📄 update.php
字号:
<?php
include_once( "inc/auth.php" );
include_once( "inc/utility_all.php" );
include_once( "inc/utility_org.php" );
include_once( "inc/check_type.php" );
include_once( "inc/td_core.php" );
echo "\r\n<html>\r\n<head>\r\n<title>修改用户</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=gb2312\">\r\n</head>\r\n\r\n<body class=\"bodycolor\" topmargin=\"5\">\r\n\r\n";
$BIND_IP = str_replace( "\r\n", ",", $BIND_IP );
$BIND_IP = str_replace( "\n", ",", $BIND_IP );
$BIND_IP = trim( $BIND_IP );
if ( $USER_ID == "admin" )
{
$USER_PRIV = 1;
$POST_PRIV = 1;
}
if ( trim( $USER_ID ) == "" )
{
message( "错误", "用户名不能为空" );
button_back( );
exit( );
}
if ( trim( $USER_NAME ) == "" )
{
message( "错误", "用户姓名不能为空" );
button_back( );
exit( );
}
$DEPT_ID = intval( $DEPT_ID );
if ( !is_dept_priv( $DEPT_ID ) )
{
message( "错误", "您没有建立该部门用户的权限" );
button_back( );
exit( );
}
$USER_PRIV = intval( $USER_PRIV );
if ( $USER_PRIV <= 0 )
{
message( "错误", "角色无效" );
button_back( );
exit( );
}
$query = "SELECT * from USER_PRIV where USER_PRIV=".$LOGIN_USER_PRIV;
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
$PRIV_NO = $ROW['PRIV_NO'];
}
if ( $LOGIN_USER_PRIV != "1" )
{
$query = "SELECT USER_PRIV from USER_PRIV where PRIV_NO>".$PRIV_NO." and USER_PRIV='{$USER_PRIV}'";
}
else
{
$query = "SELECT USER_PRIV from USER_PRIV where USER_PRIV='".$USER_PRIV."'";
}
$cursor = exequery( $connection, $query );
if ( mysql_num_rows( $cursor ) <= 0 )
{
message( "错误", "您没有建立该角色用户的权限" );
button_back( );
exit( );
}
$USER_NAME = str_replace( ",", "", $USER_NAME );
$USER_NAME = str_replace( "'", "", $USER_NAME );
$USER_NAME = str_replace( "\"", "", $USER_NAME );
$query = "select NOT_LOGIN from USER where USER_ID='".$USER_ID."'";
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
$NOT_LOGIN_OLD = $ROW['NOT_LOGIN'];
}
if ( $NOT_LOGIN != "on" && $NOT_LOGIN_OLD == "1" )
{
login_check( "[TDCORE_ADDUSER]", "[TDCORE_ADDUSER]" );
}
if ( strstr( $BYNAME, "\\'" ) )
{
message( "错误", "别名中含有非法字符" );
button_back( );
exit( );
}
if ( $BIRTHDAY != "" && !is_date( $BIRTHDAY ) )
{
message( "错误", "生日格式不合法,应形如:".date( "Y-m-d", time( ) ) );
button_back( );
exit( );
}
if ( $BYNAME == $USER_ID )
{
message( "错误", "用户名和别名不能相同" );
button_back( );
exit( );
}
if ( $BYNAME != "" )
{
$query = "select * from USER where USER_ID!='".$USER_ID."' and BYNAME='{$BYNAME}' or USER_ID='{$BYNAME}'";
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
message( "错误", "用户名或别名 ".$BYNAME." 已存在" );
button_back( );
exit( );
}
}
if ( $USER_NO == "" )
{
$USER_NO = 10;
}
if ( !is_number( $USER_NO ) )
{
message( "错误", "用户排序号应为数字" );
button_back( );
exit( );
}
if ( $NOT_LOGIN == "on" )
{
$NOT_LOGIN = 1;
}
else
{
$NOT_LOGIN = 0;
