<?php
require_once 'conn.php';
checkLogin();
$id = $_GET['id'] ?? '';
$page = $_GET['Page'] ?? '';
$keys = $_GET['Keys'] ?? '';
$ord = $_GET['Ord'] ?? '';
$hrefstr = "?keys=" . urlencode($keys) . "&Ord=" . urlencode($ord) . "&Page=" . $page;
$employee_id = $_SESSION['employee_id'];
$act = $_GET['act'] ?? '';
if ($act == 'save') {
$em_tel = textEncode($_POST['em_tel'] ?? '');
$em_email = textEncode($_POST['em_email'] ?? '');
$em_password = md5($_POST['em_password'] ?? '');
$pwd = md5($_POST['pwd'] ?? '');
$pwdre = md5($_POST['pwdre'] ?? '');
$editpwd = false;
if (!is_numeric($employee_id)) {
$employee_id = 0;
}
if ($pwd !== '8f00b204e9800998' && $pwdre !== '8f00b204e9800998') {
$editpwd = true;
if ($pwd !== $pwdre) {
echo "<script>alert('两次密码输入不一致!');history.back();</script>";
exit;
}
}
$result = $conn->query("SELECT * FROM employee WHERE id=" . (int)$employee_id);
if ($row = $result->fetch_assoc()) {
$changeSuccess = 1;
$sql = "UPDATE employee SET
em_email='" . $conn->real_escape_string($em_email) . "',
em_tel='" . $conn->real_escape_string($em_tel) . "'";
if ($editpwd) {
if ($em_password === $row['em_password']) {
$sql .= ", em_password='" . $conn->real_escape_string($pwd) . "'";
$changeSuccess = 2;
} else {
$changeSuccess = 3;
}
}
$sql .= " WHERE id=" . (int)$employee_id;
$conn->query($sql);
if ($changeSuccess == 1) {
echo "<script>alert('资料修改成功!');history.back();</script>";
} elseif ($changeSuccess == 2) {
echo "<script>alert('密码修改成功!请退出重新登录');location.href='index.php?act=logout';</script>";
} else {
echo "<script>alert('原始密码错误!');history.back();</script>";
}
exit;
}
}
$result = $conn->query("SELECT em_email, em_tel FROM employee WHERE id=" . (int)$_SESSION['employee_id']);
$row = $result->fetch_assoc();
$em_tel = $row['em_tel'] ?? '';
$em_email = $row['em_email'] ?? '';
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>管理区域</title>
<link rel="stylesheet" href="css/common.css" type="text/css" />
<script src="system/js/jquery-1.7.2.min.js"></script>
<script src="js/js.js"></script>
<script src="system/xheditor-1.1.9/xheditor-1.1.9-zh-cn.min.js"></script>
<style>
body {
margin: 0;
padding: 20px;
background: #fff;
}
#man_zone {
margin-left: 0;
}
</style>
</head>
<body class="clear">
<?php // require_once 'panel.php'; ?>
<div id="man_zone">
<form name="form1" method="post" action="pwdEdit.php<?= $hrefstr ?>&act=save" onSubmit="return checkpwd();">
<table width="100%" border="0" cellpadding="3" cellspacing="1" class="table1">
<tbody>
<tr>
<th width="8%">电话:</th>
<td><input type="text" id="em_tel" name="em_tel" value="<?= htmlspecialcharsFix($em_tel) ?>" class="txt1" /></td>
</tr>
<tr>
<th width="8%">邮箱:</th>
<td><input type="text" id="em_email" name="em_email" value="<?= htmlspecialcharsFix($em_email) ?>" class="txt1" /></td>
</tr>
<tr>
<th width="8%">原始密码:</th>
<td><input type="password" id="em_password" name="em_password" value="" class="txt1" placeholder="不修改密码请留空" /></td>
</tr>
<tr>
<th width="8%">新密码:</th>
<td><input type="password" id="pwd" name="pwd" value="" class="txt1" placeholder="不修改密码请留空" /></td>
</tr>
<tr>
<th width="8%">请再次输入</th>
<td><input type="password" id="pwdre" name="pwdre" value="" class="txt1" placeholder="不修改密码请留空" /></td>
</tr>
<tr>
<th></th>
<td><input type="submit" name="save" id="save" value="确定" class="btn1" /></td>
</tr>
</tbody>
</table>
</form>
</div>
</body>
</html>