function SMS_ADD_POST($person = 0, $content = 0, $type, $url = 0, $userid)
{
//发送消息表
$sms_send = array('receiveperson' => $person, 'content' => $content, 'uid' => $userid, 'date' => get_date('y-m-d H:i:s', PHP_TIME));
insert_db('sms_send', $sms_send);
global $db;
$blog = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE receiveperson = '" . $person . "' and uid='" . $userid . "' order by id desc");
$id = $blog["id"];
//获取字符串
$receivepersonarr = explode(',', $person);
//发送消息表
for ($i = 0; $i < sizeof($receivepersonarr); $i++) {
//接收消息表
$sms_receive = array('sendperson' => $userid, 'date' => get_date('y-m-d H:i:s', PHP_TIME), 'content' => $content, 'receiveperson' => get_userid($receivepersonarr[$i]), 'type' => '2', 'smskey' => '1', 'sendid' => $id);
//接收消息表
insert_db('sms_receive', $sms_receive);
}
if ($id != '') {
$oalog = array('uid' => $userid, 'content' => $content . get_log(1) . $person, 'title' => '发布短消息', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4');
insert_db('oalog', $oalog);
}
if ($type == '1') {
goto_page($url);
}
}
<?php
(!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!');
//if ( !is_superadmin() && !check_purview('manage_link') ) prompt('对不起,你没有权限执行本操作!');
//初始化信息,进入表单页面
empty($do) && ($do = 'list');
if ($do == 'edit') {
$id = getGP('id', 'G', 'int');
$blog = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "book WHERE id = '{$id}' ");
include_once 'template/views.php';
} elseif ($do == 'save') {
goto_page(getGP('dow', 'P'));
}
//读取部门
function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0)
{
$str = "";
global $db;
$query = $db->query("SELECT * FROM " . DB_TABLEPRE . "book_type where father='{$fatherid}' ORDER BY id Asc ");
if (count($query) > 0) {
for ($i = 0; $i < $layer; $i++) {
$str .= "├";
}
while ($row = $db->fetch_array($query)) {
$selstr = $row['id'] == $selid ? 'selected="selected"' : '';
$htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>';
echo $htmlstr;
GET_FILE_PUBLIC_LIST($row['id'], $selid, $layer + 1, $type);
}
}
return;
$db->query("DELETE FROM " . DB_TABLEPRE . "sms_receive WHERE id = '{$id}' ");
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'");
}
show_msg('短消息删除成功!', 'admin.php?ac=receive&fileurl=sms&userkeytype=' . getGP('userkeytype', 'P') . '');
} elseif ($do == 'smskey') {
$idarr = getGP('id', 'G');
//foreach ($idarr as $id) {
$sms_receive = array('smskey' => 2);
update_db('sms_receive', $sms_receive, array('id' => $idarr));
//}
goto_page('admin.php?ac=receive&fileurl=sms&userkeytype=' . $_GET['userkeytype']);
} elseif ($do == 'smskeymana') {
$idarr = getGP('id', 'G');
$sms_receive = array('smskey' => 2);
update_db('sms_receive', $sms_receive, array('id' => $idarr));
goto_page("admin.php?ac=" . str_replace('-', "&", getGP('urls', 'G')));
} elseif ($do == 'excel') {
$datename = "sms_" . get_date('YmdHis', PHP_TIME);
$outputFileName = 'data/excel/' . $datename . '.xls';
$content = array();
$archive = array("状态", "发送人", "发送时间", "内容");
$content[] = $archive;
$wheresql = '';
$vuidtype = getGP('vuidtype', 'P');
if (!is_superadmin() && $vuidtype == '') {
$wheresql .= " AND receiveperson ='" . $_USER->id . "'";
}
if ($vuidtype != '') {
$wheresql .= get_subordinate($_USER->id, 'receiveperson');
}
$sql = "SELECT * FROM " . DB_TABLEPRE . "sms_receive WHERE 1 {$wheresql} ORDER BY id desc";
<?php
// Returns an error code.
