📄 usermain.asp
字号:
<%dim ThisKey
ThisKey = "a"
%>
<!--#include file="../inc/permission.asp"-->
<!--#include file="../inc/conn.asp"-->
<!--#include file="../inc/const.asp"-->
<html>
<head>
<title>权限设置</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="../CSS/main.css">
<script language="JavaScript" src="../../Script/CommFunc.js"></script>
</head>
<%
ID=request("SelectID")
Unit=trim(request("Unit"))
Department=trim(request("Department"))
set rsu=server.createobject("ADODB.RecordSet")
rsu.open "select Unit from tblUnit where DaiHao="&Unit,conn,1,1
if not rsu.eof then
UnitN=trim(rsu("Unit"))
end if
rsu.close
rsu.open "select Department from tblDepartment where DaiHao="&Department,conn,1,1
if not rsu.eof then
Dept=trim(rsu("Department"))
end if
rsu.close
if ID="" then ID=0
'获取数据
dim strLoginName, strPwd, strConfirmPwd, strName, strUnit, strDept, strFGDept, strReadAtt, strZhiBie, strInfo, strRights
if ID="0" then
if request("cmdAdd")<>"" then
strLoginName=replace(trim(request("LoginName")),"'","''")
strPwd=replace(trim(request("Pwd")),"'","''")
strConfirmPwd=replace(trim(request("ConfirmPwd")),"'","''")
strName=replace(trim(Request("Name")),"'","''")
strUnit=trim(request("Unit"))
strDept=trim(request("Department"))
strFGDept=trim(request("FGDept"))
strReadAtt=trim(request("ReadAtt"))
strInfo=replace(trim(Request("Info")),"'","''")
if trim(Request("ZhiBie"))="" then
strZhiBie=1
else
strZhiBie=int(trim(Request("ZhiBie")))
end if
strRights=replace(trim(Request("Rights")),"'","''")
if strPwd="" or strPwd<>strConfirmPwd then
response.write "口令为空或确认口令和原口令不一致!<a href='javascript:histroy.back(-1);'>[返回]</a>"
response.end
end if
'口令加密
'set objMd5 = server.createobject("netpay.jmd5")
' strPwd=objMd5.macProcess (strPwd)
'set objMd5 = nothing
if strLoginName<>"" and strName<>"" and (not CheckUser(strLoginName)) then
AddUser
%>
<form name="returnform" action="User.asp?Unit=<%=Unit%>&Department=<%=Department%>" method="post" target="FrmRight">
<Script language="JavaScript">
returnform.submit();
</Script>
</form>
<body onload="javascript:window.close();">
<%
response.end
else
strAlertInfo="用户名有重复,请重新输入。<a href='javascript:histroy.back(-1);'>[返回]</a>"
end if
end if
else
if request("cmdUpdate")<>"" then
strLoginName=replace(trim(request("LoginName")),"'","''")
strPwd=replace(trim(request("Pwd")),"'","''")
strConfirmPwd=replace(trim(request("ConfirmPwd")),"'","''")
strName=replace(trim(Request("Name")),"'","''")
strUnit=trim(request("Unit"))
strDept=trim(request("Department"))
strFGDept=trim(request("FGDept"))
strReadAtt=trim(request("ReadAtt"))
strInfo=replace(trim(Request("Info")),"'","''")
if trim(Request("ZhiBie"))="" then
strZhiBie=1
else
strZhiBie=int(trim(Request("ZhiBie")))
end if
strRights=replace(trim(Request("Rights")),"'","''")
if lcase(strLoginName)="administrator" and lcase(Session("LoginName"))<>"administrator" then
response.write "你不能修改系统管理员的资料!<a href='javascript:histroy.back(-1);'>[返回]</a>"
response.end
end if
if strPwd="" or strPwd<>strConfirmPwd then
