[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 admin.php

Zen Cart 源代码 admin.php




下载文件

文件名: admin.php
文件类型: PHP文件
文件大小: 18.1 KiB
MD5: 900c86d320623748f78a447c21002745

admin.php - 关闭高亮
  1. <?php
  2. //
  3. // +----------------------------------------------------------------------+
  4. // |zen-cart Open Source E-commerce                                       |
  5. // +----------------------------------------------------------------------+
  6. // | Copyright (c) 2006 The zen-cart developers                           |
  7. // |                                                                      |
  8. // | http://www.zen-cart.com/index.php                                    |
  9. // |                                                                      |
  10. // | Portions Copyright (c) 2003 osCommerce                               |
  11. // +----------------------------------------------------------------------+
  12. // | This source file is subject to version 2.0 of the GPL license,       |
  13. // | that is bundled with this package in the file LICENSE, and is        |
  14. // | available through the world-wide-web at the following url:           |
  15. // | http://www.zen-cart.com/license/2_0.txt.                             |
  16. // | If you did not receive a copy of the zen-cart license and are unable |
  17. // | to obtain it through the world-wide-web, please send a note to       |
  18. // | license@zen-cart.com so we can mail you a copy immediately.          |
  19. // +----------------------------------------------------------------------+
  20. //  $Id: admin.php 4701 2006-10-08 01:09:44Z drbyte $
  21. //
  22.  
  23. require('includes/application_top.php');
  24.  
  25. $action = (isset($_GET['action']) ? $_GET['action'] : '');
  26.  
  27. if (zen_not_null($action)) {
  28.  
  29.   switch ($action) {
  30.     // demo active test
  31.     case (zen_admin_demo()):
  32.       $action='';
  33.       $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  34.         zen_redirect(zen_href_link(FILENAME_ADMIN));
  35.       break;
  36. //-------------------------------------------------------------------------------------------------------------------------
  37.     case 'insert':
  38.     case 'save':
  39.     case 'reset':
  40.     $error = false;
  41.     if ( ($action == 'insert') || ($action == 'reset') ){
  42.         $password_new = zen_db_prepare_input($_POST['password_new']);
  43.         $password_confirmation = zen_db_prepare_input($_POST['password_confirmation']);
  44.    
  45.         if (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
  46.             $error = true;
  47.             $messageStack->add(ENTRY_PASSWORD_NEW_ERROR, 'error');
  48.         }
  49.         if ($password_new != $password_confirmation) {
  50.             $error = true;
  51.             $messageStack->add(ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING, 'error');
  52.         }
  53.     }
  54.    
  55.     if ($error == false) {
  56.         if (isset($_GET['adminID'])) $admins_id = zen_db_prepare_input($_GET['adminID']);
  57.         $admin_name = zen_db_prepare_input($_POST['admin_name']);
  58.         $admin_email = zen_db_prepare_input($_POST['admin_email']);
  59.         $password_new = zen_db_prepare_input($password_new);
  60.         $admin_level = zen_db_prepare_input($_POST['admin_level']);
  61.         $password_new = zen_db_prepare_input($password_new);
  62.    
  63.         $sql_data_array = array(
  64.                               'admin_name' => $admin_name,
  65.                               'admin_email' => $admin_email,
  66.                               'admin_level' => (int)$admin_level
  67.                               );
  68.    
  69.         if ($action == 'insert') {
  70.    
  71.             $insert_sql_data = array('admin_pass' => zen_encrypt_password($password_new));
  72.             $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
  73.             zen_db_perform(TABLE_ADMIN, $sql_data_array);
  74.             $new_admin_id = zen_db_insert_id();
  75.         $admins_id = $new_admin_id;
  76.    
  77.         } elseif ($action == 'save') {
  78.    
  79.             zen_db_perform(TABLE_ADMIN, $sql_data_array, 'update', "admin_id = '" . (int)$admins_id . "'");
  80.         $db->Execute("UPDATE " . TABLE_CONFIGURATION . " set configuration_value='" . (int)$_POST['demo_status'] . "' where configuration_key='ADMIN_DEMO'");
  81.    
  82.         } elseif ($action == 'reset') {
  83.    
  84.             $update_sql_data = array('admin_pass' => zen_encrypt_password($password_new));
  85.             $sql_data_array = array_merge($sql_data_array, $update_sql_data);
  86.             zen_db_perform(TABLE_ADMIN, $sql_data_array, 'update', "admin_id = '" . (int)$admins_id . "'");
  87.    
  88.         } // end action check
  89.    
  90.    
  91.         zen_redirect(zen_href_link(FILENAME_ADMIN, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'adminID=' . $admins_id));
  92.    
  93.     } // end error check
  94.    
  95.    
