source: branches/rel/html/admin/system/input.php @ 12157

Revision 12157, 6.3 KB checked in by uehara, 17 years ago (diff)
Line 
1<?php
2/*
3 * Copyright(c) 2000-2007 LOCKON CO.,LTD. All Rights Reserved.
4 *
5 * http://www.lockon.co.jp/
6 */
7require_once("../require.php");
8
9class LC_Page {
10    var $arrErr;        // ¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸½ÐÎÏÍÑ
11    var $tpl_recv;      // ÆþÎϾðÊóPOSTÀè
12    var $tpl_onload;    // ¥Ú¡¼¥¸Æɤ߹þ¤ß»þ¤Î¥¤¥Ù¥ó¥È
13    var $arrForm;       // ¥Õ¥©¡¼¥à½ÐÎÏÍÑ
14    var $tpl_mode;      // ¿·µ¬ºîÀ®:new or ÊÔ½¸:edit
15    var $tpl_member_id; // ÊÔ½¸»þ¤Ë»ÈÍѤ¹¤ë¡£
16    var $tpl_pageno;
17    var $tpl_onfocus;   // ¥Ñ¥¹¥ï¡¼¥É¹àÌÜÁªÂò»þ¤Î¥¤¥Ù¥ó¥ÈÍÑ
18    var $tpl_old_login_id;
19    function LC_Page() {
20        $this->tpl_recv =  'input.php';
21        $this->tpl_pageno = $_REQUEST['pageno'];
22        $this->SHORTTEXT_MAX = STEXT_LEN;
23        $this->MIDDLETEXT_MAX = MTEXT_LEN;
24        $this->LONGTEXT_MAX = LTEXT_LEN;
25        global $arrAUTHORITY;
26        $this->arrAUTHORITY = $arrAUTHORITY;
27    }
28}
29
30$conn = new SC_DbConn();
31$objPage = new LC_Page();
32$objView = new SC_AdminView();
33
34// ǧ¾Ú²ÄÈݤÎȽÄê
35$objSess = new SC_Session();
36sfIsSuccess($objSess);
37
38// member_id¤¬»ØÄꤵ¤ì¤Æ¤¤¤¿¾ì¹ç¡¢ÊÔ½¸¥â¡¼¥É¤È¤¹¤ë¡£
39if(sfIsInt($_GET['id'])) {
40    $objPage->tpl_mode = 'edit';
41    $objPage->tpl_member_id = $_GET['id'];
42    $objPage->tpl_onfocus = "fnClearText(this.name);";
43    // DB¤Î¥á¥ó¥Ð¡¼¾ðÊó¤òÆɤ߽Ф¹
44    $data_list = fnGetMember($conn, $_GET['id']);
45    // ³ºÅö¥æ¡¼¥¶¤òɽ¼¨¤µ¤»¤ë
46    $objPage->arrForm = $data_list[0];
47    // ¥À¥ß¡¼¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¥»¥Ã¥È¤·¤Æ¤ª¤¯¡£
48    $objPage->arrForm['password'] = DUMMY_PASS;
49    // ¥í¥°¥¤¥óID¤òÊݴɤ·¤Æ¤ª¤¯¡£
50    $objPage->tpl_old_login_id = $data_list[0]['login_id'];
51} else {
52    // ¿·µ¬ºîÀ®¥â¡¼¥É
53    $objPage->tpl_mode = "new";
54    $objPage->arrForm['authority'] = -1;
55}
56
57// ¿·µ¬ºîÀ®¥â¡¼¥É or ÊÔ½¸¥â¡¼¥É
58if( $_POST['mode'] == 'new' || $_POST['mode'] == 'edit') {
59    // ÆþÎÏ¥¨¥é¡¼¥Á¥§¥Ã¥¯
60    $objPage->arrErr = fnErrorCheck($conn);
61   
62    // ÆþÎϤ¬Àµ¾ï¤Ç¤¢¤Ã¤¿¾ì¹ç¤Ï¡¢DB¤Ë½ñ¤­¹þ¤à
63    if(count($objPage->arrErr) == 0) {
64        if($_POST['mode'] == 'new') {
65            // ¥á¥ó¥Ð¡¼¤ÎÄɲÃ
66            fnInsertMember();
67            // ¥ê¥í¡¼¥É¤Ë¤è¤ëÆó½ÅÅÐÏ¿Âкö¤Î¤¿¤á¡¢Æ±¤¸¥Ú¡¼¥¸¤ËÈô¤Ð¤¹¡£
68            header("Location: ". $_SERVER['PHP_SELF'] . "?mode=reload");   
69            exit;
70        }
71        if($_POST['mode'] == 'edit') {
72            // ¥á¥ó¥Ð¡¼¤ÎÄɲÃ
73            if(fnUpdateMember($_POST['member_id'])) {
