"; echo ""; echo ""; echo ""; echo ""; echo "
"; echo "$strAdvanced > $strOmcUser"; echo "
";*/ //adjust_title_tail(); adjust_content_head(); echo "
"; $DEBUG =0; $pubDb ='OMC_PUB'; $table_name ='sysUser'; $history_name='sysPwdHistory'; if (!isset($privilegeFlag)) { $privilegeFlag = 0; } //lyj to get pwdStrength $strength_name ='sysPwdStrength'; $strengthSql = "SELECT * FROM $strength_name "; if($DEBUG)echo "$strengthSql
"; $strengthResult = mysqli_query($pubConn,$strengthSql ); echo mysqli_error($pubConn); $pwdStrengSult= mysqli_fetch_array($strengthResult); $ucCategory=$pwdStrengSult['ucCategory']; $maxLength=$pwdStrengSult['maxLength']; $patrn=$_REQUEST['patrn']; if($DEBUG) echo "userInfo[ID] = $userInfo[ID]
"; $confMode=$_REQUEST['confMode']; $userName=$_REQUEST['userName']; $selectedLanguage=$_REQUEST['selectedLanguage']; if($DEBUG) echo "confMode=$confMode, userName=$userName
"; $old_userName=$_REQUEST['old_userName']; ?>
" method="POST" onsubmit="return question_Validator(this) && Check('',this,'','')" name="operForm"> "; echo ""; $userName = $myrows['userName']; if ( $confMode == 'edit' ) { echo ""; } else { echo ""; } echo ""; echo ""; //修改用户资料 if($userName != ''){ ?>
" class="text" >
$strAccountName$myrows[userName]$strMoreThanSixAndLessThanSixteencharacters;
() :
   
