public function index()
{
if (!admin_id()) {
$this->redirect('login');
} else {
$this->display();
}
}
public function changeStatus()
{
if (!admin_id()) {
$this->redirect('index');
}
$Printer = M('Printer');
$pid = I('post.id', null, 'int');
$data['status'] = I('post.status');
$result = $Printer->where("id={$pid}")->save($data);
if ($result) {
$this->success('修改成功', '/Admin/Printer/manage');
} else {
$this->error('修改失败' . $Printer->getError());
}
}
/**
* 管理员列表
*
* @params arr $_REQUEST 全局搜索条件
* SQL自定义所需字段 order_fd, order_type, page, rows_page
* @return arr $list
* arr $list['data'] 分页数据
* arr $list['pager'] 分页信息( html, rows_page, pages_group, rows_total, cur_page, row_start )
* arr $list['filter'] 列表过录信息
*/
function list_admin($filter = array())
{
$p = $f = $list = array();
/* 过滤条件初始化*/
$f['name'] = trim($_REQUEST['name']) != '' ? trim($_REQUEST['name']) : null;
//管理员姓名
$f['username'] = trim($_REQUEST['username']) != '' ? trim($_REQUEST['username']) : null;
//管理员帐号
/* 过滤条件初始化(高优先) */
$f['role_lft'] = isset($filter['role_info']) ? intval($filter['role_info']['lft']) : null;
$f['role_rht'] = isset($filter['role_info']) ? intval($filter['role_info']['rht']) : null;
/* 排序字段初始化 */
$fields = array('name', 'username', 'rht', 'in_time');
$f['order_fd'] = in_array($_REQUEST['order_fd'], $fields) ? $_REQUEST['order_fd'] : 'admin_id';
$f['order_type'] = $_REQUEST['order_type'] == 'ASC' ? 'ASC' : 'DESC';
/* 构建总记录数SQL */
$sql = 'SELECT count(admin_id) FROM ' . tname('admin') . ' LEFT JOIN ' . tname('role') . ' USING(role_id)';
/* 构建过滤条件SQL */
$where = ' WHERE 1=1';
$where .= $f['name'] === null ? '' : ' AND ' . tname('admin') . '.name LIKE "%' . mysql_like_slash($f['name']) . '%"';
$where .= $f['username'] === null ? '' : ' AND ' . tname('admin') . '.username LIKE "%' . mysql_like_slash($f['username']) . '%"';
$where .= admin_id() == 1 ? ' AND (' . tname('admin') . '.role_id = 0' : ' AND (1<>1';
$where .= $f['role_lft'] === null ? '' : ' OR (' . tname('role') . '.lft>' . $f['role_lft'];
$where .= $f['role_rht'] === null ? '' : ' AND ' . tname('role') . '.rht<' . $f['role_rht'] . '))';
/* 设置分页信息 */
$p['rows_page'] = intval($_REQUEST['rows_page']) ? intval($_REQUEST['rows_page']) : 16;
$p['rows_total'] = $GLOBALS['db']->getOne($sql . $where);
$p['html'] = pager($p['rows_page'], $p['rows_total']);
$p['cur_page'] = pager_current($p['rows_page'], $p['rows_total']);
$p['row_start'] = ($p['cur_page'] - 1) * $p['rows_page'];
$f['page'] = $p['cur_page'];
$f['rows_page'] = $p['rows_page'];
/* 构建分页内容SQL */
$sql = ' SELECT ' . tname('admin') . '.*, ' . tname('role') . '.name AS role_name';
$sql .= ' FROM ' . tname('admin') . ' LEFT JOIN ' . tname('role') . ' USING(role_id) ' . $where;
$sql .= ' ORDER BY ' . $f['order_fd'] . ' ' . $f['order_type'];
$sql .= ' LIMIT ' . $p['row_start'] . ',' . $p['rows_page'];
/* 列表对象赋值 */
$list['data'] = $GLOBALS['db']->getAll($sql);
$list['pager'] = $p;
$list['filter'] = $f;
/* 返回 */
return $list;
}
public function search()
{
if (!admin_id()) {
$this->redirect('Admin/Index/login');
}
$status = I('post.status', null, 'int');
switch ($status) {
case 0:
$condition['status'] = array('between', '1,5');
break;
case 1:
$condition['status'] = 1;
break;
case 2:
$condition['status'] = 2;
break;
case 3:
$condition['status'] = 3;
break;
case 4:
$condition['status'] = 4;
break;
default:
$condition['status'] = array('between', '1,5');
}
$File = D('FileView');
$count = $File->where($condition)->count();
$Page = new \Think\Page($count, 10);
$show = $Page->show();
$ppt_layout = C('PPT_LAYOUT');
$result = $File->where($condition)->order('file.id desc')->limit($Page->firstRow . ',' . $Page->listRows)->select();
foreach ($result as &$file) {
$file['ppt_layout'] = $ppt_layout[$file['ppt_layout']];
}
unset($file);
$this->data = $result;
$this->assign('page', $show);
$this->assign('status', $status);
$this->display();
}
/**
* 插入管理员日志
*
* @params str $info 信息
*/
function admin_log($info)
{
$fields = array();
$fields['ip'] = $_SERVER['REMOTE_ADDR'];
$fields['info'] = addslashes(stripslashes($info));
$fields['in_time'] = time();
$fields['admin_id'] = admin_id();
$fields['admin_name'] = addslashes(admin_name());
$fields['admin_username'] = addslashes(admin_username());
$GLOBALS['db']->insert(tname('admin_log'), $fields);
}
/**
* 允许编辑检查 - 角色越权检查
*/
function allow_edit($info)
{
global $_LANG, $_PRIV;
/* 无效的提交管理员信息 */
if (empty($info)) {
sys_msg($_LANG['lawless_submit']);
}
/* 提交的管理员ID自身限制检查(必须不等于当前管理员ID和系统内置管理员ID) */
if ($info['admin_id'] == admin_id() || $info['admin_id'] == 1) {
sys_msg($_LANG['lawless_submit']);
}
/* 提交的管理员为空角色时检查(只能有超级管理员能编辑) */
if (empty($info['lft'])) {
if ($_PRIV['role']['role_id'] != 1) {
sys_msg($_LANG['lawless_submit']);
}
} else {
/* 当前管理员越权编辑管理员检查(当前管理员角色必须大于提交的管理员角色) */
$filter1 = array('info' => $_PRIV['role']);
$filter2 = array('info' => $info);
if (cmp_role($filter1, $filter2) != '>') {
sys_msg($_LANG['lawless_submit']);
}
}
}
// +----------------------------------------------------------------------
// | LengdoFrame - 系统信息模块
// +----------------------------------------------------------------------
// | Copyright (c) 2009 http://lengdo.com All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: Yangfan Dai <*****@*****.**>
// +----------------------------------------------------------------------
// $Id$
/* ------------------------------------------------------ */
// - 文件加载
/* ------------------------------------------------------ */
require '../../includes/init.php';
/* 权限检查 */
if (admin_id() != 1) {
sys_msg($_LANG['lawless_act']);
}
/* 运行环境 */
$tpl['env']['php'] = phpversion();
$tpl['env']['mysql'] = $db->version();
$tpl['env']['kernel'] = $_LANG['sys_kernel'];
/* 目录权限 */
$tpl['dir']['path_sql'] = '<span style="color:#333">' . $_CFG['URL_ADMIN_DUMPSQL'] . '</span>';
$tpl['dir']['path_dbc'] = '<span style="color:#333">' . $_CFG['URL_ADMIN_CACHESQL'] . '</span>';
$tpl['dir']['path_pfile'] = '<span style="color:#333">' . $_CFG['URL_ADMIN_PFILE'] . '</span>';
$tpl['dir']['priv_sql'] = file_privilege($_CFG['DIR_ADMIN_DUMPSQL']) >= 3 ? '<span class="yes"></span>' : '<span class="no"></span>';
$tpl['dir']['priv_dbc'] = file_privilege($_CFG['DIR_ADMIN_CACHESQL']) >= 3 ? '<span class="yes"></span>' : '<span class="no"></span>';
$tpl['dir']['priv_pfile'] = file_privilege($_CFG['DIR_ADMIN_PFILE']) >= 3 ? '<span class="yes"></span>' : '<span class="no"></span>';
/* 加载视图 */
include $_CFG['DIR_ADMIN_TPL'] . 'sysinfo.html';
/* 数据提取 */
$fields = post_myaccount();
/* 更新数据库 */
if (!empty($fields)) {
/* 更新数据库 */
$db->update(tname('admin'), $fields, 'admin_id=' . admin_id());
/* 系统提示 */
make_json_ok($_LANG['ok_myaccount_upassword']);
}
/* 系统提示 */
make_json_ok();
} else {
/* 权限检查 */
admin_privilege_valid('sysmodule.php', 'myaccount');
/* 管理员信息 */
$tpl['info'] = info_admin(array('admin_id' => admin_id()));
}
/* 加载视图 */
include $_CFG['DIR_ADMIN_TPL'] . 'myaccount.html';
?>
<?php
/**
* 取得POST过来的帐号字段
*/
function post_myaccount()
{
global $_LANG;
/* 基本字段提取 */
$fields = array();
$fields['password'] = trim($_POST['password']);
/**
* 取得当前管理员权限IDS。细粒度权限,不包括角色的权限
*
* @return arr
*/
function admin_privilege_ids()
{
return privilege_ids(array('admin_id' => admin_id()));
}
