if (isset($_GET['url'])) { $url = "&url=" . $_GET['url']; } $url = NULL; if (!(isset($_POST['user']) && $_POST['user'] != NULL)) { die(html_jump("./login.php?err=用户名不能为空" . $url)); } if (!(isset($_POST['pwd']) && $_POST['pwd'] != NULL)) { die(html_jump("./login.php?err=密码不能为空" . $url)); } if (!(isset($_POST['save']) && $_POST['save'] == 1)) { $_POST['save'] = 0; } $login = new password($_POST['user'], $_POST['pwd']); if (!$login->mysql_pwd()) { die(html_jump("./login.php?err=密码错误" . $url)); } if (!$GLOBALS['user']['active']) { die(html_jump("./login.php?err=账户被禁止" . $url)); } $cookie = new mycookies($GLOBALS['user']['user'], $option->arr['cookie_key'], NULL); $cookie->new_cookie(); $cookie->set($_POST['save'] * $option->arr['cookie_time'] * 60 * 60); if (!$cookie->up_data()) { die(html_jump("./login.php?err=登陆错误") . $url); } else { if (isset($_GET['url'])) { die(html_jump(urldecode($_GET['url']))); } die(html_jump("./index.php")); }
<?php define('ROOT', dirname($_SERVER['SCRIPT_FILENAME'])); require ROOT . "/include/admin-init.php"; if (!is_login()) { die(html_jump('login.php')); } set_page_type('library', 'library_return'); set_page_power(array(1)); set_title("图书归还"); $all_user = new user_info(); $all_user->get_id_list(); get_admin_header(); ?> <div id="library-lent"> <h2 class="center">图书归还</h2> <?php if (isset($_GET['status'])) { if ($_GET['status'] == 'OK') { echo '<p class="status blue center">成功归还图书</p>'; } else { echo '<p class="status red center">', $_GET['status'], '</p>'; } } ?> <form action="library-action.php" method="get"> 图书ID:<input name="id" value="<?php if (isset($_GET['id'])) { echo $_GET['id']; } ?>
} } else { die(html_jump($form_url . "&status=ID参数有误")); } break; //删除账户 //删除账户 case 'del': if (!check_power(array(1))) { die(html_jump($form_url . "&status=非法操作")); } if (isset($_GET['id']) && is_number($_GET['id'])) { $user_del = new user_del(); $status = $user_del->add($_GET['id']); if ($status != 'OK') { die(html_jump($form_url . "&status=" . $status)); } else { $status = $user_del->del(); die(html_jump($form_url . "&status=" . $status)); } } else { die(html_jump($form_url . "&status=ID参数有误")); } break; default: die(html_jump($form_url . "&status=未知操作")); } } else { die(html_jump($form_url . "&status=非法操作")); } }