function m__edit_my_pass()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
$sql = "select apass from " . TB_PREFIX . "admin_list where admin_id='{$_SESSION['admin']['admin_id']}' limit 1";
$rs = $dbm->query($sql);
if (count($rs['list']) == 0) {
die('{"code":"1","msg":"登录状态可能已失效,请重新登录"}');
}
$_POST['upassnew'] = isset($_POST['upassnew']) ? $_POST['upassnew'] : '';
$_POST['new_upass'] = isset($_POST['new_upass']) ? $_POST['new_upass'] : '';
$_POST['re_upass'] = isset($_POST['re_upass']) ? $_POST['re_upass'] : '';
$verify = verify::verify_upass($_POST['new_upass']);
if ($rs['list'][0]['apass'] != helper::password_encrypt($_POST['upassnew'])) {
die('{"code":"1","msg":"原密码输入不正确","id":"upassnew"}');
}
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"new_upass"}');
}
if ($_POST['new_upass'] != $_POST['re_upass']) {
die('{"code":"1","msg":"新密码输入不一致","id":"new_upass"}');
}
$fields['apass'] = helper::password_encrypt($_POST['new_upass']);
$dbm->single_update(TB_PREFIX . "admin_list", $fields, "admin_id='{$_SESSION['admin']['admin_id']}'");
die('{"code":"0","msg":"密码修改成功"}');
}
function m__login()
{
global $dbm;
$_POST = helper::sqlxss($_POST);
$_POST['uname'] = isset($_POST['uname']) ? $_POST['uname'] : '';
$verify = verify::verify_length($_POST['uname'], 1, 20);
if ($verify != '') {
die('{"code":"1","msg":"账号' . $verify . '","id":"uname"}');
}
$_POST['upass'] = isset($_POST['upass']) ? $_POST['upass'] : '';
$verify = verify::verify_upass($_POST['upass']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"uname","id":"upass"}');
}
$_POST['code'] = isset($_POST['code']) ? $_POST['code'] : '';
$_POST['safecode'] = isset($_POST['safecode']) ? $_POST['safecode'] : '';
if ($_POST['safecode'] != SAFE_CODE) {
die('{"code":"1","msg":"安全码错误","id":"safecode"}');
}
if ($_SESSION['login'] != md5(strtoupper($_POST['code']))) {
die('{"code":"1","msg":"验证码错误","id":"code"}');
}
$sql = "select a.*,b.g_urank,b.g_name from " . TB_PREFIX . "admin_list a left join " . TB_PREFIX . "admin_group b on a.group_id=b.group_id where aname='" . $_POST['uname'] . "' limit 1";
$rs = $dbm->query($sql);
//print_r($rs);
if (count($rs['list']) == 0) {
die('{"code":"1","msg":"账号不存在","id":"uname"}');
}
if ($rs['list'][0]['apass'] != helper::password_encrypt($_POST['upass'])) {
die('{"code":"1","msg":"密码错误","id":"upass"}');
}
if ($rs['list'][0]['astate'] != 0) {
die('{"code":"1","msg":"账号异常","id":"uname"}');
}
// 登陆成功
$_SESSION['admin']["admin_id"] = $rs['list'][0]['admin_id'];
$_SESSION['admin']["aname"] = $rs['list'][0]['aname'];
$_SESSION['admin']["aname_true"] = $rs['list'][0]['aname_true'];
$_SESSION['admin']["group_id"] = $rs['list'][0]['group_id'];
$_SESSION['admin']['group_level'] = $rs['list'][0]['g_urank'];
$_SESSION['admin']['gname'] = $rs['list'][0]['g_name'];
$_SESSION['admin']["alevel"] = $_SESSION['admin']['group_level'] . ',|,' . $rs['list'][0]['alevel'];
logs($_SESSION['admin']["aname"] . "登陆成功");
die('{"code":"0","msg":"登录成功"}');
}
function m__edit()
{
global $dbm;
check_level("B0202");
$params = array();
foreach ($_POST as $k => $v) {
if (strpos($k, 'pass') > 0) {
} else {
$_POST[$k] = helper::sqlxss($v);
}
}
$fields['aname'] = isset($_POST['aname']) ? $_POST['aname'] : '';
$verify = verify::verify_uname($fields['aname']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"aname"}');
}
$_POST['apass'] = isset($_POST['apass']) ? $_POST['apass'] : '';
$_POST['re_pass'] = isset($_POST['re_pass']) ? $_POST['re_pass'] : '';
$fields['aname_true'] = isset($_POST['aname_true']) ? $_POST['aname_true'] : '';
$fields['aemail'] = isset($_POST['aemail']) ? $_POST['aemail'] : '';
$fields['aphone'] = isset($_POST['aphone']) ? $_POST['aphone'] : '';
$fields['group_id'] = isset($_POST['group_id']) ? intval($_POST['group_id']) : 0;
$_POST['admin_id'] = isset($_POST['admin_id']) ? intval($_POST['admin_id']) : 0;
if ($fields['group_id'] == 0) {
die('{"code":"1","msg":"请选择管理组","id":"group_id"}');
}
if ($_POST['admin_id'] > 0) {
if ($_POST['apass'] != '') {
$verify = verify::verify_upass($_POST['apass']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"apass"}');
}
if ($_POST['apass'] != $_POST['re_pass']) {
die('{"code":"1","msg":"两次密码输入不一致","id":"apass"}');
}
$fields['apass'] = helper::password_encrypt($_POST['apass']);
}
$where = " admin_id ='" . $_POST['admin_id'] . "'";
$rs = $dbm->single_update(TB_PREFIX . "admin_list", $fields, $where);
if ($rs['error'] == '') {
logs("编辑CMS账号资料成功:{$_POST['aname']}");
die('{"code":"0","msg":"编辑账号成功"}');
}
die('{"code":"1","msg":"编辑账号失败,请核实后再编辑"}');
} else {
// 添加账号
$verify = verify::verify_upass($_POST['apass']);
if ($verify != '') {
die('{"code":"1","msg":"' . $verify . '","id":"apass"}');
}
if ($_POST['apass'] != $_POST['re_pass']) {
die('{"code":"1","msg":"两次密码输入不一致","id":"apass"}');
}
$fields['apass'] = helper::password_encrypt($_POST['apass']);
$where = " aname='" . $_POST['aname'] . "'";
$a = $dbm->single_query(array('where' => $where, 'table_name' => TB_PREFIX . "admin_list"));
if (count($a['list']) > 0) {
die('{"code":"1","msg":"账号名不能重复","id":"aname"}');
}
$fields['reg_date'] = time();
$fields['astate'] = 0;
$rs = $dbm->single_insert(TB_PREFIX . "admin_list", $fields);
if ($rs['error'] == '') {
logs("添加账号成功:{$_POST['aname']}");
die('{"code":"0","msg":"添加账号成功"}');
}
die('{"code":"1","msg":"添加账号失败,请核实后再添加"}');
}
}