74                // ¿Æ¥¦¥£¥ó¥É¥¦¤ò¹¹¿·¸å¡¢¼«¥¦¥£¥ó¥É¥¦¤òÊĤ¸¤ë¡£
75                $url = URL_SYSTEM_TOP . "?pageno=".$_POST['pageno'];
76                $objPage->tpl_onload="fnUpdateParent('".$url."'); window.close();";
77            }
78        }
79    // ÆþÎÏ¥¨¥é¡¼¤¬È¯À¸¤·¤¿¾ì¹ç
80    } else {
81        // ¥â¡¼¥É¤ÎÀßÄê
82        $objPage->tpl_mode = $_POST['mode'];
83        $objPage->tpl_member_id = $_POST['member_id'];
84        $objPage->tpl_old_login_id = $_POST['old_login_id'];
85        // ¤¹¤Ç¤ËÆþÎϤ·¤¿Ãͤòɽ¼¨¤¹¤ë¡£
86        $objPage->arrForm = $_POST;
87        // Ä̾ïÆþÎϤΥѥ¹¥ï¡¼¥É¤Ï°ú¤­·Ñ¤¬¤Ê¤¤¡£
88        if($objPage->arrForm['password'] != DUMMY_PASS) {
89            $objPage->arrForm['password'] = '';
90        }
91    }
92}
93
94// ¥ê¥í¡¼¥É¤Î»ØÄ꤬¤¢¤Ã¤¿¾ì¹ç
95if( $_GET['mode'] == 'reload') {
96    // ¿Æ¥¦¥£¥ó¥É¥¦¤ò¹¹¿·¤¹¤ë¤è¤¦¤Ë¥»¥Ã¥È¤¹¤ë¡£
97    $url = URL_SYSTEM_TOP;
98    $objPage->tpl_onload="fnUpdateParent('".$url."')";
99}
100
101// ¥Æ¥ó¥×¥ì¡¼¥ÈÍÑÊÑ¿ô¤Î³ä¤êÅö¤Æ
102$objView->assignobj($objPage);
103$objView->display('system/input.tpl');
104
105/* ÆþÎÏ¥¨¥é¡¼¤Î¥Á¥§¥Ã¥¯ */
106function fnErrorCheck($conn) {
107   
108    $objErr = new SC_CheckError();
109   
110    $_POST["name"] = mb_convert_kana($_POST["name"] ,"KV");
111    $_POST["department"] = mb_convert_kana($_POST["department"] ,"KV");
112   
113    // ̾Á°¥Á¥§¥Ã¥¯
114    $objErr->doFunc(array("̾Á°",'name'), array("EXIST_CHECK"));
115    $objErr->doFunc(array("̾Á°",'name',STEXT_LEN,"BIG"), array("MAX_LENGTH_CHECK"));
116   
117    // ÊÔ½¸¥â¡¼¥É¤Ç¤Ê¤¤¾ì¹ç¤Ï¡¢½ÅÊ£¥Á¥§¥Ã¥¯
118    if (!isset($objErr->arrErr['name']) && $_POST['mode'] != 'edit') {
119        $sql = "SELECT name FROM dtb_member WHERE del_flg <> 1 AND name = ?";
120        $result = $conn->getOne($sql, array($_POST['name']));
121        if ( $result ) {
122            $objErr->arrErr['name'] = "´û¤ËÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë̾Á°¤Ê¤Î¤ÇÍøÍѤǤ­¤Þ¤»¤ó¡£<br>";
123        }
124    }
125       
126    // ¥í¥°¥¤¥óID¥Á¥§¥Ã¥¯
127    $objErr->doFunc(array("¥í¥°¥¤¥óID",'login_id'), array("EXIST_CHECK", "ALNUM_CHECK"));
128    $objErr->doFunc(array("¥í¥°¥¤¥óID",'login_id',ID_MIN_LEN , ID_MAX_LEN) ,array("NUM_RANGE_CHECK"));
129
130    // ¿·µ¬¥â¡¼¥É¤â¤·¤¯¤Ï¡¢ÊÔ½¸¥â¡¼¥É¤Ç¥í¥°¥¤¥óID¤¬Êѹ¹¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ï¥Á¥§¥Ã¥¯¤¹¤ë¡£
131    if (!isset($objErr->arrErr['login_id']) && $_POST['mode'] != 'edit' || ($_POST['mode'] == 'edit' && $_POST['login_id'] != $_POST['old_login_id'])) {
132        $sql = "SELECT login_id FROM dtb_member WHERE del_flg <> 1 AND login_id = ?";
