www.gusucode.com > 74cms 骑士PHP人才系统 V3.4源码程序 > code/upload/admin/admin_personal.php
<?php
/*
* 74cms 个人
* ============================================================================
* 版权所有: 骑士网络,并保留所有权利。
* 网站地址: http://www.74cms.com;
* ----------------------------------------------------------------------------
* 这不是一个自由软件!您只能在不用于商业目的的前提下对程序代码进行修改和
* 使用;不允许对程序代码以任何形式任何目的的再发布。
* ============================================================================
*/
define('IN_QISHI', true);
require_once(dirname(__FILE__).'/../data/config.php');
require_once(dirname(__FILE__).'/include/admin_common.inc.php');
require_once(ADMIN_ROOT_PATH.'include/admin_personal_fun.php');
$act = !empty($_GET['act']) ? trim($_GET['act']) : 'list';
if($act == 'list')
{
get_token();
check_permissions($_SESSION['admin_purview'],"resume_show");
$tabletype=intval($_GET['tabletype']);
$audit=intval($_GET['audit']);
if (empty($tabletype))
{
$tabletype=1;
$_GET['tabletype']=1;
}
if ($tabletype==1)
{
$tablename="resume";
$audit="";
}
else
{
$tablename="resume_tmp";
}
require_once(QISHI_ROOT_PATH.'include/page.class.php');
$oederbysql=" order BY refreshtime DESC ";
$key=isset($_GET['key'])?trim($_GET['key']):"";
$key_type=isset($_GET['key_type'])?intval($_GET['key_type']):"";
if ($key && $key_type>0)
{
if ($key_type===1)$wheresql=" WHERE fullname like '%{$key}%'";
elseif ($key_type===2)$wheresql=" WHERE id='".intval($key)."'";
elseif ($key_type===3)$wheresql=" WHERE uid='".intval($key)."'";
elseif ($key_type===4)$wheresql=" WHERE telephone like '%{$key}%'";
elseif ($key_type===5)$wheresql=" WHERE qq like '%{$key}%'";
elseif ($key_type===6)$wheresql=" WHERE address like '%{$key}%'";
$oederbysql="";
$tablename="all";
}
else
{
$photo_audit=intval($_GET['photo_audit']);
!empty($audit)? $wheresqlarr['audit']=$audit:'';
!empty($_GET['talent'])? $wheresqlarr['talent']=intval($_GET['talent']):'';
if ($photo_audit>0)
{
$wheresqlarr['photo_audit']=$photo_audit;
$oederbysql="";
}
if ($_GET['photo']<>'')
{
$wheresqlarr['photo']=intval($_GET['photo']);
$oederbysql=" order BY addtime DESC ";
}
if (is_array($wheresqlarr)) $wheresql=wheresql($wheresqlarr);
if (!empty($_GET['addtimesettr']))
{
$settr=strtotime("-".intval($_GET['addtimesettr'])." day");
$wheresql=empty($wheresql)?" WHERE addtime> ".$settr:$wheresql." AND addtime> ".$settr;
$oederbysql=" order BY addtime DESC ";
}
if (!empty($_GET['settr']))
{
$settr=strtotime("-".intval($_GET['settr'])." day");
$wheresql=empty($wheresql)?" WHERE refreshtime> ".$settr:$wheresql." AND refreshtime> ".$settr;
}
if ($_CFG['subsite']=="1" && $_CFG['subsite_filter_resume']=="1")
{
$wheresql.=empty($wheresql)?" WHERE ":" AND ";
$wheresql.=" (subsite_id=0 OR subsite_id=".intval($_CFG['subsite_id']).") ";
}
}
if ($tablename=="all")
{
$total_sql="SELECT COUNT(*) AS num FROM ".table('resume').$wheresql." UNION ALL SELECT COUNT(*) AS num FROM ".table('resume_tmp').$wheresql;
}
else
{
$total_sql="SELECT COUNT(*) AS num FROM ".table($tablename).$wheresql;
}
$total_val=$db->get_total($total_sql);
$page = new page(array('total'=>$total_val, 'perpage'=>$perpage));
$currenpage=$page->nowindex;
$offset=($currenpage-1)*$perpage;
if ($tablename=="all")
{
$getsql="SELECT * FROM ".table('resume').$wheresql." UNION ALL SELECT * FROM ".table('resume_tmp').$wheresql;
}
else
{
$getsql="SELECT * FROM ".table($tablename)." ".$wheresql.$oederbysql;
}
$resumelist = get_resume_list($offset,$perpage,$getsql);
$total[0]=$db->get_total("SELECT COUNT(*) AS num FROM ".table('resume')."");
