query.php

通达网络办公 - Office Anywhere 2008 增强版100％源码(3.4.081216) 内含 通达OA2008增強版接近完美破解补丁20081216集 及 最新通达OA2008ADV(

<?php

include_once( "inc/auth.php" );
include_once( "inc/utility_org.php" );
include_once( "inc/utility_all.php" );
include_once( "../../../prcs_role.php" );
include_once( "inc/user_online.php" );
if ( $PRCS_ID_NEXT == "" )
{
	$QUERY_PRIV = "";
}
else
{
	$query = "SELECT PRCS_USER,PRCS_DEPT,PRCS_PRIV,USER_FILTER from FLOW_PROCESS where FLOW_ID=".$FLOW_ID." and PRCS_ID={$PRCS_ID_NEXT}";
	$cursor = exequery( $connection, $query );
	if ( $ROW = mysql_fetch_array( $cursor ) )
	{
		$PRCS_USER = $ROW['PRCS_USER'];
		$PRCS_DEPT = $ROW['PRCS_DEPT'];
		$PRCS_PRIV = $ROW['PRCS_PRIV'];
		$USER_FILTER = $ROW['USER_FILTER'];
	}
	$QUERY_PRIV = " and (1=2 ";
	if ( $PRCS_USER != "" )
	{
		$QUERY_PRIV .= " or FIND_IN_SET(USER.USER_ID,'".$PRCS_USER."')";
	}
	if ( $PRCS_DEPT != "" )
	{
		if ( $PRCS_DEPT == "ALL_DEPT" )
		{
			$QUERY_PRIV .= " or 1=1";
		}
		else
		{
			if ( substr( $PRCS_DEPT, -1 ) == "," )
			{
				$PRCS_DEPT = substr( $PRCS_DEPT, 0, -1 );
			}
			$QUERY_PRIV .= " or DEPT_ID in(".$PRCS_DEPT.")";
		}
	}
	if ( $PRCS_PRIV != "" )
	{
		if ( substr( $PRCS_PRIV, -1 ) == "," )
		{
			$PRCS_PRIV = substr( $PRCS_PRIV, 0, -1 );
		}
		$QUERY_PRIV .= " or USER.USER_PRIV in(".$PRCS_PRIV.")".flow_other_sql( $PRCS_PRIV );
	}
	$QUERY_PRIV .= ") ";
	if ( $USER_FILTER == "1" )
	{
		$QUERY_PRIV .= " and USER.DEPT_ID='".$LOGIN_DEPT_ID."'";
	}
	else if ( $USER_FILTER == "2" )
	{
		$QUERY_PRIV .= " and USER.USER_PRIV='".$LOGIN_USER_PRIV."'";
	}
}
echo "\r\n<html>\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n</head>\r\n<script src=\"/inc/js/utility.js\"></script>\r\n<script src=\"user_select.js\"></script>\r\n<script Language=\"JavaScript\">\r\nvar parent_window = getOpenner();\r\nvar top_flag = parent_window.form1.TOP_FLAG";
echo $LINE_COUNT;
echo ".value;\r\nvar op_user = parent_window.getElementById('PRCS_OP_USER";
echo $LINE_COUNT;
echo "');\r\nvar op_user_name = parent_window.getElementById('PRCS_OP_USER_NAME";
echo $LINE_COUNT;
echo "');\r\nvar prcs_user = parent_window.getElementById('PRCS_USER";
echo $LINE_COUNT;
echo "');\r\nvar prcs_user_name = parent_window.getElementById('PRCS_USER_NAME";
echo $LINE_COUNT;
echo "');\r\n\r\nvar DEL_IMG0='<img src=\"/images/remove.png\" align=\"absmiddle\" onclick=\"javascript:cancel_user(this,0,";
echo $LINE_COUNT;
echo ");\">';\r\nvar DEL_IMG1='<img src=\"/images/remove.png\" align=\"absmiddle\" onclick=\"javascript:cancel_user(this,1,";
echo $LINE_COUNT;
echo ");\">';\r\n</script>\r\n<body class=\"bodycolor\" topmargin=\"5\" leftmargin=\"2\" onload=\"begin_set();\">\r\n\r\n<table class=\"TableBlock\" width=\"100%\">\r\n<tr class=\"TableHeader\">\r\n  <td align=\"center\" colspan=\"2\">人员查询</td>\r\n</tr>\r\n";
$query = "SELECT UID,USER_ID,USER_NAME,SEX,DEPT_ID,PRIV_NO from USER,USER_PRIV where USER.USER_PRIV=USER_PRIV.USER_PRIV and (USER_ID like '%".$USER_NAME."%' or USER_NAME like '%{$USER_NAME}%') and DEPT_ID!=0 and NOT_LOGIN!='1'".$QUERY_PRIV;
$query .= " order by PRIV_NO,USER_NO,USER_NAME";
$cursor = exequery( $connection, $query );
$USER_COUNT = 0;
while ( $ROW = mysql_fetch_array( $cursor ) )
{
	$UID = $ROW['UID'];
	$USER_ID = $ROW['USER_ID'];
	$USER_NAME = $ROW['USER_NAME'];
	$DEPT_ID_I = $ROW['DEPT_ID'];
	$PRIV_NO_I = $ROW['PRIV_NO'];
	$SEX = $ROW['SEX'];
	if ( $SEX == "" )
	{
		$SEX = "0";
	}
	++$USER_COUNT;
	if ( $USER_COUNT == 1 )
	{
		echo "<tr class=\"TableData\">\r\n  <td onclick=\"javascript:add_all();\" style=\"cursor:pointer\" align=\"center\" colspan=\"2\">全部添加</td>\r\n</tr>\r\n<tr class=\"TableData\">\r\n  <td onclick=\"javascript:del_all();\" style=\"cursor:pointer\" align=\"center\" colspan=\"2\">全部删除</td>\r\n</tr>\r\n";
	}
	echo "<tr class=\"TableData\">\r\n  <td title=\"设为主办人\" nowrap class=\"menulines_op\" id=\"";
	echo $USER_ID;
	echo "_op\" name=\"";
	echo $USER_NAME;
	echo "\" width=\"55\" align=\"center\" onclick=\"javascript:click_op('";
	echo $USER_ID;
	echo "_op')\" style=\"cursor:pointer\">\r\n  <input type=\"checkbox\" id=\"opbox_";
	echo $USER_ID;
	echo "\">主办\r\n  </td>\r\n  <td title=\"";
	echo $DEPT_LONG_NAME;
	echo "\" class=\"menulines\" id=\"";
	echo $USER_ID;
	echo "\" name=\"";
	echo $USER_NAME;
	echo "\" width=\"90%\" align=\"center\" onclick=\"javascript:click_user('";
	echo $USER_ID;
	echo "')\" style=\"cursor:pointer\">";
	echo $USER_NAME;
	echo " ";
	if ( array_key_exists( $UID, $SYS_ONLINE_USER ) )
	{
		echo "<img align=\"absmiddle\" src=\"/images/".$SEX."-1.gif\" title=\"在线\">";
	}
	echo "  </td>\r\n</tr>\r\n\r\n";
}
if ( $USER_COUNT == 0 )
{
	echo "<tr class=\"TableData\">\r\n  <td align=\"center\">未查询到用户</td>\r\n</tr>\r\n";
}
echo "\r\n</table>\r\n</body>\r\n</html>";
?>