/Quản lý website bán áo đồng phục PHP/lamao/admins/modules/user_group.php
PHP | 496 lines | 486 code | 6 blank | 4 comment | 29 complexity | 4d9bcaf9c3e3fc2a6b4cc6769fc23ca7 MD5 | raw file
- <?php if (substr_count($_SERVER['PHP_SELF'],'/user_group.php')>0) die ("You can't access this file directly..."); ?>
- <?php
- if ($_SESSION['usergroup']<4)
- {
- ?>
- <script type=text/javascript>
- function del_group()
- {
- if (confirm('Ban dang chon xoa nhom user ! Xin xac nhan bang cach click\n\n OK [= CO] CANCEL [= KHONG] !'))
- if (confirm('Ban co chac la ban muon xoa nhom nay khong ?'))
- if (confirm('Xin xac nhan lai lan cuoi !'))
- {
- //document.group4del.action='delete';
- document.group4del.submit();
- }
- }
- function del_user()
- {
- var isvalid=false
- for (var counter=0; counter < datatbl.length; counter++)
- {
- if (datatbl.elements[counter].checked == true)
- {
- isvalid=true;
- }
- }
- if (isvalid==true)
- {
- if (confirm('<?php echo $strDelete; ?> ?!!'))
- {
- if (confirm("<?php echo $strConfirm.' '.$strAgain; ?> !!!"))
- {
- document.datatbl.submit();
- }
- }
- }
- else
- alert('Bạn phải chọn ít nhất một thông tin')
- }
- function setdisplay(frmname, act)
- {
- if (eval(frmname + '.style.display')=='none')
- eval(frmname + '.style.display="";');
- else
- eval(frmname + '.style.display="none";');
-
- switch(act)
- {
- case 'new':
- eval('document.' + frmname + '.group_name.value="";');
- eval('document.' + frmname + '.icon.value="";');
- eval('document.' + frmname + '.action.value="new";');
- break;
-
- case 'edit':
- eval('document.' + frmname + '.group.value=document.exist_value.gid.value;');
- eval('document.' + frmname + '.group_name.value=document.exist_value.gdesc.value;');
- eval('document.' + frmname + '.action.value="edit";');
- break;
- }
- }
- </script>
- <table width="95%" border="0" cellpadding="0" cellspacing="0" background="images/tablebg.gif">
- <!-- Show available user group -->
- <tr>
- <td height="40" colspan="3" align="center" valign="middle">
- <?php
- //Get list of available user group
- $allow_edit=false;
- $view='select * from user_groups';
- switch ($_SESSION['usergroup'])
- {
- case 1:
- case 2:
- $view.=' where id >= "'.$_SESSION['usergroup'].'"';
- break;
-
- default:
- $view.=' where id not in (\'1\',\'2\')';
- break;
- }
- $view.=' order by description ASC';
- //echo $view;
- $doview=mysql_query($view,$link);
- if ($doview and mysql_num_rows($doview)>0)
- {
- $return_rows=mysql_num_rows($doview);
- $id_array=array($return_rows);
- $desc_array=array($return_rows);
- $icon_array=array($return_rows);
- $i=0;
- while ($result=mysql_fetch_array($doview))
- {
- $id_array[$i]=$result['id'];
- $desc_array[$i]=$result['description'];
- $icon_array[$i]=$result['icon'];
- if (isset($_POST['group']) && $id_array[$i]==$_POST['group'])
- {
- $cur_group=$desc_array[$i];
- $cur_icon=$icon_array[$i];
- }
- $i++;
- }
- }
- ?>
- <table width="100%" height="30" border="0" cellpadding="2" cellspacing="2">
- <tr>
- <td bgcolor="#E1E1E1"> </td>
- <td width="300" onClick="" style="border: 1px solid #E1E1E1">
- <form name="viewgroup" style="margin: 0;" method="post" action="">
- <p class="buttontext"><?php echo $strSelect.' '.$strGroup; ?>
- <select name="group" style="margin: 0 0 0 0">
- <?php
- $j=0;
- while (isset($id_array[$j]))
- {
