20,359
社区成员
发帖
与我相关
我的任务
分享
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>{$config->site_name} - 进销存 - 添加产品 - 后台管理</title>
<link href="../../../css/admin/index.css" rel="stylesheet" type="text/css" />
</head>
<body>
{include file="admin/top.php" subject='products'}
<div id="content">
<form method="post">
<table width="100%" border="0" cellpadding="5" cellspacing="0" id="editor">
<tr>
<td width="100" class="title">物料名称:</td>
<td width="240" class="content"><input name="title" type="text" id="title" value="{$smarty.post.title}" size="30" /> *</td>
<td width="821" class="content">
{if $errors.empty_title}<span class="warning">物料名称不能为空</span>
{else}填写物料的名称
{/if} </td>
</tr>
<tr>
<td class="title">物料批号:</td>
<td class="content"><input name="spec" type="text" id="spec" value="{$smarty.post.spec}" size="30" /></td>
<td class="content"> </td>
</tr>
<tr>
<td class="title">单人份用量:</td>
<td class="content"><input name="pricebuy" type="text" id="pricebuy" value="{$smarty.post.pricebuy}" size="30" /></td>
<td class="content"> </td>
</tr>
<tr>
<td class="title">单人份用量:</td>
<td class="content"><input name="pricesell" type="text" id="pricesell" value="{$smarty.post.pricesell}" size="30" /></td>
<td class="content"> </td>
</tr>
<tr>
<td class="title">计算单位:</td>
<td class="content"><input name="unit" type="text" id="unit" value="{$smarty.post.unit}" size="30" /></td>
<td class="content">库存计算的单位, 如: 个, 箱, 件, 斤等</td>
</tr>
<tr>
<td class="title">物料分类:</td>
<td class="content"><select name="classid"><option></option>{classes order=sequence}<option value="{$classes.id}" {if $smarty.post}{if $classes.id==$smarty.post.classid}selected{/if}{else}{if $classes.id==$segment.1}selected{/if}{/if} >{section name=id loop=$classes.layer-1} {/section}{$classes.title}</option>{/classes}</select></td>
<td class="content"> </td>
</tr>
<tr class="noline">
<td class="title">物料介绍:</td>
<td colspan="2" class="content"><textarea name="intro" cols="100" rows="8" id="intro">{$smarty.post.intro}</textarea></td>
</tr>
</table>
<div class="fr mt10">
<input type="submit" value="添加" class="btn" />
<a href="#" class="btn" onclick="history.back();">取消</a>
<input name="action" type="hidden" id="action" value="create" />
</div>
</form>
</div>
{include file="admin/bottom.php"}
</body>
</html>
<?php
class products {
function products() {
global $admin;
if(empty($_SESSION["managerid"])) $admin->login();
}
function index() {
global $db, $smarty, $config, $segment, $admin;
if(!$admin->rights("products_view")) return;
if(!empty($segment[1])) {
include_once("mod.classes.php");
$c = new classes();
$paths = $c->_getpaths($segment[1]);
$smarty->assign("paths", $paths);
}
}
function create() {
global $db, $smarty, $config, $segment, $admin;
if(!$admin->rights("products_create")) return;
if(!empty($_POST["action"]) && $_POST["action"]=="create") {
if(empty($_POST["title"])) $errors["empty_title"] = true;
if(empty($errors)) {
$title = $db->qstr($_POST["title"]);
$spec = $db->qstr($_POST["spec"]);
$pricebuy = $db->qstr(empty($_POST["pricebuy"])?0:$_POST["pricebuy"]);
$pricesell = $db->qstr(empty($_POST["pricesell"])?0:$_POST["pricesell"]);
$unit = $db->qstr($_POST["unit"]);
$intro = $db->qstr($_POST["intro"]);
$classid = 0;
$path = $db->qstr(",0,");
if(!empty($_POST["classid"])) {
$classid = $_POST["classid"];
$path = $db->qstr($db->getone("select path from {$config->db_prefix}classes where id=$classid"));
}
$sqlstr = "insert into {$config->db_prefix}products (title, spec, classid, path, pricebuy, pricesell, unit, intro) values ($title, $spec, $classid, $path, $pricebuy, $pricesell, $unit, $intro)";
$result = $db->execute($sqlstr);
if($result) header("location:{$config->site_index}admin/products/$classid");
}
if(!empty($errors)) $smarty->assign("errors", $errors);
}
}
function modify() {
global $db, $smarty, $config, $segment, $admin;
if(!$admin->rights("products_modify")) return;
if(!empty($_POST["action"]) && $_POST["action"]=="modify") {
if(empty($_POST["title"])) $errors["empty_title"] = true;
if(empty($errors)) {
$id = $db->qstr($_POST["id"]);
$title = $db->qstr($_POST["title"]);
$spec = $db->qstr($_POST["spec"]);
$pricebuy = $db->qstr(empty($_POST["pricebuy"])?0:$_POST["pricebuy"]);
$pricesell = $db->qstr(empty($_POST["pricesell"])?0:$_POST["pricesell"]);
$unit = $db->qstr($_POST["unit"]);
$intro = $db->qstr($_POST["intro"]);
$classid = 0;
$path = $db->qstr(",0,");
if(!empty($_POST["classid"])) {
