<?php
//-------------------------------用户管理
header("Content-type: text/html; charset=utf-8");
if(THIS_IN!="edt_admin")
	exit("错误的访问!");
$msg_login_user=get_db_msg("select * from ".$table_pre."user where id='".$uid."'");
//---------priv
$priv=return_priv($_m,$msg_login_user["priv"]);
$json_data="{";
if($priv[0]=="n"){
	//没有操作权限
	$json_data.="\"error\":\"没有操作权限\",\"code\":0,\"msg\":\"\",\"count\":0,\"data\":[],";
}else{
	$json_data.="\"uid\":".$uid.",";
	//有权限
	switch($_a){
		case "myinfo" :
			$msg=$msg_login_user;
			$add_date=date("Y-m-d H:i:s",$msg["add_date"]);
			$username=$msg["username"];
			$remark=$msg["remark"];
			$json_data.="\"username\":\"".$username."\",";
			$json_data.="\"remark\":\"".$remark."\",";
			$json_data.="\"add_date\":\"".$add_date."\",";
		break;
		case "save_myinfo" :
			$msg_error="";
			$password=trim($password);
			$password1=trim($password1);
			//验证
			if($password){
				if($password!=$password1){
					$msg_error="2次输入的密码不一致";
				}
			}
			if($msg_error){
				$json_data.="\"code\":0,\"msg\":\"".$msg_error."\",";
			}else{
				//
				$log_action="修改我的信息";
				if($password){
					$up_password=",password='".md5($password)."'";
				}
				$query="update ".$table_pre."user set remark='".$remark."'".$up_password." where id='".$uid."'";
				$db->query($query);
				$lid=$id?$id:$db->insert_id();
				set_log($log_action."用户",$msg_login_user["username"]."|".$uid);
				$json_data.="\"code\":1,";
			}
		break;
		case "add" :
			if($id>0){
				//编辑
				$msg=get_db_msg("select * from ".$table_pre."user where id='".$id."'");
				$add_date=date("Y-m-d H:i:s",$msg["add_date"]);
				$live=$msg["live"];
				$username=$msg["username"];
				$remark=$msg["remark"];
				//
				$user_priv_this=$msg["priv"];
			}else{
				//添加
				$add_date=date("Y-m-d H:i:s");
				$live="y";
				$username=$remark=$user_priv_this="";
			}
			//取得权限数据
			$query="select id,title from ".$table_pre."channel where deep=1 order by ord";
			$res=$db->query($query);
			$i=0;
			$str_priv1="";
			while($msg=$db->fetch_array($res)){
				$query1="select id,path,title from ".$table_pre."channel where path='0-".$msg["id"]."' order by ord";
				$res1=$db->query($query1);
				$j=0;
				$str_priv2="";
				while($msg1=$db->fetch_array($res1)){
					$str_priv2.="{\"id\":\"".$msg1["id"]."\",\"path\":\"".$msg["id"]."-".$msg1["id"]."\",\"title\":\"".$msg1["title"]."\"},";
					$j++;
				}
				if($j>0){
					$str_priv1.="{\"title\":\"".$msg["title"]."\",\"son\":[".substr($str_priv2,0,-1)."]},";
					$i++;
				}
			}
			$json_data.="\"user_priv\":[".substr($str_priv1,0,-1)."],";
			$json_data.="\"user_priv_this\":\"".$user_priv_this."\",";
			$json_data.="\"live\":\"".$live."\",";
			$json_data.="\"username\":\"".$username."\",";
			$json_data.="\"remark\":\"".$remark."\",";
			$json_data.="\"add_date\":\"".$add_date."\",";
		break;
		case "save_add" :
			$msg_error="";
			$username=trim($username);
			$password=trim($password);
			$password1=trim($password1);
			//验证
			if(!$username){
				$msg_error="用户名不能为空";
			}else{
				$c=get_db_msg("select count(*) 'num' from ".$table_pre."user where id<>'".$id."' and username='".$username."'");
				if($c["num"]>0){
					$msg_error="该用户名已经存在";
				}
			}
			if($id){
				if($password){
					if($password!=$password1){
						$msg_error="2次输入的密码不一致";
					}
				}
			}else{
				if(!$password){
					$msg_error="密码不能为空";
				}else{
					if($password!=$password1){
						$msg_error="2次输入的密码不一致";
					}
				}
			}
			if($msg_error){
				$json_data.="\"code\":0,\"msg\":\"".$msg_error."\",";
			}else{
				$add_date=day_to_time($add_date);
				$live=($live=="on")?"y":"n";
				//处理权限
				$query="select id,title from ".$table_pre."channel where deep=1 order by ord";
				$res=$db->query($query);
				$i=0;
				$priv1="";
				while($msg=$db->fetch_array($res)){
					$query1="select id,path,title from ".$table_pre."channel where path='0-".$msg["id"]."' order by ord";
					$res1=$db->query($query1);
					while($msg1=$db->fetch_array($res1)){
						$var1="pid_".$msg1["id"];
						if($$var1=="on")
							$priv1.=$msg["id"]."-".$msg1["id"].",";
					}
				}
				$priv1=$priv1?substr($priv1,0,-1):"";
				//
				if($id){
					//
					$log_action="修改";
					if($password){
						$up_password="password='".md5($password)."',";
					}
					$query="update ".$table_pre."user set live='".$live."',username='".$username."',priv='".$priv1."',".$up_password."remark='".$remark."',add_date='".$add_date."' where id='".$id."'";
				}else{
					$log_action="新增";
					//
					$query="insert ".$table_pre."user (live,priv,username,password,remark,add_date,lastactivity) values ('".$live."','".$priv1."','".$username."','".md5($password)."','".$remark."','".$add_date."','".$add_date."')";
				}
				$db->query($query);
				$lid=$id?$id:$db->insert_id();
				set_log($log_action."用户",$username."|".$lid);
				$json_data.="\"code\":1,";
			}
		break;
		case "set_live" :
			$log_action="启用";
			$m=get_db_msg("select id,username,live from ".$table_pre."user where id='".$id."'");
			if($m["id"]>0){
				$set_live=($m["live"]=="y")?"n":"y";
				$query="update ".$table_pre."user set live='".$set_live."' where id='".$id."'";
				$db->query($query);
				set_log($log_action."用户",$m["username"]."|".$m["id"]);
				$json_data.="\"code\":1,";
			}else{
				$msg_error="用户不存在";
				$json_data.="\"code\":0,\"msg\":\"".$msg_error."\",";
			}
		break;
		case "del" :
			$id=(is_array($id))?$id:array($id);
			$num=count($id);
			for($i=0;$i<$num;$i++){
				$db->query("delete from ".$table_pre."user where id='".$id[$i]."'");
				$tmp=get_db_msg("select * from ".$table_pre."user where id='".$id[$i]."'");
				$lid.=$tmp["username"]."|".$id[$i].", ";
			}
			$lid=substr($lid,0,-2);
			set_log("删除用户",$lid);
			$json_data.="\"code\":1,";
		break;
		default :
			//
			$page=$page>0?$page:1;
			$limit=$limit>0?$limit:10;
			$start=($page-1)*$limit;
			$end=$limit;
			//
			$sql_con="";
			if($s_live){
				$sql_con.=" and live='".$s_live."'";
			}
			if($s_username){
				$sql_con.=" and username like '%".$s_username."%'";
			}
			//取得总数
			$tmp=get_db_msg("select count(*) 'num' from ".$table_pre."user where id>0 ".$sql_con);
			$total_num=$tmp["num"];
			$query="select * from ".$table_pre."user where id>0 ".$sql_con." order by add_date desc limit ".$start.",".$end;
			//echo $query."<br>";
			$res=$db->query($query);
			$count=0;
			$json_data.="\"code\":0,\"msg\":\"\",\"count\":".$total_num.",\"data\":[";
			$str_tmp="";
			while($msg=$db->fetch_array($res)){
				$list=$count_first+$count+1;
				$str_tmp.="{";
				$str_tmp.="\"id\":\"".$msg["id"]."\",";
				$str_tmp.="\"bh\":\"".$list."\",";
				$str_tmp.="\"username\":\"".$msg["username"]."\",";
				$str_tmp.="\"priv\":\"".print_priv_str($msg["priv"])."\",";
				$str_tmp.="\"bz\":\"".$msg["remark"]."\",";
				$str_tmp.="\"live\":\"".$msg["live"]."\",";
				$str_tmp.="\"add_date\":\"".date("Y/m/d H:i",$msg["add_date"])."\"";
				$str_tmp.="},";
				$count++;
			}
			$json_data.=substr($str_tmp,0,-1)."],";
		break;
	}
}
$json_data=substr($json_data,0,-1)."}";
echo $json_data;
?>