133        $result = $conn->getOne($sql, array($_POST['login_id']));
134        if ( $result != "" ) {
135            $objErr->arrErr['login_id'] = "´û¤ËÅÐÏ¿¤µ¤ì¤Æ¤¤¤ëID¤Ê¤Î¤ÇÍøÍѤǤ­¤Þ¤»¤ó¡£<br>";
136        }
137    }
138   
139    // ¥Ñ¥¹¥ï¡¼¥É¥Á¥§¥Ã¥¯(ÊÔ½¸¥â¡¼¥É¤ÇDUMMY_PASS¤¬ÆþÎϤµ¤ì¤Æ¤¤¤ë¾ì¹ç¤Ï¡¢¥¹¥ë¡¼¤¹¤ë)
140    if(!($_POST['mode'] == 'edit' && $_POST['password'] == DUMMY_PASS)) {
141        $objErr->doFunc(array("¥Ñ¥¹¥ï¡¼¥É",'password'), array("EXIST_CHECK", "ALNUM_CHECK"));
142        if (!$arrErr['password']) {
143            // ¥Ñ¥¹¥ï¡¼¥É¤Î¥Á¥§¥Ã¥¯
144            $objErr->doFunc( array("¥Ñ¥¹¥ï¡¼¥É",'password',4 ,15 ) ,array( "NUM_RANGE_CHECK" ) );   
145        }
146    }
147   
148    // ¸¢¸Â¥Á¥§¥Ã¥¯
149    $objErr->doFunc(array("¸¢¸Â",'authority'),array("EXIST_CHECK"));
150    return $objErr->arrErr;
151}
152
153/* DB¤Ø¤Î¥Ç¡¼¥¿ÁÞÆþ */
154function fnInsertMember() {
155    // ¥¯¥¨¥ê¡¼¥¯¥é¥¹¤ÎÀë¸À
156    $oquery = new SC_Query();
157    // INSERT¤¹¤ëÃͤòºîÀ®¤¹¤ë¡£
158    $sqlval['name'] = $_POST['name'];
159    $sqlval['department'] = $_POST['department'];
160    $sqlval['login_id'] = $_POST['login_id'];
161    $sqlval['password'] = sha1($_POST['password'] . ":" . AUTH_MAGIC);
162    $sqlval['authority'] = $_POST['authority'];
163    $sqlval['rank']=  $oquery->max("dtb_member", "rank") + 1;
164    $sqlval['work'] = "1"; // ²ÔƯ¤ËÀßÄê
165    $sqlval['del_flg'] = "0";   // ºï½ü¥Õ¥é¥°¤òOFF¤ËÀßÄê
166    $sqlval['creator_id'] = $_SESSION['member_id'];
167    $sqlval['create_date'] = "now()";
168    $sqlval['update_date'] = "now()";
169    // INSERT¤Î¼Â¹Ô
170    $ret = $oquery->insert("dtb_member", $sqlval);
171    return $ret;
172}
173
174/* DB¤Ø¤Î¥Ç¡¼¥¿¹¹¿· */
175function fnUpdateMember($id) {
176    // ¥¯¥¨¥ê¡¼¥¯¥é¥¹¤ÎÀë¸À
177    $oquery = new SC_Query();
178    // INSERT¤¹¤ëÃͤòºîÀ®¤¹¤ë¡£
179    $sqlval['name'] = $_POST['name'];
180    $sqlval['department'] = $_POST['department'];
181    $sqlval['login_id'] = $_POST['login_id'];
182    if($_POST['password'] != DUMMY_PASS) {
183        $sqlval['password'] = sha1($_POST['password'] . ":" . AUTH_MAGIC);
184    }
185    $sqlval['authority'] = $_POST['authority'];
186    $sqlval['update_date'] = "now()";
187    // UPDATE¤Î¼Â¹Ô
188    $where = "member_id = " . $id;
189    $ret = $oquery->update("dtb_member", $sqlval, $where);
190    return $ret;
191}
192
193/* DB¤«¤é¥Ç¡¼¥¿¤ÎÆɤ߹þ¤ß */
194function fnGetMember($conn, $id) {
195    $sqlse = "SELECT name,department,login_id,authority FROM dtb_member WHERE member_id = ?";
196    $ret = $conn->getAll($sqlse, Array($id));
197    return $ret;
198}
199?>
Note: See TracBrowser for help on using the repository browser.