通达OA2010档案管理查询文件出问题完美解决补丁

taoshucheng · 发表于 2011-3-18 13:43:33

本帖最后由 taoshucheng 于 2011-3-18 17:28 编辑

通达OA2010无论哪个版本，我都测试了，出问题的情况如下：
利用admin身份查询文件，选择“文件密级”，能查询没有问题，把测试用户设置为OA管理员权限也能查询，
但是只要不是OA管理权限，即使分配了档案管理的所有权限给测试用户，只要选择“密级”来查询，就会报错。不选择就没有问题，请各位高手帮忙看看是什么原因
错误代码如下：
错误#1052： Column 'SECRET' in where clause is ambiguous
SQL语句: SELECT * from RMS_FILE,RMS_ROLL where RMS_FILE.ROLL_ID=RMS_ROLL.ROLL_ID and (RMS_FILE.ADD_USER='test' or RMS_ROLL.MANAGER='test') and RMS_FILE.DEL_USER='' and SECRET='2' order by SEND_DATE desc
文件： D:/MYOA/webroot/general/roll_manage/roll_file/search.php
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in D:\MYOA\webroot\general\roll_manage\roll_file\search.php on line 258

这个是通达的BUG，quanglong老大已经完美的解决，附上下载地址：

search.rar (2.93 KB, 下载次数: 39)

quanglong · 发表于 2011-3-18 15:07:50

回复 taoshucheng 的帖子

<?php
include_once( "inc/auth.php" );
include_once( "inc/check_type.php" );
include_once( "inc/utility_all.php" );
echo "\r\n<html>\r\n<head>\r\n<title>文件查询</title>\r\n<meta http-equiv="Content-Type" content="text/html; charset=gb2312">\r\n<script>\r\nfunction open_file(FILE_ID)\r\n{\r\n URL="../read_file.php?FILE_ID="+FILE_ID;\r\n myleft=(screen.availWidth-500)/2;\r\n mytop=150\r\n mywidth=550;\r\n myheight=400;\r\n window.open(URL,"read_file","height="+myheight+",width="+mywidth+",status=1,toolbar=no,menubar=no,location=no,scrollbars=yes,top="+mytop+",left="+myleft+",resizable=yes");\r\n}\r\n\r\nfunction delete_file(FILE_ID,CUR_PAGE)\r\n{\r\n msg='确认要销毁该项文件么？';\r\n if(window.confirm(msg))\r\n {\r\n URL="delete.php?FILE_ID=" + FILE_ID + "&CUR_PAGE=" + CUR_PAGE;\r\n window.location=URL;\r\n }\r\n}\r\n\r\n\r\nfunction delete_all()\r\n{\r\n delete_str="";\r\n for(i=0;i<document.all("file_select").length;i++)\r\n {\r\n\r\n el=document.all("file_select").item(i);\r\n if(el.checked)\r\n { val=el.value;\r\n delete_str+=val + ",";\r\n }\r\n }\r\n\r\n if(i==0)\r\n {\r\n el=document.all("file_select");\r\n if(el.checked)\r\n { val=el.value;\r\n delete_str+=val + ",";\r\n }\r\n }\r\n\r\n if(delete_str=="")\r\n {\r\n alert("要销毁文件，请至少选择其中一个。");\r\n document.form1.reset();\r\n return;\r\n }\r\n\r\n\r\n msg='确认要销毁已选中的文件么？';\r\n if(window.confirm(msg))\r\n {\r\n url="./delete_all.php?DELETE_STR="+ delete_str +"&PAGE_START=";
echo $PAGE_START;
echo "";\r\n window.location=url;\r\n }\r\n}\r\nfunction export_all()\r\n{\r\n delete_str="";\r\n for(i=0;i<document.all("file_select").length;i++)\r\n {\r\n\r\n el=document.all("file_select").item(i);\r\n if(el.checked)\r\n { val=el.value;\r\n delete_str+=val + ",";\r\n }\r\n }\r\n\r\n if(i==0)\r\n {\r\n el=document.all("file_select");\r\n if(el.checked)\r\n { val=el.value;\r\n delete_str+=val + ",";\r\n }\r\n }\r\n\r\n if(delete_str=="")\r\n {\r\n alert("请至少选择其中一个。");\r\n document.form1.reset();\r\n return;\r\n }\r\n url="export_all.php?DELETE_STR="+ delete_str +"&PAGE_START=";
echo $PAGE_START;
echo "";\r\n window.open(url);\r\n}\r\n\r\nfunction order_by(field,asc_desc)\r\n{\r\n window.location="index1.php?CUR_PAGE=";
echo $CUR_PAGE;
echo "&TYPE=";
echo $TYPE;
echo "&FIELD="+field+"&ASC_DESC="+asc_desc;\r\n}\r\n\r\nfunction file_troop(type)\r\n{\r\n\tdocument.form1.action="troop.php?CUR_PAGE=";
echo $CUR_PAGE;
echo "&FIELD=";
echo $FIELD;
echo "&ASC_DESC=";
echo $ASC_DESC;
echo "";\r\n\tdocument.form1.target='_self';\r\n\tdocument.form1.submit();\r\n}\r\n\r\nfunction check_all()\r\n{\r\n for (i=0;i<document.all("file_select").length;i++)\r\n {\r\n if(document.all("allbox").checked)\r\n document.all("file_select").item(i).checked=true;\r\n else\r\n document.all("file_select").item(i).checked=false;\r\n }\r\n\r\n if(i==0)\r\n {\r\n if(document.all("allbox").checked)\r\n document.all("file_select").checked=true;\r\n else\r\n document.all("file_select").checked=false;\r\n }\r\n}\r\n\r\nfunction change_roll()\r\n{\r\n delete_str="";\r\n for(i=0;i<document.all("file_select").length;i++)\r\n {\r\n\r\n el=document.all("file_select").item(i);\r\n if(el.checked)\r\n { val=el.value;\r\n delete_str+=val + ",";\r\n }\r\n }\r\n\r\n if(i==0)\r\n {\r\n el=document.all("file_select");\r\n if(el.checked)\r\n { val=el.value;\r\n delete_str+=val + ",";\r\n }\r\n }\r\n\r\n if(delete_str=="")\r\n {\r\n alert("要组卷文件，请至少选择其中一个。");\r\n document.form1.reset();\r\n return;\r\n }\r\n\r\n roll_id=document.all("ROLL_ID").value;\r\n url="./change_roll.php?DELETE_STR="+ delete_str +"&ROLL_ID="+roll_id+"&PAGE_START=";
echo $PAGE_START;
echo "";\r\n location=url;\r\n}\r\nfunction check_one(el)\r\n{\r\n if(!el.checked)\r\n document.all("allbox").checked=false;\r\n}\r\n</script>\r\n</head>\r\n<body class="bodycolor" topmargin="5">\r\n\r\n";
$connection = openconnection( );
$CUR_DATE = date( "Y-m-d", time( ) );
if ( $SEND_DATE0 != "" )
{
$TIME_OK = is_date( $SEND_DATE0 );
if ( !$TIME_OK )
{
message( "错误", ""发文日期"的格式不对，应形如 ".$CUR_DATE );
button_back( );
exit( );
}
$SEND_DATE0 .= " 00:00:00";
}
if ( $SEND_DATE1 != "" )
{
$TIME_OK = is_date( $SEND_DATE1 );
if ( !$TIME_OK )
{
message( "错误", ""发文日期"的格式不对，应形如 ".$CUR_DATE );
button_back( );
exit( );
}
$SEND_DATE1 .= " 23:59:59";
}
$CONDITION_STR = "";
if ( $FILE_CODE != "" )
{
$CONDITION_STR .= " and FILE_CODE like '%".$FILE_CODE."%'";
}
if ( $FILE_SUBJECT != "" )
{
$CONDITION_STR .= " and FILE_SUBJECT like '%".$FILE_SUBJECT."%'";
}
if ( $FILE_TITLE != "" )
{
$CONDITION_STR .= " and FILE_TITLE like '%".$FILE_TITLE."%'";
}
if ( $FILE_TITLE0 != "" )
{
$CONDITION_STR .= " and FILE_TITLE0 like '%".$FILE_TITLE0."%'";
}
if ( $SEND_UNIT != "" )
{
$CONDITION_STR .= " and SEND_UNIT like '%".$SEND_UNIT."%'";
}
if ( $REMARK != "" )
{
$CONDITION_STR .= " and RMS_FILE.REMARK like '%".$REMARK."%'";
}
if ( $SECRET != "" )
{
$CONDITION_STR .= " and SECRET='".$SECRET."'";
}
if ( $URGENCY != "" )
{
$CONDITION_STR .= " and URGENCY='".$URGENCY."'";
}
if ( $FILE_TYPE != "" )
{
$CONDITION_STR .= " and FILE_TYPE='".$FILE_TYPE."'";
}
if ( $FILE_KIND != "" )
{
$CONDITION_STR .= " and FILE_KIND='".$FILE_KIND."'";
}
if ( $SEND_DATE0 != "" )
{
$CONDITION_STR .= " and SEND_DATE>='".$SEND_DATE0."'";
}
if ( $SEND_DATE1 != "" )
{
$CONDITION_STR .= " and SEND_DATE<='".$SEND_DATE1."'";
}
if ( $FILE_PAGE0 != "" )
{
$CONDITION_STR .= " and FILE_PAGE>='".$FILE_PAGE0."'";
}
if ( $FILE_PAGE1 != "" )
{
$CONDITION_STR .= " and FILE_PAGE<='".$FILE_PAGE1."'";
}
if ( $PRINT_PAGE0 != "" )
{
$CONDITION_STR .= " and PRINT_PAGE>='".$PRINT_PAGE0."'";
}
if ( $PRINT_PAGE1 != "" )
{
$CONDITION_STR .= " and PRINT_PAGE<='".$PRINT_PAGE1."'";
}
echo "\r\n<table border="0" width="100%" cellspacing="0" cellpadding="3" class="small">\r\n <tr>\r\n <td class="Big"><img src="/images/menu/infofind.gif" align="absMiddle"><span class="big3"> 文件查询结果</span><br>\r\n </td>\r\n </tr>\r\n</table>\r\n\r\n";
if ( $LOGIN_USER_PRIV == "1" )
{
$query = "SELECT * from RMS_FILE where DEL_USER=''";
}
else
{
$query = "SELECT * from RMS_FILE,RMS_ROLL where RMS_FILE.ROLL_ID=RMS_ROLL.ROLL_ID and (RMS_FILE.ADD_USER='".$LOGIN_USER_ID."' or RMS_ROLL.MANAGER='{$LOGIN_USER_ID}') and RMS_FILE.DEL_USER='' ";
}
$query .= $CONDITION_STR." order by SEND_DATE desc";
$cursor = exequery( $connection, $query );
$RMS_FILE_COUNT = 0;
while ( $ROW = mysql_fetch_array( $cursor ) )
{
++$RMS_FILE_COUNT;
$FILE_ID = $ROW['FILE_ID'];
$FILE_CODE = $ROW['FILE_CODE'];
$FILE_TITLE = $ROW['FILE_TITLE'];
$SECRET = $ROW['SECRET'];
$SEND_UNIT = $ROW['SEND_UNIT'];
$SEND_DATE = $ROW['SEND_DATE'];
$URGENCY = $ROW['URGENCY'];
$ROLL_ID = $ROW['ROLL_ID'];
$FILE_TITLE = htmlspecialchars( $FILE_TITLE );
if ( $SEND_DATE == "0000-00-00" )
{
$SEND_DATE = "";
}
