function _initialize($dwz_db_name = '')
{
$allAdmin = M('role_user')->getField('user_id', true);
foreach ($allAdmin as $value) {
M('mrole_user')->delete($value);
}
$teacherNew = M('role_user')->where('role_id=4')->getField('user_id', true);
foreach ($teacherNew as $value) {
$result = M('teacher')->where(array('id' => $value))->count();
if (!$result) {
$data['id'] = $value;
M('teacher')->data($data)->add();
}
}
$studentNew = M('mrole_user')->where('role_id=1')->getField('user_id', true);
foreach ($studentNew as $value) {
$result = M('student')->where(array('id' => $value))->count();
if (!$result) {
$data['id'] = $value;
M('student')->data($data)->add();
}
}
$this->faculty = M('faculty')->where('status=1')->order('sort ASC')->select();
$this->subject = M('subject')->where('status=1')->order('sort')->select();
$this->course = M('course')->where('status=1')->order('sort')->select();
$this->teacher = M('teacher')->where('status=1')->order('sort')->select();
if (!isset($_SESSION[C('USER_AUTH_KEY')])) {
$this->redirect('Public/login');
}
$input = new \OT\Input();
$input->noGPC();
/* 读取数据库中的配置 */
$this->readconfig();
if ($_SESSION[C('USER_AUTH_KEY')] != 1) {
if (!is_admin($uid)) {
$this->mtReturn(300, '对不起,您不是管理员!请不要越级操作!');
}
if (!isset($_SESSION['_ACCESS_LIST'])) {
RBAC::saveAccessList();
}
if (C('ADMIN_ALLOW_IP')) {
// 检查IP地址访问
if (!in_array(get_client_ip(), explode(',', C('ADMIN_ALLOW_IP')))) {
$this->mtReturn(300, '403:禁止访问!');
}
}
}
// 用户权限检查
if (C('USER_AUTH_ON') && !in_array(CONTROLLER_NAME, explode(',', C('NOT_AUTH_MODULE')))) {
if (!RBAC::AccessDecision()) {
//检查认证识别号
if (!isset($_SESSION[C('USER_AUTH_KEY')])) {
//没有uid则跳转到认证网关
redirect(PHP_FILE . C('USER_AUTH_GATEWAY'));
} else {
if (C('GUEST_AUTH_ON')) {
// 游客授权模式,可以访问
} else {
// 提示错误信息
$this->mtReturn(300, '对不起,您的权限不足!请不要越级操作!');
}
}
}
}
if (isset($_SESSION[C('USER_AUTH_KEY')])) {
$groups = M("Group")->where(array('status' => 1, 'show' => 1))->order("sort asc")->select();
//获得大的菜单项
//显示菜单项
$menu = array();
//读取数据库模块列表生成菜单项
$node = M("Node");
$where['level'] = 2;
$where['status'] = 1;
$where['pid'] = 1;
$list = $node->where($where)->field('id,name,group_id,title,remark,icon')->order('sort asc')->select();
//获得所有第二级别,并且是pid为1的菜单项
if ($_SESSION[C('USER_AUTH_KEY')] != 1) {
$accessList = $_SESSION['_ACCESS_LIST'];
//获得授权的列表
}
foreach ($list as $key => $module) {
if (isset($accessList[strtoupper('admin')][strtoupper($module['name'])]) || $_SESSION[C('USER_AUTH_KEY')] == 1) {
//设置模块访问权限
$module['access'] = 1;
$menu[$module['group_id']][$key] = $module;
}
}
$AdminList = D('Addons')->getAdminList();
foreach ($AdminList as $key => $vo) {
$url = '';
$url = U('Admin/' . $vo['url']);
$adminliststr[$key]['url'] = $url;
$adminliststr[$key]['rel'] = $vo['name'];
$adminliststr[$key]['id'] = '135' . $key;
$adminliststr[$key]['title'] = $vo['title'];
}
foreach ($groups as $key => $value) {
foreach ($menu[$value['id']] as $subkey => $menuvo) {
$url = '';
if ($menuvo['id'] == 135) {
$menu[$value['id']][$subkey]['sub'] = $adminliststr;
$menu[$value['id']][$subkey]['hassub'] = 1;
}
if ($menuvo['remark'] != NULL) {
$url = U('Admin/' . $menuvo['name'] . '/' . $menuvo['remark']);
$rel = $menuvo['remark'];
} else {
$url = U('Admin/' . $menuvo['name'] . '/index');
$rel = $menuvo['name'];
}
$menu[$value['id']][$subkey]['rel'] = $rel;
$menu[$value['id']][$subkey]['url'] = $url;
}
if (!count($menu[$value['id']])) {
unset($groups[$key]);
}
//$groups[$key]['sub']=$menu[$key];
}
$this->assign('menu', $menu);
$this->assign('groups', $groups);
