46 lines
1.1 KiB
PHP
Executable File
46 lines
1.1 KiB
PHP
Executable File
<?php
|
||
session_start();
|
||
require_once('./config.php');
|
||
|
||
// 验证用户是否登录
|
||
if (!isset($_SESSION['user_id'])) {
|
||
die("未授权访问!");
|
||
}
|
||
|
||
// 获取当前用户ID
|
||
$currentUserId = $_SESSION['user_id'];
|
||
|
||
// 查询当前用户等级
|
||
$stmt = $conn->prepare("SELECT level FROM users WHERE id = ?");
|
||
$stmt->bind_param("i", $currentUserId);
|
||
$stmt->execute();
|
||
$result = $stmt->get_result();
|
||
$userData = $result->fetch_assoc();
|
||
$stmt->close();
|
||
|
||
// 检查是否为管理员(等级4)
|
||
if ($userData['level'] != 4) {
|
||
die("权限不足!");
|
||
}
|
||
|
||
// 处理编辑用户逻辑
|
||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||
$userId = $_POST['user_id'];
|
||
$username = $_POST['username'];
|
||
$level = $_POST['level'];
|
||
$points = $_POST['points'];
|
||
$email = $_POST['email'];
|
||
|
||
$stmt = $conn->prepare("UPDATE users SET username=?, level=?, points=?, email=? WHERE id=?");
|
||
$stmt->bind_param("siisi", $username, $level, $points, $email, $userId);
|
||
|
||
if ($stmt->execute()) {
|
||
echo "用户更新成功!";
|
||
} else {
|
||
echo "更新失败:" . $stmt->error;
|
||
}
|
||
$stmt->close();
|
||
}
|
||
|
||
$conn->close();
|
||
?>
|