DedeBIZ
/
DedeV6
Observar 2
Favorito 0
Fork 0
Código Pull requests 0 Versões 31 Atividade
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
167 Commits
3 Branches
93MB
Tag: 5d657542eb
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de 5d657542eb
${ noResults }
DedeV6/src/dede/member_toadmin.php

105 linhas
4.3KB
Original Anotar Histórico 

  1. <?php

  2. /**

  3.  * 升级为管理员

  4.  *

  5.  * @version        $Id: member_toadmin.php 1 14:09 2010年7月20日Z tianya $

  6.  * @package        DedeCMS.Administrator

  7.  * @copyright      Copyright (c) 2007 - 2018, DesDev, Inc.

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        https://www.dedebiz.com/license/v6

  10.  * @link           https://www.dedebiz.com

  11.  */

  12. require_once(dirname(__FILE__)."/config.php");

  13. CheckPurview('member_Edit');

  14. if(empty($dopost)) $dopost = '';

  15. if(empty($fmdo)) $fmdo = '';

  16. 

  17. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';

  18. $row = array();

  19. /*----------------

  20. function __Toadmin()

  21. 升级为管理员

  22. ----------------*/

  23. if($dopost == "toadmin")

  24. {

  25.     $pwd = trim($pwd);

  26.     if($pwd!='' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd))

  27.     {

  28.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符!','-1', 0, 3000);

  29.         exit();

  30.     }

  31.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  32.     if($safecodeok != $safecode)

  33.     {

  34.         ShowMsg("请填写正确的安全验证串!", "member_toadmin.php?id={$id}");

  35.         exit();

  36.     }

  37.     $pwdm = '';

  38.     if($pwd!='')

  39.     {

  40.         $inputpwd = ",pwd";

  41.         $inputpwdv = ",'".substr(md5($pwd), 5, 20)."'";

  42.         $pwdm = ",pwd='".md5($pwd)."'";

  43.     }else{

  44.         $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  45.         $password = $row['pwd'];

  46.         $inputpwd = ",pwd";

  47.         $pwd = substr($password, 5, 20);

  48.         $inputpwdv = ",'".$pwd."'";

  49.         $pwdm = ",pwd='".$password."'";

  50.     }

  51.     $typeids=(empty($typeids))? "" : $typeids;

  52.     if($typeids=='')

  53.     {

  54.         ShowMsg("请为该管理员指定管理栏目!","member_toadmin.php?id={$id}");

  55.         exit();

  56.     }

  57.     $typeid = join(',', $typeids);

  58.     if($typeid=='0') $typeid = '';

  59.     if($id!=1)

  60.     {

  61.         $query = "INSERT INTO `#@__admin`(id,usertype,userid$inputpwd,uname,typeid,tname,email)

  62.                     VALUES('$id','$usertype','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  63.     }

  64.     else

  65.     {

  66.         $query = "INSERT INTO `#@__admin`(id,userid$inputpwd,uname,typeid,tname,email)

  67.                     VALUES('$id','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  68.     }

  69.     $dsql->ExecuteNoneQuery($query);

  70.     $query = "UPDATE `#@__member` SET rank='100',uname='$uname',matt='10',email='$email'$pwdm WHERE mid='$id'";

  71.     $dsql->ExecuteNoneQuery($query);

  72.     $row = $dsql->GetOne("SELECT * FROM #@__admintype WHERE rank='$usertype'");

  73.     $floginid = $cuserLogin->getUserName();

  74.     $fromid = $cuserLogin->getUserID();

  75.     $subject = "恭喜您已经成功提升为管理员";

  76.     $message = "亲爱的会员{$userid},您已经成功提升为{$row['typename']},具体操作权限请同网站超级管理员联系。";

  77.     $sendtime = $writetime = time();

  78.     $inquery = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  79.       VALUES ('$floginid','$fromid','$id','$userid','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  80.     $dsql->ExecuteNoneQuery($inquery);

  81.     ShowMsg("成功升级一个帐户!","member_main.php");

  82.     exit();

  83. }    

  84. $id = preg_replace("#[^0-9]#", "", $id);

  85. 

  86. //显示用户信息

  87. $randcode = mt_rand(10000, 99999);

  88. $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);    

  89. $typeOptions = '';

  90. $typeid=(empty($typeid))? '' : $typeid;

  91. $typeids = explode(',', $typeid);

  92. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  93. $dsql->Execute('op');

  94. while($nrow = $dsql->GetObject('op'))

  95. {

  96.     $typeOptions .= "<option value='{$nrow->id}' class='btype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";

  97.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  98.     $dsql->Execute('s');

  99.     while($nrow = $dsql->GetObject('s'))

  100.     {

  101.         $typeOptions .= "<option value='{$nrow->id}' class='stype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">—{$nrow->typename}</option>\r\n";

  102.     }

  103. }

  104. $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  105. include DedeInclude('templets/member_toadmin.htm');