$v) { // $$k = htmlspecialchars(stripslashes(trim($v))); // } if (!empty($_POST['can_read'])) { $auth_change_status = true; $link_content = explode("\r\n", $_POST['link_content']); foreach ($_POST['can_read'] as $id) { // 更新部門可寫權限 json $permission = []; $department_id = 0; $role_id = 0; $sql = " SELECT department_id, role_id, permission FROM department WHERE 1=1 AND id = '$id' "; $result = mysqli_query($link, $sql); $data = mysqli_fetch_assoc($result); $department_id = $data['department_id']; $role_id = $data['role_id']; mysqli_free_result($result); $permission = json_decode($data['permission'], true); foreach ($link_content as $row) { $permission[$row] = '1'; } $new_permiccion = json_encode($permission); // 更改此職位權限 $sql = " UPDATE department SET permission = '$new_permiccion' WHERE 1=1 AND id = '$id' "; mysqli_query($link, $sql); // 更改此職位底下所有員工的權限 $sql = " SELECT accountid FROM account WHERE 1=1 AND department_id = '$department_id' AND role_id = '$role_id' "; $result = mysqli_query($link, $sql); $data2 = mysqli_fetch_all($result, MYSQLI_ASSOC); mysqli_free_result($result); foreach ($data2 as $row) { $sql = " UPDATE account_auth SET permission = '$new_permiccion' WHERE 1=1 AND accountid = '" . $row['accountid'] . "' "; mysqli_query($link, $sql); } } } if (!empty($_POST['can_write'])) { $auth_change_status = true; $link_content = explode("\r\n", $_POST['link_content']); foreach ($_POST['can_write'] as $id) { // 更新部門可寫權限 json $permission = []; $department_id = 0; $role_id = 0; $sql = " SELECT department_id, role_id, permission FROM department WHERE 1=1 AND id = '$id' "; $result = mysqli_query($link, $sql); $data = mysqli_fetch_assoc($result); $department_id = $data['department_id']; $role_id = $data['role_id']; mysqli_free_result($result); $permission = json_decode($data['permission'], true); foreach ($link_content as $row) { $permission[$row] = '3'; } $new_permiccion = json_encode($permission); // 更改此職位權限 $sql = " UPDATE department SET permission = '$new_permiccion' WHERE 1=1 AND id = '$id' "; mysqli_query($link, $sql); // 更改此職位底下所有員工的權限 $sql = " SELECT accountid FROM account WHERE 1=1 AND department_id = '$department_id' AND role_id = '$role_id' "; $result = mysqli_query($link, $sql); $data2 = mysqli_fetch_all($result, MYSQLI_ASSOC); mysqli_free_result($result); foreach ($data2 as $row) { $sql = " UPDATE account_auth SET permission = '$new_permiccion' WHERE 1=1 AND accountid = '" . $row['accountid'] . "' "; mysqli_query($link, $sql); } } } $main_menu_seq = empty($_POST['main_menu_seq']) ? '' : $_POST['main_menu_seq']; $main_menu = empty($_POST['main_menu']) ? '' : $_POST['main_menu']; $sub_menu_seq = empty($_POST['sub_menu_seq']) ? '' : $_POST['sub_menu_seq']; $sub_menu = empty($_POST['sub_menu']) ? '' : $_POST['sub_menu']; $sub_menu_eng = empty($_POST['sub_menu_eng']) ? '' : $_POST['sub_menu_eng']; $mlink = empty($_POST['mlink']) ? '' : $_POST['mlink']; $link_content = empty($_POST['link_content']) ? '' : $_POST['link_content']; $status = empty($_POST['status']) ? '' : $_POST['status']; $id = empty($_POST['id']) ? '' : $_POST['id']; $create_at = date('Y-m-d H:i:s'); //$link_content = str_replace(PHP_EOL, ',', $link_content); $db_query = "UPDATE menu set main_menu_seq = '$main_menu_seq', main_menu = '$main_menu', sub_menu_seq = '$sub_menu_seq', sub_menu = '$sub_menu', "; $db_query .= "sub_menu_eng = '$sub_menu_eng', mlink = '$mlink', link_content = '$link_content', status = '$status', create_at = '$create_at' WHERE id='$id'"; mysqli_query($link, $db_query); $affected = mysqli_affected_rows($link); mysqli_close($link); if ($affected > 0) { echo ""; } elseif ($auth_change_status == true) { echo ""; } elseif ($affected == 0) { echo ""; } else { echo "{$db_query} 語法執行失敗,錯誤訊息SSS: " . mysqli_error($link); } }