📄 manager.class.asp
字号:
<%
'////////////////////////////////////////////////////////////////////////
'本页:
' Tsys 后台管理员信息类
'////////////////////////////////////////////////////////////////////////
Class Manager
'初始化类'
Private Sub Class_Initialize
End Sub
'函数:用户登录认证
'参数:用户名, 密码, 登录Ip
'返回:
' 0 : 用户不存在
' 1 : 登录成功
' 2 : 用户被禁止登录
' 3 : 密码有误
' 4 : 侍定...
Public Function Login(mUserName, mUserPwd, mUserIp)
mUserName = LCase(mUserName)
Dim Sql, Rs
Sql = "SELECT TOP 1 * FROM view_manager WHERE title = '" & mUserName & "'"
Set Rs = Db.ExeCute(Sql)
'默认用户未登录'
Logined = False
'验证用户是否存在'
If Rs.Eof And Rs.Bof Then
Rs.Close
Set Rs = Nothing
Login = 0
Exit Function
End If
If Rs("disabled") Then
Rs.Close
Set Rs = Nothing
Login = 2
Exit Function
End If
'验证密码是否正确'
mUserPwd = md5(Cfg.Password_EncodeKey & md5(mUserPwd))
If mUserPwd <> Rs("pwd") Then
'如果错误监视启动时间变空,或监视数为0,则启动监视器'
If (Not IsDate(Rs("errstart"))) Or (Rs("errnum") = 0) Then
Sql = "UPDATE manager_base SET errstart = GETDATE(),errnum = 1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
Db.ExeCute(Sql)
Login = 3
Exit Function
Else
'是否在监视器有效时间范围内'
If DateDiff("s",Now(),Rs("errstart")) <= Cfg.Manager_Range_ErrorTimeRang Then
'用户错误登录次数是否超出上限,超出则封账号'
If Rs("errnum") >= Cfg.Manager_LimitLoginError Then
Sql = "UPDATE manager_base SET errnum = 0,disabled = 1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
Db.ExeCute(Sql)
Login = 2
Exit Function
Else
Sql = "UPDATE manager_base SET errnum = errnum+1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
Db.ExeCute(Sql)
Login = 3
Exit Function
End If
Else
'监视器已超时,复位监视参数'
Sql = "UPDATE manager_base SET errstart = GETDATE(),errnum = 1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
Db.ExeCute(Sql)
Login = 3
Exit Function
End If
End If
End If
'登录成功后初始化用户信息'
UserId = Rs("id")
UserName = mUserName
UserIp = mUserIp
Remark = Rs("remark")
Logined = True
Login = 1
'相关权限处理'
PopedomList_Process Rs("role_popedom_list"), Rs("self_popedom_list")
ResClass_Process Rs("role_res_class_list"), Rs("self_res_class_list")
SpecialList_Process Rs("role_special_id_list"), Rs("self_special_id_list")
FolderList_Process Rs("role_folder_list"), Rs("self_folder_list")
'记录登录信息'
Sql = "UPDATE manager_base SET login_total = login_total + 1, last_logintime2 = last_logintime, last_logintime=GETDATE(), last_loginip2 = last_loginip, last_loginip = '" & UserIp & "' WHERE title='" & mUserName & "'"
Db.ExeCute(Sql)
Sql = "INSERT INTO login_log (title, login_time, login_ip)VALUES('" & mUserName & "', GETDATE(), '" & mUserIp & "')"
Db.ExeCute(Sql)
End Function
'频道权限处理函数
'参数:角色赋于的频道权限, 用户自身增回的频道权限
'说明:
' 权限的设置原则依据:将各权限标识位进行或(OR)运算。
' 举例:
' 现有一大类:游戏新闻,其权限为:浏览、删除、添加
' 在“游戏新闻”分类下有一子分类:国内游戏新闻,其权限为:添加、审核
' 则,最终管理员将得到的“游戏新闻”权限为:浏览、删除、添加、添加、审核。
Private Function ResClass_Process(role_res_class_list, self_res_class_list)
Dim RCPopedom, arrRCPopedom, I, arrRCPopedomItem, Sql
If IsNull(role_res_class_list) Then
role_res_class_list = ""
End If
If IsNull(self_res_class_list) Then
self_res_class_list = ""
End If
