public function __construct()
{
parent::__construct();
if (!$this->ion_auth->logged_in()) {
redirect("login");
}
if (!$this->ion_auth->is_admin() && $this->only_admin === true) {
redirect("");
}
$this->view["user"] = $this->ion_auth->user()->row();
$this->view["message"] = $this->session->flashdata('message');
$this->view["permits"] = $this->ion_auth->is_admin() || is_superadmin($this->ion_auth->user()->row()->id);
}
public function __construct()
{
parent::__construct();
$this->load->database();
if (!$this->ion_auth->logged_in()) {
redirect("login");
}
if (!$this->ion_auth->is_admin() && !is_superadmin($this->ion_auth->user()->row()->id)) {
redirect("");
}
$this->header->output();
$this->load->library('form_validation');
$this->load->library('upload');
$this->load->library('image_lib');
$this->load->helper('url');
$this->load->model("Clientdbmodel");
}
function ok_to_impersonate($euid, $uid)
{
global $dbh;
// It's harmless to impersonate yourself ;)
if ($euid == $uid && $euid > 0 && $uid > 0) {
return true;
} else {
// Domain default users can be impersonated by admins
// responsible for those domains, and the superadmin.
// Only the superadmin can impersonate the system default
// user (@.).
if (is_a_domain_default_user($euid) || get_config_value("enable_privacy_invasion") == "Y") {
if (is_superadmin($uid)) {
return true;
} else {
if (is_a_domain_default_user($euid)) {
$domain_id = get_domain_id(get_user_name($euid));
return is_admin_for_domain($uid, $domain_id);
} else {
if (!is_superadmin($euid)) {
$sth = $dbh->prepare("SELECT email FROM users WHERE maia_user_id = ?");
$res = $sth->execute(array($euid));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
while ($row = $res->fetchRow()) {
$domain_id = get_domain_id("@" . get_domain_from_email($row["email"]));
if (is_admin_for_domain($uid, $domain_id)) {
$sth->free();
return true;
}
}
$sth->free();
return false;
} else {
return false;
}
}
}
// Impersonating other users is an invasion of privacy,
// even for administrators, unless explicitly overridden above.
} else {
return false;
}
}
}
/**
* check authorization for user
* @param string $menu
* @param int $id_group
* @return boolean
*/
private function checkAuth($menu, $id_group)
{
$CI =& get_instance();
$CI->load->database();
if ($menu == 'home' || $menu == 'dashboard' || $menu == '' && $menu == 'profile') {
return true;
}
if (is_superadmin()) {
$data = $CI->db->from('auth_menu')->where('LCASE(file)', strtolower($menu))->where('id_auth_group', $id_group)->join('auth_menu_group', 'auth_menu_group.id_auth_menu=auth_menu.id_auth_menu', 'left')->count_all_results();
} else {
$data = $CI->db->from('auth_menu')->where('LCASE(file)', strtolower($menu))->where('id_auth_group', $id_group)->where('is_superadmin', 0)->join('auth_menu_group', 'auth_menu_group.id_auth_menu=auth_menu.id_auth_menu', 'left')->count_all_results();
}
if ($data > 0) {
return true;
} else {
return false;
}
}
public function __construct()
{
parent::__construct();
$this->load->database();
if (!$this->ion_auth->logged_in()) {
redirect("login");
}
if (!$this->ion_auth->is_admin() && !is_superadmin($this->ion_auth->user()->row()->id)) {
redirect("");
}
$this->header->css[] = "assets/css/clientsdata.css";
$this->header->js[] = "assets/js/jquery-ui-1.8.23.custom.min.js";
$this->header->js[] = "assets/js/jqueryui/jquery.ui.core.min.js";
$this->header->js[] = "assets/js/jqueryui/jquery.ui.mouse.min.js";
$this->header->js[] = "assets/js/jqueryui/jquery.ui.widget.min.js";
$this->header->js[] = "assets/js/jqueryui/jquery.ui.sortable.min.js";
$this->header->output();