sql="update tblUserLogin set loginname='"& strLoginName &"',name='"& strName &"',info='"& strInfo &"',FGDept='"&strFGDept&"',ReadAtt='"&strReadAtt&"',ZhiBie="&strZhiBie&",rights='"& strRights &"' where ID=" & ID
conn.execute(sql)
response.write "资料修改成功,但您没有输入口令,所以保留了原口令。<a href=# onclick='javascript:window.close();'>[关闭窗口]</a>"
conn.close
%>
<form name="returnform" action="User.asp?Unit=<%=Unit%>&Department=<%=Department%>" method="post" target="FrmRight">
<Script language="JavaScript">
returnform.submit();
</Script>
</form>
<%
response.end
else
'口令加密
'set objMd5 = server.createobject("netpay.jmd5")
' strPwd=objMd5.macProcess (strPwd)
'set objMd5 = nothing
if strLoginName<>"" and strName<>"" and (not CheckUpdateUser (ID,strLoginName)) then
UpdateUser (ID)
response.write "数据修改成功。<a href=# onclick='javascript:window.close();'>[关闭窗口]</a>"
conn.close
%>
<form name="returnform" action="User.asp?Unit=<%=Unit%>&Department=<%=Department%>" method="post" target="FrmRight">
<Script language="JavaScript">
returnform.submit();
</Script>
</form>
<%
response.end
else
strAlertInfo="用户名可能有重复,请重新输入。<a href='javascript:histroy.back(-1);'>[返回]</a>"
end if
end if
end if
if request("cmdDelete")<>"" and ID<>"0" then
if ID="1" or GetUserName(ID)="Administrator" then
response.write "系统管理员不能删除!<a href=# onclick='javascript:window.close();'>[关闭窗口]</a>"
conn.close
response.end
end if
DeleteUser (ID)
response.write "用户删除成功。<a href=# onclick='javascript:window.close();'>[关闭窗口]</a>"
%>
<form name="returnform" action="User.asp?Unit=<%=Unit%>&Department=<%=Department%>" method="post" target="FrmRight">
<Script language="JavaScript">
returnform.submit();
</Script>
</form>
<%
response.end
end if
GetSelectUserData (ID)
end if
%>
<body bgcolor=#FFD680 topmargin="15" leftmargin="0" <%if strAlertInfo<>"" then response.write "onload=Javascript:alert("&strAlertInfo&")"%>>
<form NAME="Rightfrm" method="post">
<div align="center"><center>
<table border="0" cellspacing="1" cellpadding=1 wIDth="444" bgcolor=#0047b0>
<tr bgcolor=#ffffff>
<td height="30" wIDth="146" valign="mIDdle"> 用户登录名:</td>
<td height="30" wIDth="292" colspan="2" valign="mIDdle"><%if ID=0 then%><input TYPE="text" SIZE="25" Name="LoginName" maxlength="25" value=""><%else%><input type=hIDden name=LoginName value="<%=strLoginName%>"> <%=strLoginName%><%end if%></td>
</tr>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 登录口令:</td>
<td colspan="2" valign="mIDdle"><input TYPE="password" SIZE="25" NAME="Pwd" maxlength="40"> </td>
</tr>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 口令验证:</td>
<td colspan="2" valign="mIDdle"><input TYPE="password" SIZE="25" NAME="ConfirmPwd" maxlength="40" > </td>
</tr>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 姓名:</td>
<td colspan="2" valign="mIDdle"><input TYPE="text" SIZE="25" NAME="Name" maxlength="30" <%if ID<>"" then response.write " value="&strName%> > </td>
</tr>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 所在单位:</td>
<td colspan="2" valign="mIDdle">
<%=UnitN%>
<input type=hIDden name=Unit value="<%=Unit%>">
</td>
