update.php

泛微协同办公系统标准版E-office V5.5的源代码内含泛微办公系统V5.5自动注册文件。

<?php

include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
include_once( "inc/demo.inc" );
include_once( "inc/reg_check.php" );
echo "\r\n<html>\r\n<head>\r\n<title>修改用户</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n\r\n</head>\r\n\r\n<body class=\"bodycolor\" topmargin=\"5\">\r\n\r\n";
$connection = openconnection( );
if ( $USER_ID == "admin" )
{
	$USER_PRIV = 1;
	$POST_PRIV = 1;
}
global $IS_REGISTERED_MYOA;
$sql = "SELECT USER_ACCOUNTS FROM user WHERE USER_ID='".$USER_ID."'";
$rs = exequery( $connection, $sql );
$row = mysql_fetch_array( $rs );
if ( ( $row['USER_ACCOUNTS'] == "" || $row['USER_ACCOUNTS'] == "NULL" ) && $USER_ACCOUNTS != "" )
{
	$query = "select count(*) from USER WHERE DEPT_ID>0";
	$cursor = exequery( $connection, $query );
	if ( $ROW = mysql_fetch_array( $cursor ) )
	{
		$USER_COUNT = $ROW[0];
	}
	if ( !$IS_REGISTERED_MYOA )
	{
		if ( DEMO_LIMIT_USER <= $USER_COUNT )
		{
			message( "提示", "已经达到系统的最大授权用户数（".DEMO_LIMIT_USER."），不能再增加用户名" );
			button_back( );
			exit( );
		}
	}
	else
	{
		$arrayR = parse_regfilestr( );
		$oaaccount = $arrayR[0]['useraccound'];
		$USER_LIMIT = $oaaccount;
		if ( $USER_LIMIT <= $USER_COUNT )
		{
			message( "提示", "已经达到系统的最大授权用户数（".$USER_LIMIT."），不能再增加用户名" );
			button_back( );
			exit( );
		}
	}
}
if ( strstr( $USER_ACCOUTNS, "\\'" ) != false )
{
	message( "错误", "用户名中含有非法字符" );
	button_back( );
	exit( );
}
if ( $USER_ACCOUNTS != "" )
{
	$query = "select * from USER where USER_ACCOUNTS='{$USER_ACCOUNTS}' AND USER_ID!='{$USER_ID}'";
	$cursor = exequery( $connection, $query );
	if ( $ROW = mysql_fetch_array( $cursor ) )
	{
		message( "错误", "用户 ".$USER_ACCOUTNS." 已存在" );
		button_back( );
		exit( );
	}
}
$query = "update USER set USER_ACCOUNTS='{$USER_ACCOUNTS}',USER_NAME='{$USER_NAME}',DEPT_ID={$DEPT_ID},DUTY_TYPE={$DUTY_TYPE},USER_PRIV='{$USER_PRIV}',POST_PRIV='{$POST_PRIV}',CANBROADCAST='{$CANBROADCAST}',SMS_LOGIN='{$SMS_LOGIN}' where USER_ID='{$USER_ID}'";
exequery( $connection, $query );
if ( $DEPT_ID == 0 )
{
	$sql = "UPDATE user SET USER_ACCOUNTS='' WHERE USER_ID='{$USER_ID}'";
	exequery( $connection, $sql );
}
if ( $POST_PRIV == "2" )
{
	$query = "update USER set POST_DEPT='{$TO_ID}' where USER_ID='{$USER_ID}'";
	exequery( $connection, $query );
}
$sql = "SELECT COUNT(ID) FROM HRMS WHERE USER_ID = '".$_REQUEST['USER_ID']."'";
$cursor = exequery( $connection, $sql );
if ( ( $ROW = mysql_fetch_array( $cursor ) ) && $ROW[0] != "" )
{
	$sql = "SELECT DEPT_NAME FROM DEPARTMENT WHERE DEPT_ID = ".$_REQUEST['DEPT_ID']."";
	$cursor = exequery( $connection, $sql );
	if ( $ROW = mysql_fetch_array( $cursor ) )
	{
		$DEPT_NAME = $ROW['DEPT_NAME'];
		$sql = "UPDATE HRMS SET TRUE_NAME = '".$_REQUEST['USER_NAME']."',";
		$sql .= " DEPARTMENT = '".$DEPT_NAME."' ";
		$sql .= " WHERE USER_ID = '".$_REQUEST['USER_ID']."'";
		exequery( $connection, $sql );
	}
}
add_log( 7, $USER_ID, $LOGIN_USER_ID );
echo "<s";
echo "cript>\r\nparent.user_list.location.reload();\r\n\r\nwindow.setTimeout(\"url_refersh();\", 2000);\r\nfunction url_refersh()\r\n{\r\n\tlocation=\"user_new.php?DEPT_ID=";
echo $_REQUEST['DEPT_ID1'];
echo "\";\r\n}\r\n</script>\r\n</body>\r\n</html>";
?>