ExecuteNoneQuery($query); $query = "UPDATE `#@__member` SET uname='$uname',email='$email'$pwdm WHERE mid='$id'"; $dsql->ExecuteNoneQuery($query); ShowMsg("成功修改一个帐户", "sys_admin_user.php"); exit(); } else if ($dopost == 'delete') { if (empty($userok)) $userok = ""; if ($userok != "yes") { $randcode = mt_rand(10000, 99999); $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24); require_once(DEDEINC."/oxwindow.class.php"); $wintitle = "删除用户"; $wecome_info = "系统帐号管理::删除用户"; $win = new OxWindow(); $win->Init("sys_admin_user_edit.php", "js/blank.js", "POST"); $win->AddHidden("dopost", $dopost); $win->AddHidden("userok", "yes"); $win->AddHidden("randcode", $randcode); $win->AddHidden("safecode", $safecode); $win->AddHidden("id", $id); $win->AddTitle("系统警告"); $win->AddMsgItem("您确信要删除用户：$userid 吗", "50"); $win->AddMsgItem("安全验证串： (复制本代码：$safecode )", "30"); $winform = $win->GetWindow("ok"); $win->Display(); exit(); } $safecodeok = substr(md5($cfg_cookie_encode.$randcode), 0, 24); if ($safecodeok != $safecode) { ShowMsg("请填写正确的安全验证串", "sys_admin_user.php"); exit(); } //不能删除id为1的创建人帐号，不能删除自己 $rs = $dsql->ExecuteNoneQuery2("DELETE FROM `#@__admin` WHERE id='$id' AND id<>1 AND id<>'".$cuserLogin->getUserID()."' "); if ($rs > 0) { //更新前台用户信息 $dsql->ExecuteNoneQuery("UPDATE `#@__member` SET matt='0' WHERE mid='$id' LIMIT 1"); ShowMsg("成功删除一个帐户", "sys_admin_user.php"); } else { ShowMsg("不能删除id为1的创建人帐号，不能删除自己", "sys_admin_user.php", 0, 3000); } exit(); } //显示用户信息 $randcode = mt_rand(10000, 99999); $safecode = substr(md5($cfg_cookie_encode.$randcode), 0, 24); $typeOptions = ''; $row = $dsql->GetOne("SELECT * FROM `#@__admin` WHERE id='$id'"); $typeids = explode(',', $row['typeid']); $dsql->SetQuery("SELECT id,typename FROM `#@__arctype` WHERE reid=0 AND (ispart=0 OR ispart=1)"); $dsql->Execute('op'); while ($nrow = $dsql->GetObject('op')) { $typeOptions .= "id, $typeids) ? ' selected' : '').">{$nrow->typename}\r\n"; $dsql->SetQuery("SELECT id,typename FROM #@__arctype WHERE reid={$nrow->id} AND (ispart=0 OR ispart=1)"); $dsql->Execute('s'); while ($nrow = $dsql->GetObject('s')) { $typeOptions .= "id, $typeids) ? ' selected' : '').">—{$nrow->typename}\r\n"; } } make_hash(); include DedeInclude('templets/sys_admin_user_edit.htm');