} else { if ($action == "change") { //当要求为更改用户密码时 if (!$_POST) { $tgusername = $uclass->getusername($uid); $smarty->assign("username", $tgusername); $smarty->display("user_mod.htm"); } else { $password = $_POST["password"]; $passwordag = $_POST["password_ag"]; echo $uclass->changepasswd($uid, $password, $passwordag); exit("<script>window.setTimeout(function(){window.location.href='./user_list.php';},1500);</script>"); } } else { if ($action == "add") { //当用户需要添加用户时 if (!$_POST) { $smarty->display("user_add.htm"); } else { $username = trim($_POST["uname"]); $nickname = trim($_POST["realname"]); $userleve = trim($_POST["ulv"]); $password = trim($_POST["password"]); echo $uclass->adduser($username, $password, $userleve, $nickname); exit("<script>window.setTimeout(function(){window.location.href='./user_list.php';},1500);</script>"); } } else { exit("非法操作!"); } } }
$objImage->setadmin_img($admin_img); $objImage->setimg_name($admin_img_name); $objImage->setimg_size($size); $objImage->setimg_type($type); $objImage->settmp_img_name($tmp_name); //check the image extension $img_return = $objImage->check_img(); //now teh condition for flag if ($img_return == true) { $objUser = new User(); $admin_name = mysqli_real_escape_string($objUser->conxn, $_POST['admin_name']); $admin_email = mysqli_real_escape_string($objUser->conxn, $_POST['admin_email']); $admin_password = mysqli_real_escape_string($objUser->conxn, $_POST['admin_password']); $admin_password2 = mysqli_real_escape_string($objUser->conxn, $_POST['admin_password2']); $admin_access_level = mysqli_real_escape_string($objUser->conxn, $_POST['admin_access_level']); $admin_img_name = mysqli_real_escape_string($objUser->conxn, $_FILES['admin_img']['name']); $objUser->setAdmin_username($admin_name); $objUser->setPassword($admin_password); $objUser->setAdmin_email($admin_email); $objUser->setaccess_level($admin_access_level); $objUser->setimg_name($admin_img_name); //$objUser->setlogin_date(); $flag = $objUser->adduser(); } else { new Locate('../index.php?action=' . base64_encode('views_add_user') . '&error=' . base64_encode('Image not uploaded. Try again')); } if ($flag == true) { new Locate('../index.php?action=' . base64_encode('views_add_user') . '&success=' . base64_encode('Admin data has been successfully added.')); } else { new Locate('../index.php?action=' . base64_encode('views_add_user') . '&error=' . base64_encode('Form Submission Incomplete')); }