/**
* 编辑文章
* @param int $id
* @param string $title
* @param string $content
* @throws Exception
*/
public function editArticle($id, $title, $content)
{
$this->check_permission(__FUNCTION__);
try {
if (empty($title)) {
throw new Exception('文章标题不能为空');
}
if (empty($content)) {
throw new Exception('文章内容不能为空');
}
$title = addslashesed($title);
$content = addslashesed($content);
$time = time();
$mysql = C('mysql');
$data = array('name' => $title, 'content' => $content, 'time' => $time);
$where = "id={$id}";
if ($mysql->update('article', $data, $where)) {
jump('编辑成功', 'pages/articleList.php', true);
} else {
jump('编辑失败', 'pages/addArticle.php');
}
} catch (Exception $e) {
jump($e->getMessage(), 'pages/addArticle.php');
}
}
/**
* 添加权限
* @param int $pid
* @param string $name
* @throws Exception
*/
public function addPermission($data)
{
$this->check_permission(__FUNCTION__);
try {
if (empty($data)) {
jump('', 'pages/addPermission.php', '', 0);
} else {
if (!is_numeric($data['pid'])) {
throw new Exception('添加权限失败');
}
if (empty($data['pid']) && (int) $data['pid'] !== 0) {
throw new Exception('添加权限失败');
}
if (empty($data['name'])) {
throw new Exception('添加权限失败');
}
$data['name'] = addslashesed($data['name']);
$data['fname'] = !empty($data['fname']) ? addslashesed($data['fname']) : '';
$mysql = C('mysql');
if ($mysql->insert('permission', $data)) {
jump('权限添加成功', 'pages/permissionList.php', true);
} else {
throw new Exception('权限添加失败');
}
}
} catch (Exception $e) {
jump($e->getMessage(), 'pages/permissionList.php');
}
}
/**
* 添加角色
* @param string $data
* @throws Exception
*/
public function addRole($data = '')
{
$this->check_permission(__FUNCTION__);
try {
if (empty($data)) {
jump('', 'pages/addRole.php', '', 0);
} else {
if (empty($data)) {
throw new Exception('没有角色名');
}
$data['name'] = addslashesed($data['name']);
$mysql = C('mysql');
$data['pid'] = $_SESSION['uid'];
if ($mysql->insert('role', $data)) {
jump('角色添加成功', 'pages/roleList.php', true);
} else {
throw new Exception('角色添加失败');
}
}
} catch (Exception $e) {
jump($e->getMessage(), 'roleList.php');
}
}
/**
* 编辑用户
* @param int $id
* @param array $data
* @throws Exception
*/
public function editUser($id, $data)
{
$this->check_permission(__FUNCTION__);
try {
if (empty($id) || !is_numeric($id)) {
throw new Exception('修改用户失败');
}
$data['id'] = $id;
if (empty($data['name'])) {
throw new Exception('修改用户失败');
}
$data['name'] = addslashesed($data['name']);
if (!array_key_exists('password', $data)) {
throw new Exception('修改用户失败');
}
$data['pass'] = $data['password'];
unset($data['password']);
$mysql = C('mysql');
if (is_numeric($data['rid']) && (int) $data['rid'] !== 0) {
$ua_data = array('uid' => $data['id'], 'rid' => $data['rid']);
if ($mysql->fetchOne('uid,rid', 'user_assignment', "uid={$ua_data['uid']} AND rid={$ua_data['rid']}")) {
throw new Exception('用户已有该角色,请勿重复添加');
}
if ($mysql->insert('user_assignment', $ua_data) === false) {
throw new Exception('添加角色失败');
}
}
unset($data['rid']);
unset($data['id']);
if ($mysql->update('user', $data, "id={$id}")) {
jump('用户修改成功', 'pages/userList.php', true);
} else {
throw new Exception('修改用户失败');
}
} catch (Exception $e) {
jump($e->getMessage(), 'pages/userList.php');
}
}
public function update($table, $data, $where)
{
try {
if (empty($table)) {
throw new Exception('数据编辑失败');
}
if (empty($data)) {
throw new Exception('数据编辑失败');
}
$datas = '';
foreach ($data as $key => $value) {
if (is_string($value)) {
$datas .= $key . "='" . addslashesed($value) . "',";
} elseif (is_numeric($value)) {
$datas .= $key . "=" . $value . ",";
} else {
throw new Exception('数据编辑失败');
}
}
$datas = rtrim($datas, ',');
$sql = "UPDATE `{$table}` SET {$datas}";
if (!empty($where)) {
$sql .= " WHERE {$where}";
}
return parent::query($sql) ? true : false;
} catch (Exception $e) {
$e->getMessage();
}
}