DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
181 Commits
3 Branches
110MB
Tree: 4f686a4763
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4f686a4763'
${ noResults }
DedeV6/src/dede/sys_admin_user_edit.php

123 lines
4.6KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 编辑系统管理员

  4.  *

  5.  * @version        $Id: sys_admin_user_edit.php 1 16:22 2010年7月20日Z tianya $

  6.  * @package        DedeCMS.Administrator

  7.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__).'/config.php');

  12. CheckPurview('sys_User');

  13. require_once(DEDEINC.'/typelink.class.php');

  14. if(empty($dopost)) $dopost = '';

  15. $id = preg_replace("#[^0-9]#", '', $id);

  16. 

  17. if($dopost=='saveedit')

  18. {

  19.     CheckCSRF();

  20.     $pwd = trim($pwd);

  21.     if($pwd!='' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd))

  22.     {

  23.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符!', '-1', 0, 3000);

  24.         exit();

  25.     }

  26.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  27.     if($safecodeok != $safecode)

  28.     {

  29.         ShowMsg("请填写正确的安全验证串!", "sys_admin_user_edit.php?id={$id}&dopost=edit");

  30.         exit();

  31.     }

  32.     $pwdm = '';

  33.     if($pwd != '')

  34.     {

  35.         $pwdm = ",pwd='".md5($pwd)."'";

  36.         $pwd = ",pwd='".substr(md5($pwd), 5, 20)."'";

  37.     }

  38.     if(empty($typeids))

  39.     {

  40.         $typeid = '';

  41.     } else {

  42.         $typeid = join(',', $typeids);

  43.         if($typeid=='0') $typeid = '';

  44.     }

  45.     if($id!=1){

  46.         $query = "UPDATE `#@__admin` SET uname='$uname',usertype='$usertype',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  47.     }else{

  48.         $query = "UPDATE `#@__admin` SET uname='$uname',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  49.     }

  50.     $dsql->ExecuteNoneQuery($query);

  51.     $query = "UPDATE `#@__member` SET uname='$uname',email='$email'$pwdm WHERE mid='$id'";

  52.     $dsql->ExecuteNoneQuery($query);

  53.     ShowMsg("成功更改一个帐户!", "sys_admin_user.php");

  54.     exit();

  55. }

  56. else if($dopost=='delete')

  57. {

  58.     if(empty($userok)) $userok="";

  59.     if($userok!="yes")

  60.     {

  61.         $randcode = mt_rand(10000, 99999);

  62.         $safecode = substr(md5($cfg_cookie_encode.$randcode),0,24);

  63.         require_once(DEDEINC."/oxwindow.class.php");

  64.         $wintitle = "删除用户";

  65.         $wecome_info = "<a href='sys_admin_user.php'>系统帐号管理</a>::删除用户";

  66.         $win = new OxWindow();

  67.         $win->Init("sys_admin_user_edit.php","js/blank.js","POST");

  68.         $win->AddHidden("dopost", $dopost);

  69.         $win->AddHidden("userok", "yes");

  70.         $win->AddHidden("randcode", $randcode);

  71.         $win->AddHidden("safecode", $safecode);

  72.         $win->AddHidden("id", $id);

  73.         $win->AddTitle("系统警告!");

  74.         $win->AddMsgItem("你确信要删除用户:$userid 吗?","50");

  75.         $win->AddMsgItem("安全验证串:<input name='safecode' type='text' id='safecode' size='16' style='width:200px' />&nbsp;(复制本代码: <font color='red'>$safecode</font> )","30");

  76.         $winform = $win->GetWindow("ok");

  77.         $win->Display();

  78.         exit();

  79.     }

  80.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode),0,24);

  81.     if($safecodeok!=$safecode)

  82.     {

  83.         ShowMsg("请填写正确的安全验证串!", "sys_admin_user.php");

  84.         exit();

  85.     }

  86. 

  87.     //不能删除id为1的创建人帐号,不能删除自己

  88.     $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__admin` WHERE id='$id' AND id<>1 AND id<>'".$cuserLogin->getUserID()."' ");

  89.     if($rs>0)

  90.     {

  91.         //更新前台用户信息

  92.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt='0' WHERE mid='$id' LIMIT 1");

  93.         ShowMsg("成功删除一个帐户!","sys_admin_user.php");

  94.     }

  95.     else

  96.     {

  97.         ShowMsg("不能删除id为1的创建人帐号,不能删除自己!","sys_admin_user.php",0,3000);

  98.     }

  99.     exit();

  100. }

  101. 

  102. //显示用户信息

  103. $randcode = mt_rand(10000,99999);

  104. $safecode = substr(md5($cfg_cookie_encode.$randcode),0,24);

  105. $typeOptions = '';

  106. $row = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id'");

  107. $typeids = explode(',', $row['typeid']);

  108. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  109. $dsql->Execute('op');

  110. 

  111. while($nrow = $dsql->GetObject('op'))

  112. {

  113.     $typeOptions .= "<option value='{$nrow->id}' class='btype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";

  114.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  115.     $dsql->Execute('s');

  116.     

  117.     while($nrow = $dsql->GetObject('s'))

  118.     {

  119.         $typeOptions .= "<option value='{$nrow->id}' class='stype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">—{$nrow->typename}</option>\r\n";

  120.     }

  121. }

  122. make_hash();

  123. include DedeInclude('templets/sys_admin_user_edit.htm');