$id = intval($_REQUEST["id"]);
if ($id == $_SESSION["curr_user"]["id"]) {
output_json(1, "不能删除自己");
} else {
$where = "id=" . $_REQUEST["id"];
$sql = SqlText::delete("user", $where);
$db->query($sql);
output_json(0, "删除成功");
}
} elseif ($act == "pwd") {
$smarty->display('admin/admin_admin_pwd.html');
} elseif ($act == "pwdsubmit") {
$old_pwd = str_filter($_REQUEST["old_pwd"]);
$pwd = str_filter($_REQUEST["pwd"]);
$pwd2 = str_filter($_REQUEST["pwd2"]);
if ($pwd == $pwd2) {
$sql = SqlText::func("count", "id", "user", "name='" . $_SESSION["curr_user"]["name"] . "' and pwd='" . $old_pwd . "'");
$result = $db->get_var($sql);
if ($result) {
$list = array("pwd" => $pwd);
$db->query(SqlText::update("user", $list, "name='" . $_SESSION["curr_user"]["name"] . "'"));
output_json(0, "修改成功");
} else {
output_json(1, "旧密码错误");
}
} else {
output_json(1, "第二次输入密码不正确");
}
} else {
exit("错误请求");
}
} elseif ($act == "add") {
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
if ($id) {
$row = $db->get_row("select * from data where id = " . $id, ARRAY_A);
$row["content"] = html_entity_decode($row["content"]);
} else {
$row = array("id" => 0, "name" => "", "sort" => 0, "dataclass_id" => 0, "content" => "", "type" => intval($_REQUEST['type']));
}
$smarty->assign('row', $row);
$smarty->display('admin/admin_data_add.html');
} elseif ($act == "addsubmit") {
$list = array("name" => str_filter($_REQUEST["name"]), "content" => str_filter($_REQUEST["content"]), "sort" => intval($_REQUEST["sort"]), "dataclass_id" => intval($_REQUEST["dataclass_id"]), "type" => intval($_REQUEST["type"]));
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
if ($id) {
$sql = SqlText::update("data", $list, "id=" . $id);
$db->query($sql);
output_json(0, "更新成功");
} else {
$list["add_time"] = time();
$list["hits"] = 0;
$sql = SqlText::insert("data", $list);
$db->query($sql);
output_json(0, "添加成功");
}
} elseif ($act == "del") {
$sql = "delete from data where id = " . intval($_REQUEST["id"]);
$db->query($sql);
output_json(0, "删除成功");
} else {
exit("错误请求");
}
<?php
require 'init.php';
$act = isset($_REQUEST["act"]) ? $_REQUEST["act"] : "list";
if ($act == "list") {
$smarty->display('admin/admin_feedback_list.html');
} elseif ($act == "getlist") {
$page = isset($_REQUEST["page"]) ? intval($_REQUEST["page"]) : 1;
$page_size = isset($_REQUEST["page_size"]) ? intval($_REQUEST["page_size"]) : 25;
$sql = "select count(id) from feedback";
$total = $db->get_var($sql);
$page_count = page_count($total, $page_size);
$sql = "select * from feedback order by id desc limit " . ($page - 1) * $page_size . ", " . $page_size;
$list = $db->get_results($sql, ARRAY_A);
foreach ($list as &$v) {
$v["add_time"] = date("Y-m-d H:i:s", $v["add_time"]);
}
output_json(0, "请求成功", array("total" => $total, "page" => $page, "page_count" => $page_count, "list" => $list));
} elseif ($act == "del") {
$where = "id=" . intval($_REQUEST["id"]);
$sql = SqlText::delete("feedback", $where);
$db->query($sql);
output_json(0, "删除成功");
} else {
exit("错误请求");
}
}
unset($_SESSION["admin_vcode"]);
} else {
output_json(2);
}
}
if ($user["pwd"] == $pwd) {
unset($user["pwd"]);
$_SESSION["curr_user"] = $user;
$user["err_login"] = 0;
$id = $user["id"];
unset($user["id"]);
$db->query(SqlText::update("user", $user, "id = " . $id));
if (isset($_REQUEST["remember"]) && $_REQUEST["remember"] == 1) {
setcookie("curr_user_name", urlencode(Encrypt::encode($user["name"])), time() + 86400 * 7);
}
output_json(0, "登录成功");
} else {
$user["err_login"] += 1;
$id = $user["id"];
unset($user["id"]);
unset($user["pwd"]);
$db->query(SqlText::update("user", $user, "id = " . $id));
output_json(1, "密码错误");
}
} else {
output_json(1, "没有此用户");
}
} else {
exit("错误请求");
}
if ($id) {
$sql = "select * from dataclass where id = " . $id;
$row = $db->get_row($sql, ARRAY_A);
} else {
$row = array("id" => 0, "name" => "", "type" => $type, "parent_id" => 0, "sort" => 0);
}
$smarty->assign("row", $row);
$smarty->display('admin/admin_dataclass_add.html');
} elseif ($act == "addsubmit") {
$list = array("name" => str_filter($_REQUEST["name"]), "sort" => intval($_REQUEST["sort"]), "parent_id" => intval($_REQUEST["parent_id"]), "type" => intval($_REQUEST['type']));
$id = isset($_REQUEST["id"]) ? intval($_REQUEST["id"]) : 0;
if ($id) {
$sql = SqlText::update("dataclass", $list, "id = " . $id);
$db->query($sql);
output_json(0, "更新成功");
} else {
$sql = SqlText::insert("dataclass", $list);
$db->query($sql);
output_json(0, "添加成功");
}
} elseif ($act == "get_tree_selector") {
//获取
$type = isset($_REQUEST["type"]) ? intval($_REQUEST["type"]) : 0;
$data = get_tree_selector($type);
output_json(0, "请求成功", $data);
} elseif ($act == "del") {
do_del(intval($_REQUEST['id']));
output_json(0, "删除成功");
} else {
exit("错误请求");
}
{
Utility::msg("删除成功");
}
else
{
Utility::msg("删除成功",$_REQUEST["url"]);
}
*/
$t = str_filter($_REQUEST['t']);
$del = str_filter($_REQUEST["del"]);
$url = str_filter($_REQUEST["url"]);
$type = str_filter($_REQUEST["type"]);
if ($del) {
if ($t == constant('PDO_CONNECT') . "pictures") {
//批量删除图片!
$list = $db->get_results(SqlText::select("*", $t, "id in(" . $del . ")", "sort desc,id desc", null, null, null));
foreach ($list as $item) {
@unlink(get_lcation_path($item["picture"]));
}
}
$db->query('delete from ' . $t . ' where id in(' . $del . ')');
if (!$url) {
msg_box("删除成功");
} else {
if ($type) {
msg_box("删除成功", $url . "?type=" . $type);
} else {
msg_box("删除成功", $url);
}
}
}