dept_xml.php

泛微协同办公系统标准版E-office V5.5的源代码内含泛微办公系统V5.5自动注册文件。

<?php

ob_start( );
include_once( "inc/auth.php" );
include_once( "inc/xtree_xml.inc.php" );
include_once( "inc/utility_all.php" );
ob_end_clean( );
header( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
header( "Cache-Control: no-cache, must-revalidate" );
header( "Pragma: no-cache" );
header( "Content-Type: text/xml" );
$pararr = explodestpar( $_REQUEST['par'] );
$deptparent = $pararr['deptid'];
if ( $pararr['deptid'] == "" )
{
	exit( );
}
$depturl_fix = "?";
$userurl_fix = "?";
if ( 0 < strpos( $pararr['dept_url'], "?" ) )
{
	$depturl_fix = "&";
}
if ( 0 < strpos( $pararr['user_url'], "?" ) )
{
	$userurl_fix = "&";
}
$xtreeXml = new xtreexml( );
$xtreeXml->initxml( );
$sql = "SELECT DEPT_ID,DEPT_NAME FROM department WHERE DEPT_PARENT=".$deptparent." ORDER BY DEPT_NO ASC";
$rs = exequery( $connection, $sql );
while ( $row = mysql_fetch_array( $rs ) )
{
	$deptid = $row['DEPT_ID'];
	$deptname = $row['DEPT_NAME'];
	unset( $cntc );
	unset( $cntu );
	$deptnameutf8 = iconv( "GB2312", "UTF-8", $deptname );
	$pararr['deptid'] = $deptid;
	$pararr['deptname'] = $deptname;
	$par = implodestpar( $pararr );
	if ( $pararr['select_module'] )
	{
		$action = $pararr['dept_url'].$depturl_fix."par=".$par;
	}
	else
	{
		$action = $pararr['dept_url'].$depturl_fix."DEPT_ID=".$deptid;
	}
	if ( $pararr['dept_url'] == "" )
	{
		$action = "javascript:void(0)";
	}
	$target = $pararr['target_frame'];
	$src = "/inc/dept_user_list/dept_xml.php?par=".$par;
	$sqll = "SELECT COUNT(DEPT_ID) AS cnt FROM department WHERE DEPT_PARENT='".$deptid."'";
	$rsl = exequery( $connection, $sqll );
	$rowl = mysql_fetch_array( $rsl );
	$cntl = $rowl['cnt'];
	$sqlu = "SELECT COUNT(DEPT_ID) AS cnt FROM user WHERE DEPT_ID='".$deptid."'";
	$rsu = exequery( $connection, $sqlu );
	$rowu = mysql_fetch_array( $rsu );
	$cntu = $rowu['cnt'];
	if ( $pararr['view_type'] == 0 )
	{
		$display = 1;
		if ( $pararr['priv_view'] && $LOGIN_USER_PRIV != 1 )
		{
			$display = is_dept_priv( $deptid );
		}
		if ( !$display )
		{
			$cntu = 0;
		}
	}
	else
	{
		$cntu = 0;
	}
	$icon = "/images/xloadtree/t_ini.gif";
	$src = 0 < $cntl + $cntu ? $src : "";
	$xtreeXml->creatitem( $deptnameutf8, $action, $src, $target, $icon );
}
if ( $pararr['view_type'] == 0 )
{
	$display = 1;
	if ( $pararr['priv_view'] && $LOGIN_USER_PRIV != 1 )
	{
		$display = is_dept_priv( $deptparent );
	}
	if ( $display )
	{
		unset( $deptnameutf8 );
		unset( $action );
		unset( $src );
		unset( $target );
		unset( $icon );
		if ( $pararr['priv_view'] && $LOGIN_USER_PRIV != 1 )
		{
			$query = "SELECT * from USER_PRIV where USER_PRIV={$LOGIN_USER_PRIV}";
			$cursor = exequery( $connection, $query );
			if ( $ROW = mysql_fetch_array( $cursor ) )
			{
				$PRIV_NO = $ROW['PRIV_NO'];
			}
			$usql = " \r\n\t\t\t\t\tSELECT * FROM USER,USER_PRIV \r\n\t\t\t\t\t\tWHERE DEPT_ID=".$deptparent." \r\n\t\t\t\t\t\tAND USER.USER_PRIV=USER_PRIV.USER_PRIV \r\n\t\t\t\t\t\tAND USER_PRIV.PRIV_NO>".$PRIV_NO." \r\n\t\t\t\t\t\tAND USER_PRIV.USER_PRIV!=1 \r\n\t\t\t\t\t\tORDER BY PRIV_NO,USER_NAME\r\n\t\t\t\t\t";
		}
		else
		{
			$usql = "\r\n\t\t\t\t\tSELECT * FROM USER,USER_PRIV \r\n\t\t\t\t\t\tWHERE DEPT_ID=".$deptparent." \r\n\t\t\t\t\t\tAND USER.USER_PRIV=USER_PRIV.USER_PRIV \r\n\t\t\t\t\t\tORDER BY PRIV_NO,USER_NAME\r\n\t\t\t\t\t";
		}
		$urs = exequery( $connection, $usql );
		while ( $urow = mysql_fetch_array( $urs ) )
		{
			$userid = $urow['USER_ID'];
			$useridutf8 = iconv( "GB2312", "UTF-8", $userid );
			$username = $urow['USER_NAME'];
			$usernameutf8 = iconv( "GB2312", "UTF-8", $username );
			$pararr['userid'] = $userid;
			$par = implodestpar( $pararr );
			if ( $pararr['select_module'] )
			{
				$action = $pararr['user_url'].$userurl_fix."par=".$par;
			}
			else
			{
				$action = $pararr['user_url'].$userurl_fix."USER_ID=".$useridutf8;
			}
			$target = $pararr['target_frame'];
			$icon = "/images/xloadtree/member.gif";
			$xtreeXml->creatitem( $usernameutf8, $action, $src, $target, $icon );
		}
	}
}
$xtreeXml->endxml( );
?>