</tr>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 所在部门:</td>
<td colspan="2" valign="mIDdle">
<%=Dept%>
<input type=hIDden name=Department value="<%=Department%>">
</td>
</tr>
<%if Department="0" then%>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 分管部门:</td>
<td colspan="2" valign="mIDdle"><input type="button" value="选择分管部门" onClick="OpenNewWin('SelectFGDept.asp?FGDept=<%=strFGDept%>','SelectFGDept','wIDth=356,height=180,top=15,left=100,scrollbars')"><input type="button" value="清除" onClick="JavaScript:Rightfrm.FGDept.value='';">
<input type=hIDden name=FGDept value="<%=strFGDept%>">
</td>
</tr>
<%end if%>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 特殊浏览权限:</td>
<td colspan="2" valign="mIDdle"><input type="button" value="选择特殊浏览权限" onClick="OpenNewWin('SelectReadAtt.asp?ReadAtt=<%=strReadAtt%>','SelectReadAtt','width=530,height=480,top=15,left=100,scrollbars')"><input type="button" value="清除" onClick="JavaScript:Rightfrm.ReadAtt.value='';">
<input type=hIDden name=ReadAtt value="<%=strReadAtt%>">
</td>
</tr>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 描述:</td>
<td colspan="2" valign="mIDdle"><input TYPE="text" SIZE="25" NAME="Info" maxlength="100" <%if ID<>"" then response.write " value="&strInfo%> > </td>
</tr>
<%if Department<>"0" then%>
<tr bgcolor=#ffffff>
<td valign="mIDdle"> 职别:</td>
<%if strZhiBie=1 then
checked1="checked"
else
if strZhiBie=0 then
checked0="checked"
end if
end if%>
<td colspan="2" valign="mIDdle"><input TYPE="radio" SIZE="25" NAME="ZhiBie" <%=checked1%> value="1">处长 <input TYPE="radio" SIZE="25" NAME="ZhiBie" <%=checked0%> value="0">干事</td>
</tr>
<%end if%>
<tr bgcolor=#ffffff>
<td colspan=3> 模块权限:</td>
</tr>
<%set oRsRight=server.createobject("ADODB.RecordSet")
sql="select title,rkey from tbluserrights order by rkey"
oRsRight.open sql,conn,1,1
while not oRsRight.eof
%>
<tr bgcolor=#ffffff>
<td height="30" wIDth="146" valign="mIDdle">
<%if not oRsRight.eof then%>
<INPUT TYPE="checkbox" NAME="Rights" value="<%=trim(oRsRight("Rkey"))%>" <%if instr(strRights,trim(oRsRight("Rkey")))>0 then response.write " checked"%> >
<font color="#FF0080"> <%=trim(oRsRight("Title"))%></font>
<%oRsRight.movenext
end if%>
</td>
<td height="30" wIDth="146" valign="mIDdle">
<%if not oRsRight.eof then%>
<INPUT TYPE="checkbox" NAME="Rights" value="<%=trim(oRsRight("Rkey"))%>" <%if instr(strRights,trim(oRsRight("Rkey")))>0 then response.write " checked"%> >
<font color="#FF0080"> <%=trim(oRsRight("Title"))%></font>
<%oRsRight.movenext
end if%>
</td>
<td height="30" wIDth="146" valign="mIDdle">
<%if not oRsRight.eof then%>
<INPUT TYPE="checkbox" NAME="Rights" value="<%=trim(oRsRight("Rkey"))%>" <%if instr(strRights,trim(oRsRight("Rkey")))>0 then response.write " checked"%> >
<font color="#FF0080"> <%=trim(oRsRight("Title"))%></font>
<%oRsRight.movenext
end if%>
</td>
</tr>
<%wend
oRsRight.close
set oRsRight = nothing%>
<tr bgcolor=#ffffff>
<%if ID<>"0" then%>
<td></td>
<td height="30" valign="mIDdle" align="center">
<input type="Submit" value="修改信息" name="cmdUpdate" onclick="return CheckData();">
