DedeBIZ
/
DedeV6
Watch 2
Star 0
Fork 0
Code Pull Requests 0 Releases 25 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
935 Commits
3 Branches
110MB
Tree: e6c8c11424
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e6c8c11424'
${ noResults }
DedeV6/src/admin/member_do.php

233 lines
11KB
Raw Blame History 

  1. <?php

  2. /**

  3.  * 会员管理操作

  4.  *

  5.  * @version        $Id: member_do.php 1 13:47 2010年7月19日Z tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. require_once(DEDEINC."/libraries/oxwindow.class.php");

  13. if (empty($dopost)) $dopost = '';

  14. if (empty($fmdo)) $fmdo = '';

  15. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';

  16. /*----------------

  17. function __DelMember()

  18. 删除会员

  19. ----------------*/

  20. if ($dopost == "delmember") {

  21.     CheckPurview('member_Del');

  22.     if ($fmdo == 'yes') {

  23.         $id = preg_replace("#[^0-9]#", '', $id);

  24.         $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  25.         if ($safecodeok != $safecode) {

  26.             ShowMsg("请填写正确的安全验证串", "member_do.php?id={$id}&dopost=delmember");

  27.             exit();

  28.         }

  29.         if (!empty($id)) {

  30.             //删除用户信息

  31.             $row = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='$id' LIMIT 1 ");

  32.             $rs = 0;

  33.             if ($row['matt'] == 10) {

  34.                 $nrow = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id' LIMIT 1 ");

  35.                 //已经删除关连的管理员帐号

  36.                 if (!is_array($nrow)) $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");

  37.             } else {

  38.                 $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid='$id' LIMIT 1");

  39.             }

  40.             if ($rs > 0) {

  41.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid='$id' LIMIT 1");

  42.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid='$id' LIMIT 1");

  43.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid='$id' LIMIT 1");

  44.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid='$id' LIMIT 1");

  45.                 //删除用户相关数据

  46.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid='$id' ");

  47.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid='$id' ");

  48.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid='$id' ");

  49.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid='$id' Or fromid='$id' ");

  50.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid='$id' Or fid='$id' ");

  51.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid='$id' ");

  52.                 $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid='$id'");

  53.             } else {

  54.                 ShowMsg("无法删除此会员,如果这个会员是[管理员],<br>必须先删除这个[管理员]才能删除此帐号", $ENV_GOBACK_URL, 0, 5000);

  55.                 exit();

  56.             }

  57.         }

  58.         ShowMsg("成功删除一个会员", $ENV_GOBACK_URL);

  59.         exit();

  60.     }

  61.     $randcode = mt_rand(10000, 99999);

  62.     $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  63.     $wintitle = "会员管理-删除会员";

  64.     $wecome_info = "<a href='".$ENV_GOBACK_URL."'>会员管理</a>::删除会员";

  65.     $win = new OxWindow();

  66.     $win->Init("member_do.php", "js/blank.js", "POST");

  67.     $win->AddHidden("fmdo", "yes");

  68.     $win->AddHidden("dopost", $dopost);

  69.     $win->AddHidden("id", $id);

  70.     $win->AddHidden("randcode", $randcode);

  71.     $win->AddHidden("safecode", $safecode);

  72.     $win->AddTitle("您确定要删除会员ID:".$id." 吗");

  73.     $win->AddMsgItem("安全验证串:<input name='safecode' type='text' id='safecode' style='width:260px'>(复制本代码:<span class='text-danger'>$safecode</span>)", "30");

  74.     $winform = $win->GetWindow("ok");

  75.     $win->Display();

  76. } else if ($dopost == "delmembers") {

  77.     CheckPurview('member_Del');

  78.     if ($fmdo == 'yes') {

  79.         $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  80.         if ($safecodeok != $safecode) {

  81.             ShowMsg("请填写正确的安全验证串", "member_do.php?id={$id}&dopost=delmembers");

  82.             exit();

