member_zone.php

学校网站源码http://您的网址/admin/admin_login.asp 默认登录用户：admin 默认登录密码：admin

<?php


include( "../config.inc.php" );
include( "../includes/SysGlobal.php" );
include( "language/".$aLan."_".$charset.".php" );
include( "../includes/version.php" );
include( "../includes/pro.php" );
include( "func/adm.inc.php" );
include( "func/common.inc.php" );
include( "func/db.inc.php" );
include( "func/nocatch.php" );
needauth( 5 );
echo "<html>\r\n<head >\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=";
echo $charset;
echo "\">\r\n<link id=\"style_sheet\" href=\"css/commonstyle.css\" type=\"text/css\" rel=\"stylesheet\">\r\n<title>";
echo $strAdminTitle;
echo "</title>\r\n</head>\r\n\r\n<body  class=\"NormalPage\">\r\n";
$step = $_REQUEST['step'];
$pid = $_REQUEST['pid'];
$cat = $_REQUEST['cat'];
$catid = $_REQUEST['catid'];
$xuhao = $_REQUEST['xuhao'];
if ( !isset( $pid ) || $pid == "" )
{
	$pid = 0;
}
if ( $step == "add" && $cat != "" && $cat != " " )
{
	$cat = htmlspecialchars( $cat );
	if ( $pid != "0" )
	{
		$msql->query( "select catpath from {$tbl_member_zone} where catid='{$pid}' " );
		if ( $msql->next_record( ) )
		{
			$pcatpath = $msql->f( "catpath" );
		}
	}
	if ( 5 < strlen( $pcatpath ) )
	{
		err( $strSetZoneNotice1, "", "" );
	}
	$msql->query( "select max(xuhao) from {$tbl_member_zone} where pid='{$pid}' " );
	if ( $msql->next_record( ) )
	{
		$maxxuhao = $msql->f( "max(xuhao)" );
		$nowxuhao = $maxxuhao + 1;
	}
	$msql->query( "insert into {$tbl_member_zone} values (0,'{$pid}','{$cat}','{$nowxuhao}','{$catpath}')" );
	$nowcatid = $msql->instid( );
	$nowpath = fmpath( $nowcatid );
	$catpath = $pcatpath.$nowpath.":";
	$msql->query( "update {$tbl_member_zone} set catpath='{$catpath}' where catid='{$nowcatid}' " );
	echo "<script>parent.location='member_zone_frame.php?pid={$pid}'</script>";
}
if ( $step == "del" )
{
	$msql->query( "select memberid from {$tbl_member} where zoneid='{$catid}'  " );
	if ( $msql->next_record( ) )
	{
		err( $strSetZoneNotice2, "", "" );
	}
	$msql->query( "select catid from {$tbl_member_zone} where pid='{$catid}' " );
	if ( $msql->next_record( ) )
	{
		err( $strSetZoneNotice3, "", "" );
	}
	$msql->query( "delete from {$tbl_member_zone} where catid='{$catid}'" );
	echo "<script>parent.location='member_zone_frame.php?pid={$pid}'</script>";
}
if ( $step == "modify" && $cat != "" && $cat != " " )
{
	$cat = htmlspecialchars( $cat );
	$msql->query( "update {$tbl_member_zone} set cat='{$cat}',xuhao='{$xuhao}' where catid='{$catid}'  " );
	echo "<script>parent.location='member_zone_frame.php?pid={$pid}'</script>";
}
$msql->query( "select cat from {$tbl_member_zone} where catid='{$pid}'" );
if ( $msql->next_record( ) )
{
	$nowcat = $msql->f( "cat" );
}
else
{
	$nowcat = $strSetZone1;
}
echo " \r\n<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\" bgcolor=\"#FFFFFF\" align=\"center\" height=\"30\">\r\n  <tr align=\"right\"> \r\n    <form method=\"get\" action=\"member_zone.php\">\r\n      <td class=title > \r\n        <input type=\"hidden\" name=\"step\" value=\"add\">\r\n        \r\n        <input type=\"hidden\" name=\"pid\" value=\"";