$this->load->model('Clientdbmodel');
$this->load->library("form_validation");
}
/**
* count records
* @param string $param
* @return int total records
*/
function CountAllAdmin($param = array())
{
if (!is_superadmin()) {
$this->db->where('is_superadmin', 0);
}
if (is_array($param) && isset($param['search_value']) && $param['search_value'] != '') {
$this->db->group_start();
$i = 0;
foreach ($param['search_field'] as $row => $val) {
if ($val['searchable'] == 'true') {
if ($i == 0) {
$this->db->like('LCASE(`' . $val['data'] . '`)', strtolower($param['search_value']));
} else {
$this->db->or_like('LCASE(`' . $val['data'] . '`)', strtolower($param['search_value']));
}
$i++;
}
}
$this->db->group_end();
}
$total_records = $this->db->from('auth_user')->join('auth_group', 'auth_group.id_auth_group=auth_user.id_auth_group', 'left')->count_all_results();
return $total_records;
}
<?php
(!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!');
get_key("project_");
$typeid = $_GET['typeid'];
$projectid = $_GET['projectid'];
$modid = $_GET['modid'];
pro_mana_view($typeid, $_USER->id);
$sql = "SELECT * FROM " . DB_TABLEPRE . "project_model WHERE mid = '" . $modid . "'";
$mod = $db->fetch_one_array($sql);
//创建权限
global $db;
$manat = $db->fetch_one_array("SELECT tid FROM " . DB_TABLEPRE . "project_type where (keyuser like '%" . get_realname($_USER->id) . "%' or keyuser='' or manauser like '%" . get_realname($_USER->id) . "%') and tid=" . $typeid);
if (!is_superadmin() && $manat['tid'] == '') {
$sql = "SELECT mid FROM " . DB_TABLEPRE . "project_model WHERE mid = '" . $modid . "' and (keyuser like '%" . get_realname($_USER->id) . "%' or keyuser='' or manauser like '%" . get_realname($_USER->id) . "%')";
$mana = $db->fetch_one_array($sql);
if ($mana['mid'] == '') {
show_msg('对不起,您没有使用的权限,不可用!', 'home.php?mid=8');
}
}
empty($do) && ($do = 'list');
if ($do == 'list') {
//列表信息
$wheresqltype = '';
$wheresql = '';
$page = max(1, getGP('page', 'G', 'int'));
$pagesize = $_CONFIG->config_data('pagenum');
$offset = ($page - 1) * $pagesize;
$url = 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&type=' . $_GET['type'];
if ($title = getGP('title', 'G')) {
$wheresqltype .= " AND a.title LIKE '%{$title}%' ";
$smarty->assign("msid", $msid);
$smarty->assign("sid", $sid);
$smarty->assign('banner_title', $banner_title);
$smarty->assign('use_logo', $use_logo);
$smarty->assign('use_icons', $use_icons);
$smarty->assign('logo_file', $logo_file);
$smarty->assign('logo_width', $logo_width);
$smarty->assign('logo_height', $logo_height);
$smarty->assign('logo_url', $logo_url);
$smarty->assign('logo_alt_text', $logo_alt_text);
$smarty->assign('enable_false_negative_management', $enable_false_negative_management);
$smarty->assign('system_enable_user_autocreation', $enable_user_autocreation);
$smarty->assign('enable_stats_tracking', $enable_stats_tracking);
$smarty->assign('cols', $cols);
$smarty->assign('admin', $admin);
$smarty->assign('username', $username);
$smarty->assign('showmenu', $showmenu);
$smarty->assign('super', is_superadmin($uid));
$smarty->assign("lang", $lang);
$smarty->assign("is_a_visitor", $is_a_visitor);
// added by JacobLeaver, response to ticket
$smarty->assign("php_errors", isset($php_errors) ? $php_errors : "");
// some default values, which can be overridden
$smarty->assign("page_css", "");
$smarty->assign("page_javascript", "");
$message = isset($message) ? $message : "";
$message .= isset($_SESSION["message"]) ? $_SESSION["message"] : "";
$_SESSION["message"] = "";
// unset message, we don't want to display more than once.