$classid = $_POST["classid"];
$path = $db->qstr($db->getone("select path from {$config->db_prefix}classes where id=$classid"));
}
$sqlstr = "update {$config->db_prefix}products set title=$title, spec=$spec, classid=$classid, path=$path, pricebuy=$pricebuy, pricesell=$pricesell, unit=$unit, intro=$intro where id=$id";
$result = $db->execute($sqlstr);
if($result) header("location:".(empty($_POST["referer"])?"{$config->site_index}admin/products":$_POST["referer"]));
}
if(!empty($errors)) $smarty->assign("errors", $errors);
}
}
function delete() {
global $db, $segment, $config, $admin;
if(!$admin->rights("products_delete")) return;
$id = $db->qstr($segment[2]);
$sqlstr = "delete from {$config->db_prefix}products where id=$id";
$result = $db->execute($sqlstr);
if($result) header("location:".(empty($_SERVER['HTTP_REFERER'])?"{$config->site_index}admin/products":$_SERVER['HTTP_REFERER']));
}
}
?>
<?php
class managers {
function managers() {
global $admin;
if(empty($_SESSION["managerid"])) $admin->login();
}
function index() {
global $admin;
if(!$admin->rights("managers_view")) return;
}
function login() {
global $smarty, $uri, $config, $admin;
if(!empty($_POST["action"]) && $_POST["action"]=="login") {
if(empty($_POST["username"])) $errors["empty_username"] = true;
if(empty($_POST["password"])) $errors["empty_password"] = true;
if(empty($_POST["number"])) $errors["empty_number"] = true;
else if($_POST["number"]!=$_SESSION["imagenumber"]) $errors["wrong_number"] = true;
if(empty($errors)) {
$result = $admin->_login($_POST["username"], $_POST["password"]);
if($result) header("location:{$config->site_index}admin");
}
if(!empty($errors)) $smarty->assign("errors", $errors);
}
$uri = "admin/index";
}
function logout() {
global $admin, $uri;
$admin->_logout();
$uri = "admin/index";
}
function create() {
global $db, $smarty, $config, $admin;
if(!$admin->rights("managers_create")) return;
if(!empty($_POST["action"]) && $_POST["action"]=="create") {
if(empty($_POST["username"])) $errors["empty_username"] = true;
if(empty($_POST["password"])) $errors["empty_password"] = true;
else if($_POST["password"]!=$_POST["repassword"]) $errors["different_password"] = true;
if(empty($_POST["realname"])) $errors["empty_realname"] = true;
if(empty($errors) && $db->getone("select count(1) from {$config->db_prefix}managers where username=".$db->qstr($_POST["username"]))) $errors["exist_username"] = true;
if(empty($errors)) {
$username = $db->qstr($_POST["username"]);
$password = $db->qstr(md5($_POST["password"]));
$locked = 0;
$email = $db->qstr($_POST["email"]);
$realname = $db->qstr($_POST["realname"]);
$gender = $db->qstr($_POST["gender"]);
$phone = $db->qstr($_POST["phone"]);
$regdate = time();
$logcount = 0;
if(!empty($_POST["administrator"])) $rights = "administrator";
else $rights = join($_POST["rights"], ";");
$sqlstr = "insert into {$config->db_prefix}managers (username, password, locked, email, realname, gender, phone, rights, regdate, logcount) values ($username, $password, $locked, $email, $realname, $gender, $phone, '$rights', $regdate, $logcount)";
$result = $db->execute($sqlstr);
if($result) header("location:{$config->site_index}admin/managers");
}
if(!empty($errors)) $smarty->assign("errors", $errors);
$arr_rights = $_POST["rights"];
if(!empty($arr_rights)) foreach($arr_rights as $k => $v) $rights[$v] = 1;
$smarty->assign("rights", $rights);
}
}
function modify() {
global $db, $smarty, $config, $segment, $admin, $uri;
if(!$admin->rights("managers_modify") && !empty($segment[1]) && $segment[1]!=$_SESSION["managerid"]) return;
else $uri = "admin/managers/modify";
if(!empty($_POST["action"]) && $_POST["action"]=="modify") {
if($_POST["password"]!=$_POST["repassword"]) $errors["different_password"] = true;
if(empty($_POST["realname"])) $errors["empty_realname"] = true;
if(empty($errors)) {
$id = $db->qstr($_POST["id"]);
$locked = $db->qstr($_POST["locked"]);
$email = $db->qstr($_POST["email"]);
$realname = $db->qstr($_POST["realname"]);
$gender = $db->qstr($_POST["gender"]);
$phone = $db->qstr($_POST["phone"]);
$regdate = time();
$logcount = 0;
$password = $db->qstr(md5($_POST["password"]));
$str_password = empty($_POST["password"])?"":" password=$password,";
if(!empty($_POST["administrator"])) $rights = "administrator";
else $rights = join($_POST["rights"], ";");
$sqlstr = "update {$config->db_prefix}managers set $str_password locked=$locked, email=$email, realname=$realname, gender=$gender, phone=$phone, rights='$rights' where id=$id";
