| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 |
- <?php
- require_once 'conn.php';
- checkLogin();
- $id = $_GET['id'] ?? '';
- $page = $_GET['Page'] ?? '';
- $keys = $_GET['Keys'] ?? '';
- $ord = $_GET['Ord'] ?? '';
- $hrefstr = "?keys=" . urlencode($keys) . "&Ord=" . urlencode($ord) . "&Page=" . $page;
- $employee_id = $_SESSION['employee_id'];
- $act = $_GET['act'] ?? '';
- if ($act == 'save') {
- $em_tel = textEncode($_POST['em_tel'] ?? '');
- $em_email = textEncode($_POST['em_email'] ?? '');
- $em_password = md5($_POST['em_password'] ?? '');
- $pwd = md5($_POST['pwd'] ?? '');
- $pwdre = md5($_POST['pwdre'] ?? '');
- $editpwd = false;
-
- if (!is_numeric($employee_id)) {
- $employee_id = 0;
- }
-
- if ($pwd !== '8f00b204e9800998' && $pwdre !== '8f00b204e9800998') {
- $editpwd = true;
- if ($pwd !== $pwdre) {
- echo "<script>alert('两次密码输入不一致!');history.back();</script>";
- exit;
- }
- }
-
- $result = $conn->query("SELECT * FROM employee WHERE id=" . (int)$employee_id);
- if ($row = $result->fetch_assoc()) {
- $changeSuccess = 1;
-
- $sql = "UPDATE employee SET
- em_email='" . $conn->real_escape_string($em_email) . "',
- em_tel='" . $conn->real_escape_string($em_tel) . "'";
-
- if ($editpwd) {
- if ($em_password === $row['em_password']) {
- $sql .= ", em_password='" . $conn->real_escape_string($pwd) . "'";
- $changeSuccess = 2;
- } else {
- $changeSuccess = 3;
- }
- }
-
- $sql .= " WHERE id=" . (int)$employee_id;
- $conn->query($sql);
-
- if ($changeSuccess == 1) {
- echo "<script>alert('资料修改成功!');history.back();</script>";
- } elseif ($changeSuccess == 2) {
- echo "<script>alert('密码修改成功!请退出重新登录');location.href='index.php?act=logout';</script>";
- } else {
- echo "<script>alert('原始密码错误!');history.back();</script>";
- }
- exit;
- }
- }
- $result = $conn->query("SELECT em_email, em_tel FROM employee WHERE id=" . (int)$_SESSION['employee_id']);
- $row = $result->fetch_assoc();
- $em_tel = $row['em_tel'] ?? '';
- $em_email = $row['em_email'] ?? '';
- ?>
- <!DOCTYPE html>
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>管理区域</title>
- <link rel="stylesheet" href="css/common.css" type="text/css" />
- <script src="system/js/jquery-1.7.2.min.js"></script>
- <script src="js/js.js"></script>
- <script src="system/xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
- <style>
- body {
- margin: 0;
- padding: 20px;
- background: #fff;
- }
- #man_zone {
- margin-left: 0;
- }
- </style>
- </head>
- <body class="clear">
- <?php // require_once 'panel.php'; ?>
- <div id="man_zone">
- <form name="form1" method="post" action="pwdEdit.php<?= $hrefstr ?>&act=save" onSubmit="return checkpwd();">
- <table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
- <tbody>
- <tr>
- <th width="8%">电话:</th>
- <td><input type="text" id="em_tel" name="em_tel" value="<?= htmlspecialcharsFix($em_tel) ?>" class="txt1" /></td>
- </tr>
- <tr>
- <th width="8%">邮箱:</th>
- <td><input type="text" id="em_email" name="em_email" value="<?= htmlspecialcharsFix($em_email) ?>" class="txt1" /></td>
- </tr>
- <tr>
- <th width="8%">原始密码:</th>
- <td><input type="password" id="em_password" name="em_password" value="" class="txt1" placeholder="不修改密码请留空" /></td>
- </tr>
- <tr>
- <th width="8%">新密码:</th>
- <td><input type="password" id="pwd" name="pwd" value="" class="txt1" placeholder="不修改密码请留空" /></td>
- </tr>
- <tr>
- <th width="8%">请再次输入</th>
- <td><input type="password" id="pwdre" name="pwdre" value="" class="txt1" placeholder="不修改密码请留空" /></td>
- </tr>
- <tr>
- <th></th>
- <td><input type="submit" name="save" id="save" value="确定" class="btn1" /></td>
- </tr>
- </tbody>
- </table>
- </form>
- </div>
- </body>
- </html>
|