require_once "api.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$connection = get_connection();
check_connection($connection);
$username = $connection->real_escape_string($_POST["username"]);
$password = $connection->real_escape_string($_POST["password"]);
echo register_user($connection, $username, $password);
$connection->close();
} else {
goto_page("");
}
if (strtolower($vdcode) != $_SESSION['vdcode']) {
$errmsg[] = '验证码不正确。';
}
unset($_SESSION['vdcode']);
}
if (count($errmsg)) {
show_msg($errmsg, 'login.php');
}
$flag = $_USER->login($username, $password, $remember);
if ($flag == 1) {
//记录cookies
setcookie("username", $username, time() + 3600 * 24 * 365);
goto_page('admin.php');
} elseif ($flag == -3) {
show_msg('登录失败,你的帐号尚未通过审核。', 'login.php');
} elseif ($flag == -5) {
show_msg('登录失败,你的IP错误。', 'login.php');
} else {
show_msg('登录失败,用户名或密码错误。', 'login.php');
}
}
if ($do == "logout") {
$_USER->logout();
session_destroy();
show_msg('你已经安全退出登录,现在转到首页...', './');
} else {
if ($_USER->id) {
goto_page('admin.php');
}
}
include_once template . 'login.php';
$res = Utility::HttpRequest($phoneurl);
$rqnum = explode('||', $res);
for ($i = 0; $i < sizeof($rqnum); $i++) {
$revalue = explode('#', $rqnum[$i]);
if ($rqnum[$i] != '') {
$phone_receive = array('content' => u8gb($revalue[1]), 'sendphone' => $revalue[0], 'date' => $revalue[2]);
//接收消息表
insert_db('phone_receive', $phone_receive);
}
}
//////////////////////////////////////////////
//读数据
//列表信息
$wheresql = '';
$page = max(1, getGP('page', 'G', 'int'));
$pagesize = 20;
$offset = ($page - 1) * $pagesize;
$url = 'admin.php?ac=smsreceive&fileurl=sms';
$num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "phone_receive WHERE 1 {$wheresql} ");
$sql = "SELECT * FROM " . DB_TABLEPRE . "phone_receive WHERE 1 {$wheresql} ORDER BY id desc LIMIT {$offset}, {$pagesize}";
$result = $db->fetch_all($sql);
include_once 'template/smsreceive.php';
} elseif ($do == '删 除') {
get_key("office_sms_delete");
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$db->query("DELETE FROM " . DB_TABLEPRE . "phone_receive WHERE id = '{$id}' ");
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'");
}
goto_page('admin.php?ac=smsreceive&fileurl=sms&message=1');
}
update_db('sms_receive', $sms_receive, array('receiveperson' => $_USER->id));
$wheresql = '';
$page = max(1, getGP('page', 'G', 'int'));
$pagesize = 20;
$offset = ($page - 1) * $pagesize;
$url = 'admin.php?ac=sms_receive&fileurl=sms';
$wheresql .= " AND receiveperson='" . $_USER->id . "'";
if ($type = getGP('type', 'G')) {
$wheresql .= " AND type ='" . $_GET["type"] . "'";
$url .= '&type=' . rawurlencode($type);
}
$num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "sms_receive WHERE 1 {$wheresql} and smskey='1' ORDER BY smskey asc, id desc");
$sql = "SELECT * FROM " . DB_TABLEPRE . "sms_receive WHERE 1 {$wheresql} and smskey='1' ORDER BY smskey asc, id desc LIMIT {$offset}, {$pagesize}";
$result = $db->fetch_all($sql);
include_once 'template/sms_receive.php';
} elseif ($do == '删 除') {
get_key("office_info_delete");
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$db->query("DELETE FROM " . DB_TABLEPRE . "sms_receive WHERE id = '{$id}' ");
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'");
}
goto_page('admin.php?ac=sms_receive&fileurl=sms&message=1&type=' . $_GET["type"] . '');
} elseif ($do == '标志为己读') {
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$sms_receive = array('smskey' => 2);
update_db('sms_receive', $sms_receive, array('id' => $id));
}
goto_page('admin.php?ac=sms_receive&fileurl=sms&message=1&type=' . $_GET["type"] . '');
}
}
empty($do) && ($do = 'list');
if ($do == 'list') {
$goodsid = "515158";
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$goodsid = $goodsid . "," . $id;
}
//echo str_replace("515158,","",$goodsid);
//exit;
$sql = "SELECT * FROM " . DB_TABLEPRE . "office_goods WHERE id in(" . str_replace("515158,", "", $goodsid) . ") ORDER BY id desc";
$result = $db->fetch_all($sql);
if (str_replace("515158", "", $goodsid) != '') {
include_once 'template/goods_stock_add.php';
} else {
goto_page('admin.php?ac=goods_stock_goodsadd&fileurl=goods');
}
} elseif ($do == 'save') {
$savetype = getGP('savetype', 'P');
$type = getGP('type', 'P');
$content = getGP('content', 'P');
//计算总价
$idarr = getGP('id', 'P', 'array');
$arr_id = "515158";
foreach ($idarr as $id) {
$arr_id = $arr_id . "," . $id;
}
//
$goods_typearr = getGP('goods_type', 'P', 'array');
$arr_goods_type = "515158";
foreach ($goods_typearr as $goods_type) {
} elseif ($do == 'save') {
$savetype = getGP('savetype', 'P');
$id = getGP('id', 'P', 'int');
$goods_type = getGP('goods_type', 'P');
$title = getGP('title', 'P');
$specification = getGP('specification', 'P');
$unit = getGP('unit', 'P');
$price = getGP('price', 'P');
$number = getGP('number', 'P');
$content = getGP('content', 'P');
$recorduser = getGP('recorduser', 'P');
$department = getGP('department', 'P');
$recordnum = getGP('recordnum', 'P');
$office_goods_record = array('goods_type' => $goods_type, 'title' => $title, 'specification' => $specification, 'unit' => $unit, 'price' => $price, 'number' => $number, 'content' => $content, 'recorduser' => $recorduser, 'department' => $department, 'type' => 1, 'officegoods' => $id, 'recordnum' => $recordnum, 'date' => get_date('Y-m-d H:i:s', PHP_TIME), 'uid' => $_USER->id);
insert_db('office_goods_record', $office_goods_record);
goto_page('admin.php?ac=goods_record_view&fileurl=goods&mykey=1');
}
//读取部门
function GET_FILE_PUBLIC_LIST($fatherid = 0, $selid = 0, $layer = 0)
{
$str = "";
global $db;
$query = $db->query("SELECT * FROM " . DB_TABLEPRE . "goods_type where father='{$fatherid}' ORDER BY id Asc ");
if (count($query) > 0) {
for ($i = 0; $i < $layer; $i++) {
$str .= "├";
}
while ($row = $db->fetch_array($query)) {
$selstr = $row['id'] == $selid ? 'selected="selected"' : '';
$htmlstr = '<option value="' . $row['id'] . '" ' . $selstr . '>' . $str . $row['title'] . '</option>';
echo $htmlstr;
if ($_GET["type"] == '1') {
$wheresql = "and uid='" . $_USER->id . "'";
}
}
$num = $db->result("SELECT COUNT(*) AS num FROM " . DB_TABLEPRE . "communication WHERE 1 {$wheresql}");
$sql = "SELECT * FROM " . DB_TABLEPRE . "communication WHERE 1 {$wheresql} ORDER BY id desc LIMIT {$offset}, {$pagesize}";
$result = $db->fetch_all($sql);
include_once 'template/index.php';
} elseif ($do == 'update') {
get_key("office_communication_delete");
$idarr = getGP('id', 'P', 'array');
foreach ($idarr as $id) {
$db->query("DELETE FROM " . DB_TABLEPRE . "communication WHERE id = '{$id}' ");
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'");
}
$content = serialize($idarr);
$title = '删除通迅录';
get_logadd($id, $content, $title, 9, $_USER->id);
show_msg('删除通迅录成功!', 'admin.php?ac=index&fileurl=communication&message=1&type=' . getGP('type', 'P') . '');
} elseif ($do == 'phone') {
$idarr = getGP('phone', 'P', 'array');
$phones = "|515158|";
$persons = "|515158|";
foreach ($idarr as $phone) {
if ($phone != '') {
$phones .= "," . $phone;
$persons .= "," . getGP('person_' . $phone . '', 'P');
}
}
goto_page('admin.php?ac=smsadd&fileurl=sms&phone=' . str_replace("|515158|,", " ", $phones) . '&name=' . str_replace("|515158|,", " ", $persons) . '');
}