</td>
<td height="30" valign="mIDdle" align="center">
<input type="Submit" value="删除用户" name="cmdDelete" onclick="return CheckDelete();">
</td>
<%else%>
<td></td><td></td>
<td height="30" valign="mIDdle" align="center">
<input type="Submit" value="添加用户" name="cmdAdd" onclick="return CheckData();"></td>
<%end if%>
</tr>
</table>
</center></div>
</form>
</body>
</html>
<!--#include file="../inc/close.asp"-->
<%
Sub GetSelectUserData(ID) '查询数据
set strRstmp=Server.createobject("ADODB.RecordSet")
sql="select * from tblUserLogin where ID=" & ID
strRstmp.open sql,conn
if strRstmp.eof then
ID=""
else
strLoginName=trim(strRstmp("loginname"))
strPwd=trim(strRstmp("pwd"))
strName=trim(strRstmp("name"))
strFGDept=trim(strRstmp("FGDept"))
strReadAtt=trim(strRstmp("ReadAtt"))
strZhiBie=strRstmp("ZhiBie")
strInfo=trim(strRstmp("info"))
strRights=trim(strRstmp("rights"))
end if
strRstmp.close
set strRstmp = Nothing
End Sub
Sub AddUser '添加用户
sql="INSERT INTO tblUserLogin (LoginName,Pwd,Name,Unit,Dept,FGDept,ReadAtt,Info,ZhiBie,Rights) VALUES('"&strLoginName&"','"&strPwd&"','"&strName&"',"&strUnit&",'"&strDept&"','"&strFGDept&"','"&strReadAtt&"','" & strInfo & _
"',"&strZhiBie&",'"&strRights&"')"
conn.execute (sql)
ID = ""
End Sub
Sub DeleteUser(ID) '删除用户
sql="delete tblUserLogin where ID=" & ID
conn.execute(sql)
ID=""
End Sub
Sub UpdateUser(ID) '修改信息
sql="update tblUserLogin set loginname='"& strLoginName &"',pwd='"& strPwd &"',name='"& strName &"',FGDept='"&strFGDept&"',ReadAtt='"&strReadAtt&"',info='"& strInfo &"',ZhiBie="&strZhiBie&",rights='"& strRights &"' where ID=" & ID
conn.execute(sql)
End Sub
Function CheckUser(strName) '查找是否有重名用户
set strRstmp=Server.createobject("ADODB.RecordSet")
sql="select ID from tblUserLogin where loginname='" & trim(strName) & "'"
strRstmp.open sql,conn
if not strRstmp.eof then
bFindUser=true '错误,有相同的用户名
else
bFindUser=false
end if
strRstmp.close
set strRstmp = Nothing
CheckUser=bFindUser
End Function
Function CheckUpdateUser(ID,strName) '查找修改时是否有重名用户
set strRstmp=Server.createobject("ADODB.RecordSet")
sql="select ID from tblUserLogin where ID<>"& ID &" and loginname='" & trim(strName) & "'"
strRstmp.open sql,conn
if not strRstmp.eof then
bFindUser=true '错误,有相同的用户名
else
bFindUser=false
end if
strRstmp.close
set strRstmp = Nothing
CheckUpdateUser=bFindUser
End Function
%>
<script language=javascript>
function CheckData()
{
if(jtrim(document.Rightfrm.LoginName.value)=="")
{
alert("请输入登录用户名。")
document.Rightfrm.LoginName.focus();
return false;
}
if(jtrim(document.Rightfrm.LoginName.value).length>50)
{
alert("登录用户名不能超过50个字。")
document.Reportform.LoginName.focus();
return false;
}
if(jtrim(document.Rightfrm.Name.value)=="")
{
alert("请输入用户姓名。")
document.Rightfrm.Name.focus();
return false;
}
return true;
}
</script>
<script language=javascript src="../inc/jtrim.js"></script>
<script language=javascript>
function CheckDelete()
{
document.Rightfrm.cmdDelete.value !=""
return confirm("确实删除吗?");
}
</script>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -