上传文件至 admin
This commit is contained in:
37
admin/ajax_delete_image.php
Normal file
37
admin/ajax_delete_image.php
Normal file
@@ -0,0 +1,37 @@
|
||||
<?php
|
||||
require_once '../config.php';
|
||||
|
||||
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
|
||||
echo json_encode(['success' => false, 'error' => '无权限']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
if ($input && isset($input['image_id'])) {
|
||||
try {
|
||||
// 先获取文件名以便删除物理文件
|
||||
$stmt = $pdo->prepare("SELECT filename FROM images WHERE id = ?");
|
||||
$stmt->execute([$input['image_id']]);
|
||||
$image = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($image) {
|
||||
// 删除数据库记录(会级联删除关联的标签)
|
||||
$stmt = $pdo->prepare("DELETE FROM images WHERE id = ?");
|
||||
$stmt->execute([$input['image_id']]);
|
||||
|
||||
// 删除物理文件
|
||||
$file_path = '../uploads/' . $image['filename'];
|
||||
if (file_exists($file_path)) {
|
||||
unlink($file_path);
|
||||
}
|
||||
}
|
||||
|
||||
echo json_encode(['success' => true]);
|
||||
} catch(PDOException $e) {
|
||||
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
||||
}
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'error' => '无效请求']);
|
||||
}
|
||||
?>
|
||||
24
admin/ajax_delete_user.php
Normal file
24
admin/ajax_delete_user.php
Normal file
@@ -0,0 +1,24 @@
|
||||
<?php
|
||||
require_once '../config.php';
|
||||
|
||||
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
|
||||
echo json_encode(['success' => false, 'error' => '无权限']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
if ($input && isset($input['user_id'])) {
|
||||
try {
|
||||
// 注意:这里会级联删除用户的所有图片
|
||||
$stmt = $pdo->prepare("DELETE FROM users WHERE id = ? AND username != 'admin'");
|
||||
$stmt->execute([$input['user_id']]);
|
||||
|
||||
echo json_encode(['success' => true]);
|
||||
} catch(PDOException $e) {
|
||||
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
||||
}
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'error' => '无效请求']);
|
||||
}
|
||||
?>
|
||||
23
admin/ajax_toggle_image.php
Normal file
23
admin/ajax_toggle_image.php
Normal file
@@ -0,0 +1,23 @@
|
||||
<?php
|
||||
require_once '../config.php';
|
||||
|
||||
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
|
||||
echo json_encode(['success' => false, 'error' => '无权限']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
if ($input && isset($input['image_id']) && isset($input['is_public'])) {
|
||||
try {
|
||||
$stmt = $pdo->prepare("UPDATE images SET is_public = ? WHERE id = ?");
|
||||
$stmt->execute([$input['is_public'], $input['image_id']]);
|
||||
|
||||
echo json_encode(['success' => true]);
|
||||
} catch(PDOException $e) {
|
||||
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
||||
}
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'error' => '无效请求']);
|
||||
}
|
||||
?>
|
||||
23
admin/ajax_update_user.php
Normal file
23
admin/ajax_update_user.php
Normal file
@@ -0,0 +1,23 @@
|
||||
<?php
|
||||
require_once '../config.php';
|
||||
|
||||
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
|
||||
echo json_encode(['success' => false, 'error' => '无权限']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$input = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
if ($input && isset($input['user_id']) && isset($input['role'])) {
|
||||
try {
|
||||
$stmt = $pdo->prepare("UPDATE users SET role = ? WHERE id = ? AND username != 'admin'");
|
||||
$stmt->execute([$input['role'], $input['user_id']]);
|
||||
|
||||
echo json_encode(['success' => true]);
|
||||
} catch(PDOException $e) {
|
||||
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
||||
}
|
||||
} else {
|
||||
echo json_encode(['success' => false, 'error' => '无效请求']);
|
||||
}
|
||||
?>
|
||||
136
admin/feedbacks.php
Normal file
136
admin/feedbacks.php
Normal file
@@ -0,0 +1,136 @@
|
||||
<?php
|
||||
// 获取反馈列表
|
||||
try {
|
||||
$stmt = $pdo->query("
|
||||
SELECT f.*, u.username
|
||||
FROM feedbacks f
|
||||
LEFT JOIN users u ON f.user_id = u.id
|
||||
ORDER BY f.created_at DESC
|
||||
LIMIT 50
|
||||
");
|
||||
$feedbacks = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
} catch(PDOException $e) {
|
||||
$feedbacks = [];
|
||||
}
|
||||
?>
|
||||
<div class="admin-section">
|
||||
<h3>用户反馈</h3>
|
||||
|
||||
<div class="table-responsive">
|
||||
<table class="admin-table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>ID</th>
|
||||
<th>用户</th>
|
||||
<th>类型</th>
|
||||
<th>主题</th>
|
||||
<th>内容</th>
|
||||
<th>状态</th>
|
||||
<th>提交时间</th>
|
||||
<th>操作</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php foreach($feedbacks as $feedback): ?>
|
||||
<tr>
|
||||
<td><?php echo $feedback['id']; ?></td>
|
||||
<td>
|
||||
<?php if($feedback['username']): ?>
|
||||
<?php echo htmlspecialchars($feedback['username']); ?>
|
||||
<?php else: ?>
|
||||
<em>匿名用户</em>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
<td>
|
||||
<?php
|
||||
$typeLabels = [
|
||||
'bug' => '错误报告',
|
||||
'feature' => '功能建议',
|
||||
'suggestion' => '改进建议',
|
||||
'other' => '其他'
|
||||
];
|
||||
echo $typeLabels[$feedback['type']] ?? $feedback['type'];
|
||||
?>
|
||||
</td>
|
||||
<td><?php echo htmlspecialchars($feedback['subject']); ?></td>
|
||||
<td>
|
||||
<div style="max-width: 300px; overflow: hidden; text-overflow: ellipsis;">
|
||||
<?php echo htmlspecialchars($feedback['message']); ?>
|
||||
</div>
|
||||
</td>
|
||||
<td>
|
||||
<select onchange="updateFeedbackStatus(<?php echo $feedback['id']; ?>, this.value)">
|
||||
<option value="pending" <?php echo $feedback['status'] === 'pending' ? 'selected' : ''; ?>>待处理</option>
|
||||
<option value="reviewed" <?php echo $feedback['status'] === 'reviewed' ? 'selected' : ''; ?>>已审核</option>
|
||||
<option value="resolved" <?php echo $feedback['status'] === 'resolved' ? 'selected' : ''; ?>>已解决</option>
|
||||
</select>
|
||||
</td>
|
||||
<td><?php echo date('Y-m-d H:i', strtotime($feedback['created_at'])); ?></td>
|
||||
<td>
|
||||
<div class="admin-actions">
|
||||
<button class="btn btn-sm" onclick="viewFeedback(<?php echo $feedback['id']; ?>)">
|
||||
查看详情
|
||||
</button>
|
||||
<button class="btn btn-sm btn-danger"
|
||||
onclick="deleteFeedback(<?php echo $feedback['id']; ?>)">
|
||||
删除
|
||||
</button>
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
function updateFeedbackStatus(feedbackId, newStatus) {
|
||||
fetch('admin/ajax_update_feedback.php', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
},
|
||||
body: JSON.stringify({
|
||||
feedback_id: feedbackId,
|
||||
status: newStatus
|
||||
})
|
||||
})
|
||||
.then(response => response.json())
|
||||
.then(data => {
|
||||
if (data.success) {
|
||||
alert('反馈状态更新成功!');
|
||||
} else {
|
||||
alert('更新失败: ' + data.error);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function viewFeedback(feedbackId) {
|
||||
// 这里可以打开一个模态框显示完整反馈内容
|
||||
alert('查看反馈详情功能开发中...');
|
||||
}
|
||||
|
||||
function deleteFeedback(feedbackId) {
|
||||
if (!confirm('确定要删除这条反馈吗?')) return;
|
||||
|
||||
fetch('admin/ajax_delete_feedback.php', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
},
|
||||
body: JSON.stringify({
|
||||
feedback_id: feedbackId
|
||||
})
|
||||
})
|
||||
.then(response => response.json())
|
||||
.then(data => {
|
||||
if (data.success) {
|
||||
alert('反馈删除成功!');
|
||||
location.reload();
|
||||
} else {
|
||||
alert('删除失败: ' + data.error);
|
||||
}
|
||||
});
|
||||
}
|
||||
</script>
|
||||
Reference in New Issue
Block a user