229 lines
7.2 KiB
PHP
229 lines
7.2 KiB
PHP
<?php
|
|
//-------------------------------用户管理
|
|
header("Content-type: text/html; charset=utf-8");
|
|
if(THIS_IN!="edt_admin")
|
|
exit("错误的访问!");
|
|
$msg_login_user=get_db_msg("select * from ".$table_pre."user where id='".$uid."'");
|
|
//---------priv
|
|
$priv=return_priv($_m,$msg_login_user["priv"]);
|
|
$json_data="{";
|
|
if($priv[0]=="n"){
|
|
//没有操作权限
|
|
$json_data.="\"error\":\"没有操作权限\",\"code\":0,\"msg\":\"\",\"count\":0,\"data\":[],";
|
|
}else{
|
|
$json_data.="\"uid\":".$uid.",";
|
|
//有权限
|
|
switch($_a){
|
|
case "myinfo" :
|
|
$msg=$msg_login_user;
|
|
$add_date=date("Y-m-d H:i:s",$msg["add_date"]);
|
|
$username=$msg["username"];
|
|
$remark=$msg["remark"];
|
|
$json_data.="\"username\":\"".$username."\",";
|
|
$json_data.="\"remark\":\"".$remark."\",";
|
|
$json_data.="\"add_date\":\"".$add_date."\",";
|
|
break;
|
|
case "save_myinfo" :
|
|
$msg_error="";
|
|
$password=trim($password);
|
|
$password1=trim($password1);
|
|
//验证
|
|
if($password){
|
|
if($password!=$password1){
|
|
$msg_error="2次输入的密码不一致";
|
|
}
|
|
}
|
|
if($msg_error){
|
|
$json_data.="\"code\":0,\"msg\":\"".$msg_error."\",";
|
|
}else{
|
|
//
|
|
$log_action="修改我的信息";
|
|
if($password){
|
|
$up_password=",password='".md5($password)."'";
|
|
}
|
|
$query="update ".$table_pre."user set remark='".$remark."'".$up_password." where id='".$uid."'";
|
|
$db->query($query);
|
|
$lid=$id?$id:$db->insert_id();
|
|
set_log($log_action."用户",$msg_login_user["username"]."|".$uid);
|
|
$json_data.="\"code\":1,";
|
|
}
|
|
break;
|
|
case "add" :
|
|
if($id>0){
|
|
//编辑
|
|
$msg=get_db_msg("select * from ".$table_pre."user where id='".$id."'");
|
|
$add_date=date("Y-m-d H:i:s",$msg["add_date"]);
|
|
$live=$msg["live"];
|
|
$username=$msg["username"];
|
|
$remark=$msg["remark"];
|
|
//
|
|
$user_priv_this=$msg["priv"];
|
|
}else{
|
|
//添加
|
|
$add_date=date("Y-m-d H:i:s");
|
|
$live="y";
|
|
$username=$remark=$user_priv_this="";
|
|
}
|
|
//取得权限数据
|
|
$query="select id,title from ".$table_pre."channel where deep=1 order by ord";
|
|
$res=$db->query($query);
|
|
$i=0;
|
|
$str_priv1="";
|
|
while($msg=$db->fetch_array($res)){
|
|
$query1="select id,path,title from ".$table_pre."channel where path='0-".$msg["id"]."' order by ord";
|
|
$res1=$db->query($query1);
|
|
$j=0;
|
|
$str_priv2="";
|
|
while($msg1=$db->fetch_array($res1)){
|
|
$str_priv2.="{\"id\":\"".$msg1["id"]."\",\"path\":\"".$msg["id"]."-".$msg1["id"]."\",\"title\":\"".$msg1["title"]."\"},";
|
|
$j++;
|
|
}
|
|
if($j>0){
|
|
$str_priv1.="{\"title\":\"".$msg["title"]."\",\"son\":[".substr($str_priv2,0,-1)."]},";
|
|
$i++;
|
|
}
|
|
}
|
|
$json_data.="\"user_priv\":[".substr($str_priv1,0,-1)."],";
|
|
$json_data.="\"user_priv_this\":\"".$user_priv_this."\",";
|
|
$json_data.="\"live\":\"".$live."\",";
|
|
$json_data.="\"username\":\"".$username."\",";
|
|
$json_data.="\"remark\":\"".$remark."\",";
|
|
$json_data.="\"add_date\":\"".$add_date."\",";
|
|
break;
|
|
case "save_add" :
|
|
$msg_error="";
|
|
$username=trim($username);
|
|
$password=trim($password);
|
|
$password1=trim($password1);
|
|
//验证
|
|
if(!$username){
|
|
$msg_error="用户名不能为空";
|
|
}else{
|
|
$c=get_db_msg("select count(*) 'num' from ".$table_pre."user where id<>'".$id."' and username='".$username."'");
|
|
if($c["num"]>0){
|
|
$msg_error="该用户名已经存在";
|
|
}
|
|
}
|
|
if($id){
|
|
if($password){
|
|
if($password!=$password1){
|
|
$msg_error="2次输入的密码不一致";
|
|
}
|
|
}
|
|
}else{
|
|
if(!$password){
|
|
$msg_error="密码不能为空";
|
|
}else{
|
|
if($password!=$password1){
|
|
$msg_error="2次输入的密码不一致";
|
|
}
|
|
}
|
|
}
|
|
if($msg_error){
|
|