  83.         }

  84.         if (!empty($id)) {

  85.             //删除用户信息

  86.             $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__member` WHERE mid IN (".str_replace("`", ",", $id).") And matt<>10 ");

  87.             if ($rs > 0) {

  88.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_tj` WHERE mid IN (".str_replace("`", ",", $id).") ");

  89.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_space` WHERE mid IN (".str_replace("`", ",", $id).") ");

  90.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_company` WHERE mid IN (".str_replace("`", ",", $id).") ");

  91.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_person` WHERE mid IN (".str_replace("`", ",", $id).") ");

  92.                 //删除用户相关数据

  93.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_stow` WHERE mid IN (".str_replace("`", ",", $id).") ");

  94.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_flink` WHERE mid IN (".str_replace("`", ",", $id).") ");

  95.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_operation` WHERE mid IN (".str_replace("`", ",", $id).") ");

  96.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_pms` WHERE toid IN (".str_replace("`", ",", $id).") Or fromid IN (".str_replace("`", ",", $id).") ");

  97.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__member_friends` WHERE mid IN (".str_replace("`", ",", $id).") Or fid IN (".str_replace("`", ",", $id).") ");

  98.                 $dsql->ExecuteNoneQuery("DELETE FROM `#@__feedback` WHERE mid IN (".str_replace("`", ",", $id).") ");

  99.                 $dsql->ExecuteNoneQuery("UPDATE `#@__archives` SET mid='0' WHERE mid IN (".str_replace("`", ",", $id).")");

  100.             } else {

  101.                 ShowMsg("无法删除此会员,如果这个会员是管理员关连的ID,<br>必须先删除这个管理员才能删除此帐号", $ENV_GOBACK_URL, 0, 3000);

  102.                 exit();

  103.             }

  104.         }

  105.         ShowMsg("成功删除这些会员", $ENV_GOBACK_URL);

  106.         exit();

  107.     }

  108.     $randcode = mt_rand(10000, 99999);

  109.     $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  110.     $wintitle = "会员管理-删除会员";

  111.     $wecome_info = "<a href='".$ENV_GOBACK_URL."'>会员管理</a>::删除会员";

  112.     $win = new OxWindow();

  113.     $win->Init("member_do.php", "js/blank.js", "POST");

  114.     $win->AddHidden("fmdo", "yes");

  115.     $win->AddHidden("dopost", $dopost);

  116.     $win->AddHidden("id", $id);

  117.     $win->AddHidden("randcode", $randcode);

  118.     $win->AddHidden("safecode", $safecode);

  119.     $win->AddTitle("您确定要删除(ID:".$id.")这个会员?");

  120.     $win->AddMsgItem(" 安全验证串:<input name='safecode' type='text' id='safecode' size='16' style='width:260px' /> (复制本代码:<span class='text-danger'>$safecode</span>)", "30");

  121.     $winform = $win->GetWindow("ok");

  122.     $win->Display();

  123. }

  124. /*----------------

  125. function __Recommend()

  126. 推荐会员

  127. ----------------*/

  128. else if ($dopost == "recommend") {

  129.     CheckPurview('member_Edit');

  130.     $id = preg_replace("#[^0-9]#", "", $id);

  131.     if ($matt == 0) {

  132.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=1 WHERE mid='$id' AND matt<>10 LIMIT 1");

  133.         ShowMsg("成功设置一个会员推荐", $ENV_GOBACK_URL);

  134.         exit();

  135.     } else {

  136.         $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt=0 WHERE mid='$id' AND matt<>10 LIMIT 1");

  137.         ShowMsg("成功取消一个会员推荐", $ENV_GOBACK_URL);

  138.         exit();

  139.     }

  140. }

  141. /*----------------

  142. function __EditUser()

  143. 修改会员

  144. ----------------*/

  145. else if ($dopost == 'edituser') {

  146.     CheckPurview('member_Edit');

  147.     if (!isset($_POST['id'])) exit('dedebiz');

