auth_setup.asp

=== ==ASP销售管理系统

<!--#include file="../config.asp"-->
<!--#include file="../inc/check_login.asp"-->
<!--#include file="../inc/functions.asp"-->
<%
Application_ID = 6000100	'本功能编号，含义请查看编码表
if not CheckAuth(Session("Employee_ID"),Application_ID)	then	'验证权限
	Server.Transfer "../err/un_authorized.htm"
	response.end
end if
%>
<!--**************身份验证部分****************-->
<%
Employee_ID = request("Employee_ID")
Employee_Name = request("Employee_Name")
if not IsNot(Employee_ID,"n") then
	response.write "员工编号丢失"
	response.end
end if

Set conn = Server.CreateObject("ADODB.Connection")
Set rs = Server.CreateObject("ADODB.Recordset")
Set rs_child = Server.CreateObject("ADODB.Recordset")
conn.open connstr
sql = "sp_Employee_Auth_List " & Employee_ID
set rs = conn.execute(sql)
Application_List = ""
while not rs.eof
	Application_List = Application_List & rs("Application_ID") & "#"
	rs.movenext
wend
rs.close

function CheckedTag(Application_ID)
	CheckedTag = ""
	if InStr(1,Application_List,Application_ID & "#",1) then
		CheckedTag = " checked"
	end if
end function
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
	<title>Untitled</title>
	<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
	<LINK rel="stylesheet" type="text/css" href="../style.css">
</head>
<body>
员工姓名：<%= Employee_Name %>
<hr size=1>
<input type="radio" name="Auth_Group" value="sale" onClick="return AuthInit(this.value);"> 销售人员
<input type="radio" name="Auth_Group" value="project" onClick="return AuthInit(this.value);"> 项目人员
<input type="radio" name="Auth_Group" value="leader" onClick="return AuthInit(this.value);"> 公司领导
<input type="radio" name="Auth_Group" value="system" onClick="return AuthInit(this.value);"> 系统管理员
<form action="auth_setup_exe.asp" method="get" name="frm" id="frm">
<%
sql = "sp_System_Auth_Father_List"
set rs = conn.execute(sql)
i = 0	'总的权限数
while not rs.eof
%>
<table border=0>
<tr bgcolor="#EFEFEF">
	<td colspan=20>○<%= rs("Application_Name") %></td>
</tr>
<tr>
	<td valign="top">
		<%
		sql_child = "sp_System_Auth_Child_List " & rs("Application_ID")
		set rs_child = conn.execute(sql_child)
		j = 0	'分栏
		while not rs_child.eof
			if (j > 0) and (j mod 4 = 0) then
				response.write vbcrlf & "</td>" & vbcrlf & "<td valign=top>"
			end if
			%>
			<nobr><input id="<%= i %>" onClick="return CreateAuthList();" name="Application_<%= i %>" type="checkbox" value="<%= rs_child("Application_ID") %>" <%= CheckedTag(rs_child("Application_ID")) %>><%= rs_child("Application_Name") %>&nbsp;</nobr><br>
			<%
			j = j + 1
			'累加权限数
			i = i + 1
			rs_child.movenext
		wend
		rs_child.close
		%>
	</td>	
</tr>
</table>
<%
rs.movenext
wend
rs.close
set rs_child = nothing
set rs = nothing
conn.close
set conn = nothing
%>
<hr size=1>
<input type="hidden" name="Employee_ID" value="<%= Employee_ID %>">
<input type="hidden" name="Auth_List_No" size="50">
<input type="hidden" name="Auth_List" size="50" readonly value="<%= Application_List %>">
<input type="submit" name="Submit" value="保存权限分配">
</form>
</body>
</html>
<script language="JavaScript" type="text/javascript">
	//共 <%= i %> 个权限，0-<%= (i-1) %>
	<%
	'系统管理员权限，所有权限
	function auth_system()
		for a=0 to i-1
			response.write a & "#"
		next
	end function
	%>
	var auth_num = <%= (i-1) %>;
	//清除权限设置
	function FormInit(){
		for(i=0;i<=auth_num;i++){
			document.frm[i].checked = false;
		}
		document.frm.Auth_List.value = '';
		return true;
	}
	//重新生成权限列表
	function CreateAuthList(){
		document.frm.Auth_List.value = '';
		//document.frm.Auth_List_No.value = '';
		for(i=0;i<=auth_num;i++){
			if(document.frm[i].checked){
				document.frm.Auth_List.value += document.frm[i].value + '#';
				//document.frm.Auth_List_No.value += i + '#';
			}
		}
		return true;
	}
	function AuthInit(Auth_Group){
		//获得权限列表 auth（指表单的元素ID，用 # 号分）
		switch(Auth_Group){
			//权限预定义
			case 'sale':
				auth = '0#1#2#3#4#5#6#7#8#9#10#11#12#13#14#15#16#17#18#19#20#21#22#34#35#36#37#38#39#40#41#42#43#44#45#46#47#48#49#';
				break;
			case 'project':
				auth = '0#9#22#23#24#25#26#27#28#29#30#31#32#33#34#44#45#46#47#48#49#';
				break;
			case 'leader':
				auth = '0#22#34#45#49#';
				break;
			case 'system':
				auth = '<%= auth_system %>';
				break;			
			default :
				auth = '';
				break;
		}
		//清除权限设置
		FormInit();		
		//根据用户组的权限列表重新设置权限
		if(auth != ''){
			var ary_auth = new Array();
			ary_auth = auth.split('#');
			for(i=0;i<ary_auth.length;i++){
				if(j = ary_auth[i]){document.frm[j].checked = true;}
			}
		}
		//重新生成权限列表
		CreateAuthList();
		return true;
	}
</script>