DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
170 Commits
3 Branches
110MB
Tree: ac9141298b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ac9141298b'
${ noResults }
DedeV6/src/dede/sys_admin_user_edit.php

124 lines
4.6KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 编辑系统管理员

  4.  *

  5.  * @version        $Id: sys_admin_user_edit.php 1 16:22 2010年7月20日Z tianya $

  6.  * @package        DedeCMS.Administrator

  7.  * @copyright      Copyright (c) 2007 - 2018, DesDev, Inc.

  8.  * @copyright      Copyright (c) 2020, DedeBIZ.COM

  9.  * @license        https://www.dedebiz.com/license/v6

  10.  * @link           https://www.dedebiz.com

  11.  */

  12. require_once(dirname(__FILE__).'/config.php');

  13. CheckPurview('sys_User');

  14. require_once(DEDEINC.'/typelink.class.php');

  15. if(empty($dopost)) $dopost = '';

  16. $id = preg_replace("#[^0-9]#", '', $id);

  17. 

  18. if($dopost=='saveedit')

  19. {

  20.     CheckCSRF();

  21.     $pwd = trim($pwd);

  22.     if($pwd!='' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd))

  23.     {

  24.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符!', '-1', 0, 3000);

  25.         exit();

  26.     }

  27.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  28.     if($safecodeok != $safecode)

  29.     {

  30.         ShowMsg("请填写正确的安全验证串!", "sys_admin_user_edit.php?id={$id}&dopost=edit");

  31.         exit();

  32.     }

  33.     $pwdm = '';

  34.     if($pwd != '')

  35.     {

  36.         $pwdm = ",pwd='".md5($pwd)."'";

  37.         $pwd = ",pwd='".substr(md5($pwd), 5, 20)."'";

  38.     }

  39.     if(empty($typeids))

  40.     {

  41.         $typeid = '';

  42.     } else {

  43.         $typeid = join(',', $typeids);

  44.         if($typeid=='0') $typeid = '';

  45.     }

  46.     if($id!=1){

  47.         $query = "UPDATE `#@__admin` SET uname='$uname',usertype='$usertype',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  48.     }else{

  49.         $query = "UPDATE `#@__admin` SET uname='$uname',tname='$tname',email='$email',typeid='$typeid' $pwd WHERE id='$id'";

  50.     }

  51.     $dsql->ExecuteNoneQuery($query);

  52.     $query = "UPDATE `#@__member` SET uname='$uname',email='$email'$pwdm WHERE mid='$id'";

  53.     $dsql->ExecuteNoneQuery($query);

  54.     ShowMsg("成功更改一个帐户!", "sys_admin_user.php");

  55.     exit();

  56. }

  57. else if($dopost=='delete')

  58. {

  59.     if(empty($userok)) $userok="";

  60.     if($userok!="yes")

  61.     {

  62.         $randcode = mt_rand(10000, 99999);

  63.         $safecode = substr(md5($cfg_cookie_encode.$randcode),0,24);

  64.         require_once(DEDEINC."/oxwindow.class.php");

  65.         $wintitle = "删除用户";

  66.         $wecome_info = "<a href='sys_admin_user.php'>系统帐号管理</a>::删除用户";

  67.         $win = new OxWindow();

  68.         $win->Init("sys_admin_user_edit.php","js/blank.js","POST");

  69.         $win->AddHidden("dopost", $dopost);

  70.         $win->AddHidden("userok", "yes");

  71.         $win->AddHidden("randcode", $randcode);

  72.         $win->AddHidden("safecode", $safecode);

  73.         $win->AddHidden("id", $id);

  74.         $win->AddTitle("系统警告!");

  75.         $win->AddMsgItem("你确信要删除用户:$userid 吗?","50");

  76.         $win->AddMsgItem("安全验证串:<input name='safecode' type='text' id='safecode' size='16' style='width:200px' />&nbsp;(复制本代码: <font color='red'>$safecode</font> )","30");

  77.         $winform = $win->GetWindow("ok");

  78.         $win->Display();

  79.         exit();

  80.     }

  81.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode),0,24);

  82.     if($safecodeok!=$safecode)

  83.     {

  84.         ShowMsg("请填写正确的安全验证串!", "sys_admin_user.php");

  85.         exit();

  86.     }

  87. 

  88.     //不能删除id为1的创建人帐号,不能删除自己

  89.     $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__admin` WHERE id='$id' AND id<>1 AND id<>'".$cuserLogin->getUserID()."' ");

  90.     if($rs>0)

  91.     {

  92.         //更新前台用户信息

  93.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt='0' WHERE mid='$id' LIMIT 1");

  94.         ShowMsg("成功删除一个帐户!","sys_admin_user.php");

  95.     }

  96.     else

  97.     {

  98.         ShowMsg("不能删除id为1的创建人帐号,不能删除自己!","sys_admin_user.php",0,3000);

  99.     }

  100.     exit();

  101. }

  102. 

  103. //显示用户信息

  104. $randcode = mt_rand(10000,99999);

  105. $safecode = substr(md5($cfg_cookie_encode.$randcode),0,24);

  106. $typeOptions = '';

  107. $row = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id'");

  108. $typeids = explode(',', $row['typeid']);

  109. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  110. $dsql->Execute('op');

  111. 

  112. while($nrow = $dsql->GetObject('op'))

  113. {

  114.     $typeOptions .= "<option value='{$nrow->id}' class='btype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";

  115.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  116.     $dsql->Execute('s');

  117.     

  118.     while($nrow = $dsql->GetObject('s'))

  119.     {

  120.         $typeOptions .= "<option value='{$nrow->id}' class='stype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">—{$nrow->typename}</option>\r\n";

  121.     }

  122. }

  123. make_hash();

  124. include DedeInclude('templets/sys_admin_user_edit.htm');