public static function checkParam($param, $to_url = null)
{
if ($to_url == null) {
if (array_key_exists('HTTP_REFERER', $_SERVER)) {
$referer = $_SERVER['HTTP_REFERER'];
}
if (!empty($referer)) {
$start = strpos($referer, ADMIN_URL);
$to_url = substr($referer, $start + strlen(ADMIN_URL));
} else {
$to_url = 'index.php';
}
}
if (empty($param)) {
Common::exitWithError('缺少必要的参数', $to_url, 3, "error");
}
}
require '../include/init.inc.php';
$module_id = $menu_ids = $module = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($module_id);
$temp = Module::getModuleById($module_id);
if (empty($temp)) {
Common::exitWithError(ErrorMessage::MODULE_NOT_EXIST, "panel/modules.php");
}
if (Common::isPost()) {
if (empty($module) || empty($menu_ids)) {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
if ($module != 1) {
foreach ($menu_ids as $menu_id) {
if ($menu_id <= 100) {
Common::exitWithError('系统菜单不能转移到其它模块', 'panel/modules.php');
}
}
}
$menu_ids = implode(',', $menu_ids);
$update_data = array('module_id' => $module);
$result = MenuUrl::batchUpdateMenus($menu_ids, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'MenuUrl', $menu_ids, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'panel/modules.php');
} else {
OSAdmin::alert("error");
}
}
}
$menus = MenuUrl::getListByModuleId($module_id);
<?php
require '../include/init.inc.php';
$group_id = $method = $user_ids = $user_group = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($group_id);
$group = UserGroup::getGroupById($group_id);
if (empty($group)) {
Common::exitWithError(ErrorMessage::GROUP_NOT_EXIST, "panel/groups.php");
}
if (Common::isPost()) {
if (empty($user_ids) || empty($user_group)) {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
if (in_array(1, $user_ids)) {
Common::exitWithError('不可更改初始管理员的账号组', 'panel/groups.php');
}
$user_ids = implode(',', $user_ids);
$update_data = array('user_group' => $user_group);
$result = User::batchUpdateUsers($user_ids, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'User', $user_ids, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'panel/groups.php');
} else {
OSAdmin::alert("error");
}
}
}
$user_infos = User::getUsersByGroup($group_id);
$groupOptions = UserGroup::getGroupForOptions();
Template::assign('group', $group);
<?php
require '../include/init.inc.php';
$module_id = $module_name = $module_sort = $module_url = $module_desc = $module_icon = $online = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($module_id);
$module = Module::getModuleById($module_id);
if (empty($module)) {
Common::exitWithError(ErrorMessage::MODULE_NOT_EXIST, "panel/modules.php");
}
if (Common::isPost()) {
if ($module_name == "" || $module_url == "") {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$update_data = array('module_name' => $module_name, 'module_desc' => $module_desc, 'module_icon' => $module_icon, 'module_url' => $module_url, 'module_sort' => $module_sort);
if ($module_id > 1) {
$update_data['online'] = $online;
}
$result = Module::updateModuleInfo($module_id, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'Module', $module_id, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'panel/modules.php');
} else {
OSAdmin::alert("error");
}
}
}
$module_online_optioins = array("1" => "在线", "0" => "下线");
Template::assign('module', $module);
Template::assign('module_online_optioins', $module_online_optioins);
Template::display('panel/module_modify.tpl');
<?php
require '../include/init.inc.php';
$menu_id = $menu_name = $menu_url = $module_id = $is_show = $online = $shortcut_allowed = $menu_desc = $father_menu = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($menu_id);
$menu = MenuUrl::getMenuById($menu_id);
if (empty($menu)) {
Common::exitWithError(ErrorMessage::MENU_NOT_EXIST, "panel/menus.php");
}
if (Common::isPost()) {
if ($menu_name == "" || $menu_url == "" || $menu_id > 100 && empty($module_id)) {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$exist = false;
$menu_exist = MenuUrl::getMenuByUrl($menu_url);
if (!empty($menu_exist)) {
if ($menu_id != $menu_exist['menu_id']) {
$exist = true;
OSAdmin::alert("error", ErrorMessage::MENU_URL_CONFLICT);
}
}
if (!$exist) {
$update_data = array('menu_name' => $menu_name, 'menu_url' => $menu_url, 'is_show' => $is_show, "online" => $online, 'menu_desc' => $menu_desc, 'shortcut_allowed' => $shortcut_allowed, 'father_menu' => $father_menu);
if ($menu_id > 100) {
$update_data['module_id'] = $module_id;
}
$result = MenuUrl::updateMenuInfo($menu_id, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'MenuUrl', $menu_id, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'panel/menus.php');
Common::checkParam($user_id);
$user = User::getUserById($user_id);
if (empty($user)) {
Common::exitWithError(ErrorMessage::USER_NOT_EXIST, "complaint/user.php");
}
if (Common::isPost()) {
if ($real_name == "" || $mobile == "" || $email == "" || $user_id != 1 && $user_group <= 0) {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$update_data = array('real_name' => $real_name, 'mobile' => $mobile, 'email' => $email, 'user_desc' => $user_desc);
if ($user_id > 1) {
$update_data["user_group"] = $user_group;
}
if (!empty($password)) {
if (!preg_match("/^(([a-z]+[0-9]+)|([0-9]+[a-z]+))[a-z0-9]*\$/i", $password)) {
Common::exitWithError('密码必须由数字和字母的组合而成', '');
}
$update_data = array_merge($update_data, array('password' => md5($password)));
}
$result = User::updateUser($user_id, $update_data);
if ($result >= 0) {
$current_user = UserSession::getSessionInfo();
$ip = Common::getIp();
$update_data['ip'] = $ip;
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'User', $user_id, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'complaint/user.php');
} else {
OSAdmin::alert("error");
}
}
}
<?php
require '../include/init.inc.php';
$group_id = $group_name = $group_desc = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($group_id);
$group = UserGroup::getGroupById($group_id);
if (empty($group)) {
Common::exitWithError(ErrorMessage::GROUP_NOT_EXIST, "panel/groups.php");
}
if (Common::isPost()) {
if ($group_name == "") {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$update_data = array('group_name' => $group_name, 'group_desc' => $group_desc);
$result = UserGroup::updateGroupInfo($group_id, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'UserGroup', $group_id, json_encode($update_data));
Common::exitWithSuccess('账号组修改完成', 'panel/groups.php');
} else {
OSAdmin::alert("error");
}
}
}
$groupOptions = UserGroup::getGroupForOptions();
Template::assign('group', $group);
Template::assign('groupOptions', $groupOptions);
Template::display('panel/group_modify.tpl');
<?php
require '../include/init.inc.php';
$note_id = $note_content = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($note_id);
$quicknote = QuickNote::getNoteById($note_id);
if (empty($quicknote)) {
Common::exitWithError(ErrorMessage::QUICKNOTE_NOT_EXIST, "panel/quicknotes.php");
}
if (Common::isPost()) {
$note_content = Common::filterText($note_content);
if ($note_content == "") {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$current_user_info = UserSession::getSessionInfo();
$user_group = $current_user_info['user_group'];
$current_user_id = $current_user_info['user_id'];
if ($user_group == 1 || $quicknote['owner_id'] == $current_user_id) {
$note_content = htmlspecialchars($note_content);
$update_data = array('note_content' => $note_content);
$result = QuickNote::updateNote($note_id, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'QuickNote', $note_id, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'panel/quicknotes.php');
} else {
OSAdmin::alert("error");
}
} else {
OSAdmin::alert("error", ErrorMessage::QUICKNOTE_NOT_OWNER);
}
<?php
require '../include/init.inc.php';
$group_id = $group_name = $group_desc = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($group_id);
$group = UserGroup::getGroupById($group_id);
if (empty($group)) {
Common::exitWithError(ErrorMessage::GROUP_NOT_EXIST, "complaint/group.php");
}
if (Common::isPost()) {
if ($group_name == "") {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$update_data = array('group_name' => $group_name, 'group_desc' => $group_desc);
$result = UserGroup::updateGroupInfo($group_id, $update_data);
if ($result >= 0) {
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'UserGroup', $group_id, json_encode($update_data));
Common::exitWithSuccess('账号组修改完成', 'complaint/group.php');
} else {
OSAdmin::alert("error");
}
}
}
$groupOptions = UserGroup::getGroupForOptions();
Template::assign('group', $group);
Template::assign('groupOptions', $groupOptions);
Template::display('panel/group_modify.tpl');
<?php
require '../include/init.inc.php';
$user_id = $user_name = $real_name = $mobile = $password = $email = $user_desc = $user_group = '';
extract($_REQUEST, EXTR_IF_EXISTS);
Common::checkParam($user_id);
$user = User::getUserById($user_id);
if (empty($user)) {
Common::exitWithError(ErrorMessage::USER_NOT_EXIST, "panel/users.php");
}
if (Common::isPost()) {
if ($real_name == "" || $mobile == "" || $email == "" || $user_id != 1 && $user_group <= 0) {
OSAdmin::alert("error", ErrorMessage::NEED_PARAM);
} else {
$update_data = array('real_name' => $real_name, 'mobile' => $mobile, 'email' => $email, 'user_desc' => $user_desc);
if ($user_id > 1) {
$update_data["user_group"] = $user_group;
}
if (!empty($password)) {
$update_data = array_merge($update_data, array('password' => md5($password)));
}
$result = User::updateUser($user_id, $update_data);
if ($result >= 0) {
$current_user = UserSession::getSessionInfo();
$ip = Common::getIp();
$update_data['ip'] = $ip;
SysLog::addLog(UserSession::getUserName(), 'MODIFY', 'User', $user_id, json_encode($update_data));
Common::exitWithSuccess('更新完成', 'panel/users.php');
} else {
OSAdmin::alert("error");
}
<?php
require '../include/init.inc.php';
$md5 = $verify_code = '';
extract($_REQUEST, EXTR_IF_EXISTS);
if ($md5 != "org.osadmin.somewhereyu") {
Common::exitWithError('口令错误', 'index.php', 99999);
}
if (Common::isPost()) {
if (strtolower($verify_code) != strtolower($_SESSION['osa_verify_code'])) {
OSAdmin::alert("error", ErrorMessage::VERIFY_CODE_WRONG);
} else {
$ret = OSAdmin::_restore_db_("../sql/osadmin.sql");
if ($ret) {
SysLog::addLog("WARP_SPEED", '_RESOTRE_DB_', 'MYSQL', 'STAR_TREK');
Common::exitWithSuccess('恢复Mysql成功', 'index.php', 99999);
} else {
OSAdmin::alert("error", "恢复MYSQL DB失败,可能造成数据损坏");
}
}
}
Template::assign('page_title', '恢复至初始状态');
Template::Display('_restore_db_.tpl');