|
@@ -76,11 +76,16 @@ class AdminController extends DooController {
|
|
|
}
|
|
|
}
|
|
|
function adlogin() {
|
|
|
- $passwork = isset ( $_POST ['passwork'] ) ? $_POST ['passwork'] : "";
|
|
|
- $uid = isset ( $_POST ['user'] ) ? $_POST ['user'] : "";
|
|
|
+
|
|
|
+ $this->get_args('passwork') ? $this->get_args('passwork') : "";
|
|
|
+
|
|
|
+ $passwork = $this->get_args('passwork') ? $this->get_args('passwork') : "";
|
|
|
+ $uid = $this->get_args('user') ? $this->get_args('user') : "";
|
|
|
|
|
|
Doo::loadModel ( 'staff' );
|
|
|
$staff = new staff ();
|
|
|
+ Doo::loadClass ( 'XDeode' );
|
|
|
+ $XDeode = new XDeode ( 5 );
|
|
|
|
|
|
if (! empty ( $passwork )) {
|
|
|
$userinfo = $staff->getOne ( array (
|
|
@@ -90,7 +95,7 @@ class AdminController extends DooController {
|
|
|
|
|
|
if (! empty ( $userinfo )) {
|
|
|
if ($userinfo ['username'] == $uid && $userinfo ['passwork'] == md5 ( $passwork )) {
|
|
|
- setcookie ( "adStaff", $userinfo ['sid'], time () + 36000, "/" );
|
|
|
+ setcookie ( "adStaff", $XDeode->encode ($userinfo ['sid']), time () + 36000, "/" );
|
|
|
return "/adminoffice";
|
|
|
}
|
|
|
}
|
|
@@ -176,9 +181,8 @@ class AdminController extends DooController {
|
|
|
function addCategory() {
|
|
|
$msg = "添加成功";
|
|
|
|
|
|
- $title = isset ( $_POST ['title'] ) ? $_POST ['title'] : "";
|
|
|
-
|
|
|
- $district = isset ( $_POST ['district'] ) ? $_POST ['district'] : "";
|
|
|
+ $title = $this->get_args ( 'title' ) ? $this->get_args ( 'title' ) : "";
|
|
|
+ $district = $this->get_args ( 'district' ) ? $this->get_args ( 'district' ) : "";
|
|
|
|
|
|
if (! empty ( $title ) && ! empty ( $district )) {
|
|
|
Doo::loadModel ( 'L_category' );
|
|
@@ -1199,19 +1203,14 @@ class AdminController extends DooController {
|
|
|
return $_GET [$name];
|
|
|
else {
|
|
|
return addslashes ( $_GET [$name] );
|
|
|
-
|
|
|
- // return $_GET [$name] ;
|
|
|
}
|
|
|
} elseif (isset ( $_POST [$name] )) {
|
|
|
if (is_array ( $_POST [$name] ))
|
|
|
return $_POST [$name];
|
|
|
else {
|
|
|
return addslashes ( $_POST [$name] );
|
|
|
-
|
|
|
- // return $_POST [$name];
|
|
|
}
|
|
|
} else {
|
|
|
-
|
|
|
return false;
|
|
|
}
|
|
|
}
|
|
@@ -1395,6 +1394,9 @@ class AdminController extends DooController {
|
|
|
if (! isset ( $_POST ['staff'] ) || empty ( $_POST ['staff'] )) {
|
|
|
exit ( '请选择成员' );
|
|
|
}
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
$idname = $name = $pinyinname = array ();
|
|
|
$stafflist = explode(',',$_POST['staff']);
|
|
|
foreach ( $stafflist as $k => $v ) {
|