odoorbell/image-pichost
1
2
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

上传文件至 admin

Browse Source
This commit is contained in:
小小白哦
2025-11-30 13:07:29 +00:00
parent e7884f2436
commit 176718129e
5 changed files with 243 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
admin/ajax_delete_image.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
require_once '../config.php';
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
echo json_encode(['success' => false, 'error' => '无权限']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
if ($input && isset($input['image_id'])) {
try {
// 先获取文件名以便删除物理文件
$stmt = $pdo->prepare("SELECT filename FROM images WHERE id = ?");
$stmt->execute([$input['image_id']]);
$image = $stmt->fetch(PDO::FETCH_ASSOC);
if ($image) {
// 删除数据库记录(会级联删除关联的标签)
$stmt = $pdo->prepare("DELETE FROM images WHERE id = ?");
$stmt->execute([$input['image_id']]);
// 删除物理文件
$file_path = '../uploads/' . $image['filename'];
if (file_exists($file_path)) {
unlink($file_path);
}
}
echo json_encode(['success' => true]);
} catch(PDOException $e) {
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}
} else {
echo json_encode(['success' => false, 'error' => '无效请求']);
}
?>

24
admin/ajax_delete_user.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
require_once '../config.php';
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
echo json_encode(['success' => false, 'error' => '无权限']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
if ($input && isset($input['user_id'])) {
try {
// 注意:这里会级联删除用户的所有图片
$stmt = $pdo->prepare("DELETE FROM users WHERE id = ? AND username != 'admin'");
$stmt->execute([$input['user_id']]);
echo json_encode(['success' => true]);
} catch(PDOException $e) {
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}
} else {
echo json_encode(['success' => false, 'error' => '无效请求']);
}
?>

23
admin/ajax_toggle_image.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
require_once '../config.php';
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
echo json_encode(['success' => false, 'error' => '无权限']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
if ($input && isset($input['image_id']) && isset($input['is_public'])) {
try {
$stmt = $pdo->prepare("UPDATE images SET is_public = ? WHERE id = ?");
$stmt->execute([$input['is_public'], $input['image_id']]);
echo json_encode(['success' => true]);
} catch(PDOException $e) {
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}
} else {
echo json_encode(['success' => false, 'error' => '无效请求']);
}
?>

23
admin/ajax_update_user.php Normal file
View File

@@ -0,0 +1,23 @@
<?php
require_once '../config.php';
if (!isset($_SESSION['user_id']) || $_SESSION['username'] !== 'admin') {
echo json_encode(['success' => false, 'error' => '无权限']);
exit;
}
$input = json_decode(file_get_contents('php://input'), true);
if ($input && isset($input['user_id']) && isset($input['role'])) {
try {
$stmt = $pdo->prepare("UPDATE users SET role = ? WHERE id = ? AND username != 'admin'");
$stmt->execute([$input['role'], $input['user_id']]);
echo json_encode(['success' => true]);
} catch(PDOException $e) {
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
}
} else {
echo json_encode(['success' => false, 'error' => '无效请求']);
}
?>

136
admin/feedbacks.php Normal file
View File

@@ -0,0 +1,136 @@
<?php
// 获取反馈列表
try {
$stmt = $pdo->query("
SELECT f.*, u.username
FROM feedbacks f
LEFT JOIN users u ON f.user_id = u.id
ORDER BY f.created_at DESC
LIMIT 50
");
$feedbacks = $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch(PDOException $e) {
$feedbacks = [];
}
?>
<div class="admin-section">
<h3>用户反馈</h3>
<div class="table-responsive">
<table class="admin-table">
<thead>
<tr>
<th>ID</th>
<th>用户</th>
<th>类型</th>
<th>主题</th>
<th>内容</th>
<th>状态</th>
<th>提交时间</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<?php foreach($feedbacks as $feedback): ?>
<tr>
<td><?php echo $feedback['id']; ?></td>
<td>
<?php if($feedback['username']): ?>
<?php echo htmlspecialchars($feedback['username']); ?>
<?php else: ?>
<em>匿名用户</em>
<?php endif; ?>
</td>
<td>
<?php
$typeLabels = [
'bug' => '错误报告',
'feature' => '功能建议',
'suggestion' => '改进建议',
'other' => '其他'
];
echo $typeLabels[$feedback['type']] ?? $feedback['type'];
?>
</td>
<td><?php echo htmlspecialchars($feedback['subject']); ?></td>
<td>
<div style="max-width: 300px; overflow: hidden; text-overflow: ellipsis;">
<?php echo htmlspecialchars($feedback['message']); ?>
</div>
</td>
<td>
<select onchange="updateFeedbackStatus(<?php echo $feedback['id']; ?>, this.value)">
<option value="pending" <?php echo $feedback['status'] === 'pending' ? 'selected' : ''; ?>>待处理</option>
<option value="reviewed" <?php echo $feedback['status'] === 'reviewed' ? 'selected' : ''; ?>>已审核</option>
<option value="resolved" <?php echo $feedback['status'] === 'resolved' ? 'selected' : ''; ?>>已解决</option>
</select>
</td>
<td><?php echo date('Y-m-d H:i', strtotime($feedback['created_at'])); ?></td>
<td>
<div class="admin-actions">
<button class="btn btn-sm" onclick="viewFeedback(<?php echo $feedback['id']; ?>)">
查看详情
</button>
<button class="btn btn-sm btn-danger"
onclick="deleteFeedback(<?php echo $feedback['id']; ?>)">
删除
</button>
</div>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<script>
function updateFeedbackStatus(feedbackId, newStatus) {
fetch('admin/ajax_update_feedback.php', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
feedback_id: feedbackId,
status: newStatus
})
})
.then(response => response.json())
.then(data => {
if (data.success) {
alert('反馈状态更新成功!');
} else {
alert('更新失败: ' + data.error);
}
});
}
function viewFeedback(feedbackId) {
// 这里可以打开一个模态框显示完整反馈内容
alert('查看反馈详情功能开发中...');
}
function deleteFeedback(feedbackId) {
if (!confirm('确定要删除这条反馈吗?')) return;
fetch('admin/ajax_delete_feedback.php', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
feedback_id: feedbackId
})
})
.then(response => response.json())
.then(data => {
if (data.success) {
alert('反馈删除成功!');
location.reload();
} else {
alert('删除失败: ' + data.error);
}
});
}
</script>