group_user.php
4.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
<?php
/**
* 圈子用户管理
*
* @version $Id: group_user.php 1 15:34 2011-1-21 tianya $
* @package DedeCMS.Administrator
* @copyright Copyright (c) 2007 - 2010, DesDev, Inc.
* @license http://help.dedecms.com/usersguide/license.html
* @link http://www.dedecms.com
*/
require_once(dirname(__FILE__)."/config.php");
require_once(DEDEINC.'/datalistcp.class.php');
CheckPurview('group_Edit');
$gid = isset($gid) && is_numeric($gid) ? $gid : 0;
$id = isset($id) && is_numeric($id) ? $id : 0;
$action = isset($action) ? trim($action) : '';
$username = isset($username) ? trim($username) : '';
$username = stripslashes($username);
$username = preg_replace("#[\"\r\n\t\*\?\(\)\$%']#", " ", trim($username));
$username = addslashes($username);
if($gid < 1)
{
ShowMsg("含有非法操作!.","-1");
exit();
}
$row = $db->GetOne("SELECT ismaster,uid FROM #@__groups WHERE groupid='{$gid}'");
$ismaster = $row['ismaster'];
$ismasterid = $row['uid'];
if($action=="del")
{
if($ismasterid == $id)
{
ShowMsg("圈主不能脱离群关系!","-1");
exit();
}
$row = $db->GetOne("SELECT username FROM #@__group_user WHERE uid='$id' AND gid='$gid'");
if(is_array($row))
{
$username = $row['username'];
$master = explode(",",$ismaster);
if(in_array($username,$master))
{
//如果会员存管理员字段将移出
$k = array_search($username,$master);
unset($master[$k]);
}
$master = array_filter($master, "filter");
$ismaster = implode(",",$master);
$db->ExecuteNoneQuery("UPDATE #@__groups SET ismaster='{$ismaster}' WHERE groupid='{$gid}'");
}
if($id > 0)
{
$db->ExecuteNoneQuery("DELETE FROM #@__group_user WHERE uid='$id' AND gid='$gid'");
}
ShowMsg("已将该会员移出本群!.","-1");
exit();
}
else if($action=="admin")
{
if($ismasterid == $id)
{
ShowMsg("圈主应同时有管理权!","-1");
exit();
}
$row = $db->GetOne("SELECT username FROM #@__group_user WHERE uid='$id' AND gid='$gid'");
if(is_array($row))
{
$username = $row['username'];
$master = explode(",",$ismaster);
if(in_array($username,$master))
{
//如果会员存管理员字段将移出
$k = array_search($username,$master);
unset($master[$k]);
$msg = "已将 {$username},设为普通会员!";
}
else
{
//否则加入到管理员数组
array_push($master,$username);
$msg = "已将 {$username},设为管理员!";
}
$master = array_filter($master, "filter");
$ismaster = implode(",",$master);
$db->ExecuteNoneQuery("UPDATE #@__groups SET ismaster='{$ismaster}' WHERE groupid='{$gid}'");
}
ShowMsg("{$msg}","-1");
exit();
}
else if($action=="add")
{
$uname = cn_substr($uname,15);
if(empty($uname))
{
ShowMsg("请填写用户名!.","-1");
exit();
}
$rs = $db->GetOne("SELECT COUNT(*) AS c FROM #@__group_user WHERE username like '$uname' AND gid='$gid'");
if($rs['c'] > 0)
{
ShowMsg("用户已加入该圈子!.","-1");
exit();
}
$row = $db->GetOne("SELECT userid,mid FROM #@__member WHERE userid like '$uname'");
if(!is_array($row))
{
ShowMsg("站内不存在该用户!.","-1");
exit();
}
else
{
$row['id'] = $row['mid'];
$db->ExecuteNoneQuery("INSERT INTO #@__group_user(uid,username,gid,jointime) VALUES('".$row['id']."','".$row['userid']."','$gid','".time()."');");
//如果设成管理员
if($setmaster)
{
$master = explode(",",$ismaster);
array_push($master,$uname);
$master = array_filter($master, "filter");
$ismaster = implode(",",$master);
$db->ExecuteNoneQuery("UPDATE #@__groups SET ismaster='{$ismaster}' WHERE groupid='{$gid}'");
}
}
ShowMsg("成功添加用户:{$uname}","-1");
exit();
}
//列表加载模板
$wheresql = "WHERE gid='{$gid}'";
if(!empty($username))
{
$wheresql .= " AND username like '%".$username."%'";
}
$sql = "SELECT * FROM #@__group_user $wheresql ORDER BY jointime DESC";
$dl = new DataListCP();
$dl->pageSize = 20;
$dl->SetParameter("username",$username);
$dl->SetParameter("id",$id);
$dl->SetParameter("gid",$gid);
//这两句的顺序不能更换
$dl->SetTemplate(DEDEADMIN."/templets/group_user.htm"); //载入模板
$dl->SetSource($sql); //设定查询SQL
$dl->Display(); //显示
function filter($var)
{
return $var == '' ? false : true;
}
function GetMaster($user)
{
global $ismaster;
$master = explode(",",$ismaster);
if(in_array($user,$master))
{
return "<img src='img/adminuserico.gif'> 管理员";
}
else
{
return "普通会员";
}
}
?>