/**
* 取得POST过来的帐号字段
*/
function post_myaccount()
{
global $_LANG;
/* 基本字段提取 */
$fields = array();
$fields['password'] = trim($_POST['password']);
/* 字段值检查 */
if ($fields['password'] != trim($_POST['passwordr'])) {
make_json_fail($_LANG['fill_myaccount_repwd']);
}
/* 字段值重构 */
if ($fields['password'] == '') {
unset($fields['password']);
} else {
$fields['password'] = md5($fields['password']);
}
return $fields;
}
} elseif ($_REQUEST['act'] == 'loginsubmit') {
/* 非法提交 */
if (!isset($_POST['submit'])) {
sys_msg($_LANG['lawless_submit']);
}
/* 用户名或密码空检查 */
if (!trim($_POST['username']) || !trim($_POST['password'])) {
make_json_fail(trim($_POST['username']) ? $_LANG['fill_login_pwd'] : $_LANG['fill_login_usr']);
}
/* 登陆 */
if (admin_login(trim($_POST['username']), md5(trim($_POST['password'])))) {
admin_log($_LANG['str_login']);
make_json_ok();
}
/* 登陆失败 */
make_json_fail($_LANG['fail_login']);
} elseif ($_REQUEST['act'] == 'logout') {
admin_log($_LANG['str_logout']);
admin_logout();
} elseif ($_REQUEST['act'] == 'flush') {
/* 刷新权限系统 */
flush_privilege_sys();
/* 跳转到后台首页 */
redirect($_CFG['URL_ADMIN'] . 'index.php');
} elseif ($_REQUEST['act'] == 'home') {
/* 初始化页面信息 */
$tpl['_title'] = false;
/* 加载视图 */
include $_CFG['DIR_ADMIN_TPL'] . 'home.html';
} else {
/* 初始化页面信息 */
function post_admin_check($fields = array(), $act = '')
{
global $_LANG;
if (isset($fields['role_id']) && $fields['role_id'] <= 0) {
make_json_fail($_LANG['fill_admin_role']);
}
if (isset($fields['username']) && $fields['username'] == '') {
make_json_fail($_LANG['fill_admin_usr']);
}
if (isset($fields['username']) && exist_admin(array('username' => $fields['username'], 'admin_id' => $_POST['admin_id']))) {
make_json_fail($_LANG['fill_admin_exist']);
}
if (isset($fields['name']) && $fields['name'] == '') {
make_json_fail($_LANG['fill_admin_name']);
}
if ($act == 'add' && isset($fields['password']) && $fields['password'] == '') {
make_json_fail($_LANG['fill_admin_pwd']);
}
}
/* 权限检查 */
admin_privilege_valid('db_backup.php', 'backup');
/* 检查上传是否成功 */
if (isset($_FILES['file']['error']) && $_FILES['file']['error'] != 0) {
make_json_fail($_LANG['fill_dbbackup_sqlfile']);
}
/* 检查文件格式 */
if (substr($_FILES['file']['name'], -4) != '.sql') {
make_json_fail($_LANG['file_ext_error']);
}
/* 设置文件路径 */
$fname = 'upload_sqlfile_temp.sql.php';
$fpath = $_CFG['DIR_ADMIN_DUMPSQL'] . $fname;
/* 将文件移动到备份文件夹下 */
if (!move_uploaded_file($_FILES['file']['tmp_name'], $fpath)) {
make_json_fail($_LANG['file_mov_fail']);
}
/* 导入SQL文件 */
if (import_sqlfile($fname) === false) {
@unlink($fpath);
make_json_ok($_LANG['fail_dbbackup_import']);
} else {
@unlink($fpath);
make_json_ok($_LANG['ok_dbbackup_import']);
}
} elseif ($_REQUEST['act'] == 'del') {
/* 权限检查 */
admin_privilege_valid('db_backup.php', 'backup');
/* 初始化参数 */
$_POST['ids'] = is_array($_POST['ids']) ? $_POST['ids'] : array();
/* 删除SQL文件 */
/**
* 取得POST过来的权限字段
*/
function post_privilege($act)
{
global $_LANG;
/* 基本字段提取 */
$fields = array();
$fields['name'] = trim($_POST['name']);
$fields['order'] = intval($_POST['order']);
$fields['module_id'] = intval($_POST['parent_id']);
$fields['module_act_code'] = trim($_POST['module_act_code']);
$fields['module_act_name'] = trim($_POST['module_act_name']);
/* 字段值检查 */
if ($fields['name'] == '') {
make_json_fail($_LANG['fill_privilege_name']);
}
if ($fields['module_id'] == 0) {
make_json_fail($_LANG['fill_privilege_module']);
}
if ($fields['module_act_name'] == '') {
make_json_fail($_LANG['fill_privilege_aname']);
}
if ($fields['module_act_code'] == '') {
make_json_fail($_LANG['fill_privilege_acode']);
}
/* 字段值检查 - 权限重复检查 */
$filter = array();
$filter['module_id'] = $fields['module_id'];
$filter['privilege_id'] = $_POST['privilege_id'];
$filter['module_act_code'] = $fields['module_act_code'];
if (exist_privilege($filter)) {
make_json_fail($_LANG['fill_privilege_exist']);
}
return $fields;
}
function post_role_check($fields = array(), $act = '')
{
global $_LANG;
if (isset($fields['name']) && $fields['name'] == '') {
make_json_fail($_LANG['fill_role_name']);
}
}
/**
* 取得POST过来的模块字段
*/
function post_module($act)
{
global $_LANG;
/* 基本字段提取 */
$fields = array();
$fields['name'] = trim($_POST['name']);
$fields['file'] = trim($_POST['file']);
/* 字段值检查 */
if ($fields['name'] == '') {
make_json_fail($_LANG['fill_module_name']);
}
if ($fields['file'] == '') {
make_json_fail($_LANG['fill_module_file']);
}
if (exist_module(array('file' => $fields['file'], 'module_id' => $_POST['module_id']))) {
make_json_fail($_LANG['fill_module_exist']);
}
return $fields;
}
/**
* 创建或者更新当前管理员权限文件
*
* @params arr $privs 权限信息数组
*
* @return bol true 表示写入成功,失败则退出系统
*/
function admin_pfile_create($privs)
{
global $_LANG;
/* 权限信息字符串 */
$str = serialize($privs);
/* 权限文件路径 */
$pfile = admin_pfile();
/* 写入文件 */
if (@file_put_contents($pfile, $str) === false) {
/* 注销并返回系统消息 */
admin_destroy();
make_json_fail($_LANG['fail_pfile_create']);
}
/* 清除文件状态缓存 */
clearstatcache();
// 防止文件修改时间的缓存
/* 返回 */
return true;
}
