chkuser.asp

方舟网免费空间申请程序(自助建站系统) v3.0 1 界面美观 2 后台管理功能强大：A 可以设置多种参数

<%	
	dim memberid
	dim Founduser,membername,memberword,hiddenuser,MasterFlag,lockuser,Active
	dim TopMaster,uclass
	dim Preview,GetPreview
	dim GroupSetStr
	dim GroupID '组ID
'----------------------------Path变量-----------------
	dim useQuota '空间配额 -1为不限制 
	dim QuotaArr			'配额数组
	dim useSize '已经使用的空间尺寸~~没次登陆作检测更新
	dim SizeArr '已经使用的空间尺寸~~数组
	dim Qi		'路径数组标号
		


	'管理权限项目初始化
	call CheckUser()
function ChkRoot(innerPath)
	for i=0 to ubound(pathArr)
		if Strcomp(left(innerPath,len( pathArr(i))),pathArr(i))=0 then
			ChkRoot=i
			exit function 
		end if
	next
	ChkRoot=0
end function

Sub CheckUser()
		Founduser=false
		TopMaster=false
		isMaster=false

		membername=checkStr(request.cookies("CooSel")("username"))
		memberword=checkStr(request.cookies("CooSel")("password"))
		memberid=GetValue(request.cookies("CooSel")("userid"),"int",-1)

if memberid<>-1 then
		sql="select MasterFlag,sflag,UserPath,lockuser,preview,GroupID,useSize,useQuota,Active from [userlist] where userid="&memberid&"  and userpassword='"&memberword&"' and username='"&membername&"' "
		set rs=server.createobject("adodb.recordset")
		rs.open sql,conn,0,1
		if rs.eof then
			info="<br><li>你尚未登陆，或进行不合法的操作。<li>或您的cookie不正确，请<a href=login.asp?action=exit>重新登陆</a>。"
			Response.write "<html><head><style>table{font-size:9pt}</style></head><body bgcolor='#e8e8e8' text='#000000' leftmargin='0' rightmargin='0' topmargin='0' bottommargin='20'>"
			call EndProc(info,1,"")
		else
				dim UserPathStr
				MasterFlag=rs(0)
				GroupSetStr=rs(1)
				'UserPath=rs(2)
				UserPathStr=trim(rs(2))
				lockuser=rs(3)
				preview=rs(4)
				GroupID=rs(5) 
				'useSize=rs(6)
				pathArr=split(rs(2),"|")
				QuotaArr=split(rs(7),"|")
				SizeArr=split(rs(6),"|")
				Qi=chkRoot(RequestPath)
				Active=rs(8)
				if UserPathStr="" or isempty(UserPathStr) or isNull(UserPathStr) then
					if MasterFlag=2 then 
						UserPathStr="/"
					else
						call EndProc("你没有被配置相应的管理路径",1,"")
					end if
				end if
				UserPath=pathArr(Qi)
				useSize=int(SizeArr(Qi))
				rs.close
				if GroupID=0 then
					pow=split(GroupSetStr,",")
					useQuota=int(QuotaArr(Qi))
				else
					rs.open "select GroupQuota,GroupSet,GroupName from [Groups] where GroupID="&GroupID,CONN,0,1
					if Not rs.eof then
						useQuota=int(rs(0))
						pow=split(rs(1),",")
					else
						call EndProc("不正确的所属组别，操作被中断",1,"")
					end if
					rs.close
				end if
			set rs=nothing
			if lockuser=1 then
				Response.write "<html><head><style>table{font-size:9pt}</style></head><body bgcolor='#e8e8e8' text='#000000' leftmargin='0' rightmargin='0' topmargin='0' bottommargin='20'>"
				call EndProc("<br><li>该帐号已经被锁定，不能访问！",1,"")
			elseif Active=0 then
				Response.write "<html><head><style>table{font-size:9pt}</style></head><body bgcolor='#e8e8e8' text='#000000' leftmargin='0' rightmargin='0' topmargin='0' bottommargin='20'>"
				call EndProc("<br><li>该帐号尚未被激活，不能访问！",1,"")
			else
				select case MasterFlag
				case 0
					Founduser=true
					for i=0 to ubound(pow) '普通用初始化权限
						for j=1 to 9
							if mid(pow(i),j,1)="1" then SetPower(i,j-1)=true
						next 
					next		
				case 1 
					Founduser=true
					isMaster=true
					for i=0 to ubound(pow) '普通管理员初始化权限
						for j=1 to 9
							if mid(pow(i),j,1)="1" then SetPower(i,j-1)=true
							''Response.write "SetPower("&i&","&j-1&")="&SetPower(i,j-1)&" // "
						next 
					next
				case 2 
					for i=0 to 2
						for j=0 to 8
						SetPower(i,j)=true
						next
					next
					Founduser=true
					isMaster=true
					TopMaster=true
				case else 
				end select
			end if
		end if
	else
		GetError "请先登陆,否则不能执行管理"
	end if
End Sub

'-----过滤SQL非法字符
Function checkStr(str)
	if isnull(str) then
		checkStr = ""
		exit Function 
	end if
	checkStr=replace(str,"'","''")
End Function
%>