新闻中心
管理员认清回去的路没?
发布日期:2019-10-21 点击次数:24
问题:
后台管理员模块,编辑任意一条数据,然后返回,js报错导致页面展示一串json数据,如下图
原因:
管理员模块的列表是通过js,ajax的方式向后台请求数据,在请求的时候需要传递cmd,sSortDir_0,sSortCol_0排序等参数才能拿到正确的列表数据,然后展示出来;
但是返回的链接跳转后也同样带有cmd参数,由于它不是从js请求没有带sSortDir_0,sSortCol_0等参数,但是因为判断问题导致它也走到取数据的判断里,因此拿不到正确的数据,如下图所示
修改办法:
把取数据那里的判断修改,如下图
但是,这块还修复了不同用户组展示“编辑”和“删除”的权限问题,因此,建议直接将index方法直接覆盖,如果有另外的逻辑在覆盖的基础上开发,index方法如下
public function index() {
//实例化后台用户
$BeUser = D('BeUsers');
$BeGroup = D('BeGroups');
//处理ajax请求
if (IS_AJAX) {
//(标记)20160118 权限修复
//检验权限
$access_user_edit = checkAccess(CONTROLLER_NAME, 'user_edit');
$access_user_del = checkAccess(CONTROLLER_NAME, 'user_del');
$access_group_edit = checkAccess(CONTROLLER_NAME, 'group_edit');
$access_group_del = checkAccess(CONTROLLER_NAME, 'group_del');
switch (I('request.cmd')) {
//加载列表
case 'user_list':
//条件处理
$where = "deleted=0";
//(标记)20160118 权限修复
//检查用户权限
$User = session('BEUSER');
if($User['usergroup']!=1)$where .= " and id={$User['id']}";
$sortingArray = array('id', '', 'usergroup', '', '', '', 'hidden', '');
$ascDesc = I('post.sSortDir_0');
$sortColumn = $sortingArray[I('post.iSortCol_0')];
if (I('post.sSearch')) {
$sSearch = mysql_real_escape_string(I('post.sSearch'));
$where .= " and (username like '%{$sSearch}%' or email like '%{$sSearch}%')";
}
//main res
$dataArray = array();
$total = $BeUser->where($where)->count();
$list = $BeUser->where($where)->order($sortColumn . ' ' . $ascDesc)->limit(I('post.iDisplayStart') . ',' . I('post.iDisplayLength'))->select();
if ($list) {
foreach ($list as $row) {
//(标记)20160118 权限修复
$edit = $access_user_edit ? '<a href="' . U('Beusers/user_edit', array('id' => $row['id'])) . '" class="btn green-stripe mini">编辑</a>' : "";
$del = $access_user_del ? '<a href="' . U('Beusers/del', array('id' => $row['id'], 'type' => 'users')) . '" class="btn red-stripe mini del">删除</a></div>' : "";
$dataArray[] = array(
$row['id'],
$row['username'],
M('BeGroups')->where(array('id' => $row['usergroup']))->getField('title'),
$row['lastloginip'] ? $row['lastloginip'] : '-',
$row['lastlogin'] ? date('Y-m-d H:i:s', $row['lastlogin']) : '-',
$row['email'],
$row['hidden'] ? '<span class="label label-inverse">停用</span>' : '<span class="label label-success">启用</span>',
//(标记)20160118 权限修复
'<div class="action_btn">'.$edit.$del.'</div>'
);
}
}
//json数据
$outputArray = array(
'sEcho' => I('post.sEcho'),
'iTotalRecords' => $total,
'iTotalDisplayRecords' => $total,
'aaData' => $dataArray
);
echo json_encode($outputArray);
break;
//加载组列表
case 'group_list':
//条件处理
$where = "deleted=0";
$sortingArray = array('id', 'title', '', 'hidden', '');
$ascDesc = I('post.sSortDir_0');
$sortColumn = $sortingArray[I('post.iSortCol_0')];
if (I('post.sSearch')) {
$sSearch = mysql_real_escape_string(I('post.sSearch'));
$where .= " and (title like '%{$sSearch}%' or remark like '%{$sSearch}%')";
}
//main res
$dataArray = array();
$total = $BeGroup->where($where)->count();
$list = $BeGroup->where($where)->order($sortColumn . ' ' . $ascDesc)->limit(I('post.iDisplayStart') . ',' . I('post.iDisplayLength'))->select();
if ($list) {
foreach ($list as $row) {
//(标记)20160118 权限修复
$edit = $access_group_edit ? '<a href="' . U('Beusers/group_edit', array('id' => $row['id'])) . '" class="btn green-stripe mini">编辑</a>' : "";
$del = $access_group_del ? '<a href="' . U('Beusers/del', array('id' => $row['id'], 'type' => 'groups')) . '" class="btn red-stripe mini del">删除</a>' : "";
$dataArray[] = array(
$row['id'],
$row['title'],
$row['remark'],
$row['hidden'] ? '<span class="label label-inverse">停用</span>' : '<span class="label label-success">启用</span>',
//(标记)20160118 权限修复
'<div class="action_btn">'.$edit.$del.'</div>'
);
}
}
//json数据
$outputArray = array(
'sEcho' => I('post.sEcho'),
'iTotalRecords' => $total,
'iTotalDisplayRecords' => $total,
'aaData' => $dataArray
);
echo json_encode($outputArray);exit;
break;
default:
break;
}
exit;
}
$this->display();
}
发表评论: