产品ID不能为空';
} elseif ($name === '') {
$msg = '产品名称不能为空
';
} else {
$stmt = $pdo->prepare('SELECT id FROM products WHERE code = ?');
$stmt->execute([$code]);
if ($stmt->fetch()) {
$msg = '产品ID已存在
';
} else {
$stmt = $pdo->prepare('INSERT INTO products (code, name, api_url, token, remark) VALUES (?, ?, ?, ?, ?)');
$stmt->execute([$code, $name, $apiUrl ?: null, $token ?: null, $remark ?: null]);
$_SESSION['flash_msg'] = '产品已添加';
$_SESSION['flash_type'] = 'success';
header('Location: product_manage.php');
exit;
}
}
}
// 编辑
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit'])) {
if (!verifyCsrf($_POST['csrf_token'] ?? '')) { die('CSRF token无效'); }
$id = (int)($_POST['id'] ?? 0);
$code = trim($_POST['code'] ?? '');
$name = trim($_POST['name'] ?? '');
$apiUrl = trim($_POST['api_url'] ?? '');
$token = trim($_POST['token'] ?? '');
$remark = trim($_POST['remark'] ?? '');
if ($code === '') {
$msg = '产品ID不能为空
';
} elseif ($name === '') {
$msg = '产品名称不能为空
';
} else {
$stmt = $pdo->prepare('SELECT id FROM products WHERE code = ? AND id != ?');
$stmt->execute([$code, $id]);
if ($stmt->fetch()) {
$msg = '产品ID已被其他产品使用
';
} else {
$stmt = $pdo->prepare('UPDATE products SET code = ?, name = ?, api_url = ?, token = ?, remark = ?, updated_at = NOW(), updated_by = ? WHERE id = ?');
$stmt->execute([$code, $name, $apiUrl ?: null, $token ?: null, $remark ?: null, getCurrentUserId(), $id]);
$_SESSION['flash_msg'] = '产品已更新';
$_SESSION['flash_type'] = 'success';
header('Location: product_manage.php');
exit;
}
}
}
// 切换状态
if (isset($_GET['toggle']) && is_numeric($_GET['toggle'])) {
if (!verifyCsrf($_GET['csrf_token'] ?? '')) {
$_SESSION['flash_msg'] = 'CSRF token无效';
$_SESSION['flash_type'] = 'danger';
} else {
$id = (int)$_GET['toggle'];
$stmt = $pdo->prepare('SELECT status FROM products WHERE id = ?');
$stmt->execute([$id]);
$current = (int)$stmt->fetchColumn();
$newStatus = $current ? 0 : 1;
$stmt = $pdo->prepare('UPDATE products SET status = ?, updated_at = NOW(), updated_by = ? WHERE id = ?');
$stmt->execute([$newStatus, getCurrentUserId(), $id]);
$_SESSION['flash_msg'] = $newStatus ? '产品已启用' : '产品已禁用';
$_SESSION['flash_type'] = 'success';
}
header('Location: product_manage.php');
exit;
}
$stmt = $pdo->query('SELECT p.*, u.username FROM products p LEFT JOIN users u ON p.updated_by = u.id ORDER BY p.id ASC');
$products = $stmt->fetchAll();
?>
产品管理
| ID |
产品ID |
产品名称 |
接口地址 |
Token |
备注 |
状态 |
修改时间 |
修改用户 |
操作 |
|
|
|
|
|
|
启用' : '禁用' ?> |
|
|
|
| 暂无产品 |