📄 search.php
字号:
<?
include_once 'inc/auth.php';
include_once 'inc/utility_all.php';
echo '
<html>
<head>
<title>人员查询结果 </title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<script Language="JavaScript">
function delete_user(DEPT_ID,USER_ID)
{
msg=\'确认要删除用户 \'+USER_ID+\' 么?\';
if(window.confirm(msg))
{
URL="delete.php?DEPT_ID=" + DEPT_ID + "&USER_ID=" + USER_ID;
window.location=URL;
}
}
function no_pass(DEPT_ID,USER_ID)
{
msg=\'确认要清空用户 \'+USER_ID+\' 的密码么?\';
if(window.confirm(msg))
{
URL="no_pass.php?DEPT_ID=" + DEPT_ID + "&USER_ID=" + USER_ID;
window.location=URL;
}
}
</script>
</head>
<body class="bodycolor" topmargin="5" >
';
$query = 'SELECT * from USER_PRIV where USER_PRIV=' . $LOGIN_USER_PRIV;
$cursor = exequery ($connection, $query);
if ($ROW = mysql_fetch_array ($cursor))
{
$PRIV_NO = $ROW['PRIV_NO'];
}
if ($USER_ID != '')
{
$WHERE_STR .= ' and USER_ID like \'%' . $USER_ID . '%\'';
}
if ($USER_NAME != '')
{
$WHERE_STR .= ' and USER_NAME like \'%' . $USER_NAME . '%\'';
}
if ($BYNAME != '')
{
$WHERE_STR .= ' and BYNAME like \'%' . $BYNAME . '%\'';
}
if ($SEX != '')
{
$WHERE_STR .= ' and SEX=' . $SEX;
}
if ($DEPT_ID != '')
{
$WHERE_STR .= ' and USER.DEPT_ID=' . $DEPT_ID;
}
if ($DUTY_TYPE != '')
{
$WHERE_STR .= ' and DUTY_TYPE=' . $DUTY_TYPE;
}
if ($USER_PRIV != '')
{
$WHERE_STR .= ' and USER.USER_PRIV=' . $USER_PRIV;
}
if ($POST_PRIV != '')
{
$WHERE_STR .= ' and POST_PRIV=' . $POST_PRIV;
}
if ($CANBROADCAST != '')
{
$WHERE_STR .= ' and CANBROADCAST=' . $CANBROADCAST;
}
if ($NOT_LOGIN != '2')
{
$WHERE_STR .= ' and NOT_LOGIN=\'' . $NOT_LOGIN . '\'';
}
if ($NOT_VIEW_USER != '2')
{
$WHERE_STR .= ' and NOT_VIEW_USER=\'' . $NOT_VIEW_USER . '\'';
}
if ($NOT_VIEW_TABLE != '2')
{
$WHERE_STR .= ' and NOT_VIEW_TABLE=\'' . $NOT_VIEW_TABLE . '\'';
}
echo '<table border="0" width="100%" cellspacing="0" cellpadding="3" class="small">
<tr>
<td class="Big"><img src="/images/edit.gif" WIDTH="22" HEIGHT="20" align="absmiddle"><span class="big3"> 用户查询</span>
</td>
</tr>
</table>
';
$USER_COUNT = 0;
if ($LOGIN_USER_PRIV != '1')
{
$query = 'SELECT * from USER,USER_PRIV,DEPARTMENT where DEPARTMENT.DEPT_ID=USER.DEPT_ID and USER.USER_PRIV=USER_PRIV.USER_PRIV and USER_PRIV.PRIV_NO>' . $PRIV_NO . ' and USER_PRIV.USER_PRIV!=1 ' . $WHERE_STR . ' order by ';
}
else
{
$query = 'SELECT * from USER,USER_PRIV,DEPARTMENT where DEPARTMENT.DEPT_ID=USER.DEPT_ID and USER.USER_PRIV=USER_PRIV.USER_PRIV ' . $WHERE_STR . ' order by ';
}
if ($LAST_VISIT_TIME != '')
{
$query .= 'LAST_VISIT_TIME ' . $LAST_VISIT_TIME . ',';
}
$query .= 'DEPT_NO,PRIV_NO,USER_NO,USER_NAME';
$cursor = exequery ($connection, $query);
while ($ROW = mysql_fetch_array ($cursor))
{
$USER_ID = $ROW['USER_ID'];
$USER_NAME = $ROW['USER_NAME'];
$BYNAME = $ROW['BYNAME'];
$DEPT_ID = $ROW['DEPT_ID'];
$USER_PRIV = $ROW['USER_PRIV'];
$POST_PRIV = $ROW['POST_PRIV'];
$LAST_VISIT_TIME = $ROW['LAST_VISIT_TIME'];
