58.         $query = "INSERT INTO `#@__admin`(id,userid$inputpwd,uname,typeid,tname,email)

  59.                     VALUES('$id','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  60.     }

  61.     $dsql->ExecuteNoneQuery($query);

  62.     $query = "UPDATE `#@__member` SET rank='100',uname='$uname',matt='10',email='$email'$pwdm WHERE mid='$id'";

  63.     $dsql->ExecuteNoneQuery($query);

  64.     $row = $dsql->GetOne("SELECT * FROM #@__admintype WHERE rank='$usertype'");

  65.     $floginid = $cuserLogin->getUserName();

  66.     $fromid = $cuserLogin->getUserID();

  67.     $subject = "恭喜您已经成功提升为管理员";

  68.     $message = "亲爱的会员{$userid},您已经成功提升为{$row['typename']},具体操作权限请同网站超级管理员联系。";

  69.     $sendtime = $writetime = time();

  70.     $inquery = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  71.       VALUES ('$floginid','$fromid','$id','$userid','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  72.     $dsql->ExecuteNoneQuery($inquery);

  73.     ShowMsg("成功升级一个帐户!", "member_main.php");

  74.     exit();

  75. }

  76. $id = preg_replace("#[^0-9]#", "", $id);

  77. 

  78. //显示用户信息

  79. $randcode = mt_rand(10000, 99999);

  80. $safecode = substr(md5($cfg_cookie_encode . $randcode), 0, 24);

  81. $typeOptions = '';

  82. $typeid = (empty($typeid)) ? '' : $typeid;

  83. $typeids = explode(',', $typeid);

  84. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  85. $dsql->Execute('op');

  86. while ($nrow = $dsql->GetObject('op')) {

  87.     $typeOptions .= "<option value='{$nrow->id}' class='btype'" . (in_array($nrow->id, $typeids) ? ' selected' : '') . ">{$nrow->typename}</option>\r\n";

  88.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  89.     $dsql->Execute('s');

  90.     while ($nrow = $dsql->GetObject('s')) {

  91.         $typeOptions .= "<option value='{$nrow->id}' class='stype'" . (in_array($nrow->id, $typeids) ? ' selected' : '') . ">—{$nrow->typename}</option>\r\n";

  92.     }

  93. }

  94. $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  95. include DedeInclude('templets/member_toadmin.htm');