DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 31 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1601 Commits
3 Branches
93MB
Tree: 95a983367a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '95a983367a'
${ noResults }
DedeV6/src/admin/sys_admin_user_edit.php

110 lines
4.8KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 修改管理员

  4.  *

  5.  * @version        $id:sys_admin_user_edit.php 16:22 2010年7月20日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__).'/config.php');

  12. CheckPurview('sys_User');

  13. require_once(DEDEINC.'/typelink/typelink.class.php');

  14. if (empty($dopost)) $dopost = '';

  15. $id = preg_replace("#[^0-9]#", '', $id);

  16. if ($dopost == 'saveedit') {

  17.     CheckCSRF();

  18.     $pwd = trim($pwd);

  19.     if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {

  20.         ShowMsg('密码不合法,只能用[0-9a-zA-Z_@!.-]以内范围的字符', '-1', 0, 3000);

  21.         exit();

  22.     }

  23.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  24.     if ($safecodeok != $safecode) {

  25.         ShowMsg("请填写正确的验证安全码", "sys_admin_user_edit.php?id={$id}&dopost=edit");

  26.         exit();

  27.     }

  28.     $pwdm = '';

  29.     if ($pwd != '') {

  30.         if (function_exists('password_hash')) {

  31.             $pwdm = ",pwd='',pwd_new='".password_hash($pwd, PASSWORD_BCRYPT)."'";

  32.             $pwd = ",pwd='',pwd_new='".password_hash($pwd, PASSWORD_BCRYPT)."'";

  33.         } else {

  34.             $pwdm = ",pwd='".md5($pwd)."'";

  35.             $pwd = ",pwd='".substr(md5($pwd), 5, 20)."'";

  36.         }

  37.     }

  38.     if (empty($typeids)) {

  39.         $typeid = '';

  40.     } else {

  41.         $typeid = join(',', $typeids);

  42.         if ($typeid == '0') $typeid = '';

  43.     }

  44.     if ($id != 1) {

  45.         $query = "UPDATE `#@__admin` SET uname='$uname',usertype='$usertype',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  46.     } else {

  47.         $query = "UPDATE `#@__admin` SET uname='$uname',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  48.     }

  49.     $dsql->ExecuteNoneQuery($query);

  50.     $query = "UPDATE `#@__member` SET uname='$uname',email='$email'$pwdm WHERE mid='$id'";

  51.     $dsql->ExecuteNoneQuery($query);

  52.     ShowMsg("成功修改一个帐户", "sys_admin_user.php");

  53.     exit();

  54. } else if ($dopost == 'delete') {

  55.     if (empty($userok)) $userok = "";

  56.     if ($userok != "yes") {

  57.         $randcode = mt_rand(10000, 99999);

  58.         $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  59.         require_once(DEDEINC."/libraries/oxwindow.class.php");

  60.         $wintitle = "删除会员";

  61.         $wecome_info = "<a href='sys_admin_user.php'>系统帐号管理</a>::删除会员";

  62.         $win = new OxWindow();

  63.         $win->Init("sys_admin_user_edit.php", "js/blank.js", "POST");

  64.         $win->AddHidden("dopost", $dopost);

  65.         $win->AddHidden("userok", "yes");

  66.         $win->AddHidden("randcode", $randcode);

  67.         $win->AddHidden("safecode", $safecode);

  68.         $win->AddHidden("id", $id);

  69.         $win->AddTitle("系统提示");

  70.         $win->AddMsgItem("您确定要删除id<span class='text-primary'>$userid</span>会员吗", "50");

  71.         $win->AddMsgItem("验证安全码:<input name='safecode' type='text' id='safecode' class='admin-input-md'>(安全码:<span class='text-primary'>$safecode</span>)", "30");

  72.         $winform = $win->GetWindow("ok");

  73.         $win->Display();

  74.         exit();

  75.     }

  76.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  77.     if ($safecodeok != $safecode) {

  78.         ShowMsg("请填写正确的验证安全码", "sys_admin_user.php");

  79.         exit();

  80.     }

  81.     //不能删除id为1的创建人帐号,不能删除自己

  82.     $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__admin` WHERE id='$id' AND id<>1 AND id<>'".$cuserLogin->getUserID()."' ");

  83.     if ($rs > 0) {

  84.         //更新前台会员信息

  85.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt='0' WHERE mid='$id' LIMIT 1");

  86.         ShowMsg("成功删除一个帐户", "sys_admin_user.php");

  87.     } else {

  88.         ShowMsg("不能删除id为1的创建人帐号,不能删除自己", "sys_admin_user.php", 0, 3000);

  89.     }

  90.     exit();

  91. }

  92. //显示会员信息

  93. $randcode = mt_rand(10000, 99999);

  94. $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  95. $typeOptions = '';

  96. $row = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id'");

  97. $typeids = explode(',', $row['typeid']);

  98. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  99. $dsql->Execute('op');

  100. while ($nrow = $dsql->GetObject('op')) {

  101.     $typeOptions .= "<option value='{$nrow->id}' ".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";

  102.     $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  103.     $dsql->Execute('s');

  104.     while ($nrow = $dsql->GetObject('s')) {

  105.         $typeOptions .= "<option value='{$nrow->id}' ".(in_array($nrow->id, $typeids) ? ' selected' : '').">└─ {$nrow->typename}</option>\r\n";

  106.     }

  107. }

  108. make_hash();

  109. include DedeInclude('templets/sys_admin_user_edit.htm');

  110. ?>