Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
rajven
/
Eye
-ын хуулбар https://github.com/rajven/Eye
1
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: e4f8200e1f
Салаанууд Тагууд
Eye
/
html
/
admin
/
customers
/
editcustom.php

editcustom.php 3.4 KB
Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. <?php
    2. 

  2. require_once ($_SERVER['DOCUMENT_ROOT']."/inc/auth.php");
    3. 

  3. require_once ($_SERVER['DOCUMENT_ROOT']."/inc/languages/" . HTML_LANG . ".php");
    4. 

  4. require_once ($_SERVER['DOCUMENT_ROOT']."/inc/idfilter.php");
    5. 

  5. 

  6. $msg_error = "";
    7. 

  7. 

  8. $customer=get_record($db_link,'customers',"id=?", [$id]);
    9. 

  9. 

  10. if (getPOST("edituser") !== null) {
    11. 

  11.     global $salt;
    12. 

  12. 

  13.     $new = [];
    14. 

  14. 

  15.     // Логин (макс. 20 символов)
    16. 

  16.     $new['login'] = substr(trim(getPOST("login", null, $customer['login'])), 0, 20);
    17. 

  17. 

  18.     // Описание (макс. 100 символов)
    19. 

  19.     $new['description'] = substr(trim(getPOST("description", null, '')), 0, 100);
    20. 

  20. 

  21.     // Пароль (если задан и не пустой)
    22. 

  22.     $pass = trim(getPOST("pass", null, ''));
    23. 

  23.     if ($pass !== '') {
    24. 

  24.         $new['password'] = password_hash($pass, PASSWORD_BCRYPT);
    25. 

  25.     }
    26. 

  26. 

  27.     // API-ключ (если длина > 20)
    28. 

  28.     $api_key = getPOST("api_key", null, randomPassword(20));
    29. 

  29.     if (strlen(trim($api_key)) > 20) {
    30. 

  30.         $new['api_key'] = substr(trim($api_key),0,20);
    31. 

  31.     }
    32. 

  32.     if (strlen(trim($api_key)) <20) {
    33. 

  33.         $new['api_key'] = $customer['api_key'];
    34. 

  34.     }
    35. 

  35.     $new['api_key'] = trim($api_key);
    36. 

  36. 

  37.     // Права доступа
    38. 

  38.     $new['rights'] = (int)getPOST("f_acl", null, 0);
    39. 

  39. 

  40.     // Обновление записи
    41. 

  41.     update_record($db_link, "customers", "id = ?", $new, [$id]);
    42. 

  42. 

  43.     header("Location: " . $_SERVER["REQUEST_URI"]);
    44. 

  44.     exit;
    45. 

  45. }
    46. 

  46. 

  47. unset($_POST);
    48. 

  48. 

  49. print_control_submenu($page_url);
    50. 

  50. 

  51. require_once ($_SERVER['DOCUMENT_ROOT']."/inc/header.php");
    52. 

  52. 

  53. ?>
    54. 

  54. 

  55. <div id="cont">
    56. 

  56. <br><b><?php echo WEB_customer_titles; ?></b><br>
    57. 

  57. <form name="def" action="editcustom.php?id=<?php echo $id; ?>" method="post">
    58. 

  58.     <input type="hidden" name="id" value="<?php echo $id; ?>">
    59. 

  59.     <table class="data">
    60. 

  60.         <tr>
    61. 

  61.             <td><?php echo WEB_customer_login; ?></td>
    62. 

  62.             <td><input type="text" name="login" value="<?php print htmlspecialchars($customer['login']); ?>" size=20></td>
    63. 

  63.         </tr>
    64. 

  64.         <tr>
    65. 

  65.             <td><?php echo WEB_cell_description; ?></td>
    66. 

  66.             <td><input type="text" name="description" value="<?php print htmlspecialchars($customer['description']); ?>" size=50></td>
    67. 

  67.         </tr>
    68. 

  68.         <tr>
    69. 

  69.             <td><?php echo WEB_customer_password; ?></td>
    70. 

  70.             <td><input type="password" name="pass" value="" size=20></td>
    71. 

  71.         </tr>
    72. 

  72.         <tr>
    73. 

  73.             <td><?php echo WEB_customer_api_key; ?></td>
    74. 

  74.             <td>
    75. 

  75.                 <input type="text" name="api_key" id="api_key" value="<?php print htmlspecialchars($customer['api_key']); ?>" size=50>
    76. 

  76.                 <!-- Кнопка перегенерации -->
    77. 

  77.                 <button type="button" onclick="generateApiKey()">🔄</button>
    78. 

  78.             </td>
    79. 

  79.         </tr>
    80. 

  80.         <tr>
    81. 

  81.             <td><?php echo WEB_customer_mode; ?></td>
    82. 

  82.             <td><?php print_acl_select($db_link,'f_acl',$customer['rights']); ?></td>
    83. 

  83.         </tr>
    84. 

  84.         <tr>
    85. 

  85.             <td colspan=2>
    86. 

  86.                 <input type="submit" name="edituser" value="<?php echo WEB_btn_save; ?>">
    87. 

  87.             </td>
    88. 

  88.         </tr>
    89. 

  89.     </table>
    90. 

  90. </form>
    91. 

  91. 

  92. <script>
    93. 

  93. function generateApiKey() {
    94. 

  94.     const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
    95. 

  95.     let result = '';
    96. 

  96.     for (let i = 0; i < 20; i++) {
    97. 

  97.         result += chars.charAt(Math.floor(Math.random() * chars.length));
    98. 

  98.     }
    99. 

  99.     document.getElementById('api_key').value = result;
    100. 

  100. }
    101. 

  101. </script>
    102. 

  102. 

  103. <?php require_once ($_SERVER['DOCUMENT_ROOT']."/inc/footer.php"); ?>
    104.