list.php

泛微协同办公系统标准版E-office V5.5的源代码内含泛微办公系统V5.5自动注册文件。

<?php

function default_validate( )
{
	global $connection;
	global $customer_id;
	global $customer_name;
	global $manage_user;
	$query2 = "select up.* from user_priv as up, user as u where up.USER_PRIV=u.USER_PRIV and u.USER_ID='".$manage_user."'";
	$cursor2 = exequery( $connection, $query2 );
	if ( $row2 = mysql_fetch_array( $cursor2 ) )
	{
		$priv_no = $row2['PRIV_NO'];
	}
	$query3 = "select up.* from user_priv as up, user as u where up.USER_PRIV=u.USER_PRIV and u.USER_ID='".$_SESSION['LOGIN_USER_ID']."'";
	$cursor3 = exequery( $connection, $query3 );
	if ( $row3 = mysql_fetch_array( $cursor3 ) )
	{
		$login_priv_no = $row3['PRIV_NO'];
	}
	if ( $login_priv_no < $priv_no )
	{
		$purview_ses = "<a href=\"#\" onclick=\"customer_detail('".$customer_id."');\">".$customer_name."</a>";
	}
	else
	{
		$purview_ses = false;
	}
	return $purview_ses;
}

function dept_validate( )
{
	global $connection;
	global $purview_dept;
	if ( $purview_dept == "ALL_DEPT" )
	{
		return true;
	}
	$query2 = "select d.* from department as d, user as u where u.DEPT_ID=d.DEPT_ID and u.USER_ID='".$_SESSION['LOGIN_USER_ID']."'";
	$cursor2 = exequery( $connection, $query2 );
	if ( $row2 = mysql_fetch_array( $cursor2 ) )
	{
		$dept_id = $row2['DEPT_ID'];
	}
	if ( array_search( $dept_id, explode( ",", $purview_dept ) ) !== false )
	{
		return true;
	}
	else
	{
		return false;
	}
}

function role_validate( )
{
	global $connection;
	global $purview_role;
	$query2 = "select up.* from user_priv as up, user as u where up.USER_PRIV=u.USER_PRIV and u.USER_ID='".$_SESSION['LOGIN_USER_ID']."'";
	$cursor2 = exequery( $connection, $query2 );
	if ( $row2 = mysql_fetch_array( $cursor2 ) )
	{
		$login_priv_no = $row2['USER_PRIV'];
	}
	if ( array_search( $login_priv_no, explode( ",", $purview_role ) ) !== false )
	{
		return true;
	}
	else
	{
		return false;
	}
}

function user_validate( )
{
	global $connection;
	global $purview_user;
	if ( array_search( $_SESSION['LOGIN_USER_ID'], explode( ",", $purview_user ) ) !== false )
	{
		return true;
	}
	else
	{
		return false;
	}
}

