上传文件至 admin

admin/ajax_update_user.php

@@ -0,0 +1,23 @@
+<?php
+require_once '../config.php';
+
+if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
+    echo json_encode(['success' => false, 'error' => '无权限']);
+    exit;
+}
+
+$input = json_decode(file_get_contents('php://input'), true);
+
+if ($input && isset($input['user_id']) && isset($input['role'])) {
+    try {
+        $stmt = $pdo->prepare("UPDATE users SET role = ? WHERE id = ? AND username != 'admin'");
+        $stmt->execute([$input['role'], $input['user_id']]);
+        
+        echo json_encode(['success' => true]);
+    } catch(PDOException $e) {
+        echo json_encode(['success' => false, 'error' => $e->getMessage()]);
+    }
+} else {
+    echo json_encode(['success' => false, 'error' => '无效请求']);
+}
+?>