📄 user.php
字号:
<?php
error_reporting(7);
require("./global.php");
cpheader();
if ($getperms[canadminuser]!=1) {
echo "<p>您的权限不够!</p>\n";
exit;
}
if (isset($action)==0) {
$action="modify";
}
// ###################### Start add #######################
if ($action=="add") {
echo "添加新会员";
doformheader("user","insert");
maketableheader("用户资料");
makechoosercode("用户组","usergroupid",$table["usergroup"],2);
makeinputcode("用户名","ausername");
makeinputcode("密码","apassword");
makeinputcode("Email地址","email");
makeinputcode("主页","homepage","http://www.");
makeinputcode("ICQ 号码","icq");
makeinputcode("QQ 号码","oicq");
maketableheader("选项");
makeyesnocode("接收版主和管理员邮件通知","adminemail",1);
makeyesnocode("记住用户名和密码","cookieuser",1);
makeyesnocode("浏览论坛使用cookies","nosessionhash",1);
makeinputcode("注册日期<br>(格式 yyyy-mm-dd, 是今天则留空)","joindate");
makeinputcode("最后访问<br>(格式 yyyy-mm-dd hh:mm:ss, 是今天则留空)","lastvisit");
makeinputcode("最后活动<br>(格式 yyyy-mm-dd hh:mm:ss, 是今天则留空)","lastactivity");
makeinputcode("最后发表<br>(格式 yyyy-mm-dd hh:mm:ss, 是今天则留空)","lastpost");
makeinputcode("IP 地址","aipaddress",$ipaddress);
doformfooter("保存");
}
// ###################### Start insert #######################
if ($HTTP_POST_VARS['action']=="insert") {
if (!isset($ausername) or $ausername == '') {
echo "<p>你没有给该用户一个用户名</p>";
exit;
}
if ($exists=$DB_site->query_first("SELECT userid FROM ".$table["user"]." WHERE username='".addslashes(htmlspecialchars($ausername))."'")) {
echo "已经有一个用户 ".makelinkcode('user',"user.php?action=edit&userid=$exists[userid]")." 取名为 <b>".htmlspecialchars($ausername)."</b>";
exit;
}
if (!isset($apassword) or $apassword == '') {
echo "You did not give this user a password";
exit;
}
if ($joindate=="") {
$joindate=time();
} else {
$joindate="UNIX_TIMESTAMP('".addslashes($joindate)."')";
}
if ($lastvisit=="") {
$lastvisit=time();
} else {
$lastvisit="UNIX_TIMESTAMP('".addslashes($lastvisit)."')";
}
if ($lastactivity=="") {
$lastactivity=time();
} else {
$lastactivity="UNIX_TIMESTAMP('".addslashes($lastactivity)."')";
}
$DB_site->query("INSERT INTO ".$table["user"]." (userid,usergroupid,username,password,email,homepage,icq,oicq,
adminemail,joindate,cookieuser,nosessionhash,lastvisit,lastactivity,ipaddress)
VALUES (NULL,'$usergroupid','".addslashes(htmlspecialchars($ausername))."','".addslashes(md5($apassword))."',
'".addslashes(htmlspecialchars($email))."','".addslashes(htmlspecialchars($homepage))."',
'".addslashes(htmlspecialchars($icq))."','".addslashes(htmlspecialchars($oicq))."','$adminemail',$joindate,
'$cookieuser','$nosessionhash',$lastvisit,$lastactivity,'".addslashes($aipaddress)."')");
$userid=$DB_site->insert_id();
$action="modify";
echo "<p>记录已经添加</p>";
}
// ###################### Start email password #######################
if ($action=="emailpassword") {
doformheader("../member","emailpassword");
makehiddencode("email","$email");
maketableheader("给用户的电子邮件口令提示");
makedescription("点击这个按钮之后发送密码到 $email");
doformfooter("发送密码",0);
}
// ###################### Start edit #######################
if ($action=="edit") {
$user=$DB_site->query_first("SELECT *,FROM_UNIXTIME(joindate) AS joindate,FROM_UNIXTIME(lastvisit) AS lastvisit,FROM_UNIXTIME(lastactivity) AS lastactivity
FROM ".$table["user"]."