- echo '<option value="'.$id_array[$j].'"';
- echo '>';
- echo $desc_array[$j].'</option>';
- $j++;
- }
- ?>
- </select>
- <input type="button" onClick="javascript: document.viewgroup.submit();" style="background-color: #F7F7F7; font-color: #FFFFFF;" value=" <?php echo $strView; ?> " onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- </p></form></td>
- <!--
- <td width="70" onClick="javascript: document.viewgroup.submit();" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"><img align="absmiddle" src="images/view.gif" width="22" height="22">
- Xem</p></td>
- -->
- <?php
- if ($_SESSION['usergroup']==1)
- {
- $allow_edit=true;
- $allow_delete=true;
- ?>
- <!--
- <td width="80" onClick="setdisplay('new_group','new');" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"><img align="absmiddle" src="images/filenew.gif" width="22" height="22">
- <?php echo $strCreatNew; ?></p></td>
- -->
- <?php
- if (isset($_POST['group']))
- {
- $getvalue='select * from user_groups where id="'.$_POST['group'].'" limit 0,1';
- $doget=mysql_query($getvalue,$link);
- if ($doget && mysql_num_rows($doget)==1)
- {
- $value=mysql_fetch_array($doget);
- echo '<form name="exist_value" style="display: none">';
- echo '<input type="hidden" name="gdesc" value="'.$value['description'].'">';
- echo '<input type="hidden" name="gicon" value="'.$value['icon'].'">';
- echo '<input type="hidden" name="gid" value="'.$_POST['group'].'">';
- echo '</form>';
- }
- ?>
- <td width="70" onClick="setdisplay('new_group','edit');" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"><img align="absmiddle" src="images/edit.gif" width="22" height="22">
- <?php echo $strEdit; ?></p></td>
- <?php
- if (isset($value['type']) and $value['type']!='default')
- {
- $allow_delete=true;
- ?>
- <!--
- <td width="70" onClick="del_group();" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <form style="display: none" name="group4del" method="post" action="">
- <input type="hidden" name="group" value="<?php echo $_POST['group']; ?>">
- <input type="hidden" name="action" value="delete">
- </form>
- <p class="buttontext"><img align="absmiddle" src="images/cancel.gif" width="22" height="22">
- <?php echo $strDelete; ?></p></td>
- -->
- <?php
- }
- }
- }
- else
- {
- ?>
- <td width="400" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"> <?php echo $strErr['201']; ?></p></td>
- <?php
- }
- ?>
- <td bgcolor="#E1E1E1"> </td>
- </tr>
- </table>
- </td>
- </tr>
- <!-- End show all available user group-->
-
- <!-- Main window -->
- <tr><td align="center" valign="top" colspan="3">
- <?php
- if (isset($_POST['action']))
- {
- $imgpath='icons';
- $error=0;
- $msg='';
- $action=$_POST['action'];
- if (isset($_FILES['icon']))
- {
- $iname=$_FILES['icon']['name'];
- $itemp=$_FILES['icon']['tmp_name'];
- }
- $gtype='custom';
- switch ($action)
- {
- case 'new':
- if (checkdata('user_groups','description',$_POST['group_name'])==0)
- {
- $msg.='Tạo nhóm mới: <br>';
- $query='insert into user_groups(description,icon,type) values("'.$_POST['group_name'].'","'.$iname.'","'.$gtype.'")';
- }
- else
- {
- set_error($strErr['106']);
- }
- break;
-
- case 'edit':
- if (checkdata('user_groups','id',$_POST['group'])==1)
- {
- $msg.='Cập nhật thông tin nhóm : ';
- if ($cur_icon!='')
- $msg.= '<img src="icons/'.$cur_icon.'" width="22" height="22" border="0" align="absmiddle">';
- $msg.= ' <font color="#FF5500">'.$cur_group.'</font><br>';
- $query='update user_groups set description="'.$_POST['group_name'].'"';
- if ($iname!='')
- $query.=', icon="'.$iname.'"';
- $query.=' where id="'.$_POST['group'].'"';
- }
- else
- {
- set_error($strErr['107']);
- }
- break;
-
- case 'delete':
- if (checkdata('user_groups','id',$_POST['group'])==1)
- {
- $msg.='Xóa thông tin nhóm : ';
- if ($cur_icon!='')
- $msg.= '<img src="icons/'.$cur_icon.'" width="22" height="22" border="0" align="absmiddle">';
- $msg.= ' <font color="#FF5500">'.$cur_group.'</font><br>';
- $query='delete from user_groups ';
- $query.=' where id="'.$_POST['group'].'" and type!="default"';
- }
- else
- {
- set_error($strErr['107']);
- }
- break;
-
- case 'deleteuser':
- $IDs='';
- if (isset($_REQUEST['total_rows']))
- {
- //echo 'Total rows : '.$_REQUEST['total_rows'];
- $counter=0;
- for ($i=1;$i<=$_REQUEST['total_rows'];$i++)
- {
- if (isset($_REQUEST['chkbox'.$i]) and $_REQUEST['chkbox'.$i]!='')
- {
- $counter++;
- if ($counter>1)
- $IDs.=',';
- $IDs.=$_REQUEST['chkbox'.$i];
- }
- }
- //echo 'Selected : '.$IDs;
- if ($counter>0)
- $allow_delete=true;
- }
- $msg.='Xóa user : ';
- $query='delete from users';
- $query.=' where id in ('.$IDs.') and id!="1"';
- //echo $query;
- break;
-
- }
-
- if (isset($query))
- {
- if (mysql_query($query,$link))
- {
- $msg.='Thông tin được cập nhật thành công !<br><br>';
- if (isset($_FILES['icon']) && $_FILES['icon']!='')
- {
- $checkimg=validateimage('upload','icon',$imgpath);
- if ($checkimg=='ok')
- {
- if (@move_uploaded_file($itemp,$imgpath.'\\'.$iname))
- {
- $msg.='File(s) uploaded successfully !';
- }
- else
- {
- $msg.='Can not upload file(s) !';
- }
- }
- else
- {
- set_error($checkimg);
- }
- }
- }
- else
- {
- set_error($strErr['108']);
- }
- }
- else
- {
- $msg.='<br>Không thể cập nhật thông tin !<br>';
- }
- $msg.='<script>';
- $msg.='setTimeout(\'window.location.replace("?module=user_group")\',3000);';
- $msg.='</script>';
- echo '<p class="bigtitle"><br>'.$msg.'</p>';
- //echo $action;
- }
- ?>
- <br>
- <form name="new_group" method="post" action="" style="display: none" enctype="multipart/form-data">
- <input type="hidden" name="module" value="user_group">
- <input type="hidden" name="action" value="">
- <input type="hidden" name="group" value="">
- <script language="JavaScript">
- function view(groupid)
- {
- document.viewgroup.group.value=groupid;
- document.viewgroup.submit();
- }
- function viewrec(id)
- {
- document.viewuser.userID.value=id;
- document.viewuser.submit();
- }
- </script>
- <table width="50%" border="0" cellspacing="0" cellpadding="0" style="border: solid 1px #336699">
- <tr>
- <td width="30%" colspan="3" bgcolor="#FFCC33">
- <p class="bigtitle">:: <?php echo $strCreatNew.' / '.$strEdit.' '.$strGroup; ?> ::</p></td>
- </tr>
- <tr>
- <td width="30%"><p class="formtitle"><?php echo $strName; ?></p></td>
- <td width="5%"> </td>
- <td width="65%"><input type="text" class="mediuminput" name="group_name"></td>
- </tr>
- <tr>
- <td width="30%"><p class="formtitle">Icon</p></td>
- <td width="5%"> </td>
- <td width="65%"><input name="icon" type="file" class="mediuminput" id="icon"></td>
- </tr>
- <tr>
- <td width="30%" colspan="3">
- <p class="bigtitle">
- <input type="submit" class="submit" value=" Tạo ">
