PHP后台管理类介绍

PHP后台管理类介绍

<?
class Admin{//begin class
var $action="";
var $table="";
var $pk_val=0;
var $pk_name="id";
var $select_sql;

var $array_add=array();
var $array_update=array();
var $array_query=array();
var $array_oder_by=array();
var $array_tpl=array();
var $array_valid=array();

var $caption="";
var $html_header='';
var $html_query='';
var $html_cmd='';

var $POST;
var $ME;

function int_pk_val(){
global $_GET,$_POST;
if($this->pk_val)return;

if(!empty($_GET['edit_id'])){
$this->pk_val=$_GET['edit_id'];
return;
}

if(!empty($_POST['id'])){
$this->pk_val=$_POST['id'];
return;
}
}

function Admin($action,$table,$select_sql){
global $_POST,$ME;
/*foreach($_POST as $key=>$val){
$_POST[$key]=trim(nvl($val));
}*/
$this->POST=$_POST;
$this->ME=$ME;
$this->action=$action;
$this->table=$table;
$this->select_sql=$select_sql;

$this->int_pk_val();
}

function execute(){
if(empty($this->action)) $this->display();
else{
$action=$this->action;
$this->$action();
}
}

function display(){
/*显示数据*/
global $CFG,$_POST,$ME;

$where=$this->get_where($this->select_sql);
$this->select_sql.=$where;

$p=new SXPaging($this->select_sql,nvl($_POST['RequirePage']),nvl($_POST['PageSize']));
if($this->html_cmd)
$html_cmd="<INPUT TYPE=hidden NAME=CMD>".$this->html_cmd;
else
$html_cmd="|<INPUT TYPE=hidden NAME=CMD>
<INPUT TYPE=button VALUE=添加 onclick=this.form.CMD.value='add';this.form.submit();>
<INPUT TYPE=button VALUE=删除 onclick=this.form.CMD.value='del';this.form.submit();>";

include("$CFG->dirtpl/admin/header.html");
echo("<Form method=post action=$ME>");
$str=$p->GetPrint('№',$this->caption,0);

if($str)
$str.=$html_cmd.$this->html_query;
else{
$str=$this->display_no_data($where);
}
echo("$str");
echo $this->get_query_state();
echo("</Form>");

include("$CFG->dirtpl/admin/footer.html");
}


function add($errormsg=''){
global $CFG,$_POST,$ME;
$CMD='insert';
$form=(empty($this->array_tpl['form_add']))?$this->array_tpl['form']:$this->array_tpl['form_add'];
include($this->array_tpl['header']);
include($this->array_tpl['form_header']);
include($form);
include($this->array_tpl['footer']);
}

function insert(){
/*插入数据*/
global $CFG,$_POST,$ME,$DOC_TITLE;
$sql_add=$this->get_add_sql();

$errormsg=$this->valid();
if(empty($errormsg)){
$qid=db_query($sql_add);
$pk_val=db_insert_id($pk_val);
set_logs($this->caption,LOG_TYPE_INSERT,$this->table,$pk_val);
$this->go_to_me();
return;
}

$this->add($errormsg);
}

function check_operator($table,$pk_val){
$operator=$_SESSION['SESSION']['user']['id'];
$sql="select 1 from $table where $this->pk_name=$pk_val and operator=$operator";
$qid=db_query($sql);
return db_fetch_array($qid);
}

function edit($errormsg=''){
global $CFG,$_POST,$ME,$_GET,$DOC_TITLE;

if(empty($this->pk_val))die("编辑ID没有,是程序错了");

$CMD="update";

$sql="select * from $this->table where $this->pk_name=$this->pk_val";
$qid=db_query($sql);
$_POST=db_fetch_array($qid);

if(empty($_POSt['id']))$_POSt['id']=$this->pk_val;

$form=empty($this->array_tpl['form_update'])?$this->array_tpl['form']:$this->array_tpl['form_update'];
include($this->array_tpl['header']);
include($this->array_tpl['form_header']);
include($form);
include($this->array_tpl['footer']);
}

function update(){
/*修改*/
global $CFG,$_POST,$ME;
$sql=$this->get_update_sql();

