edm/application/module/ctrl/User_adminAction.class.php

<?php

/*超级管理员操作，修改自身密码
 * 及添加新用户
 * 
 * */

require_once( ONU_ROOT . 'application/module/ctrl/Action.class.php');
require_once ( ONU_ROOT . 'application/lib/data/adminAction.php');

class User_adminAction extends Action{

	public function __construct(){
		parent::__construct();
		if(empty($_SESSION['mds_user'])){
			header("Location:/?a=index&m=admin_login");
			exit();
		}
	}

	function index(){

	}

	
	function update(){
		
//		$this->check_user();
		
		$admin = new AdvertAdminAction();
		
		$uname = $_SESSION['user_infos']['uname'];
		
		if($_POST['uname']){
			
			$uname   = $_POST['uname'];
			$pwd     = $_POST['pwd'];
			$new_pwd = $_POST['new_pwd'];
			
			if(!empty($uname) && !empty($pwd) && !empty($new_pwd)){
				
				$pwd     = md5($pwd);
				$new_pwd = md5($new_pwd);
				
				$check_user = $admin->selectUser($uname, $pwd);
				
				if(!empty($check_user)){
					
					$update = $admin->updateUserPwd($uname, $new_pwd);
					if($update){
						$succ = "修改用户成功";
						header("Location:/?a=user_admin&m=update&succ=$succ");
						exit();
					}
					
				}else{
					$this->assign('error','原密码有误');
					$this->assign('username',$uname);
				}
				
			}else{
				$this->assign('error','原密码、新密码必填');
				$this->assign('username',$uname);
			}
			
			
		}
		
		$succ = $_REQUEST['succ'];
		$this->assign('succ',$succ);
		$this->assign('username',$uname);
		
		$this->display('update.html');
	}
	
//	function delete(){
//
////		$this->check_user();
//
//		$admin = new AdvertAdminAction();
//
//		$uname = $_REQUEST['uname'];
//
//
//		if($uname!='admin'){
//
//			$delete = $admin->deleteUser($uname);
//			$info = "删除成功";
//
//		}else{
//
//			$error = "不能删除超级管理员";
//		}
//
//		header("Location:/?a=user_admin&m=index&info=$info&error=$error");
//		exit();
//
//
//	}
	
	
	//给用户分配权限
	
	function setPersission(){
		
		global $PERSISSION_ARRAY;
		
		$this->check_user();
		
		$admin = new AdvertAdminAction();
		
		$persission_array = $PERSISSION_ARRAY;
		
		$uname = $_REQUEST['uname'];
		
		$perssion = $_REQUEST['persision_array'];
		
		if($_POST['persision_array']){
			
			$persission_string = implode(',', $perssion);
			
			$update = $admin->updateUserPersission($uname, $persission_string);
			
			if($update){
				$info = "设置用户权限成功";
			}else{
				$error = "设置用户权限失败";
			}
			
		}
		
		$user_info = $admin->selectUserByName($uname);
		$my_persission = $user_info['permission'];
		
		
		$this->assign('my_persission',$my_persission);
		$this->assign('info',$info);
		$this->assign('error',$error);
		$this->assign('persission_array',$persission_array);
		$this->assign('username',$uname);
		$this->display('persission.html');
		
	}
	
	
	//分配角色，及设置直属领导人
	function setRole(){
		
		$this->check_user();
		
		$admin 		= new AdvertAdminAction();
		
		$data['uname'] 		= $_REQUEST['uname'];
		$data['role']  		= $_REQUEST['role'];
		$data['header_uid'] = $_REQUEST['header_uid'];
		
		if(!empty($data['role'])){
			
			$update = $admin->updateUserRole($data);
			
			if($update){
				$info = "设置用户角色及直属领导成功";
				header("Location:/?a=user_admin&m=index&info=$info&error=$error");
				exit();
			}else{
				$error = "设置用户角色及直属领导失败";
			}
			
		}
		
		
		$user_info = $admin->selectUserByName($data['uname']);
		
		$header_list = $admin->selectHeaderUser();
		
		$headerList  = array();
		
		foreach($header_list as $h){
			$headerList[$h['id']] = $h['uname'];
		}

		$this->assign('header_list',$headerList);
		$this->assign('user_info',$user_info);
		$this->display('role.html');
	}
	
	//end
	
	
	//判断是否是超级管理员
	function check_user(){
		
		if($_SESSION['mds_user']!=='admin'){
			echo "<script>alert('I am sorry you can not access');window.location.href='/?a=index&m=login_succ'</script>";
			exit;
		}
		
	}
	
	//class end
}