-
- <input type="submit" class="reset" value="Reset">
- </p></td>
- </tr>
- </table>
- </form>
- </td></tr>
-
- <tr align="center" valign="top">
- <td colspan="3" align="center" valign="top">
- <table width="100%" cellspacing="0" cellpadding="0" border="0">
- <?php
- if (isset($_POST['group']))
- {
- ?>
- <tr>
- <td><p class="grouptitle"><?php echo $strGroup; ?>
- <?php
- if (isset($cur_group))
- {
- if (isset($cur_icon) && $cur_icon!='')
- echo '<img src="icons/'.$cur_icon.'" width="22" height="22" border="0" align="absmiddle">';
- echo ' <font color="#FF5500">'.$cur_group.'</font>';
- $members=mysql_fetch_array(mysql_query('select count(*) from users where groupof="'.$_POST['group'].'"',$link));
- echo ' <font size="1px">('.$members[0].' '.$strMember.' )</font></p>';
- }
- ?>
- </td>
- </tr>
- <tr>
- <td width="100%">
- <table width="100%" height="30" border="0" cellpadding="2" cellspacing="2">
- <tr>
- <?php
- if ($_SESSION['usergroup']==1)
- {
- $allow_edit=true;
- ?>
- <td width="90" onClick="window.location='?module=creat_user';" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"><img align="absmiddle" src="images/filenew.gif" width="22" height="22">
- <?php echo $strCreatNew; ?></p>
- </td>
- <!--
- <td width="120" onClick="setdisplay('edit');" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"><img align="absmiddle" src="images/move_user.gif" width="22" height="22">
- <?php echo $strChangeCat; ?></p>
- </td>
- -->
- <?php
- if ($allow_delete==true)
- {
- ?>
- <td width="70" onClick="del_user();" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"><img align="absmiddle" src="images/cancel.gif" width="22" height="22"> <?php echo $strDelete; ?></p>
- </td>
- <?php
- }
- }
- else
- {
- ?>
- <td width="400" style="cursor: hand; border: 1px solid #E1E1E1" onMouseOver="changebd(this,'#336699')" onMouseOut="undobd(this)">
- <p class="buttontext"> Bạn chưa được phép xem thông tin này !</p>
- </td>
- <?php
- }
- ?>
- <td bgcolor="#E1E1E1"> </td>
- </tr>
- </table></td>
- </tr>
- <?php
- $title=array('<input name="cbxSelectAll" type="checkbox" onclick="javascript: checkAll(this.form);">','ID',$strUserName,
- $strRealName,$strBirthDay,
- $strGender,$strAddress,$strPhone,
- );
- $var_array=array('id','id','username',
- 'realname','birthday',
- 'genre','address','phone',
- );
- $dimension=array(25,30,150,
- 200,90,
- 50,300,120,
- 200,200,300,120,
- 250,120,120,
- 50,70,50);
- ?>
- <tr>
- <td align="center" valign="top" style="padding: 3 0 3 0">
- <!-- Data Table -->
- <?php
- $group=$_POST['group'];
- $view='select * from users';
- $view.=' where groupof="'.$group.'"';
- $view.=' order by id ASC';
- //echo $view;
- show_datatbl($view,'datatbl','','dataTable',$title,$dimension,$var_array);
- ?>
- <!-- End Data Table -->
- </td>
- </tr>
- <?php
- ?>
- <tr><td align="center" valign="top">
- <?php show_filter('dataTable',$title,$var_array); ?>
- </td></tr>
- <?php
- }
- else
- {
- }
- ?>
- </table>
- <?php
- if ($allow_edit==true)
- {
- ?>
- <SCRIPT language="JavaScript">
- var frmvalidator = new Validator("new_group");
- frmvalidator.addValidation("group_name","req","Nhom User khong the ko co ten !");
- </script>
- <?php
- }
- ?>
- </td>
- </tr>
- </table>
- <?php
- }
- else
- {
- ?>
- <p class="bigtitle"><?php echo $strErr['201']; ?></p>
- <?php
- }
- ?>