$errormsg=$this->valid();
if(empty($errormsg)){
if(!$this->check_operator($this->table,$this->pk_val)){
$errormsg.="<li>不是你添加的数据,你没权修改!";
}
}
if(!empty($errormsg)){
$this->edit($errormsg);die();
}
db_query($sql);

set_logs($this->caption,LOG_TYPE_UPDATE,$this->table,$this->pk_val);
$this->go_to_me();
}

function del($ctl_name='',$table='',$real_do=0){
/*删除*/
global $_POST,$_SESSION;
$operator=$_SESSION['SESSION']['user']['id'];
if(!$ctl_name)$ctl_name='del_id';
if($table)$this->table=$table;
if(!empty($_POST[$ctl_name])){
//$in=implode(',',$_POST[$ctl_name]);
/*$sql='';
if($real_do){
$sql="delete from $this->table where $this->pk_name in ($in)";
}else{
$sql="update $this->table set isdeleted=$operator where $this->pk_name in ($in)";
}

db_query($sql);*/
$can_delete_rows="";
foreach($_POST[$ctl_name] as $pk_val){
if($this->check_operator($this->table,$pk_val)){
$sql="delete from $this->table where $this->pk_name = $pk_val";
db_query($sql);
set_logs($this->caption,LOG_TYPE_DELETE,$this->table,$pk_val);
}else{
$can_delete_rows.="$pk_val,";
}
}
}
if($can_delete_rows)$can_delete_rows="主键为 $can_delete_rows 的数据非您添加,您不能删除!";
$this->go_to_me($can_delete_rows);
}

function _print(){}
function valid(){
$error_msg="";
$error_msg.=$this->valid_array_valid();
return $error_msg;
}

function valid_array_valid(){
/*验证数据有效性*/
global $_POST;
$error_msg="";
$str='';
$count=count($this->array_valid);
for($i=0;$i<$count;$i++){

$item=$this->array_valid[$i];

switch($item['valid']){
case 'numeric':
if(!is_numeric($this->POST[$item['field']]))$error_msg.="<li>$item[chinese]不是数字";
break;
default:
if(empty($this->POST[$item['field']]))$error_msg.="<li>$item[chinese]不可为空";
break;
}

}
if(!empty($error_msg))$error_msg."<br>请您仔细检查.";
return $error_msg;
}

function get_where($sql=''){
global $_POST;
$where='';
foreach ($this->array_query as $val){
if(!empty($_POST[$val])) $where.=" and ".substr($val,2) ." like '%$_POST[$val]%'";
}

$where.=" and $this->table.isdeleted!=1";

if(eregi('where',$sql)) return $where;

return " where ".substr($where,4);
}

function get_order_by(){return '';}


function get_add_sql(){
global $_POST,$_SESSION;
$fields=implode(",",$this->array_add);
$values="";
$operator=$_SESSION['SESSION']['user']['id'];
foreach($this->array_add as $val){
$val=trim($val);
$values.="'$_POST[$val]',";
}

$values=substr($values,0,strlen($values)-1);

$sql="insert into $this->table (operator,$fields) values($operator,$values)";
return $sql;
}

function get_update_sql(){
global $_POST;
$this->array_update=empty($this->array_update)?$this->array_add:$this->array_update;
$sql="update $this->table set ";

foreach($this->array_update as $val){
$val=trim($val);
$sql.=" $val='$_POST[$val]',";
}

$sql=substr($sql,0,strlen($sql)-1);
$pk=$this->pk_name;
$sql.=" where $pk='$_POST[$pk]'";
return $sql;
}


function set_select_sql($val){$this->select_sql=$val;}
function set_array_add($val){$this->array_add=$val;}
function set_array_update($val){$this->array_update=$val;}
function set_array_query($val){$this->array_query=$val;}
function set_array_valid($val){$this->array_valid=$val;}

function set_oder_by($val){$this->array_oder_by=$val;}
function set_caption($val){$this->caption=$val;}
function set_pk_val($val){if(!empty($val))$this->pk_val=$val;}
function set_pk_name($val){if(!empty($val))$this->pk_name=$val;}

function set_html_query($val){
global $ME;
$this->html_query=$val;
$this->html_query.="<INPUT TYPE=button VALUE='查询' onclick=this.form.submit();>
<INPUT TYPE=button VALUE='重置' onclick=/"location='$ME'/">";
}
function set_html_cmd($val){$this->html_cmd=$val;}
function set_array_tpl($val){$this->array_tpl=$val;}

function get_query_state(){
global $_POST;
$js_state="<script language=javascript>try{";

foreach($this->array_query as $val){
if(strlen(nvl($_POST[$val])))$js_state.="document.all.$val.value='$_POST[$val]';/n";
}
$js_state.="}catch(e){}</script>";
return $js_state;
}


function display_no_data($where){
global $ME;
if(!empty($where)){
return "<input type=button value='本查询没有数据,请重新查询' onclick=/"location='$ME'/">";
}else return "<input type=button value='没有数据,请添加数据' onclick=/"location='$ME?CMD=add'/">";
}

function go_to_me($msg=''){
global $ME;
if(!empty($msg))$msg="alert('$msg');";
echo "<script language=javascript>$msg;location='$ME';</script>";
die();
}

}//end class

?>