" class="text">
 

  "; }else{ echo "  "; echo ""; echo ""; } ?>

realName=$realName,userName=$userName,password=$password,privilege=$privilege,updateTime=$updateTime"; $uadd=$_POST['uadd']; $change=$_POST['change']; if($uadd){ $user_permit = 0; $userName=$_POST['userName']; $realName=$_POST['realName']; $password=$_POST['password']; //---lyj $salt = mcrypt_create_iv(16); $password= $password.$salt; //---lyj $selected_permit=$_POST['selected_permit']; for($i=1; $i < sizeof($privilegeDefArr);$i++){ if($selected_permit == $i){ $user_permit=$privilegeDefArr[$i]['permit']; break; } } $privilege=$user_permit; $select_sql ="SELECT count(*) as number_of_records FROM $table_name WHERE userName='$userName' "; $result = mysqli_query($pubConn,$select_sql); $record = @mysqli_fetch_object($result); $number_of_records = $record->number_of_records; //echo "
number_of_records=$number_of_records"; //echo "
select_sql=$select_sql"; if($number_of_records){ echo ""; $userName=$old_userNamer; echo " "; adjust_content_tail(); exit(); }else{ //没注册过的话 则增加新用户 // $str_sql="REPLACE INTO $table_name // ( realName,userName,password,privilege,updateTime) // VALUES // ('$realName','$userName',md5('$password'),'$privilege',CURRENT_TIMESTAMP) // "; $str_sql="REPLACE INTO $table_name ( realName,userName,password,privilege,updateTime,salt) VALUES ('$realName','$userName',md5('$password'),'$privilege',CURRENT_TIMESTAMP,$salt) "; $log_name=$strAddUser."\'$userName\'"; $result=mysqli_query($pubConn,$str_sql); echo mysqli_error($pubConn); if ($result) $log_name=$log_name.$strSuccessful; else $log_name=$log_name.$strFail; insertLog("$log_name"); if(!$result){ echo ""; $userName=$old_userNamer; echo " "; adjust_content_tail(); exit(); }else{ echo ""; echo " "; adjust_content_tail(); exit(); } } }elseif($change){ //修改用户资料 //修改记录时不能修改userName $userName=$_POST['userName']; $realName=$_POST['realName']; $new_password_1=$_POST['new_password_1']; if($DEBUG)echo "userName=$userName"; if($DEBUG)echo "realName=$realName"; //to get ConfigNum $configNumSql="SELECT configNum FROM $table_name WHERE userName='$userName' "; $configResult=mysqli_query($pubConn,$configNumSql); echo mysqli_error($pubConn); $configRow=mysqli_fetch_array($configResult); $configNum=$configRow['configNum']; if($DEBUG) echo "configNum=$configNum
"; if($new_password_1) { $selectHis_sql="SELECT password FROM $history_name WHERE userName='$userName' ORDER BY insertTime DESC LIMIT $configNum"; if($DEBUG) echo $selectHis_sql; $hisResult=mysqli_query($pubConn,$selectHis_sql); echo mysqli_error($pubConn); $allRow=array(); while($hisRow=mysqli_fetch_array($hisResult)){ $allRow[]=$hisRow; } if ($DEBUG) { echo "
";
                        print_r($allRow);   //放要展示的数组变量
                        echo "
"; } for($i=0;$i var configInfo='$Info'; alert(configInfo); history.go(-1); "; exit(); } } } //校验是否为黑名单密码 if(isset($new_password_1)){ $blackTable='sysBlackPwd'; $blackSQL="SELECT blackPwd FROM $blackTable "; $blackResult = mysqli_query($pubConn,$blackSQL); if($DEBUG) echo "blacksql=$blackSQL"; $blackRow=array(); while($allBlackRow=mysqli_fetch_array($blackResult)){ $blackRow[]=$allBlackRow; } for($i=0;$i "; echo "alert('"; echo "$strAddFails,$strCannotChangeUserName,$strIfYouWangToChangeItPleaseUseAddFunction"; echo "'); "; echo ""; $userName=$old_userName; }else{ if($new_password_1 != ''){ //修改密码 $saltSql="SELECT salt FROM $table_name WHERE userName='$userName' "; if($DEBUG) echo "
saltSql=$saltSql
"; $saltResult= mysqli_query($pubConn,$saltSql); echo mysqli_error($pubConn); $Saltrow =mysqli_fetch_array($saltResult); $salt=$Saltrow['salt']; $password=$new_password_1.$salt; $chkSQL="SELECT privilege FROM $table_name WHERE userName='$userName' AND password=md5('$password') "; if($DEBUG) echo "
chkSQL=$chkSQL
"; $chkResult = mysqli_query($pubConn,$chkSQL); echo mysqli_error($pubConn); $row = mysqli_fetch_array($chkResult); if ($language=='eng') $samePassAlert="new password is the same with the old password!"; // echo "$samePassAlert"; if(mysqli_num_rows($chkResult) > 0){ echo ""; exit; } if ( 1 == $privilegeFlag ) { $str_sql= "UPDATE $table_name SET realName = '$realName',password = md5('$password'),privilege = '$privilege',updateTime=CURRENT_TIMESTAMP,alterPwd = '0',loginNum='1' WHERE userName ='$userName' "; $pwdHistory_sql="REPLACE INTO $history_name (realName,userName,password,configNum,insertTime) VALUES ('$realName','$userName','$new_password_1','$configNum',CURRENT_TIMESTAMP) "; $result1=mysqli_query($pubConn,$pwdHistory_sql); } else{ $str_sql= "UPDATE $table_name SET realName = '$realName',password = md5('$password'),updateTime=CURRENT_TIMESTAMP,alterPwd = '0',loginNum='1' WHERE userName ='$userName' "; $pwdHistory_sql="REPLACE INTO $history_name (realName,userName,password,configNum,insertTime) VALUES ('$realName','$userName','$new_password_1','$configNum',CURRENT_TIMESTAMP) "; $result1=mysqli_query($pubConn,$pwdHistory_sql); } }else{ //不修改密码 if ( 1 == $privilegeFlag ) { $str_sql= "UPDATE $table_name SET realName = '$realName',privilege = '$privilege',updateTime=CURRENT_TIMESTAMP WHERE userName ='$userName' "; } else { $str_sql= "UPDATE $table_name SET realName = '$realName',updateTime=CURRENT_TIMESTAMP WHERE userName ='$userName' "; } } //echo "
str_sql=$str_sql"; $log_name=$strEditUser."\'$userName\'"; $result = mysqli_query($pubConn,$str_sql); if ($result) $log_name = $log_name.$strSuccessful; else $log_name = $log_name.$strFail; insertLog("$log_name"); if(!$result){ //插入日志中的$result echo ""; $userName=$old_userNamer; }else{ echo ""; } echo " "; } } //删除用户 //if($delete) if ($confMode == 'del') { //echo "
userName=$userName"; $sureDel = $_POST['sureDel']; //$userName=$_REQUEST['userName']; echo "$sureDel
"; if (($sureDel == 'Yes')||($sureDel=='是')){ $delSql="DELETE FROM $table_name WHERE userName='$userName'"; if($DEBUG) echo "
delSql = $delSql"; $del_result = mysqli_query($pubConn,$delSql); //echo "
del_result=$del_result"; if ($del_result==1){ echo "
$strDelete $strSuccessful"; $log_name=$strDelUser."\'$userName\'".$strSuccessful; insertLog("$log_name"); } echo " "; } elseif (($sureDel == 'No')||($sureDel=='否')){ echo "
$strDelCancel"; echo " "; //$confMode='edit'; } else{ echo "$strSureDel$userName ?"; echo "
"; echo ""; echo ""; echo ""; echo ""; echo "
"; adjust_content_tail(); exit(); } } adjust_content_tail(); ?>