diff --git a/web/app/controllers/super_manage.php b/web/app/controllers/super_manage.php
index 19e0960..59edbac 100644
--- a/web/app/controllers/super_manage.php
+++ b/web/app/controllers/super_manage.php
@@ -7,6 +7,10 @@
define('SCRIPT_REFRESH_AS_GET', '');
+ if (!Auth::check()) {
+ redirectToLogin();
+ }
+
if (!isSuperUser($myUser)) {
become403Page();
}
@@ -225,7 +229,234 @@
$add_link_form->succ_href = '/super_manage/index#links';
$add_link_form->runAtServer();
} elseif ($cur_tab == 'users') {
- //
+ $user_list_cond = [];
+
+ if (isset($_GET['username']) && $_GET['username'] != "") {
+ $user_list_cond[] = "username like '%" . DB::escape($_GET['username']) . "%'";
+ }
+ if (isset($_GET['usergroup']) && $_GET['usergroup'] != "") {
+ $user_list_cond[] = "usergroup = '" . DB::escape($_GET['usergroup']) . "'";
+ }
+ if (isset($_GET['usertype']) && $_GET['usertype'] != "") {
+ $user_list_cond[] = "usertype like '%" . DB::escape($_GET['usertype']) . "%'";
+ }
+
+ if ($user_list_cond) {
+ $user_list_cond = join($user_list_cond, ' and ');
+ } else {
+ $user_list_cond = '1';
+ }
+
+ $register_form = new UOJForm('register');
+ $register_form->addVInput('new_username', 'text', '用户名', '',
+ function ($username, &$vdata) {
+ if (!validateUsername($username)) {
+ return '用户名不合法';
+ }
+
+ if (queryUser($username)) {
+ return '该用户已存在';
+ }
+
+ $vdata['username'] = $username;
+
+ return '';
+ },
+ null
+ );
+ $register_form->addVInput('new_password', 'password', '密码', '',
+ function ($password, &$vdata) {
+ $vdata['password'] = $password;
+
+ return '';
+ },
+ 'validatePassword'
+ );
+ $register_form->addVInput('new_email', 'text', '电子邮件(选填)', '',
+ function ($email, &$vdata) {
+ if ($email && !validateEmail($email)) {
+ return '邮件地址不合法';
+ }
+
+ $vdata['email'] = $email;
+
+ return '';
+ },
+ null
+ );
+ $register_form->addVInput('new_realname', 'text', '真实姓名(选填)', '',
+ function ($realname, &$vdata) {
+ $vdata['realname'] = $realname;
+
+ return '';
+ },
+ null
+ );
+ $register_form->addVInput('new_school', 'text', '学校名称(选填)', '',
+ function ($school, &$vdata) {
+ $vdata['school'] = $school;
+
+ return '';
+ },
+ null
+ );
+ $register_form->handle = function(&$vdata) {
+ $username = $vdata['username'];
+ $realname = DB::escape($vdata['realname']);
+ $school = DB::escape($vdata['school']);
+ $email = DB::escape($vdata['email']);
+ $password = hash_hmac('md5', $vdata['password'], getPasswordClientSalt());
+ $password = getPasswordToStore($password, $username);
+ $svn_password = uojRandString(10);
+
+ DB::query("insert into user_info (username, realname, email, school, password, svn_password, register_time, usergroup) values ('$username', '$realname', '$email', '$school', '$password', '$svn_password', now(), 'U')");
+
+ header('Content-Type: application/json');
+ die(json_encode(['status' => 'success', 'message' => '']));
+ };
+ $register_form->setAjaxSubmit(<<runAtServer();
+
+ $change_password_form = new UOJForm('change_password');
+ $change_password_form->addVInput('p_username', 'text', '用户名', '',
+ function ($username, &$vdata) {
+ if (!validateUsername($username)) {
+ return '用户名不合法';
+ }
+
+ if (!queryUser($username)) {
+ return '用户不存在';
+ }
+
+ $vdata['username'] = $username;
+
+ return '';
+ },
+ null
+ );
+ $change_password_form->addVInput('p_password', 'password', '密码', '',
+ function ($password, &$vdata) {
+ $vdata['password'] = $password;
+
+ return '';
+ },
+ 'validatePassword'
+ );
+ $change_password_form->handle = function(&$vdata) {
+ $esc_username = DB::escape($vdata['username']);
+ $password = hash_hmac('md5', $vdata['password'], getPasswordClientSalt());
+ $esc_password = DB::escape(getPasswordToStore($password, $vdata['username']));
+
+ DB::query("update user_info set password = '$esc_password' where username = '$esc_username'");
+
+ header('Content-Type: application/json');
+ die(json_encode(['status' => 'success', 'message' => '用户 ' . $vdata['username'] . ' 的密码已经被成功重置。']));
+ };
+ $change_password_form->submit_button_config['margin_class'] = 'mt-3';
+ $change_password_form->submit_button_config['text'] = '重置';
+ $change_password_form->setAjaxSubmit(<<runAtServer();
+
+ $change_usergroup_form = new UOJForm('change_usergroup');
+ $change_usergroup_form->addVInput('username', 'text', '用户名', '',
+ function ($username, &$vdata) {
+ if (!validateUsername($username)) {
+ return '用户名不合法';
+ }
+
+ if (!queryUser($username)) {
+ return '用户不存在';
+ }
+
+ $vdata['username'] = $username;
+
+ return '';
+ },
+ null
+ );
+ $change_usergroup_form->addVSelect('op_type', [
+ 'banneduser' => '设为封禁用户',
+ 'normaluser' => '设为普通用户',
+ 'superuser' => '设为超级用户',
+ ], '操作类型', '');
+ $change_usergroup_form->handle = function($vdata) {
+ $username = $vdata['username'];
+ $usergroup = '';
+
+ switch ($_POST['op_type']) {
+ case 'banneduser':
+ DB::update("update user_info set usergroup = 'B', usertype = 'banned' where username = '{$username}'");
+ $usergroup = '被封禁的用户';
+ break;
+ case 'normaluser':
+ DB::update("update user_info set usergroup = 'U', usertype = 'student' where username = '{$username}'");
+ $usergroup = '普通用户';
+ break;
+ case 'superuser':
+ DB::update("update user_info set usergroup = 'S', usertype = 'student' where username = '{$username}'");
+ $usergroup = '超级用户';
+ break;
+ }
+
+ header('Content-Type: application/json');
+ die(json_encode(['status' => 'success', 'message' => '用户 ' . $username . ' 现在是 ' . $usergroup . '。']));
+ };
+ $change_usergroup_form->setAjaxSubmit(<<runAtServer();
}
?>
@@ -257,7 +488,7 @@