  148.     $pwdsql = empty($pwd) ? '' : ",pwd='".md5($pwd)."'";

  149.     if (function_exists('password_hash')) {

  150.         $pwdsql = empty($pwd) ? '' : ",pwd_new='".password_hash($pwd, PASSWORD_BCRYPT)."'";

  151.     }

  152.     if (empty($sex)) $sex = '男';

  153.     $uptime = GetMkTime($uptime);

  154.     if ($matt == 10 && $oldmatt != 10) {

  155.         ShowMsg("对不起,为安全起见,不支持直接把前台会员转为管理的操作", "-1");

  156.         exit();

  157.     }

  158.     $query = "UPDATE `#@__member` SET

  159.             email = '$email',

  160.             uname = '$uname',

  161.             sex = '$sex',

  162.             matt = '$matt',

  163.             money = '$money',

  164.             scores = '$scores',

  165.             `rank` = '$rank',

  166.             spacesta='$spacesta',

  167.             uptime='$uptime',

  168.             exptime='$exptime'

  169.             $pwdsql

  170.             WHERE mid='$id' AND matt<>10 ";

  171.     $rs = $dsql->ExecuteNoneQuery2($query);

  172.     if ($rs == 0) {

  173.         $query = "UPDATE `#@__member` SET

  174.             email = '$email',

  175.             uname = '$uname',

  176.             sex = '$sex',

  177.             money = '$money',

  178.             scores = '$scores',

  179.             `rank` = '$rank',

  180.             spacesta='$spacesta',

  181.             uptime='$uptime',

  182.             exptime='$exptime'

  183.             $pwdsql

  184.             WHERE mid='$id' ";

  185.         $rs = $dsql->ExecuteNoneQuery2($query);

  186.     }

  187.     ShowMsg('成功修改会员资料', 'member_view.php?id='.$id);

  188.     exit();

  189. }

  190. /*--------------

  191. function __LoginCP()

  192. 登录会员的控制面板

  193. ----------*/

  194. else if ($dopost == "memberlogin") {

  195.     CheckPurview('member_Edit');

  196.     PutCookie('DedeUserID', $id, 1800);

  197.     PutCookie('DedeLoginTime', time(), 1800);

  198.     if (empty($jumpurl)) header("location:../user/index.php");

  199.     else header("location:$jumpurl");

  200. } else if ($dopost == "deoperations") {

  201.     $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));

  202.     $nid = explode(',', $nid);

  203.     if (is_array($nid)) {

  204.         foreach ($nid as $var) {

  205.             $query = "DELETE FROM `#@__member_operation` WHERE aid = '$var'";

  206.             $dsql->ExecuteNoneQuery($query);

  207.         }

  208.         ShowMsg("删除成功", "member_operations.php");

  209.         exit();

  210.     }

  211. } else if ($dopost == "upoperations") {

  212.     $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));

  213.     $nid = explode(',', $nid);

  214.     if (is_array($nid)) {

  215.         foreach ($nid as $var) {

  216.             $query = "UPDATE `#@__member_operation` SET sta = '1' WHERE aid = '$var'";

  217.             $dsql->ExecuteNoneQuery($query);

  218.             ShowMsg("设置成功", "member_operations.php");

  219.             exit();

  220.         }

  221.     }

  222. } else if ($dopost == "okoperations") {

  223.     $nid = preg_replace('#[^0-9,]#', '', preg_replace('#`#', ',', $nid));

  224.     $nid = explode(',', $nid);

  225.     if (is_array($nid)) {

  226.         foreach ($nid as $var) {

  227.             $query = "UPDATE `#@__member_operation` SET sta = '2' WHERE aid = '$var'";

  228.             $dsql->ExecuteNoneQuery($query);

  229.             ShowMsg("设置成功", "member_operations.php");

  230.             exit();

  231.         }

  232.     }

  233. }