web.ems/wxc2_omc/security/userManage/blackPwdConf.php

<?php
/*********************************************************
程序说明:
功能说明:本程序实现对黑名单密码进行编辑
调用关系:调用:header.inc
变量说明:
返回值:无
作者:

修改注释:
NO.1
姓名:
时间:
修改说明:
 *********************************************************/
require("../../inc/header.inc");

?>
<body leftmargin="15" rightmargin="10" onload="javascript:adjust_frame('up');" onresize="javascript:adjust_frame('up');" style="background-color:#FFFAF4;overflow:hidden;overflow-x:hidden;overflow-y:hidden;">
<?php
//adjust_head();
//adjust_title_head();
/*
echo "<br>";
echo "<table id=\"table_up\" border=\"0\" width=\"100%\">";
	echo "<tr>";
	echo "<td width=\"50%\" align=\"left\">";
	echo "$strAdvanced > $strOmcUser";
	echo "</td>";
	echo "</tr>";
	echo "</table>";*/
//adjust_title_tail();
adjust_content_head();
echo "<br>";

$DEBUG = 0;
$pubDb		='OMC_PUB';
$table_name	='sysBlackPwd';

if($DEBUG)	echo "userInfo[ID] = $userInfo[ID]<br>";
$confMode=$_REQUEST['confMode'];
$userName=$_REQUEST['userName'];
$password=$_REQUEST['blackPwd'];
if($DEBUG) echo "confMode=$confMode<br>";
?>
<script language="JavaScript">


    function set_value(check_box,check_input,check_value)
    {      if(check_box.checked){
        check_input.value=check_value;
    }else{
        check_input.value='';
    }
    }

    function Check(lang, theform, confMode){
        if(confMode == 'edit'){
            var password=theform.new_password_1.value;
        }else{
            var password=theform.password.value;
        }
        //password strength---lyj
        var patrn=/^(?![A-z0-9]+$)(?=.[^%&',;=?$\x22])(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9]).{8,}$/;
        // matching  ---lyj

        var Passwordstrengthinfo="<?php echo $Passwordstrength; ?>";
        if (!patrn.test(password) || password.length<8){
            if (lang=='eng')
                alert("password must contain digits, uppercase letters, lowercase letters, and special characters");
            if (lang=='chn')
                alert(Passwordstrengthinfo);
            if(confMode == 'add'){
                theform.password.focus();
                theform.password.select();
            }else{
                theform.new_password_1.focus();
                theform.new_password_1.select();
            }
            return (false);
        }
        return (true);
    }

    //-->
</script>

<?php
$str_sql="SELECT *
		FROM $table_name
		";
$result = @mysqli_query($pubConn,$str_sql);
$myrows = @mysqli_fetch_array($result);
?>

<?php
if ($confMode == 'add'){
    ?>
    <form action="<?php echo"$PHP_SELF"; ?>"  method="POST"  onsubmit="return Check('<?php echo $language;?>',this,'<?php echo $confMode;?>')"  name="operForm">
        <!--   <table border="1" width="100%"  cellpadding="2" cellspacing="0" bordercolor="#666666" bordercolordark="#FFFFFF"  height="189"  bgcolor="#FFFFEF">
        -->
        <table class="formCenter">
            <tr>
                <td colspan=3 vAlign="top"  bgcolor="#E6E6E6" height="12"><b>
                        <?php

                            echo $addBlackPwd;   //

                        ?>
                    </b></td>
            </tr>

     <!--           //添加黑名单密码-->

                <tr>
                    <td><?php echo $black; ?></td>
                    <td><input type="password" name="password" id="password" maxlength="16" size="16" value="" class="text"></td>
                    <td width="150"rowspan=2><?php echo $strPasswordStrengthPolicy; ?></td>
                </tr>
                <tr>
                    <td><?php echo $repeatBlackPwd; ?></td>
                    <td> <input type="password" name="re_password" maxlength="16" size="16" class="text">
                </tr>


            <tr>
                <td colspan=3 width=600><?php echo $strPleaseReviewTheTableCarefully; ?></td>
            </tr>
            <tr align="center">
                <td colspan=3  width=600 align=center><p>
                        <?php
                            echo "<input type=\"submit\" name=\"uadd\"  value=\"$strAdd\" class=\"button\">&nbsp;&nbsp;";
                        echo "<input type=\"reset\" name=\"reset\" value=\"$strCancel\" class=\"button\">&nbsp;&nbsp;";
                        echo "<input type=\"button\"  value=\"$strReturn\" class=\"button\" onclick=javascript:location.href=\"./blackPwdList.php\";>&nbsp;&nbsp;";
                        ?>