$total[1]=$db->get_total("SELECT COUNT(*) AS num FROM ".table('resume_tmp')."");
if ($tabletype===2)
{
$total[2]=$db->get_total("SELECT COUNT(*) AS num FROM ".table('resume_tmp')." WHERE audit=1 ");
$total[3]=$db->get_total("SELECT COUNT(*) AS num FROM ".table('resume_tmp')." WHERE audit=2 ");
$total[4]=$db->get_total("SELECT COUNT(*) AS num FROM ".table('resume_tmp')." WHERE audit=3 ");
}
$smarty->assign('total',$total);
$smarty->assign('pageheader',"简历列表");
$smarty->assign('resumelist',$resumelist);
$smarty->assign('page',$page->show(3));
$smarty->assign('total_val',$total_val);
$smarty->display('personal/admin_personal_resume.htm');
}
elseif($act == 'perform')
{
check_token();
$id =!empty($_REQUEST['id'])?$_REQUEST['id']:adminmsg("你没有选择简历!",1);
if (!empty($_REQUEST['delete']))
{
check_permissions($_SESSION['admin_purview'],"resume_del");
if ($n=del_resume($id))
{
adminmsg("删除成功!该删除 {$n} 行",2);
}
else
{
adminmsg("删除失败!",0);
}
}
if (!empty($_POST['set_audit']))
{
check_permissions($_SESSION['admin_purview'],"resume_audit");
$audit=$_POST['audit'];
$pms_notice=intval($_POST['pms_notice']);
$reason=trim($_POST['reason']);
!edit_resume_audit($id,$audit,$reason,$pms_notice)?adminmsg("设置失败!",0):adminmsg("设置成功!",2,$link);
}
if (!empty($_POST['set_talent']))
{
check_permissions($_SESSION['admin_purview'],"resume_talent");
$talent=$_POST['talent'];
!edit_resume_talent($id,$talent)?adminmsg("设置失败!",0):adminmsg("设置成功!",2,$link);
}
if (!empty($_POST['set_photoaudit']))
{
check_permissions($_SESSION['admin_purview'],"resume_photo_audit");
$photoaudit=$_POST['photoaudit'];
!edit_resume_photoaudit($id,$photoaudit)?adminmsg("设置失败!",0):adminmsg("设置成功!",2,$link);
}
elseif (!empty($_GET['refresh']))
{
if($n=refresh_resume($id))
{
adminmsg("刷新成功!响应行数 {$n}",2);
}
else
{
adminmsg("刷新失败!",0);
}
}
}
elseif($act == 'members_list')
{
get_token();
check_permissions($_SESSION['admin_purview'],"per_user_show");
require_once(QISHI_ROOT_PATH.'include/page.class.php');
$wheresql=" WHERE m.utype=2 ";
$oederbysql=" order BY m.uid DESC ";
$key=isset($_GET['key'])?trim($_GET['key']):"";
$key_type=isset($_GET['key_type'])?intval($_GET['key_type']):"";
if ($key && $key_type>0)
{
if ($key_type===1)$wheresql.=" AND m.username like '{$key}%'";
elseif ($key_type===2)$wheresql.=" AND m.uid='".intval($key)."'";
elseif ($key_type===3)$wheresql.=" AND m.email like '{$key}%'";
elseif ($key_type===4)$wheresql.=" AND m.mobile like '{$key}%'";
$oederbysql="";
}
else
{
if (!empty($_GET['settr']))
{
$settr=strtotime("-".intval($_GET['settr'])." day");
$wheresql.=" AND m.reg_time> ".$settr;
}
if (!empty($_GET['verification']))
{
if ($_GET['verification']=="1")
{
$wheresql.=" AND m.email_audit = 1";
}
elseif ($_GET['verification']=="2")
{
$wheresql.=" AND m.email_audit = 0";
}
elseif ($_GET['verification']=="3")
{
$wheresql.=" AND m.mobile_audit = 1";
}
elseif ($_GET['verification']=="4")
{
$wheresql.=" AND m.mobile_audit = 0";
}
}
}
$total_sql="SELECT COUNT(*) AS num FROM ".table('members')." as m ".$wheresql;
$total_val=$db->get_total($total_sql);
$page = new page(array('total'=>$total_val, 'perpage'=>$perpage));
$currenpage=$page->nowindex;
$offset=($currenpage-1)*$perpage;
$member = get_member_list($offset,$perpage,$wheresql.$oederbysql);
$smarty->assign('pageheader',"个人会员");
$smarty->assign('member',$member);
$smarty->assign('page',$page->show(3));
$smarty->display('personal/admin_personal_user_list.htm');
}
elseif($act == 'delete_user')
