www.gusucode.com > mcms手机网站系统 v3.1源码程序 > mcms_v3.1.0/upload/app/admin/user.group.php
<?php /* * MCMS Copyright (c) 2012-2013 ZhangYiYeTai Inc. * * http://www.mcms.cc * * The program developed by loyjers core architecture, individual all rights reserved, * if you have any questions please contact loyjers@126.com */ require_once(dirname(__FILE__) . "/../../init.php"); //公用引导启动文件 check_login(); check_level('B02',AJAX); $time_start = H :: getmicrotime(); //开始时间 $_GET['tpl'] = isset($_GET['tpl']) ? $_GET['tpl']:''; // 动作处理 call_mfunc(); // 模板处理 if($_GET['tpl']=='level'){ require_once(assign_tpl('user.level.php', 'admin')); }else{ require_once(assign_tpl(basename(__FILE__), 'admin')); } // ******************************************************* 函数方法 ******************************************************* function m__list() { global $result,$dbm,$C,$ulevel,$name; $id=$_GET['id'] = isset($_GET['id']) ? intval($_GET['id']) : 0; $_GET['type'] = isset($_GET['type']) ? trim($_GET['type']) : 1; $sql="select * from ".TB_PRE."group"; $result=$dbm->query($sql); if($_GET['tpl'] != 'level') return; if($_GET['type']=='group_level'){ $sql="select group_name as name,group_level from ".TB_PRE."group where group_id='$id' limit 1"; $rs=$dbm->query($sql); }else{ $sql="select login_name as name,login_level,login_no_level from ".TB_PRE."user where uid='$id' limit 1"; $rs=$dbm->query($sql); } if(count($rs['list'])!=1) H::error_show('{"code":"1","msg":"用户组或者用户不存在"}'); $obj=$rs['list'][0]; $ulevel=array(); if($_GET['type']=='group_level') { $ulevel=explode(',',$obj['group_level']); $name='用户组权限<em>></em>'.$obj['name']; } if($_GET['type']=='login_level') { $ulevel=explode(',',$obj['login_level']); $name='用户附加权限<em>></em>'.$obj['name']; } if($_GET['type']=='login_no_level') { $ulevel=explode(',',$obj['login_no_level']); $name='用户禁止权限<em>></em>'.$obj['name']; } //die(print_r($ulevel)); //左侧树 $params['tree']=$C->cate_brother(); $params['checkbox']=1; $params['ulevel']=$ulevel; $params['is_expand_all']=1; $result['tree_cate']=$C->show_tree($params); //print_r($result);exit; } //删除用户组 function m__del() { global $dbm; check_level('B0203',AJAX); $_POST['params'] = explode(',',$_POST['params']); foreach($_POST['params'] as $group_id) { $group_id = intval($group_id); if($group_id<=0) continue; $sql = 'select uid from '.TB_PRE.'user where login_group='.$group_id.' limit 1'; $rs = $dbm->query($sql); if(count($rs['list']) > 0) continue; $rs =$dbm->query("select group_name,group_type from ".TB_PRE."group where group_id=".$group_id." limit 1"); if(count($rs['list']) != 1) continue; if($rs['list'][0]['group_type']==0) continue; $group_name = $rs['list'][0]['group_name']; $sql='delete from '.TB_PRE.'group where group_id='.$group_id; $rs = $dbm->query_update($sql); logs('删除用户组 '.$group_name,2); } die('{"code":0,"msg":"删除成功"}'); } //添加用户组 function m__save(){ global $dbm; $_POST=H::sqlxss($_POST); $_POST['group_id'] = isset($_POST['group_id']) ? intval($_POST['group_id']) : 0; $fields['group_name'] = isset($_POST['group_name']) ? $_POST['group_name'] : 0; $fields['group_remark'] = isset($_POST['group_remark']) ? $_POST['group_remark'] : ''; if($fields['group_name'] == '') die('{"code":1,"msg":"请填写用户组名称","id":"group_name"}'); if ($_POST['group_id'] == 0) { //添加用户组 check_level('B0201',AJAX); $fields['create_time'] = time(); $fields['group_type'] = 1; $rs = $dbm->single_insert(TB_PRE.'group',$fields); logs('添加用户组 '.$fields['group_name'],2); } else { //编辑用户组 check_level('B0202',AJAX); $rs = $dbm->single_update(TB_PRE.'group',$fields,"group_id='{$_POST['group_id']}'"); logs('编辑用户组 '.$fields['group_name'],2); } die('{"code":0,"msg":"操作成功"}'); } //批量修改 function m__save_all() { global $dbm; $_POST = H::sqlxss($_POST); check_level('B0202',AJAX); foreach($_POST['params'] as $k=>$v) { $group_id = $v['id']; unset($v[0]); unset($v['id']); $rs = $dbm->query_update("update ".TB_PRE."group set group_name='".$v['group_name']."',group_remark='".$v['group_remark']."' where group_id=".$group_id); } die('{"code":"0","msg":"操作成功"}'); } //编辑权限 function m__save_level() { global $dbm; $_POST = H::sqlxss($_POST); $_POST['type'] = isset($_POST['type']) ? trim($_POST['type']) : ''; $id=$_POST['id'] = isset($_POST['id']) ? intval($_POST['id']) : ''; $_POST['level'] = isset($_POST['level']) ? $_POST['level'] : array(); $level=implode(',',$_POST['level']); if($_POST['type']=='login_level') { //编辑用户权限 check_level('B0104',AJAX); $rs = $dbm->query_update("update ".TB_PRE."user set login_level='$level' where uid='$id'"); logs('编辑用户 '.$id.' 的'.$level.'权限成功 '.$level,2); } if($_POST['type']=='login_no_level') { //编辑用户权限 check_level('B0104',AJAX); $rs = $dbm->query_update("update ".TB_PRE."user set login_no_level='$level' where uid='$id'"); logs('编辑用户 '.$id.' 的'.$level.'权限成功 '.$level,2); } if($_POST['type']=='group_level') { //编辑组权限 check_level('B0204',AJAX); $rs = $dbm->query("select group_level from ".TB_PRE."group where group_id='$id' limit 2"); if(count($rs['list']) != 1 ) die('{"code":"1","msg":"编辑权限失败"}'); //如果是系统管理员组则不修改 if($rs['list'][0]['group_level'] == 100) die('{"code":"0","msg":"编辑权限成功"}'); $dbm->query_update("update ".TB_PRE."group set group_level='$level' where group_id='$id'"); logs('编辑用户组 '.$id.' 的权限成功 '.$level,2); } die('{"code":"0","msg":"编辑权限成功"}'); } //取单条用户组记录 function m__get() { global $dbm; $group_id = isset($_POST['group_id']) ? intval($_POST['group_id']) : 0; if($group_id > 0) { $sql="select * from ".TB_PRE."group where group_id='$group_id'"; $rs = $dbm -> query($sql); if(count($rs['list'])==1) {$rs['list'][0]['code'] = 0;die(json_encode($rs['list'][0]));} } die('{"code":"1","msg":"用户组不存在"}'); } ?>