PHP后台管理类介绍
<?
class Admin{//begin class var $action=""; var $table=""; var $pk_val=0; var $pk_name="id"; var $select_sql; var $array_add=array(); var $array_update=array(); var $array_query=array(); var $array_oder_by=array(); var $array_tpl=array(); var $array_valid=array(); var $caption=""; var $html_header=''; var $html_query=''; var $html_cmd='';var $POST;
var $ME; function int_pk_val(){ global $_GET,$_POST; if($this->pk_val)return;if(!empty($_GET['edit_id'])){
$this->pk_val=$_GET['edit_id']; return; }if(!empty($_POST['id'])){
$this->pk_val=$_POST['id']; return; } }function Admin($action,$table,$select_sql){
global $_POST,$ME; /*foreach($_POST as $key=>$val){ $_POST[$key]=trim(nvl($val)); }*/ $this->POST=$_POST; $this->ME=$ME; $this->action=$action; $this->table=$table; $this->select_sql=$select_sql;$this->int_pk_val();
}function execute(){
if(empty($this->action)) $this->display(); else{ $action=$this->action; $this->$action(); } }function display(){
/*显示数据*/ global $CFG,$_POST,$ME;$where=$this->get_where($this->select_sql);
$this->select_sql.=$where;$p=new SXPaging($this->select_sql,nvl($_POST['RequirePage']),nvl($_POST['PageSize']));
if($this->html_cmd) $html_cmd="<INPUT TYPE=hidden NAME=CMD>".$this->html_cmd; else $html_cmd="|<INPUT TYPE=hidden NAME=CMD> <INPUT TYPE=button VALUE=添加 onclick=this.form.CMD.value='add';this.form.submit();> <INPUT TYPE=button VALUE=删除 onclick=this.form.CMD.value='del';this.form.submit();>";include("$CFG->dirtpl/admin/header.html");
echo("<Form method=post action=$ME>"); $str=$p->GetPrint('№',$this->caption,0);if($str)
$str.=$html_cmd.$this->html_query; else{ $str=$this->display_no_data($where); } echo("$str"); echo $this->get_query_state(); echo("</Form>");include("$CFG->dirtpl/admin/footer.html");
}function add($errormsg=''){ global $CFG,$_POST,$ME; $CMD='insert'; $form=(empty($this->array_tpl['form_add']))?$this->array_tpl['form']:$this->array_tpl['form_add']; include($this->array_tpl['header']); include($this->array_tpl['form_header']); include($form); include($this->array_tpl['footer']); }
function insert(){
/*插入数据*/ global $CFG,$_POST,$ME,$DOC_TITLE; $sql_add=$this->get_add_sql(); $errormsg=$this->valid(); if(empty($errormsg)){ $qid=db_query($sql_add); $pk_val=db_insert_id($pk_val); set_logs($this->caption,LOG_TYPE_INSERT,$this->table,$pk_val); $this->go_to_me(); return; }$this->add($errormsg);
}function check_operator($table,$pk_val){
$operator=$_SESSION['SESSION']['user']['id']; $sql="select 1 from $table where $this->pk_name=$pk_val and operator=$operator"; $qid=db_query($sql); return db_fetch_array($qid); }function edit($errormsg=''){
global $CFG,$_POST,$ME,$_GET,$DOC_TITLE; if(empty($this->pk_val))die("编辑ID没有,是程序错了");$CMD="update";
$sql="select * from $this->table where $this->pk_name=$this->pk_val";
$qid=db_query($sql); $_POST=db_fetch_array($qid); if(empty($_POSt['id']))$_POSt['id']=$this->pk_val; $form=empty($this->array_tpl['form_update'])?$this->array_tpl['form']:$this->array_tpl['form_update']; include($this->array_tpl['header']); include($this->array_tpl['form_header']); include($form); include($this->array_tpl['footer']); }function update(){
/*修改*/ global $CFG,$_POST,$ME; $sql=$this->get_update_sql(); $errormsg=$this->valid(); if(empty($errormsg)){ if(!$this->check_operator($this->table,$this->pk_val)){ $errormsg.="<li>不是你添加的数据,你没权修改!"; } } if(!empty($errormsg)){ $this->edit($errormsg);die(); } db_query($sql);set_logs($this->caption,LOG_TYPE_UPDATE,$this->table,$this->pk_val);
$this->go_to_me(); }function del($ctl_name='',$table='',$real_do=0){
