adminchkpurview.asp

零度白茶影视系统好东西要大家分享

<%
dim AdminName,AdminPurview,PurviewPassed
dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
	response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许直接输入地址访问本系统的后台管理页面。</font></p>"
	response.end
else
	cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
	if mid(ComeUrl,len(cUrl)+1,1)=":" then
		cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
	end if
	cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
	if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
		response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许从外部链接地址访问本系统的后台管理页面。</font></p>"
		response.end
	end if
end if

AdminName=replace(session("AdminName"),"'","")
if AdminName="" then
	''call CloseConn()
	response.redirect "Adminlogin.asp"
end if
sqlGetAdmin="select * from Admin where UserName='" & AdminName & "'"
set rsGetAdmin=conn.execute(sqlGetAdmin)
if rsGetAdmin.bof and rsGetAdmin.eof then
	rsGetAdmin.close
	set rsGetAdmin=nothing
	'call CloseConn()
	response.redirect "Adminlogin.asp"
end if
AdminPurview=rsGetAdmin("Purview")
rsGetAdmin.close
set rsGetAdmin=nothing
%>