📄 user.php
字号:
<?php
function my_xml_tree( $PARENT_ID )
{
global $PARA_URL;
global $PARA_TARGET;
global $PARA_ID;
global $PARA_VALUE;
global $PRIV_NO_FLAG;
$connection = openconnection( );
$query = "SELECT * from DEPARTMENT where DEPT_PARENT={$PARENT_ID} order by DEPT_NO";
$cursor = exequery( $connection, $query );
$XML_TEXT = "";
while ( $ROW = mysql_fetch_array( $cursor ) )
{
$DEPT_ID = $ROW['DEPT_ID'];
$DEPT_NAME = $ROW['DEPT_NAME'];
$DEPT_NAME = str_replace( "<", "<", $DEPT_NAME );
$DEPT_NAME = str_replace( ">", ">", $DEPT_NAME );
$DEPT_NAME = stripslashes( $DEPT_NAME );
if ( $PRIV_NO_FLAG )
{
$DEPT_PRIV = is_dept_priv( $DEPT_ID );
if ( $DEPT_PRIV == 1 )
{
$DEPT_NAME = "[".$DEPT_NAME."]";
}
}
$XML_TEXT_CHILD = my_xml_tree( $DEPT_ID );
if ( $XML_TEXT_CHILD == "" )
{
$XML_TEXT .= $DEPT_ID.",";
}
else
{
$XML_TEXT .= $DEPT_ID.",";
$XML_TEXT .= $XML_TEXT_CHILD;
}
}
return $XML_TEXT;
}
include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
$pararr = explodestpar( $_REQUEST['par'] );
$pararr['form_name'] = $_REQUEST['formName'] == "" ? $pararr['form_name'] : $_REQUEST['formName'];
$pararr['input_name'] = $_REQUEST['inputName'] == "" ? $pararr['input_name'] : $_REQUEST['inputName'];
$pararr['input_id'] = $_REQUEST['inputID'] == "" ? $pararr['input_id'] : $_REQUEST['inputID'];
$pararr['strListId'] = $_REQUEST['strListId'] == "" ? $pararr['strListId'] : $_REQUEST['strListId'];
$pararr['RUN_ID'] = $_REQUEST['RUN_ID'] == "" ? $pararr['RUN_ID'] : $_REQUEST['RUN_ID'];
$pararr['FLOW_ID'] = $_REQUEST['FLOW_ID'] == "" ? $pararr['FLOW_ID'] : $_REQUEST['FLOW_ID'];
$pararr['PRCS_ID'] = $_REQUEST['PRCS_ID'] == "" ? $pararr['PRCS_ID'] : $_REQUEST['PRCS_ID'];
$pararr['FLOW_PRCS'] = $_REQUEST['FLOW_PRCS'] == "" ? $pararr['FLOW_PRCS'] : $_REQUEST['FLOW_PRCS'];
$pararr['PRCS_TO_CHOOSE'] = $_REQUEST['PRCS_TO_CHOOSE'] == "" ? $pararr['PRCS_TO_CHOOSE'] : $_REQUEST['PRCS_TO_CHOOSE'];
echo "\r\n<html>\r\n<head>\r\n<title></title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n";
echo "<s";
echo "tyle>\r\n.menulines{\r\n\tbackground-color: #F5F5F5;\r\n}\r\n\r\n.popupMenu{\r\n\twidth: 100px;\r\n\tborder: 1px solid #666666;\r\n\tbackground-color: #FFFFFF;\r\n\tpadding: 1px;\r\n}\r\n\r\n.popupMenuHover{\r\n\twidth: 100px;\r\n\tborder: 1px solid #0A246A;\r\n\tbackground-color: #B6BDD2;\r\n\tcursor:hand;\r\n\tpadding: 1px;\r\n}\r\n\r\n</style>\r\n\r\n";
echo "<s";
echo "cript Language=\"JavaScript\">\r\n\r\nvar pwin = parent.dialogArguments;\r\n\r\n\r\nvar parent_window = parent.dialogArguments;\r\n";
if ( $ID == 1 )
{
$TO_ID = "SECRET_TO_ID";
$TO_NAME = "SECRET_TO_NAME";
}
else if ( $ID == 2 )
{
$TO_ID = "COPY_TO_ID";
$TO_NAME = "COPY_TO_NAME";
}
else if ( $ID == 3 )
{
$TO_ID = "KEEPER_ID";
$TO_NAME = "KEEPER";
}
else if ( $pararr['input_id'] != "" )
{
$TO_ID = $pararr['input_id'];
$TO_NAME = $pararr['input_name'];
}
else
{
$TO_ID = "TO_ID";
$TO_NAME = "TO_NAME";
}