}
if ( $NOT_VIEW_USER == "on" )
{
$NOT_VIEW_USER = 1;
}
else
{
$NOT_VIEW_USER = 0;
}
if ( $NOT_VIEW_TABLE == "on" )
{
$NOT_VIEW_TABLE = 1;
}
else
{
$NOT_VIEW_TABLE = 0;
}
if ( $MOBIL_NO_HIDDEN == "on" )
{
$MOBIL_NO_HIDDEN = "1";
}
else
{
$MOBIL_NO_HIDDEN = "0";
}
if ( $USEING_KEY == "on" )
{
$USEING_KEY = 1;
}
else
{
$USEING_KEY = 0;
}
$EMAIL_CAPACITY = intval( $EMAIL_CAPACITY );
$FOLDER_CAPACITY = intval( $FOLDER_CAPACITY );
$WEBMAIL_NUM = intval( $WEBMAIL_NUM );
$WEBMAIL_CAPACITY = intval( $WEBMAIL_CAPACITY );
if ( $EMAIL_CAPACITY != "" && ( !is_int( $EMAIL_CAPACITY ) && $EMAIL_CAPACITY < 0 ) )
{
message( "错误", "内部邮箱容量应为整数!" );
button_back( );
exit( );
}
if ( $FOLDER_CAPACITY != "" && ( !is_int( $FOLDER_CAPACITY ) && $FOLDER_CAPACITY < 0 ) )
{
message( "错误", "个人文件柜容量应为整数!" );
button_back( );
exit( );
}
$DEPT_ID_OTHER = check_id( $DEPT_ID, $DEPT_ID_OTHER, FALSE );
$query = "update USER set USER_NAME='".$USER_NAME."',SEX='{$SEX}',DEPT_ID={$DEPT_ID},DEPT_ID_OTHER='{$DEPT_ID_OTHER}',DUTY_TYPE='{$DUTY_TYPE}',USER_PRIV='{$USER_PRIV}',POST_PRIV='{$POST_PRIV}',POST_DEPT='{$TO_ID}',CANBROADCAST='{$CANBROADCAST}',EMAIL_CAPACITY={$EMAIL_CAPACITY},FOLDER_CAPACITY={$FOLDER_CAPACITY},USER_PRIV_OTHER='{$PRIV_ID}',USER_NO={$USER_NO},NOT_LOGIN='{$NOT_LOGIN}',NOT_VIEW_USER='{$NOT_VIEW_USER}',NOT_VIEW_TABLE='{$NOT_VIEW_TABLE}',BYNAME='{$BYNAME}',BIRTHDAY='{$BIRTHDAY}',THEME='{$THEME}',MOBIL_NO='{$MOBIL_NO}',MOBIL_NO_HIDDEN='{$MOBIL_NO_HIDDEN}',BIND_IP='{$BIND_IP}',USEING_KEY='{$USEING_KEY}',REMARK='{$REMARK}',WEBMAIL_CAPACITY='{$WEBMAIL_CAPACITY}',WEBMAIL_NUM='{$WEBMAIL_NUM}',TEL_NO_DEPT='{$TEL_NO_DEPT}' where USER_ID='{$USER_ID}'";
exequery( $connection, $query );
add_log( 7, $USER_ID, $LOGIN_USER_ID );
if ( $PRIV_ID1 != "" )
{
$query = "select * from MODULE_PRIV where UID='".$UID."' and MODULE_ID='0'";
$cursor = exequery( $connection, $query );
if ( $ROW = mysql_fetch_array( $cursor ) )
{
$query = "update MODULE_PRIV set PRIV_ID='".$PRIV_ID1."' where UID='{$UID}' and MODULE_ID='0'";
exequery( $connection, $query );
}
else
{
$query = "insert into MODULE_PRIV (UID,MODULE_ID,DEPT_PRIV,ROLE_PRIV,PRIV_ID) values('".$UID."','0','1','2','{$PRIV_ID1}')";
exequery( $connection, $query );
}
}
else
{
$query = "delete from MODULE_PRIV where UID='".$UID."' and MODULE_ID='0'";
exequery( $connection, $query );
}
if ( file_exists( "fis_acset_update.php" ) )
{
include_once( "fis_acset_update.php" );
}
echo "<script>\r\n";
if ( $DEPT_ID != $DEPT_ID1 )
{
echo "parent.user_list.location.reload();\r\n";
}
echo "\r\nlocation=\"user_new.php?DEPT_ID=";
echo $DEPT_ID1;
echo "\";\r\n</script>\r\n\r\n</body>\r\n</html>\r\n";
?>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -