BBS项目(二)

用户管理模块
<?php
// +----------------------------------------------------------------------
// | 登录处理程序
// +----------------------------------------------------------------------


    //开启session
    session_start();
    
    //引入公共配置
    require("../../public/config.php");
    
    if($_GET['a']=="login"){
        //判断验证码是否正确
        if($_POST['ucode']!=$_SESSION['code']){
            //验证码错误，弹出提示框并返回到登录界面
            echo "<script>alert('登录失败！验证码错误！');window.location.href='../login.php';</script>";
            die();
        }
    }
    //接收变量
    $uname=$_POST['uname'];
    $upass=md5($_POST['upass']);
    
    //判断用户名密码是否正确
    //1.链接数据库并判断
    $link=mysqli_connect(HOST,USER,PASS) or die("链接数据库失败！");
    
    //2.设置字符集
    mysqli_set_charset($link,CHARSET);
    
    //3.选择数据库
    mysqli_select_db($link,DBNAME);
    
    //4.定义sql语句并发送执行
    $sql="select * from user where userName='{$uname}' && password='{$upass}';";
    $result=mysqli_query($link,$sql);
    
    //5.解析结果集
    if($result && mysqli_num_rows($result)>0 ){
        $row=mysqli_fetch_assoc($result);
        
            //判断用户状态
            if($row['status']!=1){
                echo "<script>alert('该账号已被冻结！');window.location.href='../login.php';</script>";
                die();
            }
        $_SESSION['id']=$row['id'];    //存前台登录用户id的Session['id'] 
        
        $time=time();
        $sql="update user set lastlogin={$time} where id={$_SESSION['id']}";
        mysqli_query($link,$sql);
        
        echo "<script>alert('登录成功！');window.location.href='../index.php';</script>";
    }else{
        echo "<script>alert('登录失败！账号或密码错误！');window.location.href='../login.php';</script>";
        die();
    }
    
    //6.释放结果集，关闭数据库
    mysqli_free_result($result);
    mysqli_close($link);
    
?>


<?php
// +----------------------------------------------------------------------
// | 注册、修改处理程序
// +----------------------------------------------------------------------

    
    //引入公共配置
    session_start();
    require("../../public/config.php");
    
    //1.链接数据库并判断
    $link=mysqli_connect(HOST,USER,PASS) or die("链接数据库失败！");
    
    //2.设置字符集
    mysqli_set_charset($link,CHARSET);
    
    //3.选择数据库
    mysqli_select_db($link,DBNAME);
    
    switch($_GET['action']){
        
        //注册用户
        case "insert":    
            
            //判断验证码是否正确，防止恶意注册
            if($_POST['ucode']!=$_SESSION['code']){
                //验证码错误，弹出提示框并返回到登录界面
                echo "<script>alert('注册失败！验证码错误！');window.location.href='../register.php';</script>";
                die();
            }
            
            //判断密码输入是否正确
            if($_POST['upass']!=$_POST['upass1'] || empty($_POST['upass']) || empty($_POST['upass1'])){
                echo "<script>alert('密码不正确！');window.location.href='../register.php';</script>";
            }
            
            //获取用户名，密码，邮箱
            $userName=$_POST['uname'];
            $password=md5($_POST['upass']);
            $email=$_POST['uemail'];
            
            //4.定义sql语句，并发送执行
            $sql="insert user(userName,password,auth) values('{$userName}','{$password}',0)";
            $result=mysqli_query($link,$sql);
            
            //5.判断插入数据是否成功
            if($result && mysqli_affected_rows($link)>0){
                
                $uid= mysqli_insert_id($link);
                //向用户资料表中插入数据
                $sql="insert userdetail(uid,email) values ({$uid},'{$email}')";
                mysqli_query($link,$sql);
                
                echo "<script>alert('新增用户成功！');window.location.href='../login.php';</script>";
            }else{
                echo "<script>alert('新增用户失败！账号已存在');window.location.href='./main_info.php';</script>";
            }
        break;
        
        //修改个人信息
        case "update":
            
            //存储用户信息的数组
            $set=array();
            $uid=$_SESSION['id'];    //要修改的用户uid
            
            if(isset($_POST['unickName'])){
                $set[]="nickName='{$_POST['unickName']}'";
            }
            if(isset($_POST['uemail'])){
                $set[]="email='{$_POST['uemail']}'";
            }
            if(isset($_POST['uqq'])){
                $set[]="qq='{$_POST['uqq']}'";
            }
            if(isset($_POST['usex'])){
                $set[]="sex='{$_POST['usex']}'";
            }
            
            //拼接插入数据
            $info="";
            $info=implode(",",$set);
            
            
            //4.定义sql语句发送并执行
            $sql="update userdetail set {$info} where uid={$uid}";
            $result=mysqli_query($link,$sql);
            
            //5.判断是否修改成功
            if($result && mysqli_affected_rows($link)>0){
                echo "<script>alert('修改成功！');window.location.href='../personInfo.php';</script>";
            }else{
                echo "<script>alert('修改失败！');window.location.href='../personInfo.php';</script>";
            }
            
        break;
        
    }

    
    //6.关闭数据库
    170     mysqli_close($link);
?>




// +----------------------------------------------------------------------
// | 遍历搜索分页
// +----------------------------------------------------------------------

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>主要内容区main</title>
<link href="../../public/admin/css/css.css" type="text/css" rel="stylesheet" />
<link href="../../public/admin/css/main.css" type="text/css" rel="stylesheet" />
<link rel="shortcut icon" href="images/main/favicon.ico" />
<style>
body{overflow-x:hidden; background:#f2f0f5; padding:15px 0px 10px 5px;}
#searchmain{ font-size:12px;}
#search{ font-size:12px; background:#548fc9; margin:10px 10px 0 0; display:inline; 100%; color:#FFF; float:left}
#search form span{height:40px; line-height:40px; padding:0 0px 0 10px; float:left;}
#search form input.text-word{height:24px; line-height:24px; 180px; margin:8px 0 6px 0; padding:0 0px 0 10px; float:left; border:1px solid #FFF;}
#search form input.text-but{height:24px; line-height:24px; 55px; background:url(images/main/list_input.jpg) no-repeat left top; border:none; cursor:pointer; font-family:"Microsoft YaHei","Tahoma","Arial",'宋体'; color:#666; float:left; margin:8px 0 0 6px; display:inline;}
#search a.add{ background:url(images/main/add.jpg) no-repeat -3px 7px #548fc9; padding:0 10px 0 26px; height:40px; line-height:40px; font-size:14px; font-weight:bold; color:#FFF; float:right}
#search a:hover.add{ text-decoration:underline; color:#d2e9ff;}
#main-tab{ border:1px solid #eaeaea; background:#FFF; font-size:12px;}
#main-tab th{ font-size:12px; background:url(images/main/list_bg.jpg) repeat-x; height:32px; line-height:32px;}
#main-tab td{ font-size:12px; line-height:40px;}
#main-tab td a{ font-size:12px; color:#548fc9;}
#main-tab td a:hover{color:#565656; text-decoration:underline;}
.bordertop{ border-top:1px solid #ebebeb}
.borderright{ border-right:1px solid #ebebeb}
.borderbottom{ border-bottom:1px solid #ebebeb}
.borderleft{ border-left:1px solid #ebebeb}
.gray{ color:#dbdbdb;}
td.fenye{ padding:10px 0 0 0; text-align:right;}
.bggray{ background:#f9f9f9}
</style>
</head>
<body>
<!--main_top-->
<table width="99%" border="0" cellspacing="0" cellpadding="0" id="searchmain">
  <tr>
    <td width="99%" align="left" valign="top">您的位置：用户管理&nbsp;&nbsp;>&nbsp;&nbsp;浏览用户</td>
  </tr>
  <tr>
    <td align="left" valign="top">
    <table width="100%" border="0" cellspacing="0" cellpadding="0" id="search">
          <tr>
            <td width="90%" align="left" valign="middle">
             <form method="get" action="main_list.php">
             <span>用户账号：</span>
             <input type="text" name="uname" value="" class="text-word">
             <input name="" type="submit" value="查询" class="text-but">
             </form>
         </td>
            <td width="10%" align="center" valign="middle" style="text-align:right; 150px;"><a href="main_info.php" target="mainFrame" onFocus="this.blur()" class="add">新增用户</a></td>
          </tr>
    </table>
    </td>
  </tr>
  <tr>
    <td align="left" valign="top">
    
    <table width="100%" border="0" cellspacing="0" cellpadding="0" id="main-tab">
      <tr>
        <th align="center" valign="middle" class="borderright">编号</th>
        <th align="center" valign="middle" class="borderright">管理帐号</th>
        <th align="center" valign="middle" class="borderright">权限</th>
        <th align="center" valign="middle" class="borderright">锁定</th>
        <th align="center" valign="middle" class="borderright">最后登录</th>
        <th align="center" valign="middle">操作</th>
      </tr>
          <?php
        //遍历数据库用户表显示所有用户信息
        
        //引入公共配置
        require("../../public/config.php");
        
        
        //1.链接数据库并判断
        $link=mysqli_connect(HOST,USER,PASS) or die("链接数据库失败！");
        
        //2.设置字符集
        mysqli_set_charset($link,CHARSET);
        
        //3.选择数据库
        mysqli_select_db($link,DBNAME);
        
        //=========================搜索代码==============================
            
            //定义一个存储搜索条件的变量
            $whereList = array();
            $urlList = array();    //用来维持条件的数组
            
            //判断你有没有搜索姓名
            if(!empty($_GET['uname'])){
                $whereList[] = " userName like '%{$_GET['uname']}%'";
                $urlList[] = "uname={$_GET['uname']}";
            }
            
            //定义一个存放where语句的变量
                $where = "";
                $url = "";    //存放url地址条件的变量
                
            //拼装where语句
                if(count($whereList)>0){
                    $where = " where ".implode("&&",$whereList);
                    $url = "&".implode("&",$urlList);
                }
        
        //===============================================================
        
        
        //===============分页代码========================================    
            //判断分页
            $page=isset($_GET['page'])?$_GET['page']:1;    //当前页
            $pageSize=6;//页大小
            $maxPage=0;    //总页数
            $maxRows=0;    //数据总条数
            
            
            
            $sql="select * from user".$where;
            
            $result=mysqli_query($link,$sql);
            //得到数据总条数
            $maxRows=mysqli_num_rows($result);
            
            //得到总页数
            $maxPage=ceil($maxRows/$pageSize);
            
            if($page<1){
                $page=1;
            }
            
            if($page>$maxPage){
                $page=$maxPage;
            }
        
            $limit = " limit ".(($page-1)*$pageSize).",".$pageSize;
            
            
        //============================================================================
        
        //4.定义sql语句并发送执行
        $sql="select * from user ".$where.$limit;
        $result=mysqli_query($link,$sql);
        
        //5.解析结果集
        if($result && mysqli_num_rows($result)>0){
            
            
            while($rows=mysqli_fetch_assoc($result)){
                $time=date("Y-m-d H:i:s",$rows['lastlogin']);
    ?>    
    <?php
        if($rows['id']%2==1){
    ?>
        <tr  onMouseOut="this.style.backgroundColor='#ffffff'" onMouseOver="this.style.backgroundColor='#edf5ff'">
    <?php
    }else{
    ?>
        <tr class="bggray" onMouseOut="this.style.backgroundColor='#f9f9f9'" onMouseOver="this.style.backgroundColor='#edf5ff'">
    
    <?php            
        }
    ?>
    
    
        <td align="center" valign="middle" class="borderright borderbottom"><?php echo $rows['id'] ?></td>
        <td align="center" valign="middle" class="borderright borderbottom"><?php echo $rows['userName'] ?></td>
        <td align="center" valign="middle" class="borderright borderbottom"><?php echo $rows['auth']?'超级管理员':'普通用户'; ?></td>
        <td align="center" valign="middle" class="borderright borderbottom"><?php echo $rows['status']?'开启':'禁用'; ?></td>
        <td align="center" valign="middle" class="borderright borderbottom"><?php echo $time ?></td>
        <td align="center" valign="middle" class="borderbottom"><a href="doEdit.php?uid=<?php echo $rows['id'] ?>" target="mainFrame" onFocus="this.blur()" class="add">编辑</a><span class="gray">&nbsp;|&nbsp;</span><a href="doAction.php?uid=<?php echo $rows['id']?>&action=delete" target="mainFrame" onFocus="this.blur()" class="add">删除</a><span class="gray">&nbsp;|&nbsp;</span><a href="doAction.php?uid=<?php echo $rows['id']?>&action=status" target="mainFrame" onFocus="this.blur()" class="add">禁用</a></td>
      </tr>
    <?php        
            }
        }
    ?>
    </table></td>
    </tr>
  <tr>
    <td align="left" valign="top" class="fenye"><?php echo $maxRows ?>条数据 <?php echo $page ?>/<?php echo $maxPage ?> 页&nbsp;&nbsp;<a href="main_list.php?page=1<?php echo $url?>" target="mainFrame" onFocus="this.blur()">首页</a>&nbsp;&nbsp;<a href="main_list.php?page=<?php echo ($page-1).$url ?>" target="mainFrame" onFocus="this.blur()">上一页</a>&nbsp;&nbsp;<a href="main_list.php?page=<?php echo ($page+1).$url ?>" target="mainFrame" onFocus="this.blur()">下一页</a>&nbsp;&nbsp;<a href="main_list.php?page=<?php echo $maxPage.$url ?>" target="mainFrame" onFocus="this.blur()">末页</a></td>
  </tr>
  <?php
        //6.释放结果集，关闭数据库
        mysqli_free_result($result);
        mysqli_close($link);
        
  ?>
</table>
</body>
</html>