function() {
var user = db().table("manager").select("id, [user], nick, role").
where("[user]=@user and pass=@pass and state=1").
fetch({ user: form("username"), pass: md5(form("password"), 16) });
if(!user) return { err: "登录失败" };
me().bind(user);
return { id: user.id, nick: user.nick, user: user.user, role: user.role };
}function() {
if(!me().isLogin) return login();
if(!form().new1) return { err: "请输入新密码" };
if(!db().fetch("select id from manager where id=@id and pass=@pass", { id: me().id, pass: md5(form().old, 16) }))
return { err: "原密码不正确" };
db().update("manager", { pass: md5(form().new1, 16) }, { id: me().id });
return { msg: "密码修改成功" };
}function() {
if(!me().isLogin) return login();
if(me().role != 1) return { err: "没有权限" };
db().update("manager", { state: form().state }, { id: form().id });
return { msg: form().state == 1 ? "启用成功" : "禁用成功" };
}function() {
if(!me().isLogin) return login();
if(me().role != 1) return { err: "没有权限" };
var user = db().fetch("select id, [user], nick, role from manager where id=@id", { id: form("id") });
return !user ? { err: "用户不存在" } : user;
}function() {
if(!me().isLogin) return login();
if(me().role != 1) return { err: "没有权限" };
var data = form();
var id = ~~data.id;
if(!data.pass) delete data.pass;
else data.pass = md5(data.pass, 16);
data.role = data.role == "管理员" ? 1 : 2;
return !id ? addnew() : update();
function addnew() {
db().insert("manager", data);
return { msg: "创建成功" };
}
function update() {
if(id == 1) data.role = 1;
delete data.id;
db().update("manager", data, { id: id });
return { msg: "修改成功" };
}
}function() {
if(!me().isLogin) return login();
if(me().role != 1) return { err: "没有权限" };
var par = { id: form("id") };
if(par.id == 1) return { err: "系统账号不可操作" };
db().query("delete from manager where id=@id", par);
return { msg: "删除成功" };
}function() {
if(!me().isLogin) return login();
return db().query("select id, [user], nick, role, state from manager order by id");
}