                </td>
            </tr>
        </table>
    </form>
    <?php
}///end edit
?>

<?php
//增加用户


//echo "<br>realName=$realName,userName=$userName,password=$password,privilege=$privilege,updateTime=$updateTime";
$uadd=$_POST['uadd'];
if($uadd){
    $password=$_POST['password'];


    $select_sql ="SELECT  count(*) as number_of_records
			FROM $table_name 
			WHERE blackPwd='$password' ";   //黑名单密码相同则不添加
    $result = mysqli_query($pubConn,$select_sql);
    $record = @mysqli_fetch_object($result);
    $number_of_records = $record->number_of_records;
    //echo "<br>number_of_records=$number_of_records";
    echo "<br>select_sql=$select_sql";

    if($number_of_records){
        echo "<script language=\"javascript\"> ";
        echo "alert('";
        echo "$strTheRecordExits,$strAddFails";
        echo "'); ";
        echo "</script>";
        echo " <meta http-equiv=\"refresh\" content=\"5; url=./blackPwdList.php\"> ";
        adjust_content_tail();
        exit();
    }else{
//		$str_sql="REPLACE INTO $table_name
//			( realName,userName,password,privilege,updateTime)
//			VALUES
//			 ('$realName','$userName',md5('$password'),'$privilege',CURRENT_TIMESTAMP)
//			 ";


        $str_sql="REPLACE INTO $table_name
			( blackPwd,write_time)
			VALUES
			 ('$password',CURRENT_TIMESTAMP)
			 ";



	    $result=mysqli_query($pubConn,$str_sql);
	//	echo "sql=$str_sql";
	    		echo mysqli_error($pubConn);
        if(!$result){
            echo "<script language=\"javascript\"> ";
            echo "alert('";
            echo "$strAddFails";
            echo "'); ";
            echo "</script>";
            echo " <meta http-equiv=\"refresh\" content=\"5; url=./blackPwdList.php\"> ";
            adjust_content_tail();
            exit();
        }else{
            echo "<script language=\"javascript\"> ";
            echo "alert('";
            echo "$strAddSucceeds";
            echo "'); ";
            echo "</script>";
            echo " <meta http-equiv=\"refresh\" content=\"0; url=./blackPwdList.php\"> ";
            adjust_content_tail();
            exit();
        }
    }
}



//if($delete)
if ($confMode == 'del')
{
    //echo "<br>userName=$userName";
    $sureDel = $_POST['sureDel'];
    //$userName=$_REQUEST['userName'];
if (($sureDel == 'Yes')||($sureDel =='是')){
        $delSql="DELETE FROM $table_name WHERE blackPwd='$password'";
        if(0) echo "<br>delSql = $delSql";
        $del_result = mysqli_query($pubConn,$delSql);
        //echo "<br>del_result=$del_result";
        if ($del_result==1){
            echo "<br><font size=3 color=blue>$strDelete $strSuccessful</font>";

        }
        echo " <meta http-equiv=\"refresh\" content=\"3; url=./blackPwdList.php\"> ";
    }
    elseif (($sureDel == 'No')||($sureDel=='否')){
        echo "<br><font size=3 color=blue>$strDelCancel</font>";
        echo " <meta http-equiv=\"refresh\" content=\"3; url=./blackPwdList.php\"> ";
     
     //$confMode='edit';
    }
    else{
	    echo "$sureDel";
        echo "<font size=3 color=black>$strSureDelPwd<font size=3 color=blue>$password </font>?</font>";
        echo "<form method=\"POST\" name=\"confForm\" action=\"$PHP_SELF?blackPwd=$password\">";
        echo "<input type=\"submit\" name=\"sureDel\" value=$strYes class=\"button\">";
        echo "<input type=\"submit\" name=\"sureDel\" value=$strNo class=\"button\">";
        echo "<input type=\"hidden\" name=\"confMode\" value=\"del\">";
        echo "<input type=\"hidden\" name=\"password\" value=\"$password\">";
        echo "</form>";
        adjust_content_tail();
        exit();
    }
}









adjust_content_tail();

?>

</html>