M0117
/
gary_wms
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
651 Commits
2 Branches
0 Tags
3.0 GiB
 
 
 
 
 
 
Tree: c1e7c9748e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c1e7c9748e'
${ noResults }
gary_wms/wms/menu-record-update.php

172 lines
6.3 KiB
Raw Blame History

<?php
ini_set('display_errors', 'on');
include "header.php";
$auth_change_status = false;
if (isset($_POST['update'])) {
// foreach ($_POST as $k => $v) {
// $$k = htmlspecialchars(stripslashes(trim($v)));
// }
if (!empty($_POST['can_read'])) {
$auth_change_status = true;
$link_content = explode("\r\n", $_POST['link_content']);
foreach ($_POST['can_read'] as $id) {
// 更新部門可寫權限 json
$permission = [];
$department_id = 0;
$role_id = 0;
$sql = "
SELECT
department_id,
role_id,
permission
FROM department
WHERE 1=1
AND id = '$id'
";
$result = mysqli_query($link, $sql);
$data = mysqli_fetch_assoc($result);
$department_id = $data['department_id'];
$role_id = $data['role_id'];
mysqli_free_result($result);
$permission = json_decode($data['permission'], true);
foreach ($link_content as $row) {
$permission[$row] = '1';
}
$new_permiccion = json_encode($permission);
// 更改此職位權限
$sql = "
UPDATE department
SET permission = '$new_permiccion'
WHERE 1=1
AND id = '$id'
";
mysqli_query($link, $sql);
// 更改此職位底下所有員工的權限
$sql = "
SELECT accountid
FROM account
WHERE 1=1
AND department_id = '$department_id'
AND role_id = '$role_id'
";
$result = mysqli_query($link, $sql);
$data2 = mysqli_fetch_all($result, MYSQLI_ASSOC);
mysqli_free_result($result);
foreach ($data2 as $row) {
$sql = "
UPDATE account_auth
SET permission = '$new_permiccion'
WHERE 1=1
AND accountid = '" . $row['accountid'] . "'
";
mysqli_query($link, $sql);
}
}
}
if (!empty($_POST['can_write'])) {
$auth_change_status = true;
$link_content = explode("\r\n", $_POST['link_content']);
foreach ($_POST['can_write'] as $id) {
// 更新部門可寫權限 json
$permission = [];
$department_id = 0;
$role_id = 0;
$sql = "
SELECT
department_id,
role_id,
permission
FROM department
WHERE 1=1
AND id = '$id'
";
$result = mysqli_query($link, $sql);
$data = mysqli_fetch_assoc($result);
$department_id = $data['department_id'];
$role_id = $data['role_id'];
mysqli_free_result($result);
$permission = json_decode($data['permission'], true);
foreach ($link_content as $row) {
$permission[$row] = '3';
}
$new_permiccion = json_encode($permission);
// 更改此職位權限
$sql = "
UPDATE department
SET permission = '$new_permiccion'
WHERE 1=1
AND id = '$id'
";
mysqli_query($link, $sql);
// 更改此職位底下所有員工的權限
$sql = "
SELECT accountid
FROM account
WHERE 1=1
AND department_id = '$department_id'
AND role_id = '$role_id'
";
$result = mysqli_query($link, $sql);
$data2 = mysqli_fetch_all($result, MYSQLI_ASSOC);
mysqli_free_result($result);
foreach ($data2 as $row) {
$sql = "
UPDATE account_auth
SET permission = '$new_permiccion'
WHERE 1=1
AND accountid = '" . $row['accountid'] . "'
";
mysqli_query($link, $sql);
}
}
}
$main_menu_seq = empty($_POST['main_menu_seq']) ? '' : $_POST['main_menu_seq'];
$main_menu = empty($_POST['main_menu']) ? '' : $_POST['main_menu'];
$sub_menu_seq = empty($_POST['sub_menu_seq']) ? '' : $_POST['sub_menu_seq'];
$sub_menu = empty($_POST['sub_menu']) ? '' : $_POST['sub_menu'];
$sub_menu_eng = empty($_POST['sub_menu_eng']) ? '' : $_POST['sub_menu_eng'];
$mlink = empty($_POST['mlink']) ? '' : $_POST['mlink'];
$link_content = empty($_POST['link_content']) ? '' : $_POST['link_content'];
$status = empty($_POST['status']) ? '' : $_POST['status'];
$id = empty($_POST['id']) ? '' : $_POST['id'];
$create_at = date('Y-m-d H:i:s');
//$link_content = str_replace(PHP_EOL, ',', $link_content);
$db_query = "UPDATE menu set main_menu_seq = '$main_menu_seq', main_menu = '$main_menu', sub_menu_seq = '$sub_menu_seq', sub_menu = '$sub_menu', ";
$db_query .= "sub_menu_eng = '$sub_menu_eng', mlink = '$mlink', link_content = '$link_content', status = '$status', create_at = '$create_at' WHERE id='$id'";
mysqli_query($link, $db_query);
$affected = mysqli_affected_rows($link);
mysqli_close($link);
if ($affected > 0) {
echo "<script type ='text/JavaScript'>";
echo "alert('update成功');";
echo "location.href='menu-index.php?function_name=menu&" . $token_link . "';";
echo "</script>";
} elseif ($auth_change_status == true) {
echo "<script type ='text/JavaScript'>";
echo "alert('權限調整成功');";
echo "location.href='menu-index.php?function_name=menu&" . $token_link . "';";
echo "</script>";
} elseif ($affected == 0) {
echo "<script type ='text/JavaScript'>";
echo "alert('無新增資料');";
echo "location.href='menu-index.php?function_name=menu&" . $token_link . "';";
echo "</script>";
} else {
echo "{$db_query} 語法執行失敗,錯誤訊息SSS: " . mysqli_error($link);
}
}