www.gusucode.com > mcms手机网站系统 v3.1源码程序 > mcms_v3.1.0/upload/app/admin/user.group.php
<?php
/*
* MCMS Copyright (c) 2012-2013 ZhangYiYeTai Inc.
*
* http://www.mcms.cc
*
* The program developed by loyjers core architecture, individual all rights reserved,
* if you have any questions please contact loyjers@126.com
*/
require_once(dirname(__FILE__) . "/../../init.php"); //公用引导启动文件
check_login();
check_level('B02',AJAX);
$time_start = H :: getmicrotime(); //开始时间
$_GET['tpl'] = isset($_GET['tpl']) ? $_GET['tpl']:'';
// 动作处理
call_mfunc();
// 模板处理
if($_GET['tpl']=='level'){
require_once(assign_tpl('user.level.php', 'admin'));
}else{
require_once(assign_tpl(basename(__FILE__), 'admin'));
}
// ******************************************************* 函数方法 *******************************************************
function m__list() {
global $result,$dbm,$C,$ulevel,$name;
$id=$_GET['id'] = isset($_GET['id']) ? intval($_GET['id']) : 0;
$_GET['type'] = isset($_GET['type']) ? trim($_GET['type']) : 1;
$sql="select * from ".TB_PRE."group";
$result=$dbm->query($sql);
if($_GET['tpl'] != 'level') return;
if($_GET['type']=='group_level'){
$sql="select group_name as name,group_level from ".TB_PRE."group where group_id='$id' limit 1";
$rs=$dbm->query($sql);
}else{
$sql="select login_name as name,login_level,login_no_level from ".TB_PRE."user where uid='$id' limit 1";
$rs=$dbm->query($sql);
}
if(count($rs['list'])!=1) H::error_show('{"code":"1","msg":"用户组或者用户不存在"}');
$obj=$rs['list'][0];
$ulevel=array();
if($_GET['type']=='group_level') {
$ulevel=explode(',',$obj['group_level']);
$name='用户组权限<em>></em>'.$obj['name'];
}
if($_GET['type']=='login_level') {
$ulevel=explode(',',$obj['login_level']);
$name='用户附加权限<em>></em>'.$obj['name'];
}
if($_GET['type']=='login_no_level') {
$ulevel=explode(',',$obj['login_no_level']);
$name='用户禁止权限<em>></em>'.$obj['name'];
}
//die(print_r($ulevel));
//左侧树
$params['tree']=$C->cate_brother();
$params['checkbox']=1;
$params['ulevel']=$ulevel;
$params['is_expand_all']=1;
$result['tree_cate']=$C->show_tree($params);
//print_r($result);exit;
}
//删除用户组
function m__del() {
global $dbm;
check_level('B0203',AJAX);
$_POST['params'] = explode(',',$_POST['params']);
foreach($_POST['params'] as $group_id) {
$group_id = intval($group_id);
if($group_id<=0) continue;
$sql = 'select uid from '.TB_PRE.'user where login_group='.$group_id.' limit 1';
$rs = $dbm->query($sql);
if(count($rs['list']) > 0) continue;
$rs =$dbm->query("select group_name,group_type from ".TB_PRE."group where group_id=".$group_id." limit 1");
if(count($rs['list']) != 1) continue;
if($rs['list'][0]['group_type']==0) continue;
$group_name = $rs['list'][0]['group_name'];
$sql='delete from '.TB_PRE.'group where group_id='.$group_id;
$rs = $dbm->query_update($sql);
logs('删除用户组 '.$group_name,2);
}
die('{"code":0,"msg":"删除成功"}');
}
//添加用户组
function m__save(){
global $dbm;
$_POST=H::sqlxss($_POST);
$_POST['group_id'] = isset($_POST['group_id']) ? intval($_POST['group_id']) : 0;
$fields['group_name'] = isset($_POST['group_name']) ? $_POST['group_name'] : 0;
$fields['group_remark'] = isset($_POST['group_remark']) ? $_POST['group_remark'] : '';
if($fields['group_name'] == '') die('{"code":1,"msg":"请填写用户组名称","id":"group_name"}');
if ($_POST['group_id'] == 0) {
//添加用户组
check_level('B0201',AJAX);
$fields['create_time'] = time();
$fields['group_type'] = 1;
$rs = $dbm->single_insert(TB_PRE.'group',$fields);
logs('添加用户组 '.$fields['group_name'],2);
} else {
//编辑用户组
check_level('B0202',AJAX);
$rs = $dbm->single_update(TB_PRE.'group',$fields,"group_id='{$_POST['group_id']}'");
logs('编辑用户组 '.$fields['group_name'],2);
}
die('{"code":0,"msg":"操作成功"}');
}
//批量修改
function m__save_all() {
global $dbm;
$_POST = H::sqlxss($_POST);
check_level('B0202',AJAX);
foreach($_POST['params'] as $k=>$v) {
$group_id = $v['id'];
unset($v[0]);
unset($v['id']);
$rs = $dbm->query_update("update ".TB_PRE."group set group_name='".$v['group_name']."',group_remark='".$v['group_remark']."' where group_id=".$group_id);
}
die('{"code":"0","msg":"操作成功"}');
}
//编辑权限
function m__save_level() {
global $dbm;
$_POST = H::sqlxss($_POST);
$_POST['type'] = isset($_POST['type']) ? trim($_POST['type']) : '';
$id=$_POST['id'] = isset($_POST['id']) ? intval($_POST['id']) : '';
$_POST['level'] = isset($_POST['level']) ? $_POST['level'] : array();
$level=implode(',',$_POST['level']);
if($_POST['type']=='login_level') { //编辑用户权限
check_level('B0104',AJAX);
$rs = $dbm->query_update("update ".TB_PRE."user set login_level='$level' where uid='$id'");
logs('编辑用户 '.$id.' 的'.$level.'权限成功 '.$level,2);
}
if($_POST['type']=='login_no_level') { //编辑用户权限
check_level('B0104',AJAX);
$rs = $dbm->query_update("update ".TB_PRE."user set login_no_level='$level' where uid='$id'");
logs('编辑用户 '.$id.' 的'.$level.'权限成功 '.$level,2);
}
if($_POST['type']=='group_level') { //编辑组权限
check_level('B0204',AJAX);
$rs = $dbm->query("select group_level from ".TB_PRE."group where group_id='$id' limit 2");
if(count($rs['list']) != 1 ) die('{"code":"1","msg":"编辑权限失败"}');
//如果是系统管理员组则不修改
if($rs['list'][0]['group_level'] == 100) die('{"code":"0","msg":"编辑权限成功"}');
$dbm->query_update("update ".TB_PRE."group set group_level='$level' where group_id='$id'");
logs('编辑用户组 '.$id.' 的权限成功 '.$level,2);
}
die('{"code":"0","msg":"编辑权限成功"}');
}
//取单条用户组记录
function m__get() {
global $dbm;
$group_id = isset($_POST['group_id']) ? intval($_POST['group_id']) : 0;
if($group_id > 0) {
$sql="select * from ".TB_PRE."group where group_id='$group_id'";
$rs = $dbm -> query($sql);
if(count($rs['list'])==1) {$rs['list'][0]['code'] = 0;die(json_encode($rs['list'][0]));}
}
die('{"code":"1","msg":"用户组不存在"}');
}
?>