/*删除*/ global $_POST,$_SESSION; $operator=$_SESSION['SESSION']['user']['id']; if(!$ctl_name)$ctl_name='del_id'; if($table)$this->table=$table; if(!empty($_POST[$ctl_name])){ //$in=implode(',',$_POST[$ctl_name]); /*$sql=''; if($real_do){ $sql="delete from $this->table where $this->pk_name in ($in)"; }else{ $sql="update $this->table set isdeleted=$operator where $this->pk_name in ($in)"; } db_query($sql);*/ $can_delete_rows=""; foreach($_POST[$ctl_name] as $pk_val){ if($this->check_operator($this->table,$pk_val)){ $sql="delete from $this->table where $this->pk_name = $pk_val"; db_query($sql); set_logs($this->caption,LOG_TYPE_DELETE,$this->table,$pk_val); }else{ $can_delete_rows.="$pk_val,"; } } } if($can_delete_rows)$can_delete_rows="主键为 $can_delete_rows 的数据非您添加,您不能删除!"; $this->go_to_me($can_delete_rows); }function _print(){}
function valid(){ $error_msg=""; $error_msg.=$this->valid_array_valid(); return $error_msg; }function valid_array_valid(){
/*验证数据有效性*/ global $_POST; $error_msg=""; $str=''; $count=count($this->array_valid); for($i=0;$i<$count;$i++){$item=$this->array_valid[$i];
switch($item['valid']){
case 'numeric': if(!is_numeric($this->POST[$item['field']]))$error_msg.="<li>$item[chinese]不是数字"; break; default: if(empty($this->POST[$item['field']]))$error_msg.="<li>$item[chinese]不可为空"; break; }}
if(!empty($error_msg))$error_msg."<br>请您仔细检查."; return $error_msg; }function get_where($sql=''){
global $_POST; $where=''; foreach ($this->array_query as $val){ if(!empty($_POST[$val])) $where.=" and ".substr($val,2) ." like '%$_POST[$val]%'"; } $where.=" and $this->table.isdeleted!=1";if(eregi('where',$sql)) return $where;
return " where ".substr($where,4);
}function get_order_by(){return '';}
function get_add_sql(){ global $_POST,$_SESSION; $fields=implode(",",$this->array_add); $values=""; $operator=$_SESSION['SESSION']['user']['id']; foreach($this->array_add as $val){ $val=trim($val); $values.="'$_POST[$val]',"; }
$values=substr($values,0,strlen($values)-1);
$sql="insert into $this->table (operator,$fields) values($operator,$values)";
return $sql; }function get_update_sql(){
global $_POST; $this->array_update=empty($this->array_update)?$this->array_add:$this->array_update; $sql="update $this->table set ";foreach($this->array_update as $val){
$val=trim($val); $sql.=" $val='$_POST[$val]',"; } $sql=substr($sql,0,strlen($sql)-1); $pk=$this->pk_name; $sql.=" where $pk='$_POST[$pk]'"; return $sql; }function set_select_sql($val){$this->select_sql=$val;} function set_array_add($val){$this->array_add=$val;} function set_array_update($val){$this->array_update=$val;} function set_array_query($val){$this->array_query=$val;} function set_array_valid($val){$this->array_valid=$val;}
function set_oder_by($val){$this->array_oder_by=$val;}
function set_caption($val){$this->caption=$val;} function set_pk_val($val){if(!empty($val))$this->pk_val=$val;} function set_pk_name($val){if(!empty($val))$this->pk_name=$val;}function set_html_query($val){
global $ME; $this->html_query=$val; $this->html_query.="<INPUT TYPE=button VALUE='查询' onclick=this.form.submit();> <INPUT TYPE=button VALUE='重置' onclick=/"location='$ME'/">"; } function set_html_cmd($val){$this->html_cmd=$val;} function set_array_tpl($val){$this->array_tpl=$val;}function get_query_state(){
global $_POST; $js_state="<script language=javascript>try{";foreach($this->array_query as $val){
if(strlen(nvl($_POST[$val])))$js_state.="document.all.$val.value='$_POST[$val]';/n"; } $js_state.="}catch(e){}</script>"; return $js_state; }function display_no_data($where){ global $ME; if(!empty($where)){ return "<input type=button value='本查询没有数据,请重新查询' onclick=/"location='$ME'/">"; }else return "<input type=button value='没有数据,请添加数据' onclick=/"location='$ME?CMD=add'/">"; }
function go_to_me($msg=''){
global $ME; if(!empty($msg))$msg="alert('$msg');"; echo "<script language=javascript>$msg;location='$ME';</script>"; die(); }}//end class
?>