function check_power()
{
global $global;
$flag = 0;
if ($global['admin_id']) {
$obj = new admin();
$obj->set_where('adm_id = ' . $global['admin_id']);
$one = $obj->get_one();
if ($one['adm_power'] == 'all') {
$flag = 1;
} elseif ($one['adm_power'] != '') {
$val = $global['channel'] . '/mod-' . $global['mod'];
$urls = explode('|', $one['adm_power']);
for ($i = 0; $i < count($urls); $i++) {
if ($urls[$i] == '/' . $val . '/') {
$flag = 1;
break;
}
}
if ($flag == 0) {
$obj = new menu();
$obj->set_where('');
$obj->set_where("men_url like '%" . $val . "%'");
if ($obj->get_count() == 0) {
$flag = 1;
}
}
}
}
return $flag;
}
function module_admin_power()
{
global $global, $smarty;
$obj = new admin();
$obj->set_where('adm_id = ' . $global['id']);
$one = $obj->get_one();
$power = get_power_arr();
if ($one['adm_power'] == 'all') {
for ($i = 0; $i < count($power); $i++) {
$power[$i]['set'] = 1;
}
} elseif ($one['adm_power'] != '') {
$urls = explode('|', $one['adm_power']);
} else {
$urls = array();
}
if ($one['adm_power'] != 'all') {
for ($i = 0; $i < count($power); $i++) {
for ($j = 0; $j < count($urls); $j++) {
if ($power[$i]['url'] == $urls[$j]) {
$power[$i]['set'] = 1;
break;
} else {
$power[$i]['set'] = 0;
}
}
}
}
$smarty->assign('admin', $one);
$smarty->assign('power', $power);
}
function module_admin_edit()
{
global $global, $smarty;
$obj = new admin();
$obj->set_where('adm_id = ' . $global['id']);
$smarty->assign('admin', $obj->get_one());
}
function module_admin_list()
{
global $global, $smarty;
$obj = new admin();
$list = $obj->get_list();
$smarty->assign('admin', $list);
$obj->set_where('adm_id = ' . $global['admin_id']);
$one = $obj->get_one();
$smarty->assign('me', $one);
}
function admin_login()
{
safe('admin_login');
global $smarty, $lang;
$username = substr(post('username'), 0, 30);
$password = substr(post('password'), 0, 30);
if ($username == '' || $password == '') {
unset_session('admin_username');
unset_session('admin_password');
$info_text = '对不起,用户名和密码不能为空';
$link_text = '返回重新登录';
} else {
$password = md5($password);
$obj = new admin();
$obj->set_field('adm_id,adm_last_login');
$obj->set_where("adm_username = '******'");
$obj->set_where("adm_password = '******'");
$one = $obj->get_one();
if (count($one) !== 0) {
set_session('session_id', session_id());
set_session('admin_username', $username);
set_session('admin_password', $password);
$adm_id = $one['adm_id'];
$adm_prev_login = $one['adm_last_login'];
$adm_last_login = time();
$obj->set_value('adm_prev_login', $adm_prev_login);
$obj->set_value('adm_last_login', $adm_last_login);
$obj->set_where('');
$obj->set_where("adm_id = {$adm_id}");
$obj->edit();
$info_text = '欢迎使用新秀文章管理系统后台';
$link_text = '进入后台';
} else {
unset_session('session_id');
unset_session('admin_username');
unset_session('admin_password');
$info_text = '对不起,用户名不存在或密码不正确';
$link_text = '返回重新登录';
}
}
$smarty->assign('info_text', $info_text);
$smarty->assign('link_text', $link_text);
$smarty->assign('link_href', $_SERVER['PHP_SELF']);
}
function del_admin()
{
global $global;
$adm_id = post('id');
$obj = new admin();
$obj->set_where('adm_id = ' . $global['admin_id']);
$a = $obj->get_one();
$obj->set_where('');
$obj->set_where("adm_id = {$adm_id}");
$b = $obj->get_one();
if ($obj->get_count()) {
if ($a['adm_grade'] < $b['adm_grade']) {
$obj->del();
set_cookie('result', 1);
}
}
echo 1;
}
[Destoon B2B System] Copyright (c) 2008-2015 www.destoon.com
This is NOT a freeware, use is subject to license.txt
*/
defined('DT_ADMIN') or exit('Access Denied');
define('MANAGE_ADMIN', true);
$AREA or $AREA = cache_read('area.php');
require DT_ROOT . '/admin/admin.class.php';
$do = new admin();
$menus = array(array('添加管理员', '?moduleid=' . $moduleid . '&file=' . $file . '&action=add'), array('管理员管理', '?moduleid=' . $moduleid . '&file=' . $file));
$this_forward = '?file=' . $file;
switch ($action) {
case 'add':
if ($submit) {
$admin = $admin == 1 ? 1 : 2;
if ($do->set_admin($username, $admin, $role, $aid)) {
$r = $do->get_one($username);
$userid = $r['userid'];
if ($r['admin'] == 2) {
foreach ($MODULE as $m) {
if (isset($roles[$m['moduleid']])) {
$right = array();
$right['title'] = $m['name'] . '管理';
$right['url'] = '?moduleid=' . $m['moduleid'];
$do->add($userid, $right, $admin);
}
}
if (isset($roles['database'])) {
$right = array();
$right['title'] = '数据库管理';
$right['url'] = '?file=database';
$do->add($userid, $right, $admin);
function check_admin_login()
{
global $admin_id;
$username = get_session('admin_username');
$password = get_session('admin_password');
if ($username != '' && $password != '') {
$obj = new admin();
$obj->set_field('adm_id');
$obj->set_where("adm_username = '******'");
$obj->set_where("adm_password = '******'");
$one = $obj->get_one();
if (count($one) !== 0) {
$admin_id = $one['adm_id'];
return intval($admin_id);
} else {
return 0;
}
} else {
return 0;
}
}