echo "{$pid}";
echo "\">\r\n        <input type=\"text\" name=\"sssss\" size=\"50\" class=titleinput value=\"";
echo $nowcat;
echo " &gt;\" readonly>\r\n        <input type=\"text\" name=\"cat\" class=input size=\"18\">\r\n        <input type=\"submit\" name=\"Submit\" value=\"";
echo $strSetZoneAdd;
echo "\" class=button>\r\n    </td> </form>\r\n  </tr>\r\n</table>\r\n<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" background=\"images/mu1.jpg\" height=\"5\">\r\n  <tr> \r\n    <td></td>\r\n  </tr>\r\n</table>\r\n<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"3\" align=\"center\">\r\n  <tr> \r\n    <td width=\"60\" class=\"title\"><font color=\"#FFFFFF\">";
echo $strSetZoneId;
echo "</font></td>\r\n    <td width=\"120\" class=\"title\"><font color=\"#FFFFFF\">";
echo $strSetZoneXuhao;
echo "</font></td>\r\n    <td  class=\"title\"><font color=\"#FFFFFF\">";
echo $strSetZoneName;
echo "</font></td>\r\n    <td width=\"38\"  class=\"title\" align=\"center\">";
echo $strModify;
echo "</td>\r\n    <td width=\"38\" align=\"center\"  class=\"title\">";
echo $strDelete;
echo "</td>\r\n  </tr>\r\n  ";
$msql->query( "select * from {$tbl_member_zone} where   pid='{$pid}' order by xuhao" );
while ( $msql->next_record( ) )
{
	$catid = $msql->f( "catid" );
	$cat = $msql->f( "cat" );
	$xuhao = $msql->f( "xuhao" );
	$pid = $msql->f( "pid" );
	$catpath = $msql->f( "catpath" );
	echo " \r\n  <tr class=\"list\"> \r\n    <td width=\"60\" >";
	echo "{$catid}";
	echo "</td>\r\n    <form method=\"get\" action=\"member_zone.php\">\r\n      <td width=\"120\" > \r\n        <input type=\"text\" name=\"xuhao\" size=\"4\" value=\"";
	echo "{$xuhao}";
	echo "\" class=input>\r\n      </td>\r\n      <td  > \r\n        <input type=\"text\" name=\"cat\" size=\"30\" value=\"";
	echo "{$cat}";
	echo "\" class=input>\r\n        <input type=\"hidden\" name=\"catid\" value=\"";
	echo "{$catid}";
	echo "\">\r\n        <input type=\"hidden\" name=\"pid\" value=\"";
	echo "{$pid}";
	echo "\">\r\n        <input type=\"hidden\" name=\"step\" value=\"modify\">\r\n      </td>\r\n      <td width=\"38\"  > \r\n        <div align=\"CENTER\"> \r\n          <input type=\"image\" border=\"0\" name=\"imageField\" src=\"images/toolbar_modi_up.gif\" width=\"22\" height=\"20\">\r\n        </div>\r\n      </td>\r\n      <td width=\"38\" align=\"center\"  ><img src=\"images/toolbar_delete_up.gif\"  style=\"cursor:hand\" width=\"22\" height=\"20\"  border=0";
	echo " onClick=\"self.location='member_zone.php?step=del&catid=";
	echo $catid;
	echo "&pid=";
	echo $pid;
	echo "'\"> \r\n      </td>\r\n    </form>\r\n  </tr>\r\n  ";
}
echo " \r\n</table>\r\n<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" height=\"10\" background=\"images/mu1.jpg\">\r\n  <tr> \r\n    <td  align=\"center\" height=\"2\" colspan=\"2\"></td>\r\n  </tr>\r\n</table>\r\n</body>\r\n</html>\r\n";
?>