  96.     //echo $action;
  97.     //  zen_redirect(zen_href_link(FILENAME_ADMIN, (isset($_GET['page']) ? 'page=' . '&' : '') . 'adminID=' . $admins_id));
  98.     break;
  99.    
  100. //-------------------------------------------------------------------------------------------------------------------------
  101.     case 'deleteconfirm':
  102.       $new_admin_id = zen_db_prepare_input($_GET['adminID']);
  103.       $db->Execute("delete from " . TABLE_ADMIN . " where admin_id = '" . (int)$new_admin_id . "'");
  104.    
  105.         zen_redirect(zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page']));
  106.     break;
  107. //-------------------------------------------------------------------------------------------------------------------------
  108.   } // end switch
  109. } // end zen_not_null
  110. ?>
  111.  
  112.  
  113. <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  114. <html <?php echo HTML_PARAMS; ?>>
  115. <head>
  116. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  117. <title><?php echo TITLE; ?></title>
  118. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  119. <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
  120. <script language="javascript" src="includes/menu.js"></script>
  121. <script language="javascript" src="includes/general.js"></script>
  122. <script type="text/javascript">
  123. <!--
  124. function init()
  125. {
  126. cssjsmenu('navbar');
  127. if (document.getElementById)
  128. {
  129. var kill = document.getElementById('hoverJS');
  130. kill.disabled = true;
  131. }
  132. }
  133. // -->
  134. </script>
  135. </head>
  136. <body onLoad="init()">
  137. <!-- header //-->
  138. <?php require(DIR_WS_INCLUDES . 'header.php'); ?>
  139. <!-- header_eof //-->
  140.  
  141. <!-- body //-->
  142. <table border="0" width="100%" cellspacing="2" cellpadding="2">
  143.     <tr>
  144. <!-- body_text //-->
  145.         <td width="100%" valign="top">
  146.  
  147.  
  148. <?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?>
  149.  
  150. <table border="0" width="100%" cellspacing="0" cellpadding="0">
  151.     <tr>
  152.         <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  153.     </tr>
  154. </table>
  155.  
  156. <?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?>
  157.  
  158. <table border="0" width="100%" cellspacing="0" cellpadding="0">
  159.     <tr>
  160.         <td valign="top">
  161.  
  162. <table border="0" width="100%" cellspacing="0" cellpadding="2">
  163.     <tr class="dataTableHeadingRow">
  164.         <td width="10%" class="dataTableHeadingContent"><?php echo TABLE_HEADING_ADMINS_ID; ?></td>
  165.         <td width="35%" class="dataTableHeadingContent"><?php echo TABLE_HEADING_ADMINS_NAME; ?></td>
  166.         <td width="35%" class="dataTableHeadingContent"><?php echo TABLE_HEADING_ADMINS_EMAIL; ?></td>
  167.         <td width="20%" class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
  168. </tr>
  169.  
  170. <?php
  171. $admins_query_raw = "select admin_id, admin_name, admin_email, admin_pass, admin_level from " . TABLE_ADMIN . " order by admin_name";
  172. $admins_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $admins_query_raw, $admins_query_numrows);
  173. $admins = $db->Execute($admins_query_raw);
  174.  
  175. while (!$admins->EOF) {
  176.   if ((!isset($_GET['adminID']) || (isset($_GET['adminID']) && ($_GET['adminID'] == $admins->fields['admin_id']))) && !isset($adminInfo) && (substr($action, 0, 3) != 'new')) {
  177.     $adminInfo = new objectInfo($admins->fields);
  178.   }
  179.  
  180.   if (isset($adminInfo) && is_object($adminInfo) && ($admins->fields['admin_id'] == $adminInfo->admin_id)) {
  181.     echo '<tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $admins->fields['admin_id'] . '&action=edit') . '\'">' . "\n";
  182.   } else {
  183.     echo '<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $admins->fields['admin_id'] . '') . '\'">' . "\n";
  184.   }
  185. ?>
  186.  
  187.         <td class="dataTableContent"><?php echo $admins->fields['admin_id']; ?></td>
  188.         <td class="dataTableContent"><?php echo $admins->fields['admin_name']; ?></td>
  189.         <td class="dataTableContent"><?php echo $admins->fields['admin_email']; ?></td>
  190.         <td class="dataTableContent" align="right">
  191. <?php echo '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $admins->fields['admin_id'] . '&action=edit') . '">' . zen_image(DIR_WS_IMAGES . 'icon_edit.gif', ICON_EDIT) . '</a>'; ?>
  192. <?php echo '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $admins->fields['admin_id'] . '&action=delete') . '">' . zen_image(DIR_WS_IMAGES . 'icon_delete.gif', ICON_DELETE) . '</a>'; ?>
  193. <?php echo '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $admins->fields['admin_id'] . '&action=resetpassword') . '">' . zen_image(DIR_WS_IMAGES . 'icon_reset.gif', ICON_RESET) . '</a>'; ?>
  194.         </td>
  195. </tr>
  196.  
  197. <?php
  198.   $admins->MoveNext();
  199. }
  200. ?>
  201.  
  202.     <tr>
  203.         <td colspan="2">
  204.  
  205. <table border="0" width="100%" cellspacing="0" cellpadding="4">
  206.     <tr>
  207.         <td class="smallText" valign="top"><?php echo $admins_split->display_count($admins_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ADMINS); ?></td>
  208.         <td class="smallText" align="right"><?php echo $admins_split->display_links($admins_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']); ?></td>
  209.     </tr>
  210. </table>
  211.  
  212.         </td>
  213.     </tr>
  214.  
  215. <?php
  216. if (empty($action)) {
  217. ?>
  218.     <tr>
  219.         <td align="right" colspan="4" class="smallText">
  220. <?php
  221.   echo '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=new') . '">' . zen_image_button('button_insert.gif', IMAGE_INSERT) . '</a>';
  222. ?>
  223.         </td>
  224.     </tr>
  225. <?php
  226. }
  227. ?>
  228. </table>
  229.         </td>
  230.  
  231. <?php
  232. $heading = array();
  233. $contents = array();
  234.  
  235. switch ($action) {
  236. //-------------------------------------------------------------------------------------------------------------------------
  237.  
  238.   case 'new':
  239.     $heading[] = array('text' => '<b>' . TEXT_HEADING_NEW_ADMIN . '</b>');
  240.     $contents = array('form' => zen_draw_form('new_admin', FILENAME_ADMIN, 'action=insert', 'post', 'enctype="multipart/form-data"'));
  241.     $contents[] = array('text' => TEXT_NEW_INTRO);
  242.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_NAME . '<br>' . zen_draw_input_field('admin_name', '', zen_set_field_length(TABLE_ADMIN, 'admin_name', $max=30)) );
  243.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_EMAIL . '<br>' . zen_draw_input_field('admin_email', '', zen_set_field_length(TABLE_ADMIN, 'admin_email', $max=30)) );
  244.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_PASSWORD . '<br>' . zen_draw_password_field('password_new', '', zen_set_field_length(TABLE_ADMIN, 'admin_pass', $max=20)) );
  245.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_CONFIRM_PASSWORD . '<br>' . zen_draw_password_field('password_confirmation', '', zen_set_field_length(TABLE_ADMIN, 'admin_pass', $max=20)) );
  246.     $contents[] = array('text' => zen_draw_hidden_field('admin_level', '1') );
  247.     $contents[] = array('align' => 'center',
  248.                         'text' => '<br>' . zen_image_submit('button_save.gif', IMAGE_SAVE) . '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $_GET['adminID']) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  249.   break;
  250.  
  251. //-------------------------------------------------------------------------------------------------------------------------
  252.   case 'edit':
  253.     $heading[] = array('text' => '<b>' . TEXT_HEADING_EDIT_ADMIN . '</b>');
  254.     $contents = array('form' => zen_draw_form('edit_admin', FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=save', 'post', 'enctype="multipart/form-data"'));
  255.     $contents[] = array('text' => TEXT_EDIT_INTRO);
  256.     $contents[] = array('text' => '<br><b>' . $adminInfo->admin_id . '</b>&nbsp;-&nbsp;' . $adminInfo->admin_name . '</b>');
  257.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_NAME . '<br>' . zen_draw_input_field('admin_name', $adminInfo->admin_name, zen_set_field_length(TABLE_ADMIN, 'admin_name', $max=30)) );
  258.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_EMAIL . '<br>' . zen_draw_input_field('admin_email', $adminInfo->admin_email, zen_set_field_length(TABLE_ADMIN, 'admin_email', $max=30)) );
  259.    
  260.     $admin_current = $db->Execute("select admin_level from " . TABLE_ADMIN . " where admin_id='" . $_SESSION['admin_id'] . "'");
  261.     /*
  262.     if ($admin_current->fields['admin_level'] == '1') {
  263.       $contents[] = array('text' => '<br>' . TEXT_ADMIN_LEVEL_INSTRUCTIONS);
  264.       $contents[] = array(
  265.           'text' => '<strong>' . TEXT_ADMINS_LEVEL . '</strong><br>' . zen_draw_input_field('admin_level', $adminInfo->admin_level, zen_set_field_length(TABLE_ADMIN, 'admin_level'))
  266.       );
  267.     */
  268.       $demo_status= zen_get_configuration_key_value('ADMIN_DEMO');
  269.       switch ($demo_status) {
  270.         case '0': $on_status = false; $off_status = true; break;
  271.         case '1': $on_status = true; $off_status = false; break;
  272.         default:  $on_status = false; $off_status = true; break;
  273.       }
  274.       if ($on_status == true) {
  275.         $contents[] = array('text' => '<br>' . TEXT_ADMIN_DEMO);
  276.         $contents[] = array('text' => '<strong>' . TEXT_DEMO_STATUS . '</strong><br>' . zen_draw_radio_field('demo_status', '1', $on_status) . '&nbsp;' . TEXT_DEMO_ON . '&nbsp;' . zen_draw_radio_field('demo_status', '0', $off_status) . '&nbsp;' . TEXT_DEMO_OFF);
  277.       } else {
  278.         $contents[] = array('text' => zen_draw_hidden_field('demo_status', 0) );
  279.       }
  280.    
  281.     $contents[] = array('align' => 'center',
  282.                         'text' => '<br>' . zen_image_submit('button_save.gif', IMAGE_SAVE) . '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  283.     break;
  284.  
  285. //-------------------------------------------------------------------------------------------------------------------------
  286.   case 'resetpassword':
  287.     $heading[] = array('text' => '<b>' . TEXT_HEADING_RESET_PASSWORD . '</b>');
  288.     $contents = array('form' => zen_draw_form('reset_password', FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=reset',
  289.                       'post', 'enctype="multipart/form-data"') . zen_draw_hidden_field('admin_name', $adminInfo->admin_name) . zen_draw_hidden_field('admin_email', $adminInfo->admin_email) . zen_draw_hidden_field('admin_level', $adminInfo->admin_level));
  290.     $contents[] = array('text' => TEXT_EDIT_INTRO);
  291.     $contents[] = array('text' => '<br><b>' . $adminInfo->admin_id . '</b>&nbsp;-&nbsp;' . $adminInfo->admin_name . '</b>');
  292.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_PASSWORD . '<br>' . zen_draw_password_field('password_new', '', zen_set_field_length(TABLE_ADMIN, 'admin_pass', $max=25)) );
  293.     $contents[] = array('text' => '<br>' . TEXT_ADMINS_CONFIRM_PASSWORD . '<br>' . zen_draw_password_field('password_confirmation', '', zen_set_field_length(TABLE_ADMIN, 'admin_pass', $max=25)) );
  294.     $contents[] = array('align' => 'center',
  295.                         'text' => '<br>' . zen_image_submit('button_save.gif', IMAGE_SAVE) . '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  296.     break;
  297.  
  298.  
  299. //-------------------------------------------------------------------------------------------------------------------------
  300.     case 'delete':
  301.     $heading[] = array('text' => '<b>' . TEXT_HEADING_DELETE_ADMIN . '</b>');
  302.     $contents = array('form' => zen_draw_form('delete_admin', FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=deleteconfirm'));
  303.     $contents[] = array('text' => TEXT_DELETE_INTRO);
  304.     $contents[] = array('text' => '<br><b>' . $adminInfo->admin_name . '</b>');
  305.     $contents[] = array('align' => 'center',
  306.                         'text' => '<br>' . zen_image_submit('button_delete.gif', IMAGE_DELETE) . '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  307.     break;
  308.  
  309. //-------------------------------------------------------------------------------------------------------------------------
  310.   default:
  311. //-------------------------------------------------------------------------------------------------------------------------
  312.     if (isset($adminInfo) && is_object($adminInfo)) {
  313.         $heading[] = array('text' => '<b>' . $adminInfo->admin_name . '</b>');
  314.         $contents[] = array('align' => 'center',
  315.                           'text' => '<a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=edit') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a><a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=resetpassword') . '">' . zen_image_button('button_reset_pwd.gif', IMAGE_RESET) . '</a><a href="' . zen_href_link(FILENAME_ADMIN, 'page=' . $_GET['page'] . '&adminID=' . $adminInfo->admin_id . '&action=delete') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
  316.     }
  317.    
  318.     break;
  319. //-------------------------------------------------------------------------------------------------------------------------
  320. } // end switch action
  321.  
  322. if ( (zen_not_null($heading)) && (zen_not_null($contents)) ) {
  323.   echo '<td width="25%" valign="top">' . "\n";
  324.   $box = new box;
  325.   echo $box->infoBox($heading, $contents);
  326.   echo '</td>' . "\n";
  327. }
  328. ?>
  329.  
  330.     </tr>
  331. </table>
  332.  
  333.  
  334.         </td>
  335. <!-- body_text_eof //-->
  336.     </tr>
  337. </table>
  338. <!-- body_eof //-->
  339.  
  340. <!-- footer //-->
  341. <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
  342. <!-- footer_eof //-->
  343. <br>
  344. </body>
  345. </html>
  346. <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>


cron