/** * 权限选择 */ public function actionUpdate() { $user_id = $_GET['user_id']; $user_row = AdminUsers::model()->find("user_id = {$user_id}"); if ($_POST) { $UserAttr = $_POST['User']; if (AdminUsers::model()->updateByPk($user_id, array('name' => $UserAttr['name'], 'role' => $UserAttr['role']))) { $this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=success'); } else { $this->redirect('?r=desktop/user/update&user_id=' . $user_id . '&save=update&result=fail'); } } $role_list = AdminGroup::model()->findAll(); $param['save'] = $param['result'] = ''; if (isset($_GET['save'])) { $param['save'] = $_GET['save']; } if (isset($_GET['result'])) { $param['result'] = $_GET['result']; } $model['user_row'] = $user_row; $model['role_list'] = $role_list; $model['param'] = $param; $this->render('update', array('model' => $model)); }
/** * 后台管理员登录 */ public function actionLogin() { $model = new AdminUsers(); $error = false; if ($_POST) { $name = $_POST['Desktopusers']['name']; $password = md5(md5($_POST['Desktopusers']['password'])); //用户名、密码检查 $user = AdminUsers::model()->find("name = :name AND password = :password", array(':name' => $name, ':password' => $password)); if ($user) { //注入session $permisson = $this->_UserPermission($user['role']); $admini = array('user_id' => $user['user_id'], 'name' => $name, 'super' => $user['super'], 'role' => $user['role'], 'group_name' => $permisson['group_name'], 'acl' => $permisson['acl']); Yii::app()->session['_admini'] = $admini; $this->redirect('?r=desktop/default/index'); } else { $error = true; $this->render('login', array('model' => $model, 'error' => $error)); } } else { $this->render('login', array('model' => $model, 'error' => $error)); } }
<div class="content form_create"> <article> <h1>Atualizar Usuário!</h1> <?php $ClienteData = filter_input_array(INPUT_POST, FILTER_DEFAULT); $User = filter_input(INPUT_GET, 'users', FILTER_VALIDATE_INT); if ($ClienteData && $ClienteData['SendPostForm']) { unset($ClienteData['SendPostForm']); require_once '_models/AdminUsers.class.php'; $AdminUsers = new AdminUsers(); $AdminUsers->ExeUpdate($User, $ClienteData); WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]); } else { $Read = new WsUsers(); $Read->setUser_id($User); $Read->Execute()->Query("#user_id#"); if ($Read->Execute()->getResult()) { $ClienteData = (array) $Read->Execute()->getResult()[0]; unset($ClienteData['user_password']); } } $checkCreate = filter_input(INPUT_GET, 'create', FILTER_VALIDATE_BOOLEAN); if ($checkCreate && empty($AdminUsers)) { WSErro("O Usuário <b>{$ClienteData['user_name']}</b> foi cadastrado com sucesso no sistema!", WS_ACCEPT); } ?> <form action = "" method = "post" name = "UserCreateForm">
<div class="content form_create"> <article> <h1>Usuários: <a href="painel.php?exe=users/create" title="Cadastrar Novo" class="user_cad">Cadastrar Usuário</a></h1> <?php $delUser = filter_input(INPUT_GET, 'delete', FILTER_VALIDATE_BOOLEAN); $user = filter_input(INPUT_GET, 'users', FILTER_VALIDATE_INT); require_once '_models/AdminUsers.class.php'; $AdminUsers = new AdminUsers(); if ($delUser) { $AdminUsers->ExeDelete($user); WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]); } ?> <ul class="ultable"> <li class="t_title"> <span class="ui center">Res:</span> <span class="un">Nome:</span> <span class="ue">E-mail:</span> <span class="ur center">Registro:</span> <span class="ua center">Atualização:</span> <span class="ul center">Nível:</span> <span class="ed center">-</span> </li> <?php $WsUsers = $AdminUsers->checkLast(); if ($WsUsers->getResult()) {
extract($_SESSION['userlogin']); ?> <h1>Olá <?php echo "{$user_name} {$user_lastname}"; ?> , atualize seu perfíl!</h1> <?php $ClienteData = filter_input_array(INPUT_POST, FILTER_DEFAULT); $UserId = $_SESSION['userlogin']['user_id']; if ($ClienteData && $ClienteData['SendPostForm']) { unset($ClienteData['SendPostForm']); extract($ClienteData); require '_models/AdminUsers.class.php'; $cadastra = new AdminUsers(); $ClienteData['user_level'] = null; $cadastra->ExeUpdate($UserId, $ClienteData); if ($cadastra->getResult()) { WSErro("Seus dados foram atualizados com sucesso! <i>O sistema será atualizado no próximo login!!!</i>", WS_ACCEPT); } else { WSErro($cadastra->getError()[0], $cadastra->getError()[1]); } } else { extract($_SESSION['userlogin']); } ?> <form action = "" method = "post" name = "UserEditForm"> <label class="label">
<?php $session = new Session(); $user = AdminUsers::find_by_id($session->id); ?> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand" href="gida.php">Dashboard TPS (v0.1) - Welcome, <i><?php echo $user->admin_name; ?> </i></a> </div> <ul class="nav navbar-top-links navbar-right"> <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown" href="#"> <i class="fa fa-envelope fa-fw"></i> <i class="fa fa-caret-down"></i> </a> <ul class="dropdown-menu dropdown-messages"> <li> <a href="#"> <div> <strong>John Smith</strong> <span class="pull-right text-muted"> <em>Yesterday</em> </span>
<!-- get the staff name from approval to dispache --> <table width="100%"> <tr> <td width="25%"></td> <td width="25%"></td> <td width="50%"colspan="2"></td> </tr> <tbody> </tr> <?php $sql_staff = "SELECT * FROM `applicant_status`\r\n WHERE `application_no` = '" . $label . "'\r\n ORDER BY status_id ASC Limit 4"; $process = ApplicantStatus::find_by_sql($sql_staff); foreach ($process as $app_status) { if (isset($app_status->status_id) && !empty($app_status->status_id)) { $staff = AdminUsers::find_by_id($app_status->admin_id); $msg = ' <td style=""><i class="icon-user"> </i> by ' . $staff->admin_name . '</td>'; echo output_message($msg); } } ?> </tr> </tbody> </table> <?php } ?> </div> </div><!--/span--> </div><!--/row-->
<a href="painel.php?exe=perfil/index" title="Cadastrar Novo" class="user_cad">Perfil de usuários</a> <a href="painel.php?exe=users/create" title="Cadastrar Novo" class="user_cad">Cadastrar Usuário</a> </h1> <form method="post"> <label class="label_medium"> <input name="search" type="text" placeholder="pequise aqui"/> </label> <button class="btn blue">Pesquise</button> </form> <?php $action = filter_input(INPUT_GET, 'action', FILTER_DEFAULT); $user = filter_input(INPUT_GET, 'users', FILTER_VALIDATE_INT); require_once '_models/AdminUsers.class.php'; $AdminUsers = new AdminUsers(); if ($action) { switch ($action) { case 'active': $AdminUsers->ExeStatus($user, '1'); WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]); break; case 'inative': $AdminUsers->ExeStatus($user, '0'); WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]); break; default: WSErro("Ação não foi identificada pelo sistema, favor utilize os botões", WS_ERROR); break; } }
<div class="content form_create"> <article> <h1>Cadastrar Usuário!</h1> <?php $ClienteData = filter_input_array(INPUT_POST, FILTER_DEFAULT); if ($ClienteData && $ClienteData['SendPostForm']) { unset($ClienteData['SendPostForm']); require_once '_models/AdminUsers.class.php'; $AdminUsers = new AdminUsers(); $AdminUsers->ExeCreate($ClienteData); if ($AdminUsers->getResult()) { header('Location: painel.php?exe=users/update&create=true&users=' . $AdminUsers->getResult()); } else { WSErro($AdminUsers->getError()[0], $AdminUsers->getError()[1]); } } ?> <form action = "" method = "post" name = "UserCreateForm"> <label class="label"> <span class="field">User:</span> <input type = "text" name = "user_nickname" value="<?php if (!empty($ClienteData['user_nickname'])) { echo $ClienteData['user_nickname']; }
# Your don't have an account yet or email and password combination wrong # Delay for few seconds for the loader doSleep(); $msg = '<h4 class="alert alert-danger">Oopsy - something went wrong.</h4>'; $msg .= '<hr>'; $msg .= 'Your information does not exist in our database it may be due to the following reasons.'; $msg .= '<ol>'; $msg .= '<li>Your Staff Number and Password Combination is Wrong.</li>'; $msg .= '<li>You do not have an account.</li>'; $msg .= '</ol>'; echo output_message($msg); } else { // store applicant_id in session $session->admin_login($user->id); log_action('Login Successful', "{$user->email} logged in."); $adminLog = new AdminUsers(); $adminLog->id = $user->id; if ($user->activated == 1) { # Delay for few seconds for the loader doSleep(); // modal information $msg = '<h4 class="alert alert-success">' . $display_greeting . ', ' . ucfirst($user->admin_name) . '</h4>'; // for admin to change his password if ($user->edit_status == 0) { $msg .= '<hr>'; $msg .= 'You must edit your details and also change your password before you can continue<br>'; $msg .= '<hr>'; $msg .= '<a href="editprofile.php" class="btn btn-info">Proceed</a>'; echo output_message($msg); } else { //die();
if (substr($file, -3, 3) == 'php') { include DIR . '/admin/lib/' . $file; } } //Библиотеки с сайтовой части include_once DIR . '/system/lib/additionalFunctions.php'; include_once DIR . '/system/lib/image.php'; //Создание объекта БД $MySQL_obj = new MySQL(); function db() { global $MySQL_obj; return clone $MySQL_obj; } //Авторизация пользователя $user = new AdminUsers(); //echo '<pre>'.print_r($_SESSION,1).'</pre>'; //Подключение модулей $modules = array(); $mods = scandir(DIR . '/admin/modules', 1); foreach ($mods as $file) { if (substr($file, -3, 3) == 'php') { $module_name = substr($file, 0, -4); //Доспуп пользователя к модулям if (!$user->isAllowed($module_name)) { continue; } include DIR . '/admin/modules/' . $file; $modules[$module_name::order] = array('module' => $module_name, 'name' => $module_name::name, 'hide' => $module_name::hide ? $module_name::hide : false); } }