If role_res_class_list = "" AND self_res_class_list = "" Then
RCPopedom = ""
Exit Function
End If
'组合频道权限'
RCPopedom = role_res_class_list
If self_res_class_list <> "" Then
If RCPopedom <> "" Then
RCPopedom = RCPopedom & ";"
End If
RCPopedom = RCPopedom & self_res_class_list
End If
Sql = "DELETE FROM online_manage_resclass_popedom WHERE manager='" & UserName & "'"
Db.ExeCute(Sql)
arrRCPopedom = Split(RCPopedom, ";")
For I=0 To Ubound(arrRCPopedom)
arrRCPopedomItem = Split(arrRCPopedom(I), ",", 3)
Sql = "INSERT INTO online_manage_resclass_popedom (manager, class_id, pope_flag, root_node)VALUES('" & UserName & "', " &arrRCPopedomItem(0) & ", '" & arrRCPopedomItem(1) & "', " & arrRCPopedomItem(2) & ")"
Db.ExeCute(Sql)
Next
For I=0 To Ubound(arrRCPopedom)
arrRCPopedomItem = Split(arrRCPopedom(I), ",", 3)
If arrRCPopedomItem(2) = "1" Then
If RootNodeList<>"" Then
RootNodeList = RootNodeList & ","
End If
RootNodeList = RootNodeList & arrRCPopedomItem(0)
End If
ResClass_Process_Search arrRCPopedomItem(0), arrRCPopedomItem(1)
Next
End Function
'资源配置递归搜索,并处理权限标识位'
Private Function ResClass_Process_Search(Parent, Root_PopeFlag)
Dim Sql, Rs, Sql2, Rs2, tmpPopeFlag
Sql = "SELECT * FROM res_class_list WHERE Parent=" & Parent
Set Rs = Db.ExeCute(Sql)
While Not Rs.Eof
Sql2 = "SELECT TOP 1 * FROM online_manage_resclass_popedom WHERE manager='" & UserName & "' AND class_id=" & Rs("id")
Set Rs2 = Db.ExeCute(Sql2)
If Not(Rs2.Eof And Rs2.Bof) Then
'当前分类权限已经存在,则计算最终权限并更新'
tmpPopeFlag = FLib.PopeFlag_OR(Root_PopeFlag, Rs2("pope_flag"))
Sql2 = "UPDATE online_manage_resclass_popedom SET pope_flag='" & tmpPopeFlag & "' WHERE class_id=" & Rs("id") & " AND manager='" & UserName & "'"
Db.ExeCute(Sql2)
Else
'当前分类权限不存在,则插入新记录'
Sql2 = "INSERT INTO online_manage_resclass_popedom (manager, class_id, pope_flag, root_node)VALUES('" & UserName & "', " & Rs("id") & ", '" & Root_PopeFlag & "', 0)"
Db.ExeCute(Sql2)
End If
Rs2.Close()
ResClass_Process_Search Rs("id"), Root_PopeFlag
Rs.MoveNext
Wend
Rs.Close()
Set Rs = Nothing
End Function
'函数:初始化当前用户所具有的权限列表'
Private Function PopedomList_Process(role_popedom_list, self_popedom_list)
If IsNull(role_popedom_list) Then
role_popedom_list = ""
End If
If IsNull(self_popedom_list) Then
self_popedom_list = ""
End If
If role_popedom_list = "" AND self_popedom_list = "" Then
PopedomList = ""
Exit Function
End If
'是否具有所有管理员权限'
If role_popedom_list = "-1" Or self_popedom_list = "-1" Then
PopedomList = "-1"
Exit Function
End If
Dim tempPopedom_IdList
tempPopedom_IdList = role_popedom_list
'组合权限'
If self_popedom_list <> "" Then
If tempPopedom_IdList <> "" Then
tempPopedom_IdList = tempPopedom_IdList & ","
End If
tempPopedom_IdList = tempPopedom_IdList & self_popedom_list
End If
'取出当前用户具有的权限Key列表,以逗号隔开'
Dim Sql, Rs
Sql = "SELECT pope_key FROM popedom_list WHERE id IN (" & tempPopedom_IdList & ")"
Set Rs = Db.ExeCute(Sql)
While Not Rs.Eof
If PopedomList = "" Then
PopedomList = Rs("pope_key")
Else
PopedomList = PopedomList & "," & Rs("pope_key")
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -