public function __construct() { parent::__construct(); if (!$this->ion_auth->logged_in()) { redirect("login"); } if (!$this->ion_auth->is_admin() && $this->only_admin === true) { redirect(""); } $this->view["user"] = $this->ion_auth->user()->row(); $this->view["message"] = $this->session->flashdata('message'); $this->view["permits"] = $this->ion_auth->is_admin() || is_superadmin($this->ion_auth->user()->row()->id); }
public function __construct() { parent::__construct(); $this->load->database(); if (!$this->ion_auth->logged_in()) { redirect("login"); } if (!$this->ion_auth->is_admin() && !is_superadmin($this->ion_auth->user()->row()->id)) { redirect(""); } $this->header->output(); $this->load->library('form_validation'); $this->load->library('upload'); $this->load->library('image_lib'); $this->load->helper('url'); $this->load->model("Clientdbmodel"); }
function ok_to_impersonate($euid, $uid) { global $dbh; // It's harmless to impersonate yourself ;) if ($euid == $uid && $euid > 0 && $uid > 0) { return true; } else { // Domain default users can be impersonated by admins // responsible for those domains, and the superadmin. // Only the superadmin can impersonate the system default // user (@.). if (is_a_domain_default_user($euid) || get_config_value("enable_privacy_invasion") == "Y") { if (is_superadmin($uid)) { return true; } else { if (is_a_domain_default_user($euid)) { $domain_id = get_domain_id(get_user_name($euid)); return is_admin_for_domain($uid, $domain_id); } else { if (!is_superadmin($euid)) { $sth = $dbh->prepare("SELECT email FROM users WHERE maia_user_id = ?"); $res = $sth->execute(array($euid)); if (PEAR::isError($sth)) { die($sth->getMessage()); } while ($row = $res->fetchRow()) { $domain_id = get_domain_id("@" . get_domain_from_email($row["email"])); if (is_admin_for_domain($uid, $domain_id)) { $sth->free(); return true; } } $sth->free(); return false; } else { return false; } } } // Impersonating other users is an invasion of privacy, // even for administrators, unless explicitly overridden above. } else { return false; } } }
/** * check authorization for user * @param string $menu * @param int $id_group * @return boolean */ private function checkAuth($menu, $id_group) { $CI =& get_instance(); $CI->load->database(); if ($menu == 'home' || $menu == 'dashboard' || $menu == '' && $menu == 'profile') { return true; } if (is_superadmin()) { $data = $CI->db->from('auth_menu')->where('LCASE(file)', strtolower($menu))->where('id_auth_group', $id_group)->join('auth_menu_group', 'auth_menu_group.id_auth_menu=auth_menu.id_auth_menu', 'left')->count_all_results(); } else { $data = $CI->db->from('auth_menu')->where('LCASE(file)', strtolower($menu))->where('id_auth_group', $id_group)->where('is_superadmin', 0)->join('auth_menu_group', 'auth_menu_group.id_auth_menu=auth_menu.id_auth_menu', 'left')->count_all_results(); } if ($data > 0) { return true; } else { return false; } }
public function __construct() { parent::__construct(); $this->load->database(); if (!$this->ion_auth->logged_in()) { redirect("login"); } if (!$this->ion_auth->is_admin() && !is_superadmin($this->ion_auth->user()->row()->id)) { redirect(""); } $this->header->css[] = "assets/css/clientsdata.css"; $this->header->js[] = "assets/js/jquery-ui-1.8.23.custom.min.js"; $this->header->js[] = "assets/js/jqueryui/jquery.ui.core.min.js"; $this->header->js[] = "assets/js/jqueryui/jquery.ui.mouse.min.js"; $this->header->js[] = "assets/js/jqueryui/jquery.ui.widget.min.js"; $this->header->js[] = "assets/js/jqueryui/jquery.ui.sortable.min.js"; $this->header->output(); $this->load->model('Clientdbmodel'); $this->load->library("form_validation"); }
