user.php

泛微协同办公系统标准版E-office V5.5的源代码内含泛微办公系统V5.5自动注册文件。

<?php

function my_xml_tree( $PARENT_ID )
{
	global $PARA_URL;
	global $PARA_TARGET;
	global $PARA_ID;
	global $PARA_VALUE;
	global $PRIV_NO_FLAG;
	$connection = openconnection( );
	$query = "SELECT * from DEPARTMENT where DEPT_PARENT={$PARENT_ID} order by DEPT_NO";
	$cursor = exequery( $connection, $query );
	$XML_TEXT = "";
	while ( $ROW = mysql_fetch_array( $cursor ) )
	{
		$DEPT_ID = $ROW['DEPT_ID'];
		$DEPT_NAME = $ROW['DEPT_NAME'];
		$DEPT_NAME = str_replace( "<", "&lt", $DEPT_NAME );
		$DEPT_NAME = str_replace( ">", "&gt", $DEPT_NAME );
		$DEPT_NAME = stripslashes( $DEPT_NAME );
		if ( $PRIV_NO_FLAG )
		{
			$DEPT_PRIV = is_dept_priv( $DEPT_ID );
			if ( $DEPT_PRIV == 1 )
			{
				$DEPT_NAME = "[".$DEPT_NAME."]";
			}
		}
		$XML_TEXT_CHILD = my_xml_tree( $DEPT_ID );
		if ( $XML_TEXT_CHILD == "" )
		{
			$XML_TEXT .= $DEPT_ID.",";
		}
		else
		{
			$XML_TEXT .= $DEPT_ID.",";
			$XML_TEXT .= $XML_TEXT_CHILD;
		}
	}
	return $XML_TEXT;
}

include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
$pararr = explodestpar( $_REQUEST['par'] );
$pararr['form_name'] = $_REQUEST['formName'] == "" ? $pararr['form_name'] : $_REQUEST['formName'];
$pararr['input_name'] = $_REQUEST['inputName'] == "" ? $pararr['input_name'] : $_REQUEST['inputName'];
$pararr['input_id'] = $_REQUEST['inputID'] == "" ? $pararr['input_id'] : $_REQUEST['inputID'];
echo "\r\n<html>\r\n<head>\r\n<title></title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n<link rel=\"stylesheet\" type=\"text/css\" href=\"/theme/1/style.css\">\r\n";
echo "<s";
echo "tyle>\r\n.menulines{\r\n\tbackground-color: #F5F5F5;\r\n}\r\n\r\n.popupMenu{\r\n\twidth: 100px;\r\n\tborder: 1px solid #666666;\r\n\tbackground-color: #FFFFFF;\r\n\tpadding: 1px;\r\n}\r\n\r\n.popupMenuHover{\r\n\twidth: 100px;\r\n\tborder: 1px solid #0A246A;\r\n\tbackground-color: #B6BDD2;\r\n\tcursor:hand;\r\n\tpadding: 1px;\r\n}\r\n\r\n</style>\r\n\r\n";
echo "<s";
echo "cript Language=\"JavaScript\">\r\n\r\nvar pwin = parent.dialogArguments;\r\n\r\n\r\nvar parent_window = parent.dialogArguments;\r\n";
if ( $ID == 1 )
{
	$TO_ID = "SECRET_TO_ID";
	$TO_NAME = "SECRET_TO_NAME";
}
else if ( $ID == 2 )
{
	$TO_ID = "COPY_TO_ID";
	$TO_NAME = "COPY_TO_NAME";
}
else if ( $ID == 3 )
{
	$TO_ID = "KEEPER_ID";
	$TO_NAME = "KEEPER";
}
else if ( $pararr['input_id'] != "" )
{
	$TO_ID = $pararr['input_id'];
	$TO_NAME = $pararr['input_name'];
}
else
{
	$TO_ID = "TO_ID";
	$TO_NAME = "TO_NAME";
}
echo "function click_user(user_id)\r\n{\r\n\tTO_VAL=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value;\r\n\ttargetelement=document.all(user_id);\r\n\tuser_name=targetelement.name;\r\n\tif(TO_VAL==\"\")\r\n\t{\r\n\t\tparent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value = user_id ;\r\n\t\tparent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value = user_name ;\r\n\t\tborderize_on(targetelement);\r\n\t}\r\n\telse\r\n\t{\r\n\t\tif(TO_VAL!=user_id)\r\n\t\t{\r\n\t\t\tparent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value = user_id ;\r\n\t\t\tparent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value = user_name ;\r\n\t\t\tif(document.getElementById(TO_VAL))\r\n\t\t\t\tborderize_off(document.getElementById(TO_VAL));\r\n\t\t\tborderize_on(targetelement);\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\tparent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value= \"\";\r\n\t\t\tparent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_NAME;
echo ".value=\"\";\r\n\t\t\tborderize_off(targetelement);\r\n\t\t}\r\n\t}  \r\n}\r\n\r\nfunction borderize_on(targetelement)\r\n{\r\n color=\"#cccccc\";\r\n targetelement.style.borderColor=\"\";\r\n targetelement.style.backgroundImage = \"url(/images/module/user/selectedbg.gif)\";\r\n targetelement.style.backgroundColor=color;\r\n targetelement.style.color=\"white\";\r\n targetelement.style.fontWeight=\"\";\r\n}\r\n\r\nfunction borderize_off(targetelem";
echo "ent)\r\n{\r\n  targetelement.style.backgroundColor=\"#F5F5F5\";\r\n  targetelement.style.backgroundImage = \"\";\r\n  targetelement.style.borderColor=\"\";\r\n  targetelement.style.color=\"\";\r\n  targetelement.style.fontWeight=\"\";\r\n}\r\n\r\nfunction begin_set()\r\n{\r\n\tTO_VAL=parent_window.";
echo $pararr['form_name'];
echo ".";
echo $TO_ID;
echo ".value;\r\n\tfor (step_i=0; step_i<document.all.length; step_i++)\r\n\t{\r\n\t\tif(document.all(step_i).className==\"menulines\")\r\n\t\t{\r\n\t\t\tuser_id=document.all(step_i).id;\r\n\t\t\tif(TO_VAL==user_id)\r\n\t\t\t\tborderize_on(document.all(step_i));\r\n\t\t}\r\n\t}\r\n}\r\n\r\n</script>\r\n</head>\r\n<body class=\"bodycolor\" topmargin=\"1\" leftmargin=\"2\" onLoad=\"begin_set()\">\r\n<table border=\"0\" cellspacing=\"0\" width=\"100%\" cellpadding=\"2\" >\r\n";
$DEPT_ID = $pararr['deptid'];
if ( $DEPT_ID == "" )
{
	$DEPT_ID = $LOGIN_DEPT_ID;
}
if ( 0 < $DEPT_ID )
{
	$DEPT_ID1 = my_xml_tree( $DEPT_ID );
}
$DEPT_ID = $DEPT_ID1.$DEPT_ID;
if ( $_REQUEST['e'] == 1 )
{
	$query = "SELECT * from USER where  DEPT_ID>0";
	$TITLE = "全部人员";
}
else if ( $pararr['userpriv'] != "" )
{
	$query = "SELECT * from USER where USER_PRIV='".$pararr['userpriv']."' and DEPT_ID>0 ";
	$query1 = "select * from USER_PRIV where USER_PRIV='".$pararr['userpriv']."'";
	$cursor1 = exequery( $connection, $query1 );
	if ( $ROW = mysql_fetch_array( $cursor1 ) )
	{
		$TITLE = $ROW['PRIV_NAME'];
	}
}
else if ( $pararr['groupid'] != "" )
{
	$query1 = "SELECT GROUP_ID,GROUP_MEMBER,GROUP_NAME FROM user_group WHERE GROUP_ID='".$pararr['groupid']."'";
	$cursor1 = exequery( $connection, $query1 );
	if ( $ROW = mysql_fetch_array( $cursor1 ) )
	{
		$TITLE = $ROW['GROUP_NAME'];
		$group_member = $ROW['GROUP_MEMBER'];
	}
	$suffix = substr( $group_member, -1, 1 );
	if ( $suffix == "," )
	{
		$group_member = substr( $group_member, 0, strrpos( $group_member, "," ) );
	}
	$char_member = "'".$group_member."'";
	$char_member = preg_replace( "/,/", "','", $char_member );
	$query = "SELECT * from USER where USER_ID IN (".$char_member.") AND DEPT_ID>0";
}
else if ( $ONLINE != "" )
{
	$sql = "SELECT USER_ID FROM user ";
	$rs = exequery( $connection, $sql );
	$userstr = "";
	while ( $row = mysql_fetch_array( $rs ) )
	{
		$sqlon = "SELECT VISIT_TIME FROM user_online WHERE USER_ID='".$row['USER_ID']."'";
		$rson = exequery( $connection, $sqlon );
		$rowon = mysql_fetch_array( $rson );
		if ( abs( time( ) - strtotime( $rowon['VISIT_TIME'] ) ) < 150 )
		{
			if ( $userstr == "" )
			{
				$userstr .= $row['USER_ID'];
			}
			else
			{
				$userstr .= ",".$row['USER_ID'];
			}
		}
	}
	$userstr = "'".$userstr."'";
	$userstr = preg_replace( "/,/", "','", $userstr );
	$query = "SELECT * from USER where USER_ID IN (".$userstr.") AND DEPT_ID>0 ";
	$TITLE = "在线人员";
}
else if ( isset( $_REQUEST['USER_KEYWORD'] ) )
{
	if ( $_REQUEST['USER_STATUS'] == "-1" )
	{
		$query = "SELECT * from USER where USER_NAME LIKE '%".$_REQUEST['USER_KEYWORD']."%' AND DEPT_ID=0";
	}
	else
	{
		$query = "SELECT * from USER where USER_NAME LIKE '%".$_REQUEST['USER_KEYWORD']."%' AND DEPT_ID>0";
	}
	$TITLE = "搜索- {$USER_KEYWORD}";
}
else
{
	$query = "SELECT * from USER,USER_PRIV where DEPT_ID in (".$DEPT_ID.") and USER.USER_PRIV=USER_PRIV.USER_PRIV";
	$query1 = "select * from DEPARTMENT where DEPT_ID in (".$DEPT_ID.")";
	$cursor1 = exequery( $connection, $query1 );
	if ( $ROW = mysql_fetch_array( $cursor1 ) )
	{
		$TITLE = $ROW['DEPT_NAME'];
	}
}
echo "<tr class=\"TableHeader\">\r\n  <td colspan=\"2\" align=\"center\"><b>";
echo $TITLE;
echo "</b></td>\r\n</tr>\r\n\r\n\r\n";
$cursor = exequery( $connection, $query );
$USER_COUNT = 0;
while ( $ROW = mysql_fetch_array( $cursor ) )
{
	++$USER_COUNT;
	$USER_ID = $ROW['USER_ID'];
	$USER_NAME = $ROW['USER_NAME'];
	if ( $USER_COUNT == 1 )
	{
		echo "<tr >\r\n  <td height=\"2\" style=\"background:#FFFFFF\" colspan=\"2\">\r\n  </td>\r\n</tr>\r\n<tr >\r\n  <td height=\"2\" style=\"background:#FFFFFF\" colspan=\"2\">\r\n  </td>\r\n</tr>\r\n\r\n<tr >\r\n  <td height=\"2\" style=\"background:#FFFFFF\" colspan=\"2\">\r\n  </td>\r\n</tr>\r\n";
	}
	echo "\r\n<tr >\r\n  <td class=\"menulines\" id=\"";
	echo $USER_ID;
	echo "\" name=\"";
	echo $USER_NAME;
	echo "\"  onClick=\"javascript:click_user('";
	echo $USER_ID;
	echo "')\" style=\"cursor:hand\" colspan=\"2\">\r\n  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
	echo $USER_NAME;
	echo "  </td>\r\n\r\n</tr>\r\n<tr >\r\n  <td height=\"1\" style=\"background:#999999\" colspan=\"2\">\r\n  </td>\r\n</tr>\r\n\r\n";
}
if ( $USER_COUNT == 0 )
{
	echo "<tr class=\"TableLine1\">\r\n  <td align=\"center\">";
	message( "", "没有用户可选" );
	echo "</td>\r\n</tr>\r\n";
}
echo "</table>\r\n</body>\r\n</html>\r\n";
?>