{
check_token();
check_permissions($_SESSION['admin_purview'],"per_user_del");
$tuid =!empty($_POST['tuid'])?$_POST['tuid']:adminmsg("你没有选择会员!",1);
if ($_POST['delete'])
{
if ($_POST['delete_user']=='yes' && !delete_member($tuid))
{
adminmsg("删除会员失败!",0);
}
if ($_POST['delete_resume']=='yes' && !del_resume_for_uid($tuid))
{
adminmsg("删除简历失败!",0);
}
adminmsg("删除成功!",2);
}
}
elseif($act == 'user_edit')
{
get_token();
check_permissions($_SESSION['admin_purview'],"per_user_edit");
$smarty->assign('pageheader',"个人会员");
$smarty->assign('user',get_member_one($_GET['tuid']));
$smarty->assign('resume',get_resume_uid($_GET['tuid']));
$smarty->assign('url',$_SERVER["HTTP_REFERER"]);
$smarty->display('personal/admin_personal_user_edit.htm');
}
elseif($act == 'set_account_save')
{
check_token();
check_permissions($_SESSION['admin_purview'],"per_user_edit");
require_once(ADMIN_ROOT_PATH.'include/admin_user_fun.php');
$setsqlarr['username']=trim($_POST['username']);
$setsqlarr['email']=trim($_POST['email']);
$setsqlarr['email_audit']=intval($_POST['email_audit']);
$setsqlarr['mobile']=trim($_POST['mobile']);
$setsqlarr['mobile_audit']=intval($_POST['mobile_audit']);
if ($_POST['qq_openid']=="1")
{
$setsqlarr['qq_openid']='';
}
$thisuid=intval($_POST['thisuid']);
if (strlen($setsqlarr['username'])<3) adminmsg('用户名必须为3位以上!',1);
$getusername=get_user_inusername($setsqlarr['username']);
if (!empty($getusername) && $getusername['uid']<>$thisuid)
{
adminmsg("用户名 {$setsqlarr['username']} 已经存在!",1);
}
if (empty($setsqlarr['email']) || !preg_match("/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/",$setsqlarr['email']))
{
adminmsg('电子邮箱格式错误!',1);
}
$getemail=get_user_inemail($setsqlarr['email']);
if (!empty($getemail) && $getemail['uid']<>$thisuid)
{
adminmsg("Email {$setsqlarr['email']} 已经存在!",1);
}
if (!empty($setsqlarr['mobile']) && !preg_match("/^(13|15|18)\d{9}$/",$setsqlarr['mobile']))
{
adminmsg('手机号码错误!',1);
}
$getmobile=get_user_inmobile($setsqlarr['mobile']);
if (!empty($setsqlarr['mobile']) && !empty($getmobile) && $getmobile['uid']<>$thisuid)
{
adminmsg("手机号 {$setsqlarr['mobile']} 已经存在!",1);
}
if (updatetable(table('members'),$setsqlarr," uid=".$thisuid.""))
{
$u['email']=$setsqlarr['email'];
updatetable(table('resume'),$u," uid={$thisuid}");
updatetable(table('resume_tmp'),$u," uid={$thisuid}");
$link[0]['text'] = "返回列表";
$link[0]['href'] = $_POST['url'];
adminmsg('修改成功!',2,$link);
}
else
{
adminmsg('修改失败!',1);
}
}
elseif($act == 'userpass_edit')
{
check_token();
check_permissions($_SESSION['admin_purview'],"per_user_edit");
if (strlen(trim($_POST['password']))<6) adminmsg('新密码必须为6位以上!',1);
$user_info=get_member_one($_POST['memberuid']);
$pwd_hash=$user_info['pwd_hash'];
$md5password=md5(md5(trim($_POST['password'])).$pwd_hash.$QS_pwdhash);
if ($db->query( "UPDATE ".table('members')." SET password = '{$md5password}' WHERE uid='{$user_info['uid']}' LIMIT 1"))
{
$link[0]['text'] = "返回列表";
$link[0]['href'] = $_POST['url'];
$member=get_member_one($user_info['uid']);
write_memberslog($member['uid'],1,1004,$member['username'],"管理员在后台修改登录密码");
adminmsg('操作成功!',2,$link);
}
else
{
adminmsg('操作失败!',1);
}
}
elseif($act == 'members_add')
{
get_token();
check_permissions($_SESSION['admin_purview'],"per_user_add");
$smarty->assign('pageheader',"个人会员");
$smarty->display('personal/admin_personal_user_add.htm');
}
elseif($act == 'members_add_save')
{
check_token();
check_permissions($_SESSION['admin_purview'],"per_user_add");
require_once(ADMIN_ROOT_PATH.'include/admin_user_fun.php');
if (strlen(trim($_POST['username']))<3) adminmsg('用户名必须为3位以上!',1);
if (strlen(trim($_POST['password']))<6) adminmsg('密码必须为6位以上!',1);
$sql['username'] = !empty($_POST['username']) ? trim($_POST['username']):adminmsg('请填写用户名!',1);
$sql['password'] = !empty($_POST['password']) ? trim($_POST['password']):adminmsg('请填写密码!',1);
if ($sql['password']<>trim($_POST['password1']))
{
adminmsg('两次输入的密码不相同!',1);
}
$sql['utype'] = !empty($_POST['member_type']) ? intval($_POST['member_type']):adminmsg('你没有选择注册类型!',1);
if (empty($_POST['email']) || !preg_match("/^\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*$/",$_POST['email']))
{
adminmsg('电子邮箱格式错误!',1);
}
$sql['email']= trim($_POST['email']);
if (get_user_inusername($sql['username']))
{
adminmsg('该用户名已经被使用!',1);
}
if (get_user_inemail($sql['email']))
{
adminmsg('该 Email 已经被注册!',1);
}
$sql['pwd_hash'] = randstr();
$sql['password'] = md5(md5($sql['password']).$sql['pwd_hash'].$QS_pwdhash);
$sql['reg_time']=time();
$sql['reg_ip']=$online_ip;
$insert_id=inserttable(table('members'),$sql,true);
if ($insert_id)
{
write_memberslog($insert_id,1,1000,$sql['username'],"管理员在后台新增会员");
$link[0]['text'] = "返回列表";
$link[0]['href'] = "?act=members_list";
adminmsg('添加成功!',2,$link);
}
}
elseif($act == 'resume_show')
{
check_permissions($_SESSION['admin_purview'],"resume_show");
$id =!empty($_REQUEST['id'])?intval($_REQUEST['id']):adminmsg("你没有选择简历!",1);
$uid =intval($_REQUEST['uid']);
$smarty->assign('pageheader',"查看简历");
$resume=get_resume_basic($uid,$id);
if (empty($resume))
{
$link[0]['text'] = "返回简历列表";
$link[0]['href'] = '?act=list';
adminmsg('简历不存在或已经被删除!',1,$link);
}
$smarty->assign('random',mt_rand());
$smarty->assign('time',time());
$smarty->assign('url',$_SERVER["HTTP_REFERER"]);
$smarty->assign('resume',$resume);
$smarty->assign('resume_education',get_resume_education($uid,$id));
$smarty->assign('resume_work',get_resume_work($uid,$id));
$smarty->assign('resume_training',get_resume_training($uid,$id));
$smarty->assign('resumeaudit',get_resumeaudit_one($id));
$smarty->display('personal/admin_personal_resume_show.htm');
}
elseif($act == 'del_auditreason')
{
check_permissions($_SESSION['admin_purview'],"resume_audit");
$id =!empty($_REQUEST['a_id'])?$_REQUEST['a_id']:adminmsg("你没有选择日志!",1);
$n=reasonaudit_del($id);
if ($n>0)
{
adminmsg("删除成功!共删除 {$n} 行",2);
}
else
{
adminmsg("删除失败!",0);
}
}
elseif($act == 'management')
{
$id=intval($_GET['id']);
$u=get_user($id);
if (!empty($u))
{
unset($_SESSION['uid']);
unset($_SESSION['username']);
unset($_SESSION['utype']);
unset($_SESSION['uqqid']);
setcookie("QS[uid]","",time() - 3600,$QS_cookiepath, $QS_cookiedomain);
setcookie("QS[username]","",time() - 3600,$QS_cookiepath, $QS_cookiedomain);
setcookie("QS[password]","",time() - 3600,$QS_cookiepath, $QS_cookiedomain);
setcookie("QS[utype]","",time() - 3600,$QS_cookiepath, $QS_cookiedomain);
unset($_SESSION['activate_username']);
unset($_SESSION['activate_email']);
$_SESSION['uid']=$u['uid'];
$_SESSION['username']=$u['username'];
$_SESSION['utype']=$u['utype'];
$_SESSION['uqqid']="1";
setcookie('QS[uid]',$u['uid'],0,$QS_cookiepath,$QS_cookiedomain);
setcookie('QS[username]',$u['username'],0,$QS_cookiepath,$QS_cookiedomain);
setcookie('QS[password]',$u['password'],0,$QS_cookiepath,$QS_cookiedomain);
setcookie('QS[utype]',$u['utype'], 0,$QS_cookiepath,$QS_cookiedomain);
header("Location:".get_member_url($u['utype']));
}
}
?>