/** * count records * @param string $param * @return int total records */ function CountAllAdmin($param = array()) { if (!is_superadmin()) { $this->db->where('is_superadmin', 0); } if (is_array($param) && isset($param['search_value']) && $param['search_value'] != '') { $this->db->group_start(); $i = 0; foreach ($param['search_field'] as $row => $val) { if ($val['searchable'] == 'true') { if ($i == 0) { $this->db->like('LCASE(`' . $val['data'] . '`)', strtolower($param['search_value'])); } else { $this->db->or_like('LCASE(`' . $val['data'] . '`)', strtolower($param['search_value'])); } $i++; } } $this->db->group_end(); } $total_records = $this->db->from('auth_user')->join('auth_group', 'auth_group.id_auth_group=auth_user.id_auth_group', 'left')->count_all_results(); return $total_records; }
<?php (!defined('IN_TOA') || !defined('IN_ADMIN')) && exit('Access Denied!'); get_key("project_"); $typeid = $_GET['typeid']; $projectid = $_GET['projectid']; $modid = $_GET['modid']; pro_mana_view($typeid, $_USER->id); $sql = "SELECT * FROM " . DB_TABLEPRE . "project_model WHERE mid = '" . $modid . "'"; $mod = $db->fetch_one_array($sql); //创建权限 global $db; $manat = $db->fetch_one_array("SELECT tid FROM " . DB_TABLEPRE . "project_type where (keyuser like '%" . get_realname($_USER->id) . "%' or keyuser='' or manauser like '%" . get_realname($_USER->id) . "%') and tid=" . $typeid); if (!is_superadmin() && $manat['tid'] == '') { $sql = "SELECT mid FROM " . DB_TABLEPRE . "project_model WHERE mid = '" . $modid . "' and (keyuser like '%" . get_realname($_USER->id) . "%' or keyuser='' or manauser like '%" . get_realname($_USER->id) . "%')"; $mana = $db->fetch_one_array($sql); if ($mana['mid'] == '') { show_msg('对不起,您没有使用的权限,不可用!', 'home.php?mid=8'); } } empty($do) && ($do = 'list'); if ($do == 'list') { //列表信息 $wheresqltype = ''; $wheresql = ''; $page = max(1, getGP('page', 'G', 'int')); $pagesize = $_CONFIG->config_data('pagenum'); $offset = ($page - 1) * $pagesize; $url = 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . '&type=' . $_GET['type']; if ($title = getGP('title', 'G')) { $wheresqltype .= " AND a.title LIKE '%{$title}%' ";
$smarty->assign("msid", $msid); $smarty->assign("sid", $sid); $smarty->assign('banner_title', $banner_title); $smarty->assign('use_logo', $use_logo); $smarty->assign('use_icons', $use_icons); $smarty->assign('logo_file', $logo_file); $smarty->assign('logo_width', $logo_width); $smarty->assign('logo_height', $logo_height); $smarty->assign('logo_url', $logo_url); $smarty->assign('logo_alt_text', $logo_alt_text); $smarty->assign('enable_false_negative_management', $enable_false_negative_management); $smarty->assign('system_enable_user_autocreation', $enable_user_autocreation); $smarty->assign('enable_stats_tracking', $enable_stats_tracking); $smarty->assign('cols', $cols); $smarty->assign('admin', $admin); $smarty->assign('username', $username); $smarty->assign('showmenu', $showmenu); $smarty->assign('super', is_superadmin($uid)); $smarty->assign("lang", $lang); $smarty->assign("is_a_visitor", $is_a_visitor); // added by JacobLeaver, response to ticket $smarty->assign("php_errors", isset($php_errors) ? $php_errors : ""); // some default values, which can be overridden $smarty->assign("page_css", ""); $smarty->assign("page_javascript", ""); $message = isset($message) ? $message : ""; $message .= isset($_SESSION["message"]) ? $_SESSION["message"] : ""; $_SESSION["message"] = ""; // unset message, we don't want to display more than once. // if page is to be redirected again, reassign it. $smarty->assign("message", $message);
</span></td> <td class="info"><?php echo $row['loginip']; ?> </td> <td class="info"><?php echo get_postname($row['positionid']); ?> </td> <td class="info"><?php echo get_realdepaname($row['departmentid']); ?> </td> <td class="action" > <?php if ($row['flag'] != '1' || is_superadmin() != '') { ?> <a href="admin.php?ac=<?php echo $ac; ?> &fileurl=<?php echo $fileurl; ?> &do=add&id=<?php echo $row['id']; ?> ">编辑</a> <?php } ?> </td>
<dt><div class="spheric ui-corner-all-16"><img src="template/default/new/images/01.png"></div> <span class="month_view_schedule_time"><a href="admin.php?ac=<?php echo $ac; ?> &fileurl=<?php echo $fileurl; ?> &do=views&id=<?php echo $row['id']; ?> "><?php echo $row['title']; ?> </a></span> <?php if ($row['uid'] == $_USER->id || is_superadmin()) { ?> <em class="none"><a href="admin.php?ac=<?php echo $ac; ?> &fileurl=<?php echo $fileurl; ?> &do=add&id=<?php echo $row['id']; ?> " title="修改日志" class="month_view_edit_schedule "></a><a href="admin.php?ac=<?php echo $ac; ?> &fileurl=<?php echo $fileurl;
/** * delete page */ public function delete() { $this->layout = 'none'; if ($this->input->post() && $this->input->is_ajax_request()) { $post = $this->input->post(); $json = array(); if ($post['ids'] != '') { $array_id = array_map('trim', explode(',', $post['ids'])); if (count($array_id) > 0) { foreach ($array_id as $row => $id) { $record = $this->Quiz_model->GetQuiz($id); if ($record) { if ($id == id_auth_user()) { $json['error'] = alert_box('You can\'t delete Your own account.', 'danger'); break; } else { if (is_superadmin()) { if ($record['image'] != '' && file_exists(UPLOAD_DIR . 'admin/' . $record['image'])) { unlink(UPLOAD_DIR . 'admin/' . $record['image']); @unlink(UPLOAD_DIR . 'admin/tmb_' . $record['image']); @unlink(UPLOAD_DIR . 'admin/sml_' . $record['image']); } $this->Quiz_model->DeleteRecord($id); // insert to log $data_log = array('id_user' => id_auth_user(), 'id_group' => id_auth_group(), 'action' => 'Delete User Quiz', 'desc' => 'Delete User Quiz; ID: ' . $id . ';'); insert_to_log($data_log); // end insert to log $json['success'] = alert_box('Data has been deleted', 'success'); $this->session->set_flashdata('flash_message', $json['success']); } else { $json['error'] = alert_box('You don\'t have permission to delete this record(s). Please contact the Quizistrator.', 'danger'); break; } } } else { $json['error'] = alert_box('Failed. Please refresh the page.', 'danger'); break; } } } } header('Content-type: application/json'); exit(json_encode($json)); } redirect($this->class_path_name); }
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ require_once "core.php"; require_once "maia_db.php"; require_once "authcheck.php"; require_once "display.php"; $display_language = get_display_language($euid); require_once "./locale/{$display_language}/db.php"; require_once "./locale/{$display_language}/display.php"; require_once "./locale/{$display_language}/adminviruses.php"; require_once "smarty.php"; // Only the superadministrator should be here. if (!is_superadmin($uid)) { header("Location: index.php" . $sid); exit; } // Cancel any impersonations currently in effect // by resetting EUID = UID and forcing a reload // of this page. if ($uid != $euid) { $euid = $uid; $_SESSION["euid"] = $uid; header("Location: adminviruses.php" . $sid); exit; } $select = "SELECT virus_name, virus_alias, virus_id " . "FROM maia_viruses, maia_virus_aliases " . "WHERE maia_viruses.id = maia_virus_aliases.virus_id " . "ORDER BY virus_alias ASC"; $sth = $dbh->query($select); $smarty->assign('numrows', $sth->numrows());
$outputFileName = 'data/excel/' . $datename . '.xls'; $content = array(); $archive = array("名称", "有效期(开始)", "有效期(结束)", "发布范围(部门)", "参与人", "负责人", "备注", "完成时间", "发布人", "类型", "内容"); $content[] = $archive; $wheresql = ''; if ($title = getGP('title', 'P')) { $wheresql .= " AND title LIKE '%{$title}%'"; } //时间 $vstartdate = getGP('vstartdate', 'P'); $venddate = getGP('venddate', 'P'); if ($vstartdate != '' && $venddate != '') { $wheresql .= " AND (startdate>='" . $vstartdate . "' and enddate<='" . $venddate . "')"; } $vuidtype = getGP('vuidtype', 'P'); if (!is_superadmin() && $ischeck != '1' && $ischeck != '2' && $vuidtype == '') { $wheresql .= " AND uid = {$_USER->id}"; } if ($vuidtype != '') { if ($vuidtype == '-1') { $wheresql .= get_subordinate($_USER->id, 'uid'); } else { $wheresql .= " and uid='" . $vuidtype . "'"; } } if ($ischeck == '1' && $vuidtype == '') { $wheresql .= " AND participation LIKE '%" . get_realname($_USER->id) . "%' "; } if ($ischeck == '2' && $vuidtype == '') { $wheresql .= " AND person LIKE '%" . get_realname($_USER->id) . "%' "; }
function pro_mana_view($typeid = 0, $user = 0) { if (!is_superadmin()) { global $db; $mana = $db->fetch_one_array("SELECT tid FROM " . DB_TABLEPRE . "project_type where (keyuser like '%" . get_realname($user) . "%' or keyuser='' or manauser like '%" . get_realname($user) . "%') and tid=" . $typeid); if ($mana['tid'] == '') { show_msg('对不起,您没有使用的权限,不可用!', 'home.php?mid=8'); } } }
/** * delete page */ public function delete() { $this->layout = 'none'; if ($this->input->post() && $this->input->is_ajax_request()) { $post = $this->input->post(); $json = array(); if ($post['ids'] != '') { $array_id = array_map('trim', explode(',', $post['ids'])); if (count($array_id) > 0) { foreach ($array_id as $row => $id) { $record = $this->Menu_model->GetMenu($id); if ($record) { if ($record['is_superadmin'] && !is_superadmin()) { $json['error'] = alert_box('You don\'t have permission to delete this record(s). Please contact the Menuistrator.', 'danger'); break; } else { /*if (!$this->Menu_model->checkUserHaveRightsMenu(id_auth_group(),$id)) { $json['error'] = alert_box('You don\'t have permission to delete this record(s). Please contact the Menuistrator.','danger'); break; } else {*/ $this->Menu_model->DeleteRecord($id); // insert to log $data_log = array('id_user' => id_auth_user(), 'id_group' => id_auth_group(), 'action' => 'Delete Admin Menu', 'desc' => 'Delete Admin Menu; ID: ' . $id . ';'); insert_to_log($data_log); // end insert to log $json['success'] = alert_box('Data has been deleted', 'success'); $this->session->set_flashdata('flash_message', $json['success']); //} } } else { $json['error'] = alert_box('Failed. Please refresh the page.', 'danger'); break; } } } } header('Content-type: application/json'); exit(json_encode($json)); } redirect($this->class_path_name); }
/** * get all auth menu * @param int $id_parent * @return array data */ function MenusData($id_parent = 0) { if (!is_superadmin()) { $this->db->where('is_superadmin', 0); } $data = $this->db->where('parent_auth_menu', $id_parent)->order_by('position', 'asc')->order_by('auth_menu.id_auth_menu', 'asc')->get('auth_menu')->result_array(); foreach ($data as $row => $val) { $data[$row]['children'] = $this->MenusData($val['id_auth_menu']); } return $data; }
function folder_fit($file = null, $size = null, $profile = null) { if (!$file && !$size || !$profile) { return false; } $is_admin = is_superadmin(); if (empty($_SESSION['profile_folder_max_size']) && !$is_admin) { return false; } $folder = $_SESSION['upload_root_path'] . $profile; $max = $_SESSION['profile_folder_max_size'] * 1048576; if (!empty($file)) { if (!is_file($file)) { return false; } $size = filesize($file); } if (folder_size($folder, false) + $size > $max && !$is_admin) { return false; } return true; }
if ($aa != 0) { echo '<h3 class="f14"><span class="switchs cu on" title="展开与收缩"></span>' . $row[menuname] . '</h3>'; //crm_menu_tow($row[menuid]); crm_menu_my($row[menuid]); //echo $row[menuid]."++<br>"; //echo "<span class='cu' title='点击操作'></span><a href=javascript:_MP(".$row[menuid].",'".$row[menuurl]."'); hidefocus='true' style='outline:none;'>".$row[menuname]."</a>"; } } } else { //自写 $aa = get_pp($row[menuname]); //echo $row[menuname]."++".$aa."**<br>"; if (is_superadmin()) { echo "<h3 class='f14'><span class='cu' title='点击操作'></span><a href=javascript:_MP(" . $row[menuid] . ",'" . $row[menuurl] . "'); hidefocus='true' style='outline:none;'>" . $row[menuname] . "</a></h3>"; } if ($aa != 0 and $row[menutype] != '1' and !is_superadmin()) { //if($row[menutype]!='1'){ echo "<h3 class='f14'><span class='cu' title='点击操作'></span><a href=javascript:_MP(" . $row[menuid] . ",'" . $row[menuurl] . "'); hidefocus='true' style='outline:none;'>" . $row[menuname] . "</a></h3>"; } } } } ?> <script type="text/javascript"> $(".switchs").each(function(i){ var ul = $(this).parent().next(); $(this).click( function(){ if(ul.is(':visible')){ ul.hide(); $(this).removeClass('on');
} else { $wheresql .= " AND type='1'"; } if ($cid = getGP('cid', 'P')) { $wheresql .= " AND cid='" . $cid . "'"; } if ($number = getGP('number', 'P')) { $wheresql .= " AND number='" . $number . "'"; } if ($title = getGP('title', 'P')) { $wheresql .= " AND title LIKE'%" . $title . "%'"; } //权限判断 $un = getGP('un', 'P'); $ui = getGP('ui', 'P'); if (!is_superadmin() && $ui == '') { $wheresql .= " and (uid='" . $_USER->id . "' or user='******')"; } if ($ui != '') { $wheresql .= " and (uid in(" . $ui . ") or user in('" . str_replace(",", "','", $un) . "'))"; } $vstartdate = getGP('vstartdate', 'P'); $venddate = getGP('venddate', 'P'); if ($vstartdate != '' && $venddate != '') { $wheresql .= " AND (date>='" . $vstartdate . "' and date<='" . $venddate . "')"; } //处理表单数据 $fromkeywordarr = getGP('fromkeyword', 'P', 'array'); $kinputname = getGP('kinputname', 'P', 'array'); $arrcid = array(); $nums = 0;
$content = serialize($idarr); $title = '删除任务信息'; get_logadd($id, $content, $title, 33, $_USER->id); show_msg('删除任务信息成功!', 'admin.php?ac=' . $ac . '&fileurl=' . $fileurl . ''); } elseif ($do == 'excel') { $datename = "duty_" . get_date('YmdHis', PHP_TIME); $outputFileName = 'data/excel/' . $datename . '.xls'; //生成数据 $content = array(); $archive = array("任务编号", "任务名称", "执行人", "任务开始时间", "任务结束时间", "任务描述", "备注", "任务状态", "任务分配人"); $content[] = $archive; $wheresql = ''; //根据条件导出 $ischeck = getGP('ischeck', 'P'); $vuidtype = getGP('vuidtype', 'P'); if (!is_superadmin() && $ischeck == '' && $vuidtype == '') { $wheresql = "and (user='******' or uid='" . $_USER->id . "')"; } if ($vuidtype != '') { if ($ischeck == '1') { if ($vuidtype == '-1') { $wheresql .= get_subordinate($_USER->id, 'uid'); } else { $wheresql .= " and uid='" . $vuidtype . "'"; } } elseif ($ischeck == '2') { $wheresql .= get_suborname($_USER->id, 'user'); } else { if ($vuidtype == '-1') { $wheresql .= get_subordinate($_USER->id, 'uid'); } else {
function trash($id) { if (!is_superadmin($this->ion_auth->user()->row()->id)) { $this->session->set_flashdata('message', 'You are not superadmin.'); redirect("auth", "refresh"); } if (in_array($id, $this->config->item("superadmin"))) { $this->session->set_flashdata('message', 'You cannot delete superadmin.'); redirect("auth", "refresh"); } if (isset($id)) { $this->ion_auth_model->delete_user($id); $this->session->set_flashdata('message', 'Remove 1 staff.'); } redirect("auth", "refresh"); }
<td width="100" class="TableHeader">流水单号</td> <td class="TableHeader">工作流名称</td> <td width="90" align="center" class="TableHeader">申请人</td> <td width="120" align="center" class="TableHeader">申请时间</td> <td width="150" class="TableHeader">审批步骤</td> <td width="150" align="center" class="TableHeader">操作</td> </tr> <?php foreach ($result as $row) { $sql = "SELECT * FROM " . DB_TABLEPRE . "workclass_personnel WHERE workid = '" . $row['id'] . "' and (pertype=0 or pertype=2 or pertype=4 or pertype=5) and typeid='" . $row['typeid'] . "' order by perid desc"; $per = $db->fetch_one_array($sql); ?> <tr> <td nowrap class="TableContent" width="5%"> <?php if (!is_superadmin()) { if ($_GET['type'] == 3) { if ($per['pertype'] == 0 || $per['pertype'] == 2 || $row['type'] == 1) { echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" />'; } else { echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" disabled="disabled" />'; } } elseif ($_GET['type'] == '') { if ($row['uid'] == $_USER->id && ($per['pertype'] == 0 || $per['pertype'] == 2 || $row['type'] == 1)) { echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" />'; } else { echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" disabled="disabled" />'; } } else { echo '<input type="checkbox" name="id[]" value="' . $row['id'] . '" class="checkbox" disabled="disabled"/>'; }
//initialize variable // get some system config items - these control whether or not to show certain options $sth = $dbh->prepare("SELECT enable_charts, reminder_threshold_count, " . "enable_spamtraps, enable_username_changes, " . "enable_address_linking " . "FROM maia_config WHERE id = 0"); $res = $sth->execute(); if (PEAR::isError($sth)) { die($sth->getMessage()); } if ($row = $res->fetchrow()) { $enable_charts = $row["enable_charts"] == 'Y'; $reminder_threshold_count = $row["reminder_threshold_count"]; $enable_spamtraps = $row["enable_spamtraps"] == 'Y'; $enable_username_changes = $row["enable_username_changes"] == 'Y'; $enable_address_linking = $row["enable_address_linking"] == 'Y'; } $sth->free(); $super = is_superadmin($uid); require_once "smarty.php"; $smarty->assign('enable_charts', $enable_charts); $smarty->assign('reminder_threshold_count', $reminder_threshold_count); $smarty->assign('enable_spamtraps', $enable_spamtraps); $smarty->assign('enable_username_changes', $enable_username_changes); $smarty->assign('enable_address_linking', $enable_address_linking); $smarty->assign("message", $message); // verify and set up domain variables if the current focus is a domain user if (is_a_domain_default_user($euid)) { $domain_user = true; $domain_name = get_user_name($euid); $domain_id = get_domain_id($domain_name); } else { $domain_user = false; $domain_name = "";
} ?> </td> <?php if ($is_sa) { ?> <td> <?php if (!is_superadmin($user->id)) { echo $user->active ? anchor("auth/deactivate/" . $user->id, 'Deactivate') : anchor("auth/activate/" . $user->id, 'Activate'); } else { echo "Active"; } ?> <?php if (!is_superadmin($user->id)) { if (isset($user->admin) && $user->admin == true) { ?> <br><a href="<?php echo site_url("/auth/remove_admin/{$user->id}"); ?> ">Remove Admin</a> <?php } else { ?> <br><a href="<?php echo site_url("/auth/make_admin/{$user->id}"); ?> ">Make Admin</a> <?php }
<input type="text" class="form-control" name="file" id="file" value="<?php echo isset($post['file']) ? $post['file'] : ''; ?> "/> </div> <div class="form-group form-group-sm"> <label for="position">Position</label> <input type="text" class="form-control" name="position" id="position" value="<?php echo isset($post['position']) ? $post['position'] : $max_position; ?> "/> </div> </div> <div class="col-lg-4 col-lg-offset-2"> <?php if (is_superadmin()) { ?> <div class="form-group"> <label for="is_superadmin">Super Administrator</label> <div class="checkbox"> <label> <input type="checkbox" value="1" name="is_superadmin" id="is_superadmin" <?php echo isset($post['is_superadmin']) && !empty($post['is_superadmin']) ? 'checked="checked"' : ''; ?> />Yes </label> </div> </div> <?php } ?>
function get_exceldown($keys) { if (!is_superadmin() && !check_purview($keys)) { } else { return '<a href="javascript:document:excel.submit();" seed="CR-download-top" id="J-download"><img class="v-al-middle" src="template/default/images/2EC5tZlqdV.gif" />下载查询结果</a>'; } }
/** * get all auth menu * @param int $id_parent * @return array data */ function MenusData($id_group = 0, $id_parent = 0) { if (!is_superadmin()) { $this->db->where('is_superadmin', 0); } $data = $this->db->join("\n (select id_auth_menu as id_auth,id_auth_group from {$this->db->dbprefix('auth_menu_group')} where id_auth_group={$id_group}) {$this->db->dbprefix('auth_menu_group')}\n ", 'auth_menu_group.id_auth=auth_menu.id_auth_menu', 'left')->where('parent_auth_menu', $id_parent)->order_by('position', 'asc')->order_by('auth_menu.id_auth_menu', 'asc')->get('auth_menu')->result_array(); foreach ($data as $row => $val) { if ($val['id_auth_group'] == $id_group) { $data[$row]['checked'] = true; } else { $data[$row]['checked'] = false; } $data[$row]['children'] = $this->MenusData($id_group, $val['id_auth_menu']); } return $data; }
<script language="javascript" type="text/javascript" src="DatePicker/WdatePicker.js"></script> <script src="template/default/tree/js/admincp.js?SES" type="text/javascript"></script> <script charset="utf-8" src="eweb/kindeditor.js"></script> <script type="text/javascript"> </script> </head> <body class="bodycolor"> <table width="550" border="0" align="center" cellpadding="3" cellspacing="0" class="small" style='margin-top:30px;'> <tr> <td class="Big" style="vertical-align:middle;"><img src="template/default/content/images/notify_new.gif" align="absmiddle"><span class="big3"> 日程<?php echo $_title['name']; ?> </span> <?php if ($blog['uid'] == $_USER->id || is_superadmin()) { ?> <span style="font-size:12px; float:right; margin-right:20px;"> <a href="admin.php?ac=<?php echo $ac; ?> &fileurl=<?php echo $fileurl; ?> &do=add&id=<?php echo $blog['id']; ?> " style="font-size:12px;"><img src="template/default/new/images/todo_edit.png">编辑</a> <a href="admin.php?ac=<?php echo $ac; ?> &fileurl=<?php
//db->query("DELETE FROM ".DB_TABLEPRE."user_view WHERE uid = '$id'"); if ($id != '') { $oalog = array('uid' => $_USER->id, 'content' => '删除内部短信', 'title' => '删除内部短信', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4'); insert_db('oalog', $oalog); } } show_msg('短消息删除成功!', 'admin.php?ac=index&fileurl=sms&userkeytype=' . getGP('userkeytype', 'P') . ''); } elseif ($do == 'excel') { $datename = "sms_" . get_date('YmdHis', PHP_TIME); $outputFileName = 'data/excel/' . $datename . '.xls'; $content = array(); $archive = array("接收人", "发送人", "发送时间", "内容"); $content[] = $archive; $wheresql = ''; $vuidtype = getGP('vuidtype', 'P'); if (!is_superadmin() && $vuidtype == '') { $wheresql .= " AND uid ='" . $_USER->id . "'"; } if ($vuidtype != '') { if ($vuidtype == '-1') { $wheresql .= get_subordinate($_USER->id, 'uid'); } else { $wheresql .= " and uid='" . $vuidtype . "'"; } } $sql = "SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE 1 {$wheresql} ORDER BY id desc"; $result = $db->query($sql); while ($row = $db->fetch_array($result)) { $archive = array("" . $row['receiveperson'] . "", "" . get_realname($row['uid']) . "", "" . str_replace("-", ".", $row[date]) . "", "" . $row['content'] . ""); $content[] = $archive; }
<td width="80" align="center" class="TableHeader">表单类型</td> <td width="80" align="center" class="TableHeader">验证方式</td> <td class="TableHeader" width="100" align="center">发布人</td> <td class="TableHeader" width="80" align="center">操作</td> </tr> <?php foreach ($result as $row) { ?> <tr> <td nowrap class="TableContent"> <?php $dnum = $db->result("SELECT COUNT(*) AS dnum FROM " . DB_TABLEPRE . "workclass_db where fromid='" . $row['fromid'] . "'"); if ($dnum < 1) { $tpl = $db->fetch_one_array("SELECT tpltype FROM " . DB_TABLEPRE . "workclass_template WHERE tplid = '" . $row['tplid'] . "' "); if ($tpl['tpltype'] != '1' || is_superadmin()) { get_boxlistkey("id[]", $row['fromid'], $row['uid'], $_USER->id); } else { echo '<input type="checkbox" name="id[]" value="' . $row['fromid'] . '" disabled="disabled" />'; } } else { echo '<input type="checkbox" name="id[]" value="' . $row['fromid'] . '" disabled="disabled" />'; } ?> </td> <td class="TableData"><input name="inputnumber[<?php echo $row['fromid']; ?> ]" type="text" style="width:30px;" value="<?php echo $row['inputnumber']; ?>