$json_data.="\"code\":0,\"msg\":\"".$msg_error."\",";
|
|
}else{
|
|
$add_date=day_to_time($add_date);
|
|
$live=($live=="on")?"y":"n";
|
|
//处理权限
|
|
$query="select id,title from ".$table_pre."channel where deep=1 order by ord";
|
|
$res=$db->query($query);
|
|
$i=0;
|
|
$priv1="";
|
|
while($msg=$db->fetch_array($res)){
|
|
$query1="select id,path,title from ".$table_pre."channel where path='0-".$msg["id"]."' order by ord";
|
|
$res1=$db->query($query1);
|
|
while($msg1=$db->fetch_array($res1)){
|
|
$var1="pid_".$msg1["id"];
|
|
if($$var1=="on")
|
|
$priv1.=$msg["id"]."-".$msg1["id"].",";
|
|
}
|
|
}
|
|
$priv1=$priv1?substr($priv1,0,-1):"";
|
|
//
|
|
if($id){
|
|
//
|
|
$log_action="修改";
|
|
if($password){
|
|
$up_password="password='".md5($password)."',";
|
|
}
|
|
$query="update ".$table_pre."user set live='".$live."',username='".$username."',priv='".$priv1."',".$up_password."remark='".$remark."',add_date='".$add_date."' where id='".$id."'";
|
|
}else{
|
|
$log_action="新增";
|
|
//
|
|
$query="insert ".$table_pre."user (live,priv,username,password,remark,add_date,lastactivity) values ('".$live."','".$priv1."','".$username."','".md5($password)."','".$remark."','".$add_date."','".$add_date."')";
|
|
}
|
|
$db->query($query);
|
|
$lid=$id?$id:$db->insert_id();
|
|
set_log($log_action."用户",$username."|".$lid);
|
|
$json_data.="\"code\":1,";
|
|
}
|
|
break;
|
|
case "set_live" :
|
|
$log_action="启用";
|
|
$m=get_db_msg("select id,username,live from ".$table_pre."user where id='".$id."'");
|
|
if($m["id"]>0){
|
|
$set_live=($m["live"]=="y")?"n":"y";
|
|
$query="update ".$table_pre."user set live='".$set_live."' where id='".$id."'";
|
|
$db->query($query);
|
|
set_log($log_action."用户",$m["username"]."|".$m["id"]);
|
|
$json_data.="\"code\":1,";
|
|
}else{
|
|
$msg_error="用户不存在";
|
|
$json_data.="\"code\":0,\"msg\":\"".$msg_error."\",";
|
|
}
|
|
break;
|
|
case "del" :
|
|
$id=(is_array($id))?$id:array($id);
|
|
$num=count($id);
|
|
for($i=0;$i<$num;$i++){
|
|
$db->query("delete from ".$table_pre."user where id='".$id[$i]."'");
|
|
$tmp=get_db_msg("select * from ".$table_pre."user where id='".$id[$i]."'");
|
|
$lid.=$tmp["username"]."|".$id[$i].", ";
|
|
}
|
|
$lid=substr($lid,0,-2);
|
|
set_log("删除用户",$lid);
|
|
$json_data.="\"code\":1,";
|
|
break;
|
|
default :
|
|
//
|
|
$page=$page>0?$page:1;
|
|
$limit=$limit>0?$limit:10;
|
|
$start=($page-1)*$limit;
|
|
$end=$limit;
|
|
//
|
|
$sql_con="";
|
|
if($s_live){
|
|
$sql_con.=" and live='".$s_live."'";
|
|
}
|
|
if($s_username){
|
|
$sql_con.=" and username like '%".$s_username."%'";
|
|
}
|
|
//取得总数
|
|
$tmp=get_db_msg("select count(*) 'num' from ".$table_pre."user where id>0 ".$sql_con);
|
|
$total_num=$tmp["num"];
|
|
$query="select * from ".$table_pre."user where id>0 ".$sql_con." order by add_date desc limit ".$start.",".$end;
|
|
//echo $query."<br>";
|
|
$res=$db->query($query);
|
|
$count=0;
|
|
$json_data.="\"code\":0,\"msg\":\"\",\"count\":".$total_num.",\"data\":[";
|
|
$str_tmp="";
|
|
while($msg=$db->fetch_array($res)){
|
|
$list=$count_first+$count+1;
|
|
$str_tmp.="{";
|
|
$str_tmp.="\"id\":\"".$msg["id"]."\",";
|
|
$str_tmp.="\"bh\":\"".$list."\",";
|
|
$str_tmp.="\"username\":\"".$msg["username"]."\",";
|
|
$str_tmp.="\"priv\":\"".print_priv_str($msg["priv"])."\",";
|
|
$str_tmp.="\"bz\":\"".$msg["remark"]."\",";
|
|
$str_tmp.="\"live\":\"".$msg["live"]."\",";
|
|
$str_tmp.="\"add_date\":\"".date("Y/m/d H:i",$msg["add_date"])."\"";
|
|
$str_tmp.="},";
|
|
$count++;
|
|
}
|
|
$json_data.=substr($str_tmp,0,-1)."],";
|
|
break;
|
|
}
|
|
}
|
|
$json_data=substr($json_data,0,-1)."}";
|
|
echo $json_data;
|
|
?>
|