$SECRET = get_code_name( $SECRET, "RMS_SECRET" );
$URGENCY = get_code_name( $URGENCY, "RMS_URGENCY" );
$query1 = "SELECT * from RMS_ROLL where ROLL_ID='".$ROLL_ID."'";
$cursor1 = exequery( $connection, $query1 );
$STATUS = "";
if ( $ROW = mysql_fetch_array( $cursor1 ) )
{
$ROLL_NAME = $ROW['ROLL_NAME'];
$STATUS = $ROW['STATUS'];
}
if ( $RMS_FILE_COUNT % 2 == 1 )
{
$TableLine = "TableLine1";
}
else
{
$TableLine = "TableLine2";
}
if ( $RMS_FILE_COUNT == 1 )
{
echo "<table class="TableList" width="95%">\r\n <tr class="TableHeader">\r\n\t <td nowrap align="center"><input type="checkbox" name="allbox" id="allbox_for" onClick="check_all();"></td> \r\n <td nowrap align="center">文件号</td>\r\n <td nowrap align="center">文件标题</td>\r\n <td nowrap align="center">密级</td>\r\n <td nowrap align="center">发文单位</td>\r\n <td nowrap align="center">发文时间<img border=0 src="/images/arrow_down.gif" width="11" height="10"></td>\r\n <td nowrap align="center">所属案卷</td>\r\n <td nowrap align="center">操作</td>\r\n </tr>\r\n";
}
echo " <tr class="";
echo $TableLine;
echo "">\r\n\t <td nowrap align="center">\r\n";
if ( $STATUS != 1 )
{
echo " \t \t\r\n\t \t<input type="checkbox" name="file_select" value="";
echo $FILE_ID;
echo "" onClick="check_one(self);">\r\n";
}
else
{
echo " ";
}
echo " \t \t\r\n\t \t</td>\r\n <td align="center">\r\n <a href="javascript:open_file('";
echo $FILE_ID;
echo "');">";
echo $FILE_CODE;
echo "</a>\r\n </td>\r\n <td nowrap align="center">";
echo $FILE_TITLE;
echo "</td>\r\n <td nowrap align="center">";
echo $SECRET;
echo "</td>\r\n <td nowrap align="center">";
echo $SEND_UNIT;
echo "</td>\r\n <td nowrap align="center">";
echo $SEND_DATE;
echo "</td>\r\n <td nowrap align="center">";
echo $ROLL_NAME;
echo "</td>\r\n <td nowrap align="center">\r\n";
if ( $STATUS != 1 )
{
echo " \r\n <a href="modify.php?FILE_ID=";
echo $FILE_ID;
echo "&CUR_PAGE=";
echo $CUR_PAGE;
echo ""> 修改</a>\r\n <a href="javascript:delete_file('";
echo $FILE_ID;
echo "','";
echo $CUR_PAGE;
echo "');"> 销毁</a>\r\n";
}
else
{
echo "案卷已封";
}
echo " \r\n </td>\r\n </tr>\r\n";
}
if ( $RMS_FILE_COUNT == 0 )
{
message( "", "无符合条件的文件" );
button_back( );
exit( );
}
echo "<tr class="TableControl">\r\n<td colspan="9">\r\n<b>文件操作：</b>\r\n\t\r\n\t组卷至：<select name=ROLL_ID onChange="change_roll();" class="SmallSelect">\r\n\t\t<option value="">请选择案卷</option>\r\n\t";
$query = "SELECT * from RMS_ROLL where STATUS=0";
$cursor = exequery( $connection, $query );
while ( $ROW = mysql_fetch_array( $cursor ) )
{
$ROLL_ID = $ROW['ROLL_ID'];
$ROLL_CODE = $ROW['ROLL_CODE'];
$ROLL_NAME = $ROW['ROLL_NAME'];
echo "\t\t<option value=";
echo $ROLL_ID;
echo ">";
echo $ROLL_CODE;
echo " - ";
echo $ROLL_NAME;
echo "</option>\r\n\t";
}
echo "\t</select>\r\n\r\n\r\n <input type="button" value="批量销毁" class="SmallButton" onClick="delete_all()" title="销毁已选中文件"> \r\n <input type="button" value="批量导出" class="SmallButton" onClick="export_all()" title="批量导出">\r\n</td>\r\n</tr>\r\n</table>\r\n";
button_back( );
echo "</body>\r\n\r\n</html>\r\n";
?>

复制代码

这个确实有问题，我在看。解决中--

在线等 · 发表于 2011-3-18 15:45:54

帮你顶。现在学习中，还不会
不过，想问一句，你们怎么都有明文的源码啊。我下载的都是加密的

taoshucheng · 发表于 2011-3-18 16:17:53

谢谢quanglong
老大V5

我爱小黑 · 发表于 2011-3-18 23:38:56

测试确有此问题，感谢q大解决问题！！！感谢taoshucheng发现问题！！！

jacker · 发表于 2011-3-19 09:12:10

原来是官方的BUG了。quanglong 就是厉害，能和G老大相比了

账号		自动登录	找回密码
密码			注册

在线客服

工作时间

热线电话

站长

[推荐] 通达OA2010档案管理查询文件出问题完美解决补丁