/**
* 权限选择
*/
public function actionUpdate()
{
$user_id = $_GET['user_id'];
$user_row = AdminUsers::model()->find("user_id = {$user_id}");
if ($_POST) {
$UserAttr = $_POST['User'];
if (AdminUsers::model()->updateByPk($user_id, array('name' => $UserAttr['name'], 'role' => $UserAttr['role']))) {
$this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=success');
} else {
$this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=fail');
}
}
$role_list = AdminGroup::model()->findAll();
$param['save'] = $param['result'] = '';
if (isset($_GET['save'])) {
$param['save'] = $_GET['save'];
}
if (isset($_GET['result'])) {
$param['result'] = $_GET['result'];
}
$model['user_row'] = $user_row;
$model['role_list'] = $role_list;
$model['param'] = $param;
$this->render('update', array('model' => $model));
}
/**
* 后台管理员登录
*/
public function actionLogin()
{
$model = new AdminUsers();
$error = false;
if ($_POST) {
$name = $_POST['Desktopusers']['name'];
$password = md5(md5($_POST['Desktopusers']['password']));
//用户名、密码检查
$user = AdminUsers::model()->find("name = :name AND password = :password", array(':name' => $name, ':password' => $password));
if ($user) {
//注入session
$permisson = $this->_UserPermission($user['role']);
$admini = array('user_id' => $user['user_id'], 'name' => $name, 'super' => $user['super'], 'role' => $user['role'], 'group_name' => $permisson['group_name'], 'acl' => $permisson['acl']);
Yii::app()->session['_admini'] = $admini;
$this->redirect('?r=desktop/default/index');
} else {
$error = true;
$this->render('login', array('model' => $model, 'error' => $error));
}
} else {
$this->render('login', array('model' => $model, 'error' => $error));
}
}
<div class="content form_create">
<article>
<h1>Atualizar Usuário!</h1>
<?php
$ClienteData = filter_input_array(INPUT_POST, FILTER_DEFAULT);
$User = filter_input(INPUT_GET, 'users', FILTER_VALIDATE_INT);
if ($ClienteData && $ClienteData['SendPostForm']) {
unset($ClienteData['SendPostForm']);
require_once '_models/AdminUsers.class.php';
$AdminUsers = new AdminUsers();
$AdminUsers->ExeUpdate($User, $ClienteData);
WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]);
} else {
$Read = new WsUsers();
$Read->setUser_id($User);
$Read->Execute()->Query("#user_id#");
if ($Read->Execute()->getResult()) {
$ClienteData = (array) $Read->Execute()->getResult()[0];
unset($ClienteData['user_password']);
}
}
$checkCreate = filter_input(INPUT_GET, 'create', FILTER_VALIDATE_BOOLEAN);
if ($checkCreate && empty($AdminUsers)) {
WSErro("O Usuário <b>{$ClienteData['user_name']}</b> foi cadastrado com sucesso no sistema!", WS_ACCEPT);
}
?>
<form action = "" method = "post" name = "UserCreateForm">
<div class="content form_create">
<article>
<h1>Usuários: <a href="painel.php?exe=users/create" title="Cadastrar Novo" class="user_cad">Cadastrar Usuário</a></h1>
<?php
$delUser = filter_input(INPUT_GET, 'delete', FILTER_VALIDATE_BOOLEAN);
$user = filter_input(INPUT_GET, 'users', FILTER_VALIDATE_INT);
require_once '_models/AdminUsers.class.php';
$AdminUsers = new AdminUsers();
if ($delUser) {
$AdminUsers->ExeDelete($user);
WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]);
}
?>
<ul class="ultable">
<li class="t_title">
<span class="ui center">Res:</span>
<span class="un">Nome:</span>
<span class="ue">E-mail:</span>
<span class="ur center">Registro:</span>
<span class="ua center">Atualização:</span>
<span class="ul center">Nível:</span>
<span class="ed center">-</span>
</li>
<?php
$WsUsers = $AdminUsers->checkLast();
if ($WsUsers->getResult()) {
extract($_SESSION['userlogin']);
?>
<h1>Olá <?php
echo "{$user_name} {$user_lastname}";
?>
, atualize seu perfíl!</h1>
<?php
$ClienteData = filter_input_array(INPUT_POST, FILTER_DEFAULT);
$UserId = $_SESSION['userlogin']['user_id'];
if ($ClienteData && $ClienteData['SendPostForm']) {
unset($ClienteData['SendPostForm']);
extract($ClienteData);
require '_models/AdminUsers.class.php';
$cadastra = new AdminUsers();
$ClienteData['user_level'] = null;
$cadastra->ExeUpdate($UserId, $ClienteData);
if ($cadastra->getResult()) {
WSErro("Seus dados foram atualizados com sucesso! <i>O sistema será atualizado no próximo login!!!</i>", WS_ACCEPT);
} else {
WSErro($cadastra->getError()[0], $cadastra->getError()[1]);
}
} else {
extract($_SESSION['userlogin']);
}
?>
<form action = "" method = "post" name = "UserEditForm">
<label class="label">
<?php
$session = new Session();
$user = AdminUsers::find_by_id($session->id);
?>
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="gida.php">Dashboard TPS (v0.1) - Welcome, <i><?php
echo $user->admin_name;
?>
</i></a>
</div>
<ul class="nav navbar-top-links navbar-right">
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-envelope fa-fw"></i> <i class="fa fa-caret-down"></i>
</a>
<ul class="dropdown-menu dropdown-messages">
<li>
<a href="#">
<div>
<strong>John Smith</strong>
<span class="pull-right text-muted">
<em>Yesterday</em>
</span>
<!-- get the staff name from approval to dispache -->
<table width="100%">
<tr>
<td width="25%"></td>
<td width="25%"></td>
<td width="50%"colspan="2"></td>
</tr>
<tbody>
</tr>
<?php
$sql_staff = "SELECT * FROM `applicant_status`\r\n WHERE `application_no` = '" . $label . "'\r\n ORDER BY status_id ASC Limit 4";
$process = ApplicantStatus::find_by_sql($sql_staff);
foreach ($process as $app_status) {
if (isset($app_status->status_id) && !empty($app_status->status_id)) {
$staff = AdminUsers::find_by_id($app_status->admin_id);
$msg = ' <td style=""><i class="icon-user"> </i> by ' . $staff->admin_name . '</td>';
echo output_message($msg);
}
}
?>
</tr>
</tbody>
</table>
<?php
}
?>
</div>
</div><!--/span-->
</div><!--/row-->
<a href="painel.php?exe=perfil/index" title="Cadastrar Novo" class="user_cad">Perfil de usuários</a>
<a href="painel.php?exe=users/create" title="Cadastrar Novo" class="user_cad">Cadastrar Usuário</a>
</h1>
<form method="post">
<label class="label_medium">
<input name="search" type="text" placeholder="pequise aqui"/>
</label>
<button class="btn blue">Pesquise</button>
</form>
<?php
$action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT);
$user = filter_input(INPUT_GET, 'users', FILTER_VALIDATE_INT);
require_once '_models/AdminUsers.class.php';
$AdminUsers = new AdminUsers();
if ($action) {
switch ($action) {
case 'active':
$AdminUsers->ExeStatus($user, '1');
WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]);
break;
case 'inative':
$AdminUsers->ExeStatus($user, '0');
WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]);
break;
default:
WSErro("Ação não foi identificada pelo sistema, favor utilize os botões", WS_ERROR);
break;
}
}
<div class="content form_create">
<article>
<h1>Cadastrar Usuário!</h1>
<?php
$ClienteData = filter_input_array(INPUT_POST, FILTER_DEFAULT);
if ($ClienteData && $ClienteData['SendPostForm']) {
unset($ClienteData['SendPostForm']);
require_once '_models/AdminUsers.class.php';
$AdminUsers = new AdminUsers();
$AdminUsers->ExeCreate($ClienteData);
if ($AdminUsers->getResult()) {
header('Location: painel.php?exe=users/update&create=true&users=' . $AdminUsers->getResult());
} else {
WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]);
}
}
?>
<form action = "" method = "post" name = "UserCreateForm">
<label class="label">
<span class="field">User:</span>
<input
type = "text"
name = "user_nickname"
value="<?php
if (!empty($ClienteData['user_nickname'])) {
echo $ClienteData['user_nickname'];
}
# Your don't have an account yet or email and password combination wrong
# Delay for few seconds for the loader
doSleep();
$msg = '<h4 class="alert alert-danger">Oopsy - something went wrong.</h4>';
$msg .= '<hr>';
$msg .= 'Your information does not exist in our database it may be due to the following reasons.';
$msg .= '<ol>';
$msg .= '<li>Your Staff Number and Password Combination is Wrong.</li>';
$msg .= '<li>You do not have an account.</li>';
$msg .= '</ol>';
echo output_message($msg);
} else {
// store applicant_id in session
$session->admin_login($user->id);
log_action('Login Successful', "{$user->email} logged in.");
$adminLog = new AdminUsers();
$adminLog->id = $user->id;
if ($user->activated == 1) {
# Delay for few seconds for the loader
doSleep();
// modal information
$msg = '<h4 class="alert alert-success">' . $display_greeting . ', ' . ucfirst($user->admin_name) . '</h4>';
// for admin to change his password
if ($user->edit_status == 0) {
$msg .= '<hr>';
$msg .= 'You must edit your details and also change your password before you can continue<br>';
$msg .= '<hr>';
$msg .= '<a href="editprofile.php" class="btn btn-info">Proceed</a>';
echo output_message($msg);
} else {
//die();
if (substr($file, -3, 3) == 'php') {
include DIR . '/admin/lib/' . $file;
}
}
//Библиотеки с сайтовой части
include_once DIR . '/system/lib/additionalFunctions.php';
include_once DIR . '/system/lib/image.php';
//Создание объекта БД
$MySQL_obj = new MySQL();
function db()
{
global $MySQL_obj;
return clone $MySQL_obj;
}
//Авторизация пользователя
$user = new AdminUsers();
//echo '<pre>'.print_r($_SESSION,1).'</pre>';
//Подключение модулей
$modules = array();
$mods = scandir(DIR . '/admin/modules', 1);
foreach ($mods as $file) {
if (substr($file, -3, 3) == 'php') {
$module_name = substr($file, 0, -4);
//Доспуп пользователя к модулям
if (!$user->isAllowed($module_name)) {
continue;
}
include DIR . '/admin/modules/' . $file;
$modules[$module_name::order] = array('module' => $module_name, 'name' => $module_name::name, 'hide' => $module_name::hide ? $module_name::hide : false);
}
}