$result = $db->execute($sqlstr);
if($result) header("location:".(empty($_POST["referer"])?"{$config->site_index}admin/managers":$_POST["referer"]));
}
if(!empty($errors)) $smarty->assign("errors", $errors);
}
//
if(!empty($_POST["action"]) && $_POST["action"]=="modify") $arr_rights = $_POST["rights"];
else {
$managerid = $db->qstr($segment[1]);
$arr_rights = split(";", $db->getone("select rights from {$config->db_prefix}managers where id=$managerid"));
}
if(!empty($arr_rights)) foreach($arr_rights as $k => $v) $rights[$v] = 1;
$smarty->assign("rights", $rights);
}
function delete() {
global $db, $segment, $config, $admin;
if(!$admin->rights("managers_delete")) return;
$id = $db->qstr($segment[2]);
$sqlstr = "delete from {$config->db_prefix}managers where id=$id";
$result = $db->execute($sqlstr);
if($result) header("location:".(empty($_SERVER['HTTP_REFERER'])?"{$config->site_index}admin/managers":$_SERVER['HTTP_REFERER']));
}
function imagenumber($width=80, $height=20) {
$_SESSION["imagenumber"] = $num = (string)rand(1000, 9999);
//
$img = imagecreate($width, $height);
imagecolorallocate($img, 255, 255, 255);
for($i=1; $i<=128; $i++) {
imagestring($img, 1, mt_rand(1, $width), mt_rand(1, $height), "*", imageColorAllocate($img, mt_rand(220, 255), mt_rand(220, 255), mt_rand(220, 255)));
}
for($i=0; $i<strlen($num); $i++) {
imagestring($img, 4, $i*$width/4+6, mt_rand(1, $height/4), $num[$i], imageColorAllocate($img, mt_rand(0, 100), mt_rand(0, 150), mt_rand(0, 200)));
}
header("Content-type: image/png");
imagejpeg($img);
imagedestroy($img);
}
}
?>
<tr class="noline" style="{if $managers.id==$smarty.session.managerid}display:none;{/if}">
<td class="title">账户权限:</td>
<td colspan="2" class="content">
<input name="administrator" type="radio" value="1" onclick="$('#rights').css('display', 'none');" checked="checked" />超级管理员
<input name="administrator" type="radio" value="0" onclick="$('#rights').css('display', '');" {if $smarty.post}{if !$smarty.post.administrator}checked{/if}{else}{if $managers.rights!='administrator'}checked{/if}{/if} />普通管理员
<div id="rights" style="{if $smarty.post}{if $smarty.post.administrator}display:none{/if}{else}{if $managers.rights=='administrator'}display:none;{/if}{/if}">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="40" height="40"> </td>
<td> </td>
<td><a href="javascript:;" onclick="checks('view')">查看<br />权限</a></td>
<td><a href="javascript:;" onclick="checks('modify')">修改<br />权限</a></td>
<td><a href="javascript:;" onclick="checks('create')">添加<br />权限</a></td>
<td><a href="javascript:;" onclick="checks('delete')">删除<br />权限</a></td>
</tr>
<tr>
<td>采购</td>
<td><a href="javascript:;" onclick="checks('purchases')">采购订单</a></td>
<td><input type="checkbox" name="rights[]" value="purchases_view" id="purchases_view" {if $rights.purchases_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="purchases_modify" id="purchases_modify" {if $rights.purchases_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="purchases_create" id="purchases_create" {if $rights.purchases_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="purchases_delete" id="purchases_delete" {if $rights.purchases_delete}checked{/if} /></td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('suppliers')">供应商管理</a></td>
<td><input type="checkbox" name="rights[]" value="suppliers_view" id="suppliers_view" {if $rights.suppliers_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="suppliers_modify" id="suppliers_modify" {if $rights.suppliers_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="suppliers_create" id="suppliers_create" {if $rights.suppliers_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="suppliers_delete" id="suppliers_delete" {if $rights.suppliers_delete}checked{/if} /></td>
</tr>
<tr>
<td>销售</td>
<td><a href="javascript:;" onclick="checks('orders')">销售订单</a></td>
<td><input type="checkbox" name="rights[]" value="orders_view" id="orders_view" {if $rights.orders_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="orders_modify" id="orders_modify" {if $rights.orders_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="orders_create" id="orders_create" {if $rights.orders_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="orders_delete" id="orders_delete" {if $rights.orders_delete}checked{/if} /></td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('customers')">客户管理</a></td>
<td><input type="checkbox" name="rights[]" value="customers_view" id="customers_view" {if $rights.customers_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="customers_modify" id="customers_modify" {if $rights.customers_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="customers_create" id="customers_create" {if $rights.customers_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="customers_delete" id="customers_delete" {if $rights.customers_delete}checked{/if} /></td>
</tr>
<tr>
<td>库存</td>
<td><a href="javascript:;" onclick="checks('stocks')">库存数据</a></td>
<td><input type="checkbox" name="rights[]" value="stocks_view" id="stocks_view" {if $rights.stocks_view}checked{/if} /></td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('income')">采购入库</a></td>
<td><input type="checkbox" name="rights[]" value="income_view" id="income_view" {if $rights.income_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="income_modify" id="income_modify" {if $rights.income_modify}checked{/if} /></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('payout')">销售出库</a></td>
<td><input type="checkbox" name="rights[]" value="payout_view" id="payout_view" {if $rights.payout_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="payout_modify" id="payout_modify" {if $rights.payout_modify}checked{/if} /></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('moving')">库存调剂</a></td>
<td><input type="checkbox" name="rights[]" value="moving_view" id="moving_view" {if $rights.moving_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="moving_modify" id="moving_modify" {if $rights.moving_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="moving_create" id="moving_create" {if $rights.moving_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="moving_delete" id="moving_delete" {if $rights.moving_delete}checked{/if} /></td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('shops')">配置仓库</a></td>
<td><input type="checkbox" name="rights[]" value="shops_view" id="shops_view" {if $rights.shops_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="shops_modify" id="shops_modify" {if $rights.shops_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="shops_create" id="shops_create" {if $rights.shops_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="shops_delete" id="shops_delete" {if $rights.shops_delete}checked{/if} /></td>
</tr>
<tr>
<td>产品</td>
<td><a href="javascript:;" onclick="checks('products')">产品管理</a></td>
<td><input type="checkbox" name="rights[]" value="products_view" id="products_view" {if $rights.products_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="products_modify" id="products_modify" {if $rights.products_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="products_create" id="products_create" {if $rights.products_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="products_delete" id="products_delete" {if $rights.products_delete}checked{/if} /></td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;" onclick="checks('classes')">产品分类</a></td>
<td><input type="checkbox" name="rights[]" value="classes_view" id="classes_view" {if $rights.classes_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="classes_modify" id="classes_modify" {if $rights.classes_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="classes_create" id="classes_create" {if $rights.classes_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="classes_delete" id="classes_delete" {if $rights.classes_delete}checked{/if} /></td>
</tr>
<tr>
<td>设置</td>
<td><a href="javascript:;" onclick="checks('system')">系统参数</a></td>
<td><input type="checkbox" name="rights[]" value="system_view" id="system_view" {if $rights.system_view}checked{/if} /></td>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td><a href="javascript:;">用户权限</a></td>
<td><input type="checkbox" name="rights[]" value="managers_view" id="managers_view" {if $rights.managers_view}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="managers_modify" id="managers_modify" {if $rights.managers_modify}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="managers_create" id="managers_create" {if $rights.managers_create}checked{/if} /></td>
<td><input type="checkbox" name="rights[]" value="managers_delete" id="managers_delete" {if $rights.managers_delete}checked{/if} /></td>
</tr>
</table>
</div>
</td>
</tr>
</table>
<div class="fr mt10">
<input type="submit" val