WHERE userid=" . intval($userid) );
if ($user[usergroupid]==3) {
doformheader("../register","emailcode",0,0);
makehiddencode("email","$user[email]");
doformfooter("Email发送激活代码",0);
}
doformheader("user","doupdate");
makehiddencode("userid","$userid");
maketableheader("有用的连接");
makedescription("<table width='90%' border='0' align='center'><tr valign='top'><td>
<li>".makelinkcode("发送电子邮件到 $user[username]","mailto:$user[email]")."</li>
<li>".makelinkcode("Email发送用户密码","user.php?s=$session[sessionhash]&action=emailpassword&email=$user[email]")."</li>
</td><td>
<li>".makelinkcode("删除用户","user.php?s=$session[sessionhash]&action=remove&userid=$user[userid]")."</li>
</td></tr></table>");
restarttable();
maketableheader("编辑用户 - $user[username] (userid: $user[userid])");
makechoosercode("用户组","usergroupid",$table["usergroup"],$user[usergroupid]);
makeinputcode("用户名","ausername",$user[username],0);
makeinputcode("密码<br>请留空除非你想要改变它","apassword");
makeinputcode("Email 地址","email",$user[email],0);
makeinputcode("主页","homepage",$user[homepage],0);
makeinputcode("ICQ 号码","icq",$user[icq],0);
makeinputcode("QQ 号码","oicq",$user[oicq],0);
maketableheader("选项");
makeyesnocode("接收版主和管理员邮件通知","adminemail",$user[adminemail]);
makeyesnocode("记住用户名和密码","cookieuser",$user[cookieuser]);
makeyesnocode("浏览论坛使用cookies","nosessionhash",$user[nosessionhash]);
makeinputcode("注册日期<br>(格式 yyyy-mm-dd, 是今天则留空)","joindate",$user[joindate]);
makeinputcode("最后访问<br>(格式 yyyy-mm-dd hh:mm:ss, 是今天则留空)","lastvisit",$user[lastvisit]);
makeinputcode("最后活动<br>(格式 yyyy-mm-dd hh:mm:ss, 是今天则留空)","lastactivity",$user[lastactivity]);
makeinputcode("IP 地址","aipaddress",$user[ipaddress]);
doformfooter("保存");
}
// ###################### Start do update #######################
if ($HTTP_POST_VARS['action']=="doupdate") {
if (!isset($ausername) or $ausername == '') {
echo "<p>你没有给该用户一个用户名</p>";
exit;
}
if ($exists=$DB_site->query_first("SELECT userid
FROM ".$table["user"]."
WHERE username='".addslashes(htmlspecialchars($ausername))."'
AND userid <> $userid")) {
echo "已经有一个用户 ".makelinkcode('user',"user.php?action=edit&userid=$exists[userid]")." 取名为 <b>".htmlspecialchars($ausername)."</b>";
exit;
}
// check that not removing last admin
$countadmin=$DB_site->query_first("SELECT COUNT(*) AS users FROM ".$table["user"].",".$table["usergroup"]." WHERE ".$table["user"].".usergroupid=".$table["usergroup"].".usergroupid AND ".$table["usergroup"].".cancontrolpanel=1 AND ".$table["user"].".userid<>$userid");
$getperms=$DB_site->query_first("SELECT cancontrolpanel FROM ".$table["usergroup"]." WHERE usergroupid=$usergroupid");
if ($countadmin[users]==0 and $getperms[cancontrolpanel]!=1) {
echo "<p>你在编辑最后一个进入控制面板的用户许可.这将把你自己也排除在控制面板之外.</p></body></html>";
exit;
}
if ($joindate=="") {
$joindate=time();
} else {
$joindate="UNIX_TIMESTAMP('".addslashes($joindate)."')";
}
if ($lastvisit=="") {
$lastvisit=time();
} else {
$lastvisit="UNIX_TIMESTAMP('".addslashes($lastvisit)."')";
}
if ($lastactivity=="") {
$lastactivity=time();
} else {
$lastactivity="UNIX_TIMESTAMP('".addslashes($lastactivity)."')";
}
$pwinclude="";
if ($apassword!="") {
$pwdinclude=",password='".addslashes(md5($apassword))."'";
}
$DB_site->query("UPDATE ".$table["user"]." SET usergroupid='$usergroupid',username='".addslashes(htmlspecialchars($ausername))."'$pwdinclude,
email='".addslashes(htmlspecialchars($email))."',homepage='".addslashes(htmlspecialchars($homepage))."',
icq='".addslashes(htmlspecialchars($icq))."',oicq='".addslashes(htmlspecialchars($oicq))."',
adminemail=$adminemail,joindate=$joindate,cookieuser=$cookieuser,nosessionhash=$nosessionhash,lastvisit=$lastvisit,
lastactivity=$lastactivity,ipaddress='".addslashes($aipaddress)."' WHERE userid=$userid");
echo "<p>记录已经更新!</p>";
$action = "modify";
}
// ###################### Start Remove #######################
if ($action=="remove") {
doformheader("user","kill");
makehiddencode("userid",$userid);
maketableheader("确认删除");
makedescription("<font color='red'>你确认删除这个会员吗? 该会员的所有资料将删除!</font>");
doformfooter("是","",2,"否");
}
// ###################### Start Kill #######################
if ($HTTP_POST_VARS['action']=="kill") {
$user=$DB_site->query_first("SELECT username FROM ".$table["user"]." WHERE userid='$userid'");
$DB_site->query("DELETE FROM ".$table["user"]." WHERE userid='$userid'");
$DB_site->query("DELETE FROM ".$table["musicbox"]." WHERE UserID='$userid'");
$DB_site->query("DELETE FROM ".$table["session"]." WHERE userid='$userid'");
echo "<p>成功删除用户</p>";
$action="modify";
}
// ###################### Start modify #######################
if ($action=="modify") {
echo "<p><b>快速查找:</b></p>";
echo "<ul>\n";
echo "<li><a href=\"user.php?s=$session[sessionhash]&action=find\">列出所有用户</a></li>\n";
echo "<li><a href=\"user.php?s=$session[sessionhash]&action=find&lastvisitafter=".(time()-86400)."&orderby=lastvisit&direction=DESC\">列出最近24小时访问的会员</a></li>\n";
echo "<li><a href=\"user.php?s=$session[sessionhash]&action=find&orderby=joindate&direction=DESC&limitnumber=30\">列出最新注册的会员</a></li>\n";
echo "<li><a href=\"user.php?s=$session[sessionhash]&action=moderate\">列出正在等待管理员确认的会员</a></li>\n";
echo "</ul>";
echo "<p><b>高级搜索:</b></p>";
doformheader("user","find");
maketableheader("查找用户:</b> (如果你留空将被忽略)","",0);
makeinputcode("用户名包括","ausername");
makeinputcode("且密码为","apassword");
makechoosercode("且用户组为","usergroupid",$table["usergroup"],-1,"任何");
/*
makeinputcode("且音乐盒歌曲数量大于","boxeslower");
makeinputcode("且音乐盒歌曲数量少于","boxesupper");
*/
makeinputcode("且email地址包含","email");
makeinputcode("且主页包括","homepage");
makeinputcode("且ICQ号码包括","icq");
makeinputcode("且QQ号码包括","oicq");
makeinputcode("且注册日期后于<br>(格式 yyyy-mm-dd)","joindateafter");
makeinputcode("且注册日期早于<br>(格式 yyyy-mm-dd)","joindatebefore");
makeinputcode("且最后访问后于<br>(格式 yyyy-mm-dd hh:mm:ss)","lastvisitafter");
makeinputcode("且最后访问早于<br>(格式 yyyy-mm-dd hh:mm:ss)","lastvisitbefore");
makeinputcode("且IP地址包括","aipaddress");
maketableheader("排序&统计选项");
?>
<tr class='<?php echo getrowbg(); ?>'><td><p>按照</p></td><td><p>
<select name="orderby">
<option selected>username</option>
<option>email</option>
<option>joindate</option>
<option>lastvisit</option>
</select>
<select name="direction">
<option value="">升序排列</option>
<option value="DESC">降序排列</option>
</select>
</p></td></tr>
<?php
makeinputcode("显示最多数量:","limitnumber","300");
makeinputcode("开始的行数:","limitstart","1");
maketableheader("显示选项");
makeyesnocode("显示用户名","displayusername",1);
makeyesnocode("显示选项","displayoptions",1);
makeyesnocode("显示用户组","displayusergroup",0);
/*
makeinputcode("且音乐盒歌曲数量大于","boxeslower");
makeinputcode("且音乐盒歌曲数量少于","boxesupper");
*/
makeyesnocode("显示email地址","displayemail",1);
makeyesnocode("显示主页的url","displayhomepage",0);
makeyesnocode("显示ICQ号码","displayicq",0);
makeyesnocode("显示QQ号码","displayoicq",0);
makeyesnocode("显示注册日期","displayjoindate",1);
makeyesnocode("显示最后访问","displaylastvisit",1);
makeyesnocode("显示IP地址","displayipaddress",0);
doformfooter("查找");
}
// ###################### Start find #######################
if ($action=="find") {
if ($displayusername == 0 and $displayoptions == 0 and $displayusergroup == 0 and $displayemail == 0 and $displayhomepage == 0 and $displayicq == 0 and $displayoicq == 0 and $displayjoindate == 0 and $displaylastvisit == 0 and $displaylastpost == 0) {
$displayusername=1;
$displayemail=1;
$displayjoindate=1;
$displaylastvisit=1;
}
$condition="1=1";
if ($ausername!="") {
// $condition.=" AND INSTR(LCASE(username),'".addslashes(strtolower(htmlspecialchars($ausername)))."')>0";
$condition.=" AND INSTR(username,'".addslashes(htmlspecialchars($ausername))."')>0";
}
if ($usergroupid!=-1 and $usergroupid!="") {
$condition.=" AND usergroupid=$usergroupid";
}
if ($email!="") {
$condition.=" AND INSTR(LCASE(email),'".addslashes(strtolower($email))."')>0";
}
if ($apassword!="") {
$condition.=" AND password='".addslashes(md5($apassword))."'";
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -