DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
275 Commits
3 Branches
110MB
Tree: 66f402eac8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '66f402eac8'
${ noResults }
DedeV6/src/dede/sys_admin_user_edit.php

111 lines
4.6KB
Raw Blame History 

  1. <?php

  2. 

  3. /**

  4.  * 编辑系统管理员

  5.  *

  6.  * @version        $Id: sys_admin_user_edit.php 1 16:22 2010年7月20日Z tianya $

  7.  * @package        DedeBIZ.Administrator

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        https://www.dedebiz.com/license

  10.  * @link           https://www.dedebiz.com

  11.  */

  12. require_once(dirname(__FILE__) . '/config.php');

  13. CheckPurview('sys_User');

  14. require_once(DEDEINC . '/typelink.class.php');

  15. if (empty($dopost)) $dopost = '';

  16. $id = preg_replace("#[^0-9]#", '', $id);

  17. 

  18. if ($dopost == 'saveedit') {

  19.     CheckCSRF();

  20.     $pwd = trim($pwd);

  21.     if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {

  22.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符!', '-1', 0, 3000);

  23.         exit();

  24.     }

  25.     $safecodeok = substr(md5($cfg_cookie_encode . $randcode), 0, 24);

  26.     if ($safecodeok != $safecode) {

  27.         ShowMsg("请填写正确的安全验证串!", "sys_admin_user_edit.php?id={$id}&dopost=edit");

  28.         exit();

  29.     }

  30.     $pwdm = '';

  31.     if ($pwd != '') {

  32.         $pwdm = ",pwd='" . md5($pwd) . "'";

  33.         $pwd = ",pwd='" . substr(md5($pwd), 5, 20) . "'";

  34.     }

  35.     if (empty($typeids)) {

  36.         $typeid = '';

  37.     } else {

  38.         $typeid = join(',', $typeids);

  39.         if ($typeid == '0') $typeid = '';

  40.     }

  41.     if ($id != 1) {

  42.         $query = "UPDATE `#@__admin` SET uname='$uname',usertype='$usertype',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  43.     } else {

  44.         $query = "UPDATE `#@__admin` SET uname='$uname',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  45.     }

  46.     $dsql->ExecuteNoneQuery($query);

  47.     $query = "UPDATE `#@__member` SET uname='$uname',email='$email'$pwdm WHERE mid='$id'";

  48.     $dsql->ExecuteNoneQuery($query);

  49.     ShowMsg("成功更改一个帐户!", "sys_admin_user.php");

  50.     exit();

  51. } else if ($dopost == 'delete') {

  52.     if (empty($userok)) $userok = "";

  53.     if ($userok != "yes") {

  54.         $randcode = mt_rand(10000, 99999);

  55.         $safecode = substr(md5($cfg_cookie_encode . $randcode), 0, 24);

  56.         require_once(DEDEINC . "/oxwindow.class.php");

  57.         $wintitle = "删除用户";

  58.         $wecome_info = "<a href='sys_admin_user.php'>系统帐号管理</a>::删除用户";

  59.         $win = new OxWindow();

  60.         $win->Init("sys_admin_user_edit.php", "js/blank.js", "POST");

  61.         $win->AddHidden("dopost", $dopost);

  62.         $win->AddHidden("userok", "yes");

  63.         $win->AddHidden("randcode", $randcode);

  64.         $win->AddHidden("safecode", $safecode);

  65.         $win->AddHidden("id", $id);

  66.         $win->AddTitle("系统警告!");

  67.         $win->AddMsgItem("你确信要删除用户:$userid 吗?", "50");

  68.         $win->AddMsgItem("安全验证串:<input name='safecode' type='text' id='safecode' size='16' style='width:200px' />&nbsp;(复制本代码: <font color='red'>$safecode</font> )", "30");

  69.         $winform = $win->GetWindow("ok");

  70.         $win->Display();

  71.         exit();

  72.     }

  73.     $safecodeok = substr(md5($cfg_cookie_encode . $randcode), 0, 24);

  74.     if ($safecodeok != $safecode) {

  75.         ShowMsg("请填写正确的安全验证串!", "sys_admin_user.php");

  76.         exit();

  77.     }

  78. 

  79.     //不能删除id为1的创建人帐号,不能删除自己

  80.     $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__admin` WHERE id='$id' AND id<>1 AND id<>'" . $cuserLogin->getUserID() . "' ");

  81.     if ($rs > 0) {

  82.         //更新前台用户信息

  83.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt='0' WHERE mid='$id' LIMIT 1");

  84.         ShowMsg("成功删除一个帐户!", "sys_admin_user.php");

  85.     } else {

  86.         ShowMsg("不能删除id为1的创建人帐号,不能删除自己!", "sys_admin_user.php", 0, 3000);

  87.     }

  88.     exit();

  89. }

  90. 

  91. //显示用户信息

  92. $randcode = mt_rand(10000, 99999);

  93. $safecode = substr(md5($cfg_cookie_encode . $randcode), 0, 24);

  94. $typeOptions = '';

  95. $row = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id'");

  96. $typeids = explode(',', $row['typeid']);

  97. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  98. $dsql->Execute('op');

  99. 

  100. while ($nrow = $dsql->GetObject('op')) {

  101.     $typeOptions .= "<option value='{$nrow->id}' class='btype'" . (in_array($nrow->id, $typeids) ? ' selected' : '') . ">{$nrow->typename}</option>\r\n";

  102.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  103.     $dsql->Execute('s');

  104. 

  105.     while ($nrow = $dsql->GetObject('s')) {

  106.         $typeOptions .= "<option value='{$nrow->id}' class='stype'" . (in_array($nrow->id, $typeids) ? ' selected' : '') . ">—{$nrow->typename}</option>\r\n";

  107.     }

  108. }

  109. make_hash();

  110. include DedeInclude('templets/sys_admin_user_edit.htm');