DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
230 Commits
3 Branches
110MB
Tree: 50344b2270
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '50344b2270'
${ noResults }
DedeV6/src/dede/member_toadmin.php

104 lines
4.2KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 升级为管理员

  4.  *

  5.  * @version        $Id: member_toadmin.php 1 14:09 2010年7月20日Z tianya $

  6.  * @package        DedeCMS.Administrator

  7.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('member_Edit');

  13. if(empty($dopost)) $dopost = '';

  14. if(empty($fmdo)) $fmdo = '';

  15. 

  16. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';

  17. $row = array();

  18. /*----------------

  19. function __Toadmin()

  20. 升级为管理员

  21. ----------------*/

  22. if($dopost == "toadmin")

  23. {

  24.     $pwd = trim($pwd);

  25.     if($pwd!='' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd))

  26.     {

  27.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符!','-1', 0, 3000);

  28.         exit();

  29.     }

  30.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  31.     if($safecodeok != $safecode)

  32.     {

  33.         ShowMsg("请填写正确的安全验证串!", "member_toadmin.php?id={$id}");

  34.         exit();

  35.     }

  36.     $pwdm = '';

  37.     if($pwd!='')

  38.     {

  39.         $inputpwd = ",pwd";

  40.         $inputpwdv = ",'".substr(md5($pwd), 5, 20)."'";

  41.         $pwdm = ",pwd='".md5($pwd)."'";

  42.     }else{

  43.         $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  44.         $password = $row['pwd'];

  45.         $inputpwd = ",pwd";

  46.         $pwd = substr($password, 5, 20);

  47.         $inputpwdv = ",'".$pwd."'";

  48.         $pwdm = ",pwd='".$password."'";

  49.     }

  50.     $typeids=(empty($typeids))? "" : $typeids;

  51.     if($typeids=='')

  52.     {

  53.         ShowMsg("请为该管理员指定管理栏目!","member_toadmin.php?id={$id}");

  54.         exit();

  55.     }

  56.     $typeid = join(',', $typeids);

  57.     if($typeid=='0') $typeid = '';

  58.     if($id!=1)

  59.     {

  60.         $query = "INSERT INTO `#@__admin`(id,usertype,userid$inputpwd,uname,typeid,tname,email)

  61.                     VALUES('$id','$usertype','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  62.     }

  63.     else

  64.     {

  65.         $query = "INSERT INTO `#@__admin`(id,userid$inputpwd,uname,typeid,tname,email)

  66.                     VALUES('$id','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  67.     }

  68.     $dsql->ExecuteNoneQuery($query);

  69.     $query = "UPDATE `#@__member` SET rank='100',uname='$uname',matt='10',email='$email'$pwdm WHERE mid='$id'";

  70.     $dsql->ExecuteNoneQuery($query);

  71.     $row = $dsql->GetOne("SELECT * FROM #@__admintype WHERE rank='$usertype'");

  72.     $floginid = $cuserLogin->getUserName();

  73.     $fromid = $cuserLogin->getUserID();

  74.     $subject = "恭喜您已经成功提升为管理员";

  75.     $message = "亲爱的会员{$userid},您已经成功提升为{$row['typename']},具体操作权限请同网站超级管理员联系。";

  76.     $sendtime = $writetime = time();

  77.     $inquery = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  78.       VALUES ('$floginid','$fromid','$id','$userid','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  79.     $dsql->ExecuteNoneQuery($inquery);

  80.     ShowMsg("成功升级一个帐户!","member_main.php");

  81.     exit();

  82. }    

  83. $id = preg_replace("#[^0-9]#", "", $id);

  84. 

  85. //显示用户信息

  86. $randcode = mt_rand(10000, 99999);

  87. $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);    

  88. $typeOptions = '';

  89. $typeid=(empty($typeid))? '' : $typeid;

  90. $typeids = explode(',', $typeid);

  91. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  92. $dsql->Execute('op');

  93. while($nrow = $dsql->GetObject('op'))

  94. {

  95.     $typeOptions .= "<option value='{$nrow->id}' class='btype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";

  96.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  97.     $dsql->Execute('s');

  98.     while($nrow = $dsql->GetObject('s'))

  99.     {

  100.         $typeOptions .= "<option value='{$nrow->id}' class='stype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">—{$nrow->typename}</option>\r\n";

  101.     }

  102. }

  103. $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  104. include DedeInclude('templets/member_toadmin.htm');