require_once "../App.class.php"; App::loadMod("User"); $app = new App(); $user = new User(); if (!$user->isLogin()) { header("Location: status.php?action=login"); } if ($user->getPower() != 0) { header("Location: status.php?action=login"); } if (isset($_GET['action']) || isset($_GET['user'])) { if (!$user->str_check($_GET['user'])) { header("Location: error.php"); } if ($_GET['action'] == "delete") { $user->userDelete($_GET['user']); echo "<script language=\"javascript\">alert('删除成功!');history.back(-1);</script>"; die; } if ($_GET['action'] == "up") { $user->userRenew($_GET['user'], $user->getPass($_GET['user']), "", 0); echo "<script language=\"javascript\">alert('提权成功!');history.back(-1);</script>"; die; } if ($_GET['action'] == "down") { $user->userRenew($_GET['user'], $user->getPass($_GET['user']), "", 1); echo "<script language=\"javascript\">alert('降权成功!');history.back(-1);</script>"; die; } } $limit = isset($_GET['page']) ? (intval($_GET['page']) - 1) * 20 : "0";
$mail = fixTags(trim($_POST['email'])); //yeni kayıtta email $fullname = fixTags(trim($_POST['name'])); $userPosition = fixTags(trim($_POST['userPosition'])); if (!$username || !preg_match("/^\\S+@\\S+\$/", $mail) || !$fullname || !$userPosition) { redirect('userList.php?msg=error'); } else { $reg = $usrObj->registerUser($username, $password, $mail, $fullname, $userPosition); if ($reg) { redirect('userList.php?msg=success'); } else { redirect('userList.php?msg=error'); } } break; case "userEdit": $username = fixTags(trim($_POST['username'])); $mail = fixTags(trim($_POST['email'])); $fullname = fixTags(trim($_POST['name'])); $userPosition = fixTags(trim($_POST['userPosition'])); $usrObj->userUpdate($_GET["userId"], $username, $mail, $fullname, $userPosition); redirect('userList.php'); break; case "userDelete": $usrObj->userDelete($_GET["id"]); redirect('userList.php'); break; } } else { $usrObj->redirect('login.php'); }