hnu202326010101
/
mailbox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'develop'
${ noResults }
mailbox/backend/admin/api/users.php

282 lines
7.4 KiB
Raw Permalink Blame History

<?php
/**
* 用户管理API
*/
// 设置错误报告
error_reporting(E_ALL);
ini_set('display_errors', 0);
// 设置JSON响应头
header('Content-Type: application/json; charset=utf-8');
// 包含必要的类
require_once '../../utils/Config.php';
require_once '../../utils/Logger.php';
require_once '../../utils/Helper.php';
require_once '../../utils/Database.php';
// 处理请求
try {
// 获取请求方法
$method = $_SERVER['REQUEST_METHOD'] ?? 'GET';
// 连接数据库
$db = Database::getInstance();
// 根据请求方法处理
switch ($method) {
case 'GET':
// 获取用户列表
getUsers($db);
break;
case 'POST':
// 检查是否是登录请求
$data = json_decode(file_get_contents('php://input'), true);
if (isset($data['login']) && $data['login'] === true) {
// 登录请求
loginUser($db, $data);
} else {
// 添加或编辑用户
saveUser($db);
}
break;
case 'DELETE':
// 删除用户
deleteUser($db);
break;
default:
echo json_encode([
'success' => false,
'message' => '不支持的请求方法'
]);
break;
}
} catch (Exception $e) {
echo json_encode([
'success' => false,
'message' => '服务器内部错误: ' . $e->getMessage()
]);
}
/**
* 获取用户列表
* @param Database $db 数据库实例
*/
function getUsers($db) {
// 获取请求参数
$page = isset($_GET['page']) ? (int)$_GET['page'] : 1;
$search = isset($_GET['search']) ? $_GET['search'] : '';
$perPage = 10;
$offset = ($page - 1) * $perPage;
// 构建查询条件
$where = '';
$params = [];
if (!empty($search)) {
$where = "WHERE (username LIKE ? OR email LIKE ?) AND is_deleted = 0";
$searchParam = "%$search%";
$params = [$searchParam, $searchParam];
} else {
$where = "WHERE is_deleted = 0";
}
// 查询用户总数
$totalSql = "SELECT COUNT(*) as total FROM user $where";
$totalResult = $db->fetchOne($totalSql, $params);
$total = $totalResult['total'];
// 查询用户列表
$usersSql = "SELECT * FROM user $where ORDER BY create_time DESC LIMIT ? OFFSET ?";
$usersParams = array_merge($params, [$perPage, $offset]);
$users = $db->fetchAll($usersSql, $usersParams);
// 格式化用户数据
$formattedUsers = [];
foreach ($users as $user) {
$formattedUsers[] = [
'username' => $user['username'],
'email' => $user['email'],
'is_admin' => (bool)$user['is_admin'],
'is_enabled' => (bool)$user['is_enabled'],
'created_at' => $user['create_time'],
'updated_at' => $user['updated_at']
];
}
// 返回响应
echo json_encode([
'success' => true,
'data' => [
'users' => $formattedUsers,
'total' => $total,
'page' => $page,
'perPage' => $perPage,
'totalPages' => ceil($total / $perPage)
]
]);
}
/**
* 保存用户信息(添加或编辑)
* @param Database $db 数据库实例
*/
function saveUser($db) {
// 获取请求数据
$data = json_decode(file_get_contents('php://input'), true);
if (!$data) {
echo json_encode([
'success' => false,
'message' => '无效的请求数据'
]);
return;
}
// 验证必填字段
if (empty($data['username']) || empty($data['email'])) {
echo json_encode([
'success' => false,
'message' => '用户名和邮箱不能为空'
]);
return;
}
// 检查邮箱格式
if (!filter_var($data['email'], FILTER_VALIDATE_EMAIL)) {
echo json_encode([
'success' => false,
'message' => '无效的邮箱格式'
]);
return;
}
// 检查用户名是否已存在
$existingUser = $db->fetchOne("SELECT username FROM user WHERE username = ? OR email = ?", [
$data['username'],
$data['email']
]);
if ($existingUser) {
echo json_encode([
'success' => false,
'message' => '用户名或邮箱已存在'
]);
return;
}
// 验证密码
if (empty($data['password'])) {
echo json_encode([
'success' => false,
'message' => '密码不能为空'
]);
return;
}
// 添加用户
$db->insert(
"INSERT INTO user (username, password, email, is_admin, is_enabled, create_time, updated_at, is_deleted) VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
[
$data['username'],
Helper::encryptPassword($data['password']),
$data['email'],
(bool)$data['is_admin'],
(bool)$data['is_enabled'],
date('Y-m-d H:i:s'),
date('Y-m-d H:i:s'),
0
]
);
echo json_encode([
'success' => true,
'message' => '用户添加成功'
]);
}
/**
* 删除用户
* @param Database $db 数据库实例
*/
function deleteUser($db) {
// 获取请求参数
$username = isset($_GET['username']) ? $_GET['username'] : '';
if (empty($username)) {
echo json_encode([
'success' => false,
'message' => '无效的用户名'
]);
return;
}
// 检查用户是否存在
$user = $db->fetchOne("SELECT username FROM user WHERE username = ?", [$username]);
if (!$user) {
echo json_encode([
'success' => false,
'message' => '用户不存在'
]);
return;
}
// 删除用户(软删除)
$db->update(
"UPDATE user SET is_deleted = 1, updated_at = ? WHERE username = ?",
[date('Y-m-d H:i:s'), $username]
);
echo json_encode([
'success' => true,
'message' => '用户删除成功'
]);
}
/**
* 用户登录
* @param Database $db 数据库实例
* @param array $data 登录数据
*/
function loginUser($db, $data) {
// 验证必填字段
if (empty($data['username']) || empty($data['password'])) {
echo json_encode([
'success' => false,
'message' => '用户名和密码不能为空'
]);
return;
}
// 查询用户
$sql = "SELECT * FROM user WHERE username = ? AND is_deleted = 0 AND is_enabled = 1";
$user = $db->fetchOne($sql, [$data['username']]);
if ($user && password_verify($data['password'], $user['password'])) {
// 登录成功
// 构建用户信息
$userInfo = [
'username' => $user['username'],
'email' => $user['email'],
'is_admin' => (bool)$user['is_admin'],
'is_enabled' => (bool)$user['is_enabled'],
'created_at' => $user['create_time'],
'updated_at' => $user['updated_at']
];
echo json_encode([
'success' => true,
'message' => '登录成功',
'data' => [
'user' => $userInfo
]
]);
} else {
// 登录失败
echo json_encode([
'success' => false,
'message' => '用户名或密码错误'
]);
}
}
Reference in new issue View Git Blame Copy Permalink