igamebox
/
mtb_crm_asp


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114
							<?php
include "conn.php";
checkLogin("");

// Move all header operations to the top
$act = $_GET['act'] ?? '';
$cpid = $_GET['cpid'] ?? '';
$page = $_GET['Page'] ?? '';
$keys = urlencode($_GET['Keys'] ?? '');
$ord = urlencode($_GET['Ord'] ?? '');

// Check cpid validity before any output
if ($cpid == "" || !is_numeric($cpid)) {
    header("Location: protector.php");
    exit;
}

// Handle postchk action
if ($act == "postchk") {
    if (isset($_POST['chkbox']) && is_array($_POST['chkbox'])) {
        foreach ($_POST['chkbox'] as $id) {
            $id = (int)$id;
            $result = $conn->query("SELECT picurl FROM pic WHERE id = " . $id);
            if ($row = $result->fetch_assoc()) {
                if (strpos($row['picurl'], '/system/') === 0) {
                    $delfile = $_SERVER['DOCUMENT_ROOT'] . $row['picurl'];
                    if (file_exists($delfile)) {
                        unlink($delfile);
                    }
                }
                $conn->query("DELETE FROM pic WHERE id = " . $id);
            }
        }
    }
    
    header("Location: ?Keys=$keys&Ord=$ord&Page=$page&cpid=$cpid");
    exit;
}

// Now start HTML output
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>管理区域</title>
<link rel="stylesheet" href="css/common.css" type="text/css" />
<script language="javascript" src="js/jquery-1.7.2.min.js"></script>
<script type="text/javascript" src="js/js.js"></script>
</head>

<body>
<div id="man_zone">
<?php
// Get pictures for display
$result = $conn->query("SELECT id, picurl FROM pic WHERE cpid = " . (int)$cpid . " ORDER BY id DESC");
?>

<form method="post" name="form2" style="padding:5px;" action="picupload.php?cpid=<?php echo $cpid; ?>&Page=<?php echo $page; ?>&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>" 
      enctype="multipart/form-data" onsubmit="if(this.filedata.value==''){return false;}" style="margin-bottom:10px;">
    <input type="file" name="filedata" id="filedata" style="float:left;height:20px;border:1px solid #DBE6E3;background:#FFF;width:300px;margin-right:20px;" />
    <input type="submit" value="上传" class="btn1" style="margin-left:10px" />
</form>

<form id="form1" method="post" action="?act=postchk&cpid=<?php echo $cpid; ?>&Page=<?php echo $page; ?>&Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>" onSubmit="return false">
    <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
        <thead>
            <tr>
                <th width="4%"><input type="checkbox" name="chkall" id="chkall" onClick="chkboxall(this,'chkbox')" /></th>
                <th width="6%">序号</th>
                <th width="35%">缩略图</th>
            </tr>
        </thead>
        <tbody>
        <?php
        if ($result->num_rows > 0) {
            $tempNum = 0;
            while ($row = $result->fetch_assoc()) {
                $tempNum++;
                ?>
                <tr onMouseOver="this.style.background='#F7FCFF'" onMouseOut="this.style.background='#FFFFFF'">    
                    <td align="center"><input type="checkbox" name="chkbox[]" value="<?php echo $row['id']; ?>" /></td>
                    <td align="center"><?php echo $tempNum; ?></td>
                    <td align="center"><img src="<?php echo $row['picurl']; ?>" height="50" /></td>
                </tr>
                <?php
            }
        } else {
            ?>
            <tr>
                <td align="center" colspan="4">当前还没有图片</td>
            </tr>
            <?php
        }
        ?>
        </tbody>
        <tfoot>
            <tr>
                <td colspan="4">
                    <div class="postchkbox">
                        <select id="chkact" name="chkact">
                            <option value="-1">删除</option>
                        </select>
                        <input type="button" value="执行" onClick="postchk(1)" class="btn1" />            
                        <input type="button" value="返回" onClick="location.href='product.php?Keys=<?php echo $keys; ?>&Ord=<?php echo $ord; ?>&Page=<?php echo $page; ?>&act=edit&id=<?php echo $cpid; ?>'" class="btn1" />
                    </div>
                </td>
            </tr>
        </tfoot>
    </table>
</form>
</div>
</body>
</html>