echo "\r\nfunction click_user(user_id)\r\n{\r\n TO_VAL=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value;\r\n targetelement=document.all(user_id);\r\n user_name=targetelement.name;\r\n\r\n if(TO_VAL.indexOf(\",\"+user_id+\",\")<0 && TO_VAL.indexOf(user_id+\",\")!=0)\r\n {\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value+=user_id+\",\";\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value+=user_name+\",\";\r\n\tparent_window.";
echo $pararr['strListId'];
echo ".innerHTML+=user_name+\",\";\r\n borderize_on(targetelement);\r\n }\r\n else\r\n {\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value.replace(user_id+\",\",\"\");\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value.replace(user_name+\",\",\"\");\r\n\tparent_window.";
echo $pararr['strListId'];
echo ".innerHTML =parent_window.";
echo $pararr['strListId'];
echo ".innerHTML.replace(user_name+\",\",\"\");\r\n borderize_off(targetelement);\r\n }\r\n}\r\n\r\nfunction borderize_on(targetelement)\r\n{\r\n color=\"#cccccc\";\r\n targetelement.style.borderColor=\"\";\r\n targetelement.style.backgroundImage = \"url(/images/module/user/selectedbg.gif)\";\r\n targetelement.style.backgroundColor=color;\r\n targetelement.style.color=\"white\";\r\n targetelement.style.fontWeight=\"\";\r\n}\r\n\r\nfunction bo";
echo "rderize_off(targetelement)\r\n{\r\n targetelement.style.backgroundColor=\"#F5F5F5\";\r\n targetelement.style.backgroundImage = \"\";\r\n targetelement.style.borderColor=\"\";\r\n targetelement.style.color=\"\";\r\n targetelement.style.fontWeight=\"\";\r\n}\r\n\r\nfunction begin_set()\r\n{\r\n TO_VAL=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value;\r\n\r\n for (step_i=0; step_i<document.all.length; step_i++)\r\n {\r\n if(document.all(step_i).className==\"menulines\")\r\n {\r\n user_id=document.all(step_i).id;\r\n if(TO_VAL.indexOf(\",\"+user_id+\",\")>0 || TO_VAL.indexOf(user_id+\",\")==0)\r\n borderize_on(document.all(step_i));\r\n }\r\n }\r\n}\r\n\r\nfunction add_all()\r\n{\r\n TO_VAL=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value;\r\n for (step_i=0; step_i<document.all.length; step_i++)\r\n {\r\n if(document.all(step_i).className==\"menulines\")\r\n {\r\n user_id=document.all(step_i).id;\r\n user_name=document.all(step_i).name;\r\n\r\n if(TO_VAL.indexOf(\",\"+user_id+\",\")<0 && TO_VAL.indexOf(user_id+\",\")!=0)\r\n {\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value+=user_id+\",\";\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value+=user_name+\",\";\r\n\t\t parent_window.";
echo $pararr['strListId'];
echo ".innerHTML+=user_name+\",\";\r\n borderize_on(document.all(step_i));\r\n }\r\n }\r\n }\r\n}\r\n\r\nfunction del_all()\r\n{\r\n for (step_i=0; step_i<document.all.length; step_i++)\r\n {\r\n if(document.all(step_i).className==\"menulines\")\r\n {\r\n user_id=document.all(step_i).id;\r\n user_name=document.all(step_i).name;\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value.replace(user_id+\",\",\"\");\r\n parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value.replace(user_name+\",\",\"\");\r\n\t parent_window.";
echo $pararr['strListId'];
echo ".innerHTML=parent_window.";
echo $pararr['strListId'];
echo ".innerHTML.replace(user_name+\",\",\"\");\r\n borderize_off(document.all(step_i));\r\n }\r\n }\r\n}\r\n</script>\r\n</head>\r\n<body class=\"bodycolor\" topmargin=\"1\" leftmargin=\"2\" onLoad=\"begin_set()\">\r\n<table border=\"0\" cellspacing=\"0\" width=\"100%\" cellpadding=\"2\" >\r\n";
$sqlft = " \r\n\t\tSELECT PRCS_TO FROM flow_process \r\n\t\t\tWHERE FLOW_ID='".$pararr['FLOW_ID']."' \r\n\t\t\tAND PRCS_ID='".$pararr['FLOW_PRCS']."'\r\n\t\t";
$rsft = exequery( $connection, $sqlft );
$rowft = mysql_fetch_array( $rsft );
$PRCS_TO = $rowft['PRCS_TO'];
if ( $PRCS_TO == "" )
{
$PRCS_TO = $pararr['FLOW_PRCS'] + 1;
}
if ( $pararr['PRCS_TO_CHOOSE'] == "" )
{
$pararr['PRCS_TO_CHOOSE'] == 0;
}
$MY_ARRAY = explode( ",", $PRCS_TO );
$ARRAY_COUNT = sizeof( $MY_ARRAY );
if ( $MY_ARRAY[$ARRAY_COUNT - 1] == "" )
{
--$ARRAY_COUNT;
}
$I = 0;
for ( ; $I < $ARRAY_COUNT; ++$I )
{
$query1 = "SELECT * from FLOW_PROCESS where FLOW_ID='".$pararr['FLOW_ID']."' and PRCS_ID={$MY_ARRAY[$I]}";
$cursor1 = exequery( $connection, $query1 );
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$PRCS_ID_TO = $ROW['PRCS_ID'];
$PRCS_NAME = $ROW['PRCS_NAME'];
if ( $pararr['PRCS_TO_CHOOSE'] == $I )
{
$PRCS_USER = $ROW['PRCS_USER'];
$PRCS_DEPT = $ROW['PRCS_DEPT'];
$PRCS_PRIV = $ROW['PRCS_PRIV'];
}
}
}
$DEPT_ID = $pararr['deptid'];
if ( $DEPT_ID == "" )
{
$DEPT_ID = $LOGIN_DEPT_ID;
}
if ( 0 < $DEPT_ID )
{
$DEPT_ID1 = my_xml_tree( $DEPT_ID );
}
$DEPT_ID = $DEPT_ID1.$DEPT_ID;
if ( $_REQUEST['e'] == 1 )
{
$query = "SELECT * from USER where DEPT_ID>0";
$TITLE = "全部人员";
}
else if ( $pararr['userpriv'] != "" )
{
$query = "SELECT * from USER where USER_PRIV='".$pararr['userpriv']."' and DEPT_ID>0 ";
$query1 = "select * from USER_PRIV where USER_PRIV='".$pararr['userpriv']."'";
$cursor1 = exequery( $connection, $query1 );
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$TITLE = $ROW['PRIV_NAME'];
}
}
else if ( $pararr['groupid'] != "" )
{
$query1 = "SELECT GROUP_ID,GROUP_MEMBER,GROUP_NAME FROM user_group WHERE GROUP_ID='".$pararr['groupid']."'";
$cursor1 = exequery( $connection, $query1 );
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$TITLE = $ROW['GROUP_NAME'];
$group_member = $ROW['GROUP_MEMBER'];
}
$suffix = substr( $group_member, -1, 1 );
if ( $suffix == "," )
{
$group_member = substr( $group_member, 0, strrpos( $group_member, "," ) );
}
$char_member = "'".$group_member."'";
$char_member = preg_replace( "/,/", "','", $char_member );
$query = "SELECT * from USER where USER_ID IN (".$char_member.") AND DEPT_ID>0";
}
else if ( $ONLINE != "" )
{
$sql = "SELECT USER_ID FROM user ";
$rs = exequery( $connection, $sql );
$userstr = "";
while ( $row = mysql_fetch_array( $rs ) )
{
$sqlon = "SELECT VISIT_TIME FROM user_online WHERE USER_ID='".$row['USER_ID']."'";
$rson = exequery( $connection, $sqlon );
$rowon = mysql_fetch_array( $rson );
if ( abs( time( ) - strtotime( $rowon['VISIT_TIME'] ) ) < 150 )
{
if ( $userstr == "" )
{
$userstr .= $row['USER_ID'];
}
else
{
$userstr .= ",".$row['USER_ID'];
}
}
}
$userstr = "'".$userstr."'";
$userstr = preg_replace( "/,/", "','", $userstr );
$query = "SELECT * from USER where USER_ID IN (".$userstr.") AND DEPT_ID>0 ";
$TITLE = "在线人员";
}
else if ( isset( $_REQUEST['USER_KEYWORD'] ) )
{
if ( $_REQUEST['USER_STATUS'] == "-1" )
{
$query = "SELECT * from USER where USER_NAME LIKE '%".$_REQUEST['USER_KEYWORD']."%' AND DEPT_ID=0";
}
else
{
$query = "SELECT * from USER where USER_NAME LIKE '%".$_REQUEST['USER_KEYWORD']."%' AND DEPT_ID>0";
}
$TITLE = "搜索- {$USER_KEYWORD}";
}
else
{
$query = "SELECT * from USER,USER_PRIV where DEPT_ID in (".$DEPT_ID.") and USER.USER_PRIV=USER_PRIV.USER_PRIV";
$query1 = "select * from DEPARTMENT where DEPT_ID in (".$DEPT_ID.")";
$cursor1 = exequery( $connection, $query1 );
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$TITLE = $ROW['DEPT_NAME'];
}
}
echo "<tr class=\"TableHeader\">\r\n <td colspan=\"2\" align=\"center\"><b>";
echo $TITLE;
echo "</b></td>\r\n</tr>\r\n\r\n\r\n";
$cursor = exequery( $connection, $query );
$USER_COUNT = 0;
while ( $ROW = mysql_fetch_array( $cursor ) )
{
$USER_PRIV = $ROW['USER_PRIV'];
$DEPT_ID = $ROW['DEPT_ID'];
$USER_ID = $ROW['USER_ID'];
$USER_NAME = $ROW['USER_NAME'];
$isTerm = 0;
if ( !( strpos( ",".$PRCS_USER, ",".$USER_ID."," ) === false ) )
{
$isTerm = 1;
}
if ( !( strpos( ",".$PRCS_DEPT, ",".$DEPT_ID."," ) === false ) )
{
$isTerm = 1;
}
if ( !( strpos( ",".$PRCS_PRIV, ",".$USER_PRIV."," ) === false ) )
{
$isTerm = 1;
}
if ( $isTerm )
{
++$USER_COUNT;
if ( $USER_COUNT == 1 )
{
echo "<tr >\r\n <td height=\"2\" style=\"background:#FFFFFF\" colspan=\"2\">\r\n </td>\r\n</tr>\r\n<tr class=\"TableLine1\">\r\n <td colspan=\"2\" align=\"center\">\r\n\t<a href=\"#\" onClick=\"add_all()\">[ 全部添加 ]</a> <a href=\"#\" onClick=\"del_all()\">[ 全部删除 ]</a>\r\n</td>\r\n</tr>\r\n<tr >\r\n <td height=\"2\" style=\"background:#FFFFFF\" colspan=\"2\">\r\n </td>\r\n</tr>\r\n\r\n<tr >\r\n <td height=\"2\" style=\"background:#FFFFFF\" colspan=\"2\">\r\n </td>\r\n</tr>\r\n";
}
echo "\r\n<tr >\r\n <td class=\"menulines\" id=\"";
echo $USER_ID;
echo "\" name=\"";
echo $USER_NAME;
echo "\" onClick=\"javascript:click_user('";
echo $USER_ID;
echo "')\" style=\"cursor:hand\" colspan=\"2\">\r\n ";
echo $USER_NAME;
echo " </td>\r\n\r\n</tr>\r\n<tr >\r\n <td height=\"1\" style=\"background:#999999\" colspan=\"2\">\r\n </td>\r\n</tr>\r\n\r\n";
}
}
if ( $USER_COUNT == 0 )
{
echo "<tr class=\"TableLine1\">\r\n <td align=\"center\">";
message( "", "没有用户可选" );
echo "</td>\r\n</tr>\r\n";
}
echo "\r\n</table>\r\n</body>\r\n</html>\r\n";
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -