DedeBIZ
/
DedeV6
Tarkkaile 2
Äänestä 0
Fork 0
Koodi Pull-pyynnöt 0 Julkaisut 29 Activity
国内流行的内容管理系统(CMS)多端全媒体解决方案 https://www.dedebiz.com
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
450 Commitit
3 Branchit
322MB
Puu: 0657287d57
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from '0657287d57'
${ noResults }
DedeV6/src/admin/member_toadmin.php

member_toadmin.php 4.1KB
Raaka Normal View Historia

合并分支
3 vuotta sitten
兼容性调整,优化栏目字段
3 vuotta sitten
合并分支
3 vuotta sitten
兼容性调整,优化栏目字段
3 vuotta sitten
合并分支
3 vuotta sitten
调整
3 vuotta sitten
合并分支
3 vuotta sitten
 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. <?php

  2. /**

  3.  * 升级为管理员

  4.  *

  5.  * @version        $Id: member_toadmin.php 1 14:09 2010年7月20日Z tianya $

  6.  * @package        DedeBIZ.Administrator

  7.  * @copyright      Copyright (c) 2022, DedeBIZ.COM

  8.  * @license        https://www.dedebiz.com/license

  9.  * @link           https://www.dedebiz.com

  10.  */

  11. require_once(dirname(__FILE__)."/config.php");

  12. CheckPurview('member_Edit');

  13. if (empty($dopost)) $dopost = '';

  14. if (empty($fmdo)) $fmdo = '';

  15. 

  16. $ENV_GOBACK_URL = isset($_COOKIE['ENV_GOBACK_URL']) ? 'member_main.php' : '';

  17. $row = array();

  18. /*----------------

  19. function __Toadmin()

  20. 升级为管理员

  21. ----------------*/

  22. if ($dopost == "toadmin") {

  23.     $pwd = trim($pwd);

  24.     if ($pwd != '' && preg_match("#[^0-9a-zA-Z_@!\.-]#", $pwd)) {

  25.         ShowMsg('密码不合法,请使用[0-9a-zA-Z_@!.-]内的字符', '-1', 0, 3000);

  26.         exit();

  27.     }

  28.     $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  29.     if ($safecodeok != $safecode) {

  30.         ShowMsg("请填写正确的安全验证串", "member_toadmin.php?id={$id}");

  31.         exit();

  32.     }

  33.     $pwdm = '';

  34.     if ($pwd != '') {

  35.         $inputpwd = ",pwd";

  36.         $inputpwdv = ",'".substr(md5($pwd), 5, 20)."'";

  37.         $pwdm = ",pwd='".md5($pwd)."'";

  38.     } else {

  39.         $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  40.         $password = $row['pwd'];

  41.         $inputpwd = ",pwd";

  42.         $pwd = substr($password, 5, 20);

  43.         $inputpwdv = ",'".$pwd."'";

  44.         $pwdm = ",pwd='".$password."'";

  45.     }

  46.     $typeids = (empty($typeids)) ? "" : $typeids;

  47.     if ($typeids == '') {

  48.         ShowMsg("请为该管理员指定管理栏目", "member_toadmin.php?id={$id}");

  49.         exit();

  50.     }

  51.     $typeid = join(',', $typeids);

  52.     if ($typeid == '0') $typeid = '';

  53.     if ($id != 1) {

  54.         $query = "INSERT INTO `#@__admin`(id,usertype,userid$inputpwd,uname,typeid,tname,email)

  55.                     VALUES('$id','$usertype','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  56.     } else {

  57.         $query = "INSERT INTO `#@__admin`(id,userid$inputpwd,uname,typeid,tname,email)

  58.                     VALUES('$id','$userid'$inputpwdv,'$uname','$typeid','$tname','$email')";

  59.     }

  60.     $dsql->ExecuteNoneQuery($query);

  61.     $query = "UPDATE `#@__member` SET `rank`='100',uname='$uname',matt='10',email='$email'$pwdm WHERE mid='$id'";

  62.     $dsql->ExecuteNoneQuery($query);

  63.     $row = $dsql->GetOne("SELECT * FROM `#@__admintype` WHERE `rank`='$usertype'");

  64.     $floginid = $cuserLogin->getUserName();

  65.     $fromid = $cuserLogin->getUserID();

  66.     $subject = "恭喜您已经成功提升为管理员";

  67.     $message = "亲爱的会员{$userid},您已经成功提升为{$row['typename']},具体操作权限请同网站超级管理员联系";

  68.     $sendtime = $writetime = time();

  69.     $inquery = "INSERT INTO `#@__member_pms` (`floginid`,`fromid`,`toid`,`tologinid`,`folder`,`subject`,`sendtime`,`writetime`,`hasview`,`isadmin`,`message`)

  70.       VALUES ('$floginid','$fromid','$id','$userid','inbox','$subject','$sendtime','$writetime','0','0','$message'); ";

  71.     $dsql->ExecuteNoneQuery($inquery);

  72.     ShowMsg("成功升级一个帐户", "member_main.php");

  73.     exit();

  74. }

  75. $id = preg_replace("#[^0-9]#", "", $id);

  76. 

  77. //显示用户信息

  78. $randcode = mt_rand(10000, 99999);

  79. $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24);

  80. $typeOptions = '';

  81. $typeid = (empty($typeid)) ? '' : $typeid;

  82. $typeids = explode(',', $typeid);

  83. $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)");

  84. $dsql->Execute('op');

  85. while ($nrow = $dsql->GetObject('op')) {

  86.     $typeOptions .= "<option value='{$nrow->id}' class='btype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">{$nrow->typename}</option>\r\n";

  87.     $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)");

  88.     $dsql->Execute('s');

  89.     while ($nrow = $dsql->GetObject('s')) {

  90.         $typeOptions .= "<option value='{$nrow->id}' class='stype'".(in_array($nrow->id, $typeids) ? ' selected' : '').">—{$nrow->typename}</option>\r\n";

  91.     }

  92. }

  93. $row = $dsql->GetOne("SELECT * FROM #@__member WHERE mid='$id'");

  94. include DedeInclude('templets/member_toadmin.htm');