check_user(); $admin = new AdvertAdminAction(); $uname = $_SESSION['user_infos']['uname']; if($_POST['uname']){ $uname = $_POST['uname']; $pwd = $_POST['pwd']; $new_pwd = $_POST['new_pwd']; if(!empty($uname) && !empty($pwd) && !empty($new_pwd)){ $pwd = md5($pwd); $new_pwd = md5($new_pwd); $check_user = $admin->selectUser($uname, $pwd); if(!empty($check_user)){ $update = $admin->updateUserPwd($uname, $new_pwd); if($update){ $succ = "修改用户成功"; header("Location:/?a=user_admin&m=update&succ=$succ"); exit(); } }else{ $this->assign('error','原密码有误'); $this->assign('username',$uname); } }else{ $this->assign('error','原密码、新密码必填'); $this->assign('username',$uname); } } $succ = $_REQUEST['succ']; $this->assign('succ',$succ); $this->assign('username',$uname); $this->display('update.html'); } // function delete(){ // //// $this->check_user(); // // $admin = new AdvertAdminAction(); // // $uname = $_REQUEST['uname']; // // // if($uname!='admin'){ // // $delete = $admin->deleteUser($uname); // $info = "删除成功"; // // }else{ // // $error = "不能删除超级管理员"; // } // // header("Location:/?a=user_admin&m=index&info=$info&error=$error"); // exit(); // // // } //给用户分配权限 function setPersission(){ global $PERSISSION_ARRAY; $this->check_user(); $admin = new AdvertAdminAction(); $persission_array = $PERSISSION_ARRAY; $uname = $_REQUEST['uname']; $perssion = $_REQUEST['persision_array']; if($_POST['persision_array']){ $persission_string = implode(',', $perssion); $update = $admin->updateUserPersission($uname, $persission_string); if($update){ $info = "设置用户权限成功"; }else{ $error = "设置用户权限失败"; } } $user_info = $admin->selectUserByName($uname); $my_persission = $user_info['permission']; $this->assign('my_persission',$my_persission); $this->assign('info',$info); $this->assign('error',$error); $this->assign('persission_array',$persission_array); $this->assign('username',$uname); $this->display('persission.html'); } //分配角色，及设置直属领导人 function setRole(){ $this->check_user(); $admin = new AdvertAdminAction(); $data['uname'] = $_REQUEST['uname']; $data['role'] = $_REQUEST['role']; $data['header_uid'] = $_REQUEST['header_uid']; if(!empty($data['role'])){ $update = $admin->updateUserRole($data); if($update){ $info = "设置用户角色及直属领导成功"; header("Location:/?a=user_admin&m=index&info=$info&error=$error"); exit(); }else{ $error = "设置用户角色及直属领导失败"; } } $user_info = $admin->selectUserByName($data['uname']); $header_list = $admin->selectHeaderUser(); $headerList = array(); foreach($header_list as $h){ $headerList[$h['id']] = $h['uname']; } $this->assign('header_list',$headerList); $this->assign('user_info',$user_info); $this->display('role.html'); } //end //判断是否是超级管理员 function check_user(){ if($_SESSION['mds_user']!=='admin'){ echo ""; exit; } } //class end }