// if page is to be redirected again, reassign it.
$smarty->assign("message", $message);
</span></td>
<td class="info"><?php
echo $row['loginip'];
?>
</td>
<td class="info"><?php
echo get_postname($row['positionid']);
?>
</td>
<td class="info"><?php
echo get_realdepaname($row['departmentid']);
?>
</td>
<td class="action" >
<?php
if ($row['flag'] != '1' || is_superadmin() != '') {
?>
<a href="admin.php?ac=<?php
echo $ac;
?>
&fileurl=<?php
echo $fileurl;
?>
&do=add&id=<?php
echo $row['id'];
?>
">编辑</a>
<?php
}
?>
</td>
<dt><div class="spheric ui-corner-all-16"><img src="template/default/new/images/01.png"></div>
<span class="month_view_schedule_time"><a href="admin.php?ac=<?php
echo $ac;
?>
&fileurl=<?php
echo $fileurl;
?>
&do=views&id=<?php
echo $row['id'];
?>
"><?php
echo $row['title'];
?>
</a></span>
<?php
if ($row['uid'] == $_USER->id || is_superadmin()) {
?>
<em class="none"><a href="admin.php?ac=<?php
echo $ac;
?>
&fileurl=<?php
echo $fileurl;
?>
&do=add&id=<?php
echo $row['id'];
?>
" title="修改日志" class="month_view_edit_schedule "></a><a href="admin.php?ac=<?php
echo $ac;
?>
&fileurl=<?php
echo $fileurl;
/**
* delete page
*/
public function delete()
{
$this->layout = 'none';
if ($this->input->post() && $this->input->is_ajax_request()) {
$post = $this->input->post();
$json = array();
if ($post['ids'] != '') {
$array_id = array_map('trim', explode(',', $post['ids']));
if (count($array_id) > 0) {
foreach ($array_id as $row => $id) {
$record = $this->Quiz_model->GetQuiz($id);
if ($record) {
if ($id == id_auth_user()) {
$json['error'] = alert_box('You can\'t delete Your own account.', 'danger');
break;
} else {
if (is_superadmin()) {
if ($record['image'] != '' && file_exists(UPLOAD_DIR . 'admin/' . $record['image'])) {
unlink(UPLOAD_DIR . 'admin/' . $record['image']);
@unlink(UPLOAD_DIR . 'admin/tmb_' . $record['image']);
@unlink(UPLOAD_DIR . 'admin/sml_' . $record['image']);
}
$this->Quiz_model->DeleteRecord($id);
// insert to log
$data_log = array('id_user' => id_auth_user(), 'id_group' => id_auth_group(), 'action' => 'Delete User Quiz', 'desc' => 'Delete User Quiz; ID: ' . $id . ';');
insert_to_log($data_log);
// end insert to log
$json['success'] = alert_box('Data has been deleted', 'success');
$this->session->set_flashdata('flash_message', $json['success']);
} else {
$json['error'] = alert_box('You don\'t have permission to delete this record(s). Please contact the Quizistrator.', 'danger');
break;
}
}
} else {
$json['error'] = alert_box('Failed. Please refresh the page.', 'danger');
break;
}
}
}
}
header('Content-type: application/json');
exit(json_encode($json));
}
redirect($this->class_path_name);
}
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
* TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
* USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
require_once "core.php";
require_once "maia_db.php";
require_once "authcheck.php";
require_once "display.php";
$display_language = get_display_language($euid);
require_once "./locale/{$display_language}/db.php";
require_once "./locale/{$display_language}/display.php";
require_once "./locale/{$display_language}/adminviruses.php";
require_once "smarty.php";
// Only the superadministrator should be here.
if (!is_superadmin($uid)) {
header("Location: index.php" . $sid);
exit;
}
// Cancel any impersonations currently in effect
// by resetting EUID = UID and forcing a reload
// of this page.
if ($uid != $euid) {
$euid = $uid;
$_SESSION["euid"] = $uid;
header("Location: adminviruses.php" . $sid);
exit;
}
$select = "SELECT virus_name, virus_alias, virus_id " . "FROM maia_viruses, maia_virus_aliases " . "WHERE maia_viruses.id = maia_virus_aliases.virus_id " . "ORDER BY virus_alias ASC";
$sth = $dbh->query($select);
$smarty->assign('numrows', $sth->numrows());
$outputFileName = 'data/excel/' . $datename . '.xls';
$content = array();
$archive = array("名称", "有效期(开始)", "有效期(结束)", "发布范围(部门)", "参与人", "负责人", "备注", "完成时间", "发布人", "类型", "内容");
$content[] = $archive;
$wheresql = '';
if ($title = getGP('title', 'P')) {
$wheresql .= " AND title LIKE '%{$title}%'";
}
//时间
$vstartdate = getGP('vstartdate', 'P');
$venddate = getGP('venddate', 'P');
if ($vstartdate != '' && $venddate != '') {
$wheresql .= " AND (startdate>='" . $vstartdate . "' and enddate<='" . $venddate . "')";
}
$vuidtype = getGP('vuidtype', 'P');
if (!is_superadmin() && $ischeck != '1' && $ischeck != '2' && $vuidtype == '') {
$wheresql .= " AND uid = {$_USER->id}";
}
if ($vuidtype != '') {
if ($vuidtype == '-1') {
$wheresql .= get_subordinate($_USER->id, 'uid');
} else {
$wheresql .= " and uid='" . $vuidtype . "'";
}
}
if ($ischeck == '1' && $vuidtype == '') {
$wheresql .= " AND participation LIKE '%" . get_realname($_USER->id) . "%' ";
}
if ($ischeck == '2' && $vuidtype == '') {
$wheresql .= " AND person LIKE '%" . get_realname($_USER->id) . "%' ";
}
function pro_mana_view($typeid = 0, $user = 0)
{
if (!is_superadmin()) {
global $db;
$mana = $db->fetch_one_array("SELECT tid FROM " . DB_TABLEPRE . "project_type where (keyuser like '%" . get_realname($user) . "%' or keyuser='' or manauser like '%" . get_realname($user) . "%') and tid=" . $typeid);
if ($mana['tid'] == '') {
show_msg('对不起,您没有使用的权限,不可用!', 'home.php?mid=8');
}
}
}
/**
* delete page
*/
public function delete()
{
$this->layout = 'none';
if ($this->input->post() && $this->input->is_ajax_request()) {
$post = $this->input->post();
$json = array();
if ($post['ids'] != '') {
$array_id = array_map('trim', explode(',', $post['ids']));
if (count($array_id) > 0) {
foreach ($array_id as $row => $id) {
$record = $this->Menu_model->GetMenu($id);
if ($record) {
if ($record['is_superadmin'] && !is_superadmin()) {
$json['error'] = alert_box('You don\'t have permission to delete this record(s). Please contact the Menuistrator.', 'danger');
break;
} else {
/*if (!$this->Menu_model->checkUserHaveRightsMenu(id_auth_group(),$id)) {
$json['error'] = alert_box('You don\'t have permission to delete this record(s). Please contact the Menuistrator.','danger');
break;
} else {*/
$this->Menu_model->DeleteRecord($id);
// insert to log
$data_log = array('id_user' => id_auth_user(), 'id_group' => id_auth_group(), 'action' => 'Delete Admin Menu', 'desc' => 'Delete Admin Menu; ID: ' . $id . ';');
insert_to_log($data_log);
// end insert to log
$json['success'] = alert_box('Data has been deleted', 'success');
$this->session->set_flashdata('flash_message', $json['success']);
//}
}
} else {
$json['error'] = alert_box('Failed. Please refresh the page.', 'danger');
break;
}
}
}
}
header('Content-type: application/json');
exit(json_encode($json));
}
redirect($this->class_path_name);
}
/**
* get all auth menu
* @param int $id_parent
* @return array data
*/
function MenusData($id_parent = 0)
{
if (!is_superadmin()) {
$this->db->where('is_superadmin', 0);
}
$data = $this->db->where('parent_auth_menu', $id_parent)->order_by('position', 'asc')->order_by('auth_menu.id_auth_menu', 'asc')->get('auth_menu')->result_array();
foreach ($data as $row => $val) {
$data[$row]['children'] = $this->MenusData($val['id_auth_menu']);
}
return $data;
}
function folder_fit($file = null, $size = null, $profile = null)
{
if (!$file && !$size || !$profile) {
return false;
}
$is_admin = is_superadmin();
if (empty($_SESSION['profile_folder_max_size']) && !$is_admin) {
return false;
}
$folder = $_SESSION['upload_root_path'] . $profile;
$max = $_SESSION['profile_folder_max_size'] * 1048576;
if (!empty($file)) {
if (!is_file($file)) {
return false;
}
$size = filesize($file);
}
if (folder_size($folder, false) + $size > $max && !$is_admin) {
return false;
}
return true;
}
if ($aa != 0) {
echo '<h3 class="f14"><span class="switchs cu on" title="展开与收缩"></span>' . $row[menuname] . '</h3>';
//crm_menu_tow($row[menuid]);
crm_menu_my($row[menuid]);
//echo $row[menuid]."++<br>";
//echo "<span class='cu' title='点击操作'></span><a href=javascript:_MP(".$row[menuid].",'".$row[menuurl]."'); hidefocus='true' style='outline:none;'>".$row[menuname]."</a>";
}
}
} else {
//自写
$aa = get_pp($row[menuname]);
//echo $row[menuname]."++".$aa."**<br>";
if (is_superadmin()) {
echo "<h3 class='f14'><span class='cu' title='点击操作'></span><a href=javascript:_MP(" . $row[menuid] . ",'" . $row[menuurl] . "'); hidefocus='true' style='outline:none;'>" . $row[menuname] . "</a></h3>";
}
if ($aa != 0 and $row[menutype] != '1' and !is_superadmin()) {
//if($row[menutype]!='1'){
echo "<h3 class='f14'><span class='cu' title='点击操作'></span><a href=javascript:_MP(" . $row[menuid] . ",'" . $row[menuurl] . "'); hidefocus='true' style='outline:none;'>" . $row[menuname] . "</a></h3>";
}
}
}
}
?>
<script type="text/javascript">
$(".switchs").each(function(i){
var ul = $(this).parent().next();
$(this).click(
function(){
if(ul.is(':visible')){
ul.hide();
$(this).removeClass('on');
} else {
$wheresql .= " AND type='1'";
}
if ($cid = getGP('cid', 'P')) {
$wheresql .= " AND cid='" . $cid . "'";
}
if ($number = getGP('number', 'P')) {
$wheresql .= " AND number='" . $number . "'";
}
if ($title = getGP('title', 'P')) {
$wheresql .= " AND title LIKE'%" . $title . "%'";
}
//权限判断
$un = getGP('un', 'P');
$ui = getGP('ui', 'P');
if (!is_superadmin() && $ui == '') {
$wheresql .= " and (uid='" . $_USER->id . "' or user='******')";
}
if ($ui != '') {
$wheresql .= " and (uid in(" . $ui . ") or user in('" . str_replace(",", "','", $un) . "'))";
}
$vstartdate = getGP('vstartdate', 'P');
$venddate = getGP('venddate', 'P');
if ($vstartdate != '' && $venddate != '') {
$wheresql .= " AND (date>='" . $vstartdate . "' and date<='" . $venddate . "')";
}
//处理表单数据
$fromkeywordarr = getGP('fromkeyword', 'P', 'array');
$kinputname = getGP('kinputname', 'P', 'array');
$arrcid = array();
$nums = 0;
$content = serialize($idarr);
$title = '删除任务信息';
get_logadd($id, $content, $title, 33, $_USER->id);
show_msg('删除任务信息成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '');
} elseif ($do == 'excel') {
$datename = "duty_" . get_date('YmdHis', PHP_TIME);
$outputFileName = 'data/excel/' . $datename . '.xls';
//生成数据
$content = array();
$archive = array("任务编号", "任务名称", "执行人", "任务开始时间", "任务结束时间", "任务描述", "备注", "任务状态", "任务分配人");
$content[] = $archive;
$wheresql = '';
//根据条件导出
$ischeck = getGP('ischeck', 'P');
$vuidtype = getGP('vuidtype', 'P');
if (!is_superadmin() && $ischeck == '' && $vuidtype == '') {
$wheresql = "and (user='******' or uid='" . $_USER->id . "')";
}
if ($vuidtype != '') {
if ($ischeck == '1') {
if ($vuidtype == '-1') {
$wheresql .= get_subordinate($_USER->id, 'uid');
} else {
$wheresql .= " and uid='" . $vuidtype . "'";
}
} elseif ($ischeck == '2') {
$wheresql .= get_suborname($_USER->id, 'user');
} else {
if ($vuidtype == '-1') {
$wheresql .= get_subordinate($_USER->id, 'uid');
} else {
function trash($id)
{
if (!is_superadmin($this->ion_auth->user()->row()->id)) {
$this->session->set_flashdata('message', 'You are not superadmin.');
redirect("auth", "refresh");
}
if (in_array($id, $this->config->item("superadmin"))) {
$this->session->set_flashdata('message', 'You cannot delete superadmin.');
redirect("auth", "refresh");
}
if (isset($id)) {
$this->ion_auth_model->delete_user($id);
$this->session->set_flashdata('message', 'Remove 1 staff.');
}
redirect("auth", "refresh");
}
<td width="100" class="TableHeader">流水单号</td>
<td class="TableHeader">工作流名称</td>
<td width="90" align="center" class="TableHeader">申请人</td>
<td width="120" align="center" class="TableHeader">申请时间</td>
<td width="150" class="TableHeader">审批步骤</td>
<td width="150" align="center" class="TableHeader">操作</td>
</tr>
<?php
foreach ($result as $row) {
$sql = "SELECT * FROM " . DB_TABLEPRE . "workclass_personnel WHERE workid = '" . $row['id'] . "' and (pertype=0 or pertype=2 or pertype=4 or pertype=5) and typeid='" . $row['typeid'] . "' order by perid desc";
$per = $db->fetch_one_array($sql);
?>
<tr>
<td nowrap class="TableContent" width="5%">
<?php
if (!is_superadmin()) {
if ($_GET['type'] == 3) {
if ($per['pertype'] == 0 || $per['pertype'] == 2 || $row['type'] == 1) {
echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" />';
} else {
echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" disabled="disabled" />';
}
} elseif ($_GET['type'] == '') {
if ($row['uid'] == $_USER->id && ($per['pertype'] == 0 || $per['pertype'] == 2 || $row['type'] == 1)) {
echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" />';
} else {
echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" disabled="disabled" />';
}
} else {
echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" disabled="disabled"/>';
}
//initialize variable
// get some system config items - these control whether or not to show certain options
$sth = $dbh->prepare("SELECT enable_charts, reminder_threshold_count, " . "enable_spamtraps, enable_username_changes, " . "enable_address_linking " . "FROM maia_config WHERE id = 0");
$res = $sth->execute();
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
if ($row = $res->fetchrow()) {
$enable_charts = $row["enable_charts"] == 'Y';
$reminder_threshold_count = $row["reminder_threshold_count"];
$enable_spamtraps = $row["enable_spamtraps"] == 'Y';
$enable_username_changes = $row["enable_username_changes"] == 'Y';
$enable_address_linking = $row["enable_address_linking"] == 'Y';
}
$sth->free();
$super = is_superadmin($uid);
require_once "smarty.php";
$smarty->assign('enable_charts', $enable_charts);
$smarty->assign('reminder_threshold_count', $reminder_threshold_count);
$smarty->assign('enable_spamtraps', $enable_spamtraps);
$smarty->assign('enable_username_changes', $enable_username_changes);
$smarty->assign('enable_address_linking', $enable_address_linking);
$smarty->assign("message", $message);
// verify and set up domain variables if the current focus is a domain user
if (is_a_domain_default_user($euid)) {
$domain_user = true;
$domain_name = get_user_name($euid);
$domain_id = get_domain_id($domain_name);
} else {
$domain_user = false;
$domain_name = "";
}
?>
</td>
<?php
if ($is_sa) {
?>
<td>
<?php
if (!is_superadmin($user->id)) {
echo $user->active ? anchor("auth/deactivate/" . $user->id, 'Deactivate') : anchor("auth/activate/" . $user->id, 'Activate');
} else {
echo "Active";
}
?>
<?php
if (!is_superadmin($user->id)) {
if (isset($user->admin) && $user->admin == true) {
?>
<br><a href="<?php
echo site_url("/auth/remove_admin/{$user->id}");
?>
">Remove Admin</a>
<?php
} else {
?>
<br><a href="<?php
echo site_url("/auth/make_admin/{$user->id}");
?>
">Make Admin</a>
<?php
}
<input type="text" class="form-control" name="file" id="file" value="<?php
echo isset($post['file']) ? $post['file'] : '';
?>
"/>
</div>
<div class="form-group form-group-sm">
<label for="position">Position</label>
<input type="text" class="form-control" name="position" id="position" value="<?php
echo isset($post['position']) ? $post['position'] : $max_position;
?>
"/>
</div>
</div>
<div class="col-lg-4 col-lg-offset-2">
<?php
if (is_superadmin()) {
?>
<div class="form-group">
<label for="is_superadmin">Super Administrator</label>
<div class="checkbox">
<label>
<input type="checkbox" value="1" name="is_superadmin" id="is_superadmin" <?php
echo isset($post['is_superadmin']) && !empty($post['is_superadmin']) ? 'checked="checked"' : '';
?>
/>Yes
</label>
</div>
</div>
<?php
}
?>
function get_exceldown($keys)
{
if (!is_superadmin() && !check_purview($keys)) {
} else {
return '<a href="javascript:document:excel.submit();" seed="CR-download-top" id="J-download"><img class="v-al-middle" src="template/default/images/2EC5tZlqdV.gif" />下载查询结果</a>';
}
}
/**
* get all auth menu
* @param int $id_parent
* @return array data
*/
function MenusData($id_group = 0, $id_parent = 0)
{
if (!is_superadmin()) {
$this->db->where('is_superadmin', 0);
}
$data = $this->db->join("\n (select id_auth_menu as id_auth,id_auth_group from {$this->db->dbprefix('auth_menu_group')} where id_auth_group={$id_group}) {$this->db->dbprefix('auth_menu_group')}\n ", 'auth_menu_group.id_auth=auth_menu.id_auth_menu', 'left')->where('parent_auth_menu', $id_parent)->order_by('position', 'asc')->order_by('auth_menu.id_auth_menu', 'asc')->get('auth_menu')->result_array();
foreach ($data as $row => $val) {
if ($val['id_auth_group'] == $id_group) {
$data[$row]['checked'] = true;
} else {
$data[$row]['checked'] = false;
}
$data[$row]['children'] = $this->MenusData($id_group, $val['id_auth_menu']);
}
return $data;
}
<script language="javascript" type="text/javascript" src="DatePicker/WdatePicker.js"></script>
<script src="template/default/tree/js/admincp.js?SES" type="text/javascript"></script>
<script charset="utf-8" src="eweb/kindeditor.js"></script>
<script type="text/javascript">
</script>
</head>
<body class="bodycolor">
<table width="550" border="0" align="center" cellpadding="3" cellspacing="0" class="small" style='margin-top:30px;'>
<tr>
<td class="Big" style="vertical-align:middle;"><img src="template/default/content/images/notify_new.gif" align="absmiddle"><span class="big3"> 日程<?php
echo $_title['name'];
?>
</span>
<?php
if ($blog['uid'] == $_USER->id || is_superadmin()) {
?>
<span style="font-size:12px; float:right; margin-right:20px;">
<a href="admin.php?ac=<?php
echo $ac;
?>
&fileurl=<?php
echo $fileurl;
?>
&do=add&id=<?php
echo $blog['id'];
?>
" style="font-size:12px;"><img src="template/default/new/images/todo_edit.png">编辑</a> <a href="admin.php?ac=<?php
echo $ac;
?>
&fileurl=<?php
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'");
if ($id != '') {
$oalog = array('uid' => $_USER->id, 'content' => '删除内部短信', 'title' => '删除内部短信', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4');
insert_db('oalog', $oalog);
}
}
show_msg('短消息删除成功!', 'admin.php?ac=index&fileurl=sms&userkeytype=' . getGP('userkeytype', 'P') . '');
} elseif ($do == 'excel') {
$datename = "sms_" . get_date('YmdHis', PHP_TIME);
$outputFileName = 'data/excel/' . $datename . '.xls';
$content = array();
$archive = array("接收人", "发送人", "发送时间", "内容");
$content[] = $archive;
$wheresql = '';
$vuidtype = getGP('vuidtype', 'P');
if (!is_superadmin() && $vuidtype == '') {
$wheresql .= " AND uid ='" . $_USER->id . "'";
}
if ($vuidtype != '') {
if ($vuidtype == '-1') {
$wheresql .= get_subordinate($_USER->id, 'uid');
} else {
$wheresql .= " and uid='" . $vuidtype . "'";
}
}
$sql = "SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE 1 {$wheresql} ORDER BY id desc";
$result = $db->query($sql);
while ($row = $db->fetch_array($result)) {
$archive = array("" . $row['receiveperson'] . "", "" . get_realname($row['uid']) . "", "" . str_replace("-", ".", $row[date]) . "", "" . $row['content'] . "");
$content[] = $archive;
}
<td width="80" align="center" class="TableHeader">表单类型</td>
<td width="80" align="center" class="TableHeader">验证方式</td>
<td class="TableHeader" width="100" align="center">发布人</td>
<td class="TableHeader" width="80" align="center">操作</td>
</tr>
<?php
foreach ($result as $row) {
?>
<tr>
<td nowrap class="TableContent">
<?php
$dnum = $db->result("SELECT COUNT(*) AS dnum FROM " . DB_TABLEPRE . "workclass_db where fromid='" . $row['fromid'] . "'");
if ($dnum < 1) {
$tpl = $db->fetch_one_array("SELECT tpltype FROM " . DB_TABLEPRE . "workclass_template WHERE tplid = '" . $row['tplid'] . "' ");
if ($tpl['tpltype'] != '1' || is_superadmin()) {
get_boxlistkey("id[]", $row['fromid'], $row['uid'], $_USER->id);
} else {
echo '<input type="checkbox" name="id[]" value="' . $row['fromid'] . '" disabled="disabled" />';
}
} else {
echo '<input type="checkbox" name="id[]" value="' . $row['fromid'] . '" disabled="disabled" />';
}
?>
</td>
<td class="TableData"><input name="inputnumber[<?php
echo $row['fromid'];
?>
]" type="text" style="width:30px;" value="<?php
echo $row['inputnumber'];
?>
