query($sql); // 清除所有session变量 $sessionVars = ['employee_id', 'employee_name', 't', 't1', 't2', 't3', 't4', 'd1', 'd2']; foreach ($sessionVars as $var) { unset($_SESSION[$var]); } unset($_SESSION['employee_id']); } if ($act == "login") { $loginuser = textEncode($_POST['loginuser'] ?? ''); $loginpwd = textEncode($_POST['loginpwd'] ?? ''); $logincode = $_POST['logincode'] ?? ''; // 验证输入 if (empty($loginuser)) { echo "1"; exit; } if (empty($loginpwd)) { echo "2"; exit; } if ($logincode != $_SESSION['zengscode']) { echo "3"; exit; } // 查询用户 - 使用传统SQL拼接 $sql = "SELECT id, em_user, em_password, em_role, em_permission_role_id, em_code, em_email, em_tel, lastIp FROM employee WHERE em_user = '$loginuser'"; $result = $conn->query($sql); if ($result->num_rows == 0) { echo "4"; exit; } $row = $result->fetch_assoc(); if ($row['em_password'] != md5($loginpwd)) { echo "5"; exit; } $_SESSION['employee_id'] = (int)$row['id']; $_SESSION['employee_name'] = $row['em_user']; $_SESSION['em_permission_role_id'] = $row['em_permission_role_id']??0;//权限角色ID echo "7"; // 更新最后登录IP - 使用传统SQL拼接 $sql = "UPDATE employee SET lastIp = '$ip' WHERE id = " . $_SESSION['employee_id']; $conn->query($sql); // 处理回收客户 - 使用传统SQL拼接 $backToSeaStr = "SELECT id, cs_updatetime, cs_claimdate, cs_claimFrom, cs_chain FROM customer WHERE cs_claimFrom != '' AND cs_claimdate > '2023-01-01' AND cs_deal != 3 AND cs_belong = " . $_SESSION['employee_id']; $result = $conn->query($backToSeaStr); while ($row = $result->fetch_assoc()) { $updateTime = strtotime($row['cs_updatetime']); $claimDate = strtotime($row['cs_claimdate']); $daysDiff = floor((time() - $claimDate) / (60 * 60 * 24)); if ($daysDiff > 4 && $updateTime == $claimDate) { $chainArray = explode(",", $row['cs_chain']); $lastItem = end($chainArray); $cs_chain = ($lastItem == $row['cs_claimFrom']) ? $row['cs_claimFrom'] : $row['cs_chain'] . "," . $row['cs_claimFrom']; // 使用传统SQL拼接 $updateSql = "UPDATE customer SET cs_belong = " . $row['cs_claimFrom'] . ", cs_chain = '$cs_chain' WHERE id = " . $row['id']; $conn->query($updateSql); } elseif ($updateTime > $claimDate) { // 使用传统SQL拼接 $updateSql = "UPDATE customer SET cs_claimdate = '2022-12-31' WHERE id = " . $row['id']; $conn->query($updateSql); } } // 统计数据 - 使用传统SQL拼接 $counts = [ 't' => "SELECT COUNT(id) FROM customer WHERE cs_belong = " . $_SESSION['employee_id'], 't1' => "SELECT COUNT(id) FROM customer WHERE cs_type = 1 AND cs_belong = " . $_SESSION['employee_id'], 't2' => "SELECT COUNT(id) FROM customer WHERE cs_type = 2 AND cs_belong = " . $_SESSION['employee_id'], 't3' => "SELECT COUNT(id) FROM customer WHERE cs_type = 3 AND cs_belong = " . $_SESSION['employee_id'], 't4' => "SELECT COUNT(id) FROM customer WHERE cs_type = 4 AND cs_belong = " . $_SESSION['employee_id'], 'd1' => "SELECT COUNT(id) FROM customer WHERE cs_deal = 3 AND cs_belong = " . $_SESSION['employee_id'], 'd2' => "SELECT COUNT(id) FROM customer WHERE cs_deal = 2 AND cs_belong = " . $_SESSION['employee_id'], 'd3' => "SELECT COUNT(id) FROM customer WHERE DATEDIFF(NOW(), cs_updatetime) > 120 AND cs_belong = " . $_SESSION['employee_id'] ]; foreach ($counts as $key => $query) { $result = $conn->query($query); $_SESSION[$key] = $result->fetch_row()[0]; } // 记录登录日志 - 使用传统SQL拼接 $date = date('Y-m-d H:i:s'); $loginAct = $_SESSION['employee_name'] . " " . date('Y-m-d H:i:s') . "从" . $ip . "登录"; $sql = "INSERT INTO logrecord (loginName, loginTime, loginAct) VALUES ('" . $_SESSION['employee_name'] . "', '$date', '$loginAct')"; $conn->query($sql); exit; } if(isset($_SESSION['employee_id'])){ header("Location: home.php"); exit; } ?> 登录界面
管理员登录

Copyright © Metubl All Rights Reserved