if ($LAST_VISIT_TIME == '0000-00-00 00:00:00')
{
$LAST_VISIT_TIME = '';
}
if (is_dept_priv ($DEPT_ID))
{
++$USER_COUNT;
$query1 = 'SELECT * from DEPARTMENT where DEPT_ID=' . $DEPT_ID;
$cursor1 = exequery ($connection, $query1);
if ($ROW = mysql_fetch_array ($cursor1))
{
$DEPT_NAME = $ROW['DEPT_NAME'];
}
else
{
$DEPT_NAME = '离职人员/外部人员';
}
if ($POST_PRIV == '0')
{
$POST_PRIV = '本部门';
}
else
{
if ($POST_PRIV == '1')
{
$POST_PRIV = '全体';
}
else
{
if ($POST_PRIV == '2')
{
$POST_PRIV = '指定部门';
}
}
}
$query1 = 'SELECT * from USER_PRIV where USER_PRIV=\'' . $USER_PRIV . '\'';
$cursor1 = exequery ($connection, $query1);
if ($ROW = mysql_fetch_array ($cursor1))
{
$USER_PRIV = $ROW['PRIV_NAME'];
}
$DEPT_LONG_NAME = dept_long_name ($DEPT_ID);
if ($USER_COUNT == 1)
{
echo '
<table align="center" border="0" cellspacing="1" width="100%" class="small" bgcolor="#000000" cellpadding="3">
';
}
$query = 'SELECT count(*) from SYS_LOG where USER_ID=\'' . $USER_ID . '\'';
$cursor1 = exequery ($connection, $query);
if ($ROW1 = mysql_fetch_array ($cursor1))
{
$LOGIN_COUNT = $ROW1[0];
}
if ($USER_COUNT % 2 == 1)
{
$TableLine = 'TableLine1';
}
else
{
$TableLine = 'TableLine2';
}
echo ' <tr class="';
echo $TableLine;
echo '">
<td nowrap align="center" title="';
echo $DEPT_LONG_NAME;
echo '"><u style="cursor:hand">';
echo $DEPT_NAME;
echo '</u></td>
<td nowrap align="center">';
echo $USER_ID;
echo '</td>
<td nowrap align="center">';
echo $USER_NAME;
echo '</td>
<td nowrap align="center">';
echo $BYNAME;
echo '</td>
<td nowrap align="center">';
echo $USER_PRIV;
echo '</td>
<td nowrap align="center">';
echo $POST_PRIV;
echo '</td>
<td align="center">';
echo $LAST_VISIT_TIME;
echo '</td>
<td nowrap align="center">';
echo $LOGIN_COUNT;
echo '</td>
<td nowrap align="center">
<a href="user_edit.php?USER_ID=';
echo $USER_ID;
echo '"> 编辑</a>
';
if ($USER_ID != 'admin')
{
if ($USER_ID != $LOGIN_USER_ID)
{
echo ' <a href="javascript:delete_user(\'';
echo $DEPT_ID;
echo '\',\'';
echo $USER_ID;
echo '\');"> 删除</a>
';
}
}
if ($LOGIN_USER_ID == 'admin')
{
echo ' <br><a href="javascript:no_pass(\'';
echo $DEPT_ID;
echo '\',\'';
echo $USER_ID;
echo '\');">admin清空密码</a>
';
}
echo ' </td>
</tr>
';
continue;
}
}
if (0 < $USER_COUNT)
{
echo ' <thead class="TableHeader">
<td nowrap align="center">部门</td>
<td nowrap align="center">用户名</td>
<td nowrap align="center">姓名</td>
<td nowrap align="center">别名</td>
<td nowrap align="center">角色</td>
<td nowrap align="center">管理</td>
<td nowrap align="center">最后访问</td>
<td nowrap align="center">登录</td>
<td nowrap align="center">操作</td>
</thead>
</table>
';
message ('', '共' . $USER_COUNT . '个符合条件且可管理的用户');
}
else
{
message ('', '无符合条件且可管理的用户');
}
echo '
<br>
<div align="center">
<input type="button" value="返回" class="BigButton" onClick="history.back();">
</div>
</body>
</html>';
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -