DedeBIZ
/
DedeV6
Volgen 2
Ster 0
Vork 0
Code Pull-aanvragen 0 Publicaties 31 Activiteit
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1556 Commits
3 Branches
93MB
Tree: d42130ab26
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'd42130ab26'
${ noResults }
DedeV6/src/admin/member_do.php

230 lines
11KB
Ruw Blame Geschiedenis 

  1. <?php

  2. /**

  3.  * 会员管理操作

  4.  *

  5.  * @version        $id:member_do.php 13:47 2010年7月19日 tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022 DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. require_once(DEDEINC."/libraries/oxwindow.class.php");

  13. if (empty($dopost)) $dopost = '';

  14. if (empty($fmdo)) $fmdo = '';

  15. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';

  16. /*----------------

  17. function __DelMember()

  18. 删除会员

  19. ----------------*/

  20. if ($dopost == "delmember") {

  21.     CheckPurview('member_Del');

  22.     if ($fmdo == 'yes') {

  23.         $id = preg_replace("#[^0-9]#", '', $id);

  24.         $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  25.         if ($safecodeok != $safecode) {

  26.             ShowMsg("请填写正确的验证安全码", "member_do.php?id={$id}&dopost=delmember");

  27.             exit();

  28.         }

  29.         if (!empty($id)) {

  30.             //删除用户信息

  31.             $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='$id' LIMIT 1 ");

  32.             $rs = 0;

  33.             if ($row['matt'] == 10) {

  34.                 $nrow = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id' LIMIT 1 ");

  35.                 //已经删除关连的管理员帐号

  36.                 if (!is_array($nrow)) $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");

  37.             } else {

  38.                 $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");

  39.             }

  40.             if ($rs > 0) {

  41.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid='$id' LIMIT 1");

  42.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid='$id' LIMIT 1");

  43.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid='$id' LIMIT 1");

  44.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid='$id' LIMIT 1");

  45.                 //删除用户相关数据

  46.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid='$id' ");

  47.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid='$id' ");

  48.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid='$id' ");

  49.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid='$id' Or fromid='$id' ");

  50.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid='$id' Or fid='$id' ");

  51.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid='$id' ");

  52.                 $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid='$id'");

  53.             } else {

  54.                 ShowMsg("无法删除此会员,如果这个会员是管理员,<br>必须先删除这个管理员才能删除此帐号", $ENV_GOBACK_URL, 0, 5000);

  55.                 exit();

  56.             }

  57.         }

  58.         ShowMsg("成功删除一个会员", $ENV_GOBACK_URL);

  59.         exit();

  60.     }

  61.     $randcode = mt_rand(10000, 99999);

  62.     $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  63.     $wintitle = "会员管理-删除会员";

  64.     $wecome_info = "<a href='".$ENV_GOBACK_URL."'>会员管理</a>::删除会员";

  65.     $win = new OxWindow();

  66.     $win->Init("member_do.php", "js/blank.js", "POST");

  67.     $win->AddHidden("fmdo", "yes");

  68.     $win->AddHidden("dopost", $dopost);

  69.     $win->AddHidden("id", $id);

  70.     $win->AddHidden("randcode", $randcode);

  71.     $win->AddHidden("safecode", $safecode);

  72.     $win->AddTitle("您确定要删除id<span class='text-primary'>".$id."</span>会员吗");

  73.     $win->AddMsgItem("验证安全码:<input name='safecode' type='text' id='safecode' class='admin-input-md'>(安全码:<span class='text-primary'>$safecode</span>)", "30");

  74.     $winform = $win->GetWindow("ok");

  75.     $win->Display();

  76. } else if ($dopost == "delmembers") {

  77.     CheckPurview('member_Del');

  78.     if ($fmdo == 'yes') {

  79.         $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  80.         if ($safecodeok != $safecode) {

  81.             ShowMsg("请填写正确的验证安全码", "member_do.php?id={$id}&dopost=delmembers");

  82.             exit();

  83.         }

  84.         if (!empty($id)) {

  85.             //删除用户信息

  86.             $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid IN (".str_replace("`", ",", $id).") And matt<>10 ");

  87.             if ($rs > 0) {

  88.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid IN (".str_replace("`", ",", $id).") ");

  89.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid IN (".str_replace("`", ",", $id).") ");

  90.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid IN (".str_replace("`", ",", $id).") ");

  91.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid IN (".str_replace("`", ",", $id).") ");

  92.                 //删除用户相关数据

  93.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid IN (".str_replace("`", ",", $id).") ");

  94.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid IN (".str_replace("`", ",", $id).") ");

  95.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid IN (".str_replace("`", ",", $id).") ");

  96.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid IN (".str_replace("`", ",", $id).") Or fromid IN (".str_replace("`", ",", $id).") ");

  97.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid IN (".str_replace("`", ",", $id).") Or fid IN (".str_replace("`", ",", $id).") ");

  98.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid IN (".str_replace("`", ",", $id).") ");

  99.                 $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid IN (".str_replace("`", ",", $id).")");

  100.             } else {

  101.                 ShowMsg("无法删除此会员,如果这个会员是管理员关连的id,<br>必须先删除这个管理员才能删除此帐号", $ENV_GOBACK_URL, 0, 3000);

  102.                 exit();

  103.             }

  104.         }

  105.         ShowMsg("成功删除这些会员", $ENV_GOBACK_URL);

  106.         exit();

  107.     }

  108.     $randcode = mt_rand(10000, 99999);

  109.     $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  110.     $wintitle = "会员管理-删除会员";

  111.     $wecome_info = "<a href='".$ENV_GOBACK_URL."'>会员管理</a>::删除会员";

  112.     $win = new OxWindow();

  113.     $win->Init("member_do.php", "js/blank.js", "POST");

  114.     $win->AddHidden("fmdo", "yes");

  115.     $win->AddHidden("dopost", $dopost);

  116.     $win->AddHidden("id", $id);

  117.     $win->AddHidden("randcode", $randcode);

  118.     $win->AddHidden("safecode", $safecode);

  119.     $win->AddTitle("您确定要删除id<span class='text-primary'>".$id."</span>会员吗");

  120.     $win->AddMsgItem("验证安全码:<input name='safecode' type='text' id='safecode' size='16' class='admin-input-md' /> (安全码:<span class='text-primary'>$safecode</span>)", "30");

  121.     $winform = $win->GetWindow("ok");

  122.     $win->Display();

  123. }

  124. /*----------------

  125. function __Recommend()

  126. 推荐会员

  127. ----------------*/

  128. else if ($dopost == "recommend") {

  129.     CheckPurview('member_Edit');

  130.     $id = preg_replace("#[^0-9]#", "", $id);

  131.     if ($matt == 0) {

  132.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=1 WHERE mid='$id' AND matt<>10 LIMIT 1");

  133.         ShowMsg("成功设置一个会员推荐", $ENV_GOBACK_URL);

  134.         exit();

  135.     } else {

  136.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=0 WHERE mid='$id' AND matt<>10 LIMIT 1");

  137.         ShowMsg("成功取消一个会员推荐", $ENV_GOBACK_URL);

  138.         exit();

  139.     }

  140. }

  141. /*----------------

  142. function __EditUser()

  143. 修改会员

  144. ----------------*/

  145. else if ($dopost == 'edituser') {

  146.     CheckPurview('member_Edit');

  147.     $send_max = isset($send_max)? intval($send_max) : 0;

  148.     $user_money = isset($user_money)? floatval($user_money) : 0.0;

  149.     $money = isset($money)? intval($money) : 0;

  150.     $scores = isset($scores)? intval($scores) : 0;

  151.     $rank = isset($rank)? intval($rank) : 0;

  152.     $id = isset($id)? intval($id) : 0;

  153.     $email = isset($email)? HtmlReplace($email,1) : '';

  154.     $uname = isset($uname)? HtmlReplace($uname,1) : '';

  155.     $spacesta = isset($spacesta)? HtmlReplace($spacesta,1) : '';

  156.     $exptime = isset($exptime)? HtmlReplace($exptime,1) : '';

  157.     if (!isset($_POST['id'])) exit('dedebiz');

  158.     $pwdsql = empty($pwd) ? '' : ",pwd='".md5($pwd)."'";

  159.     if (function_exists('password_hash')) {

  160.         $pwdsql = empty($pwd) ? '' : ",pwd_new='".password_hash($pwd, PASSWORD_BCRYPT)."'";

  161.     }

  162.     if (empty($sex)) $sex = '男';

  163.     $uptime = GetMkTime($uptime);

  164.     if ($matt == 10 && $oldmatt != 10) {

  165.         ShowMsg("不支持直接把前台会员转为管理的操作", "-1");

  166.         exit();

  167.     }

  168.     $query = "UPDATE `#@__member` SET send_max='$send_max',email='$email',uname='$uname',sex='$sex',matt='$matt',user_money='$user_money',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' AND matt<>10 ";

  169.     $rs = $dsql->ExecuteNoneQuery2($query);

  170.     if ($rs == 0) {

  171.         $query = "UPDATE `#@__member` SET email='$email',uname='$uname',sex='$sex',user_money='$user_money',money='$money',scores='$scores',`rank`='$rank',spacesta='$spacesta',uptime='$uptime',exptime='$exptime'$pwdsql WHERE mid='$id' ";

  172.         $rs = $dsql->ExecuteNoneQuery2($query);

  173.     }

  174.     ShowMsg('成功修改会员资料', 'member_view.php?id='.$id);

  175.     exit();

  176. }

  177. /*--------------

  178. function __LoginCP()

  179. 登录会员的控制面板

  180. ----------*/

  181. else if ($dopost == "memberlogin") {

  182.     CheckPurview('member_Edit');

  183.     PutCookie('DedeUserID', $id, 1800);

  184.     PutCookie('DedeLoginTime', time(), 1800);

  185.     if (empty($jumpurl)) header("location:../user/index.php");

  186.     else header("location:$jumpurl");

  187. } else if ($dopost == "deoperations") {

  188.     $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));

  189.     $nid = explode(',', $nid);

  190.     if (is_array($nid)) {

  191.         foreach ($nid as $var) {

  192.             $query = "DELETE FROM `#@__member_operation` WHERE aid = '$var'";

  193.             $dsql->ExecuteNoneQuery($query);

  194.         }

  195.         ShowMsg("删除成功", "member_operations.php");

  196.         exit();

  197.     }

  198. } else if ($dopost == "upoperations") {

  199.     $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));

  200.     $nid = explode(',', $nid);

  201.     if (is_array($nid)) {

  202.         foreach ($nid as $var) {

  203.             $query = "UPDATE `#@__member_operation` SET sta = '1' WHERE aid = '$var'";

  204.             $dsql->ExecuteNoneQuery($query);

  205.             ShowMsg("设置成功", "member_operations.php");

  206.             exit();

  207.         }

  208.     }

  209. } else if ($dopost == "okoperations") {

  210.     $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));

  211.     $nid = explode(',', $nid);

  212.     if (is_array($nid)) {

  213.         foreach ($nid as $var) {

  214.             $moRow = $dsql->GetOne("SELECT * FROM `#@__member_operation` WHERE aid='$var'");

  215.             if ($moRow['sta'] == 1) {

  216.                 if ($moRow['product'] === "card") {

  217.                     //点卡

  218.                     $proRow = $dsql->GetOne("SELECT * FROM `#@__moneycard_type` WHERE tid={$moRow['pid']}");

  219.                     $query = "UPDATE `#@__member` SET money = money+{$proRow['num']} WHERE mid = '{$moRow['mid']}'";

  220.                     $dsql->ExecuteNoneQuery($query);

  221.                 }

  222.                 $query = "UPDATE `#@__member_operation` SET sta = '2' WHERE aid = '$var'";

  223.                 $dsql->ExecuteNoneQuery($query);

  224.             }

  225.             ShowMsg("设置成功", "member_operations.php");

  226.             exit();

  227.         }

  228.     }

  229. }

  230. ?>