<?php
include "conn.php";
checkLogin("");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>管理区域</title>
<link rel="stylesheet" href="css/common.css" type="text/css" />
<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
<script type="text/javascript" src="js/js.js"></script>
<script>
function chkpwdform(){
    _loginpwd = document.getElementById("loginpwd"),
    _loginpwd1 = document.getElementById("loginpwd1"),
    _loginpwd2 = document.getElementById("loginpwd2"),
    _loginname = document.getElementById("loginname");
    _save = document.getElementById("save");

    if(_save.disabled) return false;

    if(_loginpwd.value ==''){
        alert('请输入原密码');
        _loginpwd.focus();
        return false;
    }

    if(_loginname.value ==''){
        alert('请输入用户昵称');
        _loginname.focus();
        return false;
    }

    if(_loginpwd1.value != _loginpwd2.value){
        alert('新密码两次密码输入不相同\n不修改请留空');
        _loginpwd2.focus();
        return false;
    }

    _save.disabled = true;
}
</script>
</head>

<body>
<div id="man_zone">
<?php
$act = $_GET['act'] ?? '';
if ($act == "save") {
    $loginpwd = textEncode($_POST['loginpwd'] ?? '');
    $loginpwd1 = textEncode($_POST['loginpwd1'] ?? '');
    $loginname = textEncode($_POST['loginname'] ?? '');

    $sql = "Select loginpwd,loginname From login Where id=" . loadSession("loginid");
    $rs = $conn->query($sql);
    if ($row = $rs->fetch_assoc()) {
        if (md5($loginpwd) != $row['loginpwd']) {
            echo "<script>alert('原密码输入错误');history.back()</script>";
            exit;
        }
        
        if ($loginpwd1 != "") {
            $sql = "UPDATE login SET loginpwd = '" . md5($loginpwd1) . "', loginname = '" . $loginname . "' 
                    WHERE id = " . loadSession("loginid");
            $conn->query($sql);
            addSession("loginname", $loginname);
        }
    } else {
        echo "<script>alert('好像找不到您的资料呀？还是请您重新登陆一下吧');top.location.href='login.php'</script>";
        exit;
    }
    
    echo "<script>alert('更新成功');top.location.href='index.php'</script>";
    exit;
}

$sql = "Select loginlasttime,loginlastip,loginthistime,loginthisip,powercontent,logincount 
        From login Left Join power On power.id=login.loginpower 
        Where login.id=" . loadSession("loginid");
$rs = $conn->query($sql);
if ($row = $rs->fetch_assoc()) {
    $loginlasttime = $row['loginlasttime'];
    $loginlastip = $row['loginlastip'];
    $loginthistime = $row['loginthistime'];
    $loginthisip = $row['loginthisip'];
    $powercontent = $row['powercontent'];
    $logincount = $row['logincount'];
} else {
    echo "<script>alert('好像找不到您的资料呀？还是请您重新登陆一下吧');top.location.href='login.php'</script>";
    exit;
}
?>
    <form name="form1" method="post" action="?act=save" onSubmit="return chkpwdform()">
    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
        <tbody>
            <tr>
                <th width="15%">用户帐号</th>
                <td><input type="text" id="loginuser" name="loginuser" value="<?php echo loadSession("loginuser"); ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">原密码</th>
                <td><input type="password" id="loginpwd" name="loginpwd" class="txt1" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">用户昵称</th>
                <td><input type="text" id="loginname" name="loginname" value="<?php echo loadSession("loginname"); ?>" class="txt1" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">新密码</th>
                <td><input type="password" id="loginpwd1" name="loginpwd1" class="txt1" style="width:300px;" /><span style="color:red">（不修改请留空）</span></td>
            </tr>
            <tr>
                <th width="15%">密码确认</th>
                <td><input type="password" id="loginpwd2" name="loginpwd2" class="txt1" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">上次登陆时间</th>
                <td><input type="text" value="<?php echo $loginlasttime; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">上次登陆IP</th>
                <td><input type="text" value="<?php echo $loginlastip; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">当前登陆时间</th>
                <td><input type="text" value="<?php echo $loginthistime; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">当前登陆IP</th>
                <td><input type="text" value="<?php echo $loginthisip; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">登陆次数</th>
                <td><input type="text" value="<?php echo $logincount; ?>" class="txt1" disabled="disabled" style="width:300px;" /></td>
            </tr>
            <tr>
                <th width="15%">可用权限</th>
                <td><?php echo $powercontent; ?></td>
            </tr>
            <tr>
                <th></th>
                <td><input type="submit" name="save" id="save" value="确定" class="btn1" /> <input type="reset" name="save" id="save" value="重置" class="btn1" /></td>
            </tr>
        </tbody>
    </table>
    </form>
</div>
</body>
</html>