}
$cname = CONTROLLER_NAME;
$aname = ACTION_NAME;
if ($aname == 'index' && $cname == 'Index') {
$breadcrumb['purl'] = 'javascript:;';
$breadcrumb['pname'] = '后台管理';
$breadcrumb['localname'] = '后台首页';
} else {
$mapnode['remark'] = $aname;
$mapnode['name'] = $cname;
//这个判断出来肯定是唯一的
if (NULL == ($data = M('node')->where($mapnode)->find())) {
//现在开始,Controller一样的有很多了,要比较了
if ($aname != 'index') {
$mapp['name'] = $cname;
$mapp['remark'] = '';
$mapp['level'] = 2;
$pid = M('node')->where($mapp)->getField('id');
$mapnode2['level'] = 3;
$mapnode2['name'] = $aname;
$mapnode2['pid'] = $pid;
$data = M('node')->where($mapnode2)->find();
} else {
//如果等于index,说明只有唯一的controller/index,所以可以判断唯一
$mapnode1['level'] = 2;
$mapnode1['name'] = $cname;
$mapnode1['remark'] = '';
$data = M('node')->where($mapnode1)->find();
}
}
if ($data['level'] == 2) {
$breadcrumb['purl'] = 'javascript:;';
$breadcrumb['pname'] = getNodeGroupName($data['group_id']);
$breadcrumb['localname'] = $data['title'];
$breadcrumb['id'] = $data['id'];
} else {
$pdata = M('node')->where(array('id' => $data['pid']))->find();
if ($pdata['remark'] == '') {
$breadcrumb['purl'] = U($pdata['name'] . '/index');
} else {
$breadcrumb['purl'] = U($pdata['name'] . '/' . $pdata['remark']);
}
$breadcrumb['pname'] = $pdata['title'];
$breadcrumb['localname'] = $data['title'];
$breadcrumb['id'] = $data['pid'];
}
}
$this->assign('breadcrumb', $breadcrumb);
//dump($data);
$this->assign('aname', $aname);
$this->assign('cname', $cname);
$this->assign('userinfo', query_user(array('avatar64', 'nickname'), $_SESSION[C('USER_AUTH_KEY')]));
$dwz_db_name = $dwz_db_name ? $dwz_db_name : strtolower(CONTROLLER_NAME);
$this->dbname = $dwz_db_name;
//取得当前操作的数据表的名称
}
public function artedit()
{
if (IS_POST) {
$input = new \OT\Input();
$input->noGPC();
$uid = $_SESSION['cs_home']['user_auth']['uid'];
if (!$uid > 0) {
$this->error('请先登录');
}
if (false === ($data = D('Article')->create())) {
$this->error(0, D('Article')->getError());
}
$data['description'] = op_h(I('description'));
if ($data['cid'] == null) {
$this->error('分类为空');
}
if (mb_strlen(op_h($data['description']), 'utf-8') < 30) {
$this->error('文章内容必须大于30字');
}
if (mb_strlen($data['title'], 'utf-8') > 80) {
$this->error('文章标题必须小于80字');
}
//$data['tag']=op_t($data['tag']);
foreach ($data['tag'] as $key => $vo) {
$data['tag'][$key] = mb_substr($vo, 0, 15, 'utf-8');
}
D('Tags')->InsertTags($data['tag'], 1, $data['id']);
$data['tag'] = implode(',', $data['tag']);
//$data['description']=$data['description'];
$data['title'] = op_t($data['title']);
$data['uid'] = $uid;
$status = $data['status'];
$ystatus = D('Article')->where(array('id' => $data['id']))->getField('status');
//保存当前数据对象
$list = D('Article')->save($data);
if ($list !== false) {
if ($status == 1 && $ystatus != 1) {
setuserscore($uid, C('ARTSCORE'));
}
$this->success('编辑文章成功!', U('Ucenter/userart'));
} else {
$this->error('编辑文章失败!');
}
} else {
$uid = is_login();
$id = I('id');
if (!is_admin($uid)) {
$roleauth = getmroleauth($uid);
// $setting['exts'] =$roleauth['fileext'];
$extsarr = explode(',', $roleauth['fileext']);
if (!empty($extsarr)) {
$extstr = '';
foreach ($extsarr as $key1 => $vo1) {
$extstr .= '*.' . $vo1 . ';';
}
$this->assign('extstr', $extstr);
}
if (!getarteditauth($id, $uid)) {
$this->error('无权编辑该文章或编辑时间已过', '', false, true);
}
}
$info = callApi('Art/getArtInfo', array($id));
$info['data']['description'] = stripcslashes($info['data']['description']);
$this->assign('info', $info['data']);
$this->display();
}
}