include_once( "inc/auth.php" );
include_once( "inc/function_page_01.php" );
if ( $_REQUEST['cur_page'] == "" )
{
	$cur_page = 1;
}
else
{
	$cur_page = $_REQUEST['cur_page'];
}
$connection = openconnection( );
$query = "SELECT c.*, ct.*, l.LINKMAN_ID FROM customer as c, contact as ct, linkman as l WHERE ct.CUSTOMER_ID=c.CUSTOMER_ID and c.CUSTOMER_ID=l.CUSTOMER_ID";
$where_str = "";
if ( $_REQUEST['CUSTOMER_NAME'] != "" )
{
	$where_str .= " and c.CUSTOMER_NAME like '%".$_REQUEST['CUSTOMER_NAME']."%'";
}
if ( $_REQUEST['CONTACT_DATE'] != "" )
{
	$where_str .= " and to_days(ct.CONTACT_DATE) > to_days('".$_REQUEST['CONTACT_DATE']."')";
}
if ( $_REQUEST['CONTACT_DATE2'] != "" )
{
	$where_str .= " and to_days(ct.CONTACT_DATE) < to_days('".$_REQUEST['CONTACT_DATE2']."')";
}
if ( $_REQUEST['CONTACT_CONTENT'] != "" )
{
	$where_str .= " and ct.CONTACT_CONTENT like '%".$_REQUEST['CONTACT_CONTENT']."%'";
}
if ( $_REQUEST['LINKMAN_NAME'] != "" )
{
	$where_str .= " and ct.LINKMAN_NAME like '%".$_REQUEST['LINKMAN_NAME']."%'";
}
if ( $_REQUEST['MEMO'] != "" )
{
	$where_str .= " and ct.MEMO like '%".$_REQUEST['MEMO']."%'";
}
$query .= $where_str;
switch ( $_REQUEST['order'] )
{
case "contact_content" :
	$query .= " group by ct.CONTACT_ID order by ct.CONTACT_CONTENT";
	break;
case "contact_date" :
	$query .= " group by ct.CONTACT_ID order by ct.CONTACT_DATE";
	break;
case "customer_name" :
	$query .= " group by ct.CONTACT_ID order by c.CUSTOMER_NAME";
	break;
case "linkman_name" :
	$query .= " group by ct.CONTACT_ID order by ct.LINKMAN_NAME";
	break;
default :
	$query .= " group by ct.CONTACT_ID order by ct.CONTACT_ID";
	break;
}
$query .= $_REQUEST['sens'] ? " ASC" : " DESC";
$cursor = exequery( $connection, $query );
while ( $row = mysql_fetch_array( $cursor ) )
{
	$contact_id = $row['CONTACT_ID'];
	$customer_id = $row['CUSTOMER_ID'];
	$old_customer_name = $row['CUSTOMER_NAME'];
	$linkman_name = $row['LINKMAN_NAME'];
	$linkman_id = $row['LINKMAN_ID'];
	$contact_content = $row['CONTACT_CONTENT'];
	$contact_date = $row['CONTACT_DATE'];
	$contact_date_end = $row['CONTACT_DATE_END'];
	$create_user = $row['CREATE_USER'];
	$manage_user = $row['MANAGE_USER'];
	$purview = $row['PURVIEW'];
	$purview_dept = $row['PURVIEW_DEPT'];
	$purview_role = $row['PURVIEW_ROLE'];
	$purview_user = $row['PURVIEW_USER'];
	switch ( $purview )
	{
	case "1" :
		$purview_ses = default_validate( );
		break;
	case "2" :
		$purview_ses = "<a href=\"#\" onclick=\"customer_detail('".$customer_id."');\">".$customer_name."</a>";
		break;
	case "3" :
		$dept_validate = dept_validate( );
		$role_validate = role_validate( );
		$user_validate = user_validate( );
		if ( ( $dept_validate || $role_validate || $user_validate ) === false )
		{
			$purview_ses = default_validate( );
		}
		else
		{
			$purview_ses = "<a href=\"#\" onclick=\"customer_detail('".$customer_id."');\">".$customer_name."</a>";
		}
	}
	if ( $manage_user == $_SESSION['LOGIN_USER_ID'] || $manage_user == "" )
	{
		$purview_ses = "<a href=\"#\" onclick=\"customer_detail('".$customer_id."');\">".$customer_name."</a>";
	}
	if ( $purview_ses == false )
	{
	}
	else
	{
		$str_contact_id .= $contact_id.",";
	}
}
$str_contact_id = substr( $str_contact_id, 0, -1 );
$str_contact_id = $str_contact_id == "" ? 0 : $str_contact_id;
echo "\r\n<html>\r\n<head>\r\n<title>交往信息</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n";
echo "<s";
echo "cript>\r\nfunction del(contact_id)\r\n{\r\n\tvar msg\t= \"你确认要删除所选记录吗?\";\r\n\tif(window.confirm(msg))\r\n\t{\r\n\t\tvar url\t= \"delete.php?contact_id=\"+contact_id+\"&cur_page=";
echo $cur_page;
echo "&sens=";
echo $_REQUEST['sens'];
echo "&order=";
echo $_REQUEST['order'];
echo "&del_r=search_r\";\r\n\t\tlocation = url;\r\n\t}\r\n}\r\n\r\nfunction edt(contact_id, customer_id,linkman_id)\r\n{\r\n\tvar url\t= \"edit.php?edit_type=list_type&linkman_id=\"+linkman_id+\"&contact_id=\"+contact_id+\"&customer_id=\"+customer_id+\"&sens=";
echo $_REQUEST['sens'];
echo "&order=";
echo $_REQUEST['order'];
echo "&cur_page=";
echo $cur_page;
echo "&CUSTOMER_NAME=";
echo $_REQUEST['CUSTOMER_NAME'];
echo "&CONTACT_DATE=";
echo $_REQUEST['CONTACT_DATE'];
echo "&CONTACT_DATE2=";
echo $_REQUEST['CONTACT_DATE2'];
echo "&CONTACT_CONTENT=";
echo $_REQUEST['CONTACT_CONTENT'];
echo "&LINKMAN_NAME=";
echo $_REQUEST['LINKMAN_NAME'];
echo "&MEMO=";
echo $_REQUEST['MEMO'];
echo "\";\r\n\tlocation = url;\r\n}\r\n\r\nfunction contact_detail(contact_id)\r\n{\r\n\tURL=\"detail.php?CONTACT_ID=\"+contact_id;\r\n\tmyleft=(screen.availWidth-500)/2;\r\n\twindow.open(URL,\"read_notify\",\"height=500,width=500,status=1,toolbar=no,menubar=no,location=no,scrollbars=yes,top=150,left=\"+myleft+\",resizable=yes\");\r\n}\r\n\r\nfunction customer_detail(customer_id)\r\n{\r\n\tvar url\t= \"../customer/detail.php?CUSTOMER_ID=\"+custo";
echo "mer_id;\r\n\twindow.open(url,\"\",\"height=650,width=900,status=1,toolbar=no,menubar=no,location=no,scrollbars=yes,top=30,left=30,resizable=yes\");\r\n}\r\n\r\nfunction linkman_detail(linkman_id)\r\n{\r\n\tURL=\"../linkman/detail.php?linkman_id=\"+linkman_id;\r\n\tmyleft=(screen.availWidth-500)/2;\r\n\twindow.open(URL,\"\",\"height=550,width=450,status=1,toolbar=no,menubar=no,location=no,scrollbars=yes,top=100,left=\"+myleft+\"";
echo ",resizable=yes\");\r\n}\r\n</script>\r\n</head>\r\n\r\n<body class=\"bodycolor\" topmargin=\"5\">\r\n<table border=\"0\" width=\"100%\" cellspacing=\"1\" cellpadding=\"0\">\r\n\t<tr class=\"tablehead1\">\r\n\t\t<td><img src=\"/images/manage/news.gif\" align=\"absmiddle\">交往信息查询结果</td>\r\n\t</tr>\r\n\t<tr class=\"tablehead2\">\r\n\t\t<td><BUTTON class=btn onClick=\"javscript:history.back();\" title=\"返回\"><table><tr valign=top ><td><img src=\"/images/littleg";
echo "if/b_u.gif\" align=\"center\"></td> <td>";
echo "<s";
echo "pan id=\"showallid\">返回</span></td></tr></table></BUTTON></td>\r\n\t</tr>\r\n</table>\r\n<br>\r\n";
$query = "SELECT c.*, ct.*, l.LINKMAN_ID FROM customer as c, contact as ct, linkman as l WHERE ct.CUSTOMER_ID=c.CUSTOMER_ID and c.CUSTOMER_ID=l.CUSTOMER_ID and ct.CONTACT_ID IN(".$str_contact_id.")";
$where_str = "";
if ( $_REQUEST['CUSTOMER_NAME'] != "" )
{
	$where_str .= " and c.CUSTOMER_NAME like '%".$_REQUEST['CUSTOMER_NAME']."%'";
}
if ( $_REQUEST['CONTACT_DATE'] != "" )
{
	$where_str .= " and to_days(ct.CONTACT_DATE) > to_days('".$_REQUEST['CONTACT_DATE']."')";
}
if ( $_REQUEST['CONTACT_DATE2'] != "" )
{
	$where_str .= " and to_days(ct.CONTACT_DATE) < to_days('".$_REQUEST['CONTACT_DATE2']."')";
}
if ( $_REQUEST['CONTACT_CONTENT'] != "" )