⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站

📄 manager.class.asp

📁 一个很好的asp cms管理系统
💻 ASP
📖 第 1 页 / 共 2 页
字号:
<%
'////////////////////////////////////////////////////////////////////////
'本页:
'   Tsys 后台管理员信息类
'////////////////////////////////////////////////////////////////////////

Class Manager

    '初始化类'
    Private Sub Class_Initialize
    End Sub

    '函数:用户登录认证
    '参数:用户名, 密码, 登录Ip
    '返回:
    '       0 : 用户不存在
    '       1 : 登录成功
    '       2 : 用户被禁止登录
    '       3 : 密码有误
    '       4 : 侍定...
    Public Function Login(mUserName, mUserPwd, mUserIp)
        mUserName = LCase(mUserName)
        Dim Sql, Rs
        Sql = "SELECT TOP 1 * FROM view_manager WHERE title = '" & mUserName & "'"
        Set Rs = Db.ExeCute(Sql)

        '默认用户未登录'
        Logined = False

        '验证用户是否存在'
        If Rs.Eof And Rs.Bof Then
            Rs.Close
            Set Rs = Nothing
            Login = 0
            Exit Function
        End If

        If Rs("disabled") Then
            Rs.Close
            Set Rs = Nothing
            Login = 2
            Exit Function
        End If
        
        '验证密码是否正确'
        mUserPwd = md5(Cfg.Password_EncodeKey & md5(mUserPwd))

        If  mUserPwd <> Rs("pwd") Then
            '如果错误监视启动时间变空,或监视数为0,则启动监视器'
            If (Not IsDate(Rs("errstart"))) Or (Rs("errnum") = 0) Then
                Sql = "UPDATE manager_base SET errstart = GETDATE(),errnum = 1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
                Db.ExeCute(Sql)
                Login = 3
                Exit Function
            Else
                '是否在监视器有效时间范围内'
                If DateDiff("s",Now(),Rs("errstart")) <= Cfg.Manager_Range_ErrorTimeRang Then
                    '用户错误登录次数是否超出上限,超出则封账号'
                    If Rs("errnum") >= Cfg.Manager_LimitLoginError Then
                        Sql = "UPDATE manager_base SET errnum = 0,disabled = 1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
                        Db.ExeCute(Sql)
                        Login = 2
                        Exit Function
                    Else
                        Sql = "UPDATE manager_base SET errnum = errnum+1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
                        Db.ExeCute(Sql)
                        Login = 3
                        Exit Function
                    End If
                Else
                    '监视器已超时,复位监视参数'
                    Sql = "UPDATE manager_base SET errstart = GETDATE(),errnum = 1,err_total = err_total+1 WHERE title = '" & mUserName & "'"
                    Db.ExeCute(Sql)
                    Login = 3
                    Exit Function
                End If
            End If
        End If

        '登录成功后初始化用户信息'
        UserId              = Rs("id")
        UserName            = mUserName
        UserIp              = mUserIp
        Remark              = Rs("remark")
        Logined             = True
        Login = 1    

        '相关权限处理'
        PopedomList_Process Rs("role_popedom_list"), Rs("self_popedom_list")
        ResClass_Process Rs("role_res_class_list"), Rs("self_res_class_list")
        SpecialList_Process Rs("role_special_id_list"), Rs("self_special_id_list")
        FolderList_Process Rs("role_folder_list"), Rs("self_folder_list")

        '记录登录信息'
        Sql = "UPDATE manager_base SET login_total = login_total + 1, last_logintime2 = last_logintime, last_logintime=GETDATE(), last_loginip2 = last_loginip, last_loginip = '" & UserIp & "'  WHERE title='" & mUserName & "'"
        Db.ExeCute(Sql)
        Sql = "INSERT INTO login_log (title, login_time, login_ip)VALUES('" & mUserName & "', GETDATE(), '" & mUserIp & "')"
        Db.ExeCute(Sql)

    End Function

    '频道权限处理函数
    '参数:角色赋于的频道权限, 用户自身增回的频道权限
    '说明:
    '    权限的设置原则依据:将各权限标识位进行或(OR)运算。
    '    举例:
    '        现有一大类:游戏新闻,其权限为:浏览、删除、添加
    '        在“游戏新闻”分类下有一子分类:国内游戏新闻,其权限为:添加、审核
    '        则,最终管理员将得到的“游戏新闻”权限为:浏览、删除、添加、添加、审核。
    Private Function ResClass_Process(role_res_class_list, self_res_class_list)
        Dim RCPopedom, arrRCPopedom, I, arrRCPopedomItem, Sql

        If IsNull(role_res_class_list) Then
            role_res_class_list = ""
        End If

        If IsNull(self_res_class_list) Then
            self_res_class_list = ""
        End If

        If role_res_class_list = "" AND self_res_class_list = "" Then
            RCPopedom = ""
            Exit Function
        End If

        '组合频道权限'
        RCPopedom = role_res_class_list
        If self_res_class_list <> "" Then
            If RCPopedom <> "" Then
                RCPopedom = RCPopedom & ";"
            End If
            RCPopedom = RCPopedom & self_res_class_list
        End If
        
        Sql = "DELETE FROM online_manage_resclass_popedom WHERE  manager='" & UserName & "'"
        Db.ExeCute(Sql)

        arrRCPopedom = Split(RCPopedom, ";")
        For I=0 To Ubound(arrRCPopedom)
            arrRCPopedomItem = Split(arrRCPopedom(I), ",", 3)
            Sql = "INSERT INTO online_manage_resclass_popedom (manager, class_id, pope_flag, root_node)VALUES('" & UserName & "', " &arrRCPopedomItem(0) & ",  '" & arrRCPopedomItem(1) & "', " & arrRCPopedomItem(2) & ")"
            Db.ExeCute(Sql)
        Next

        For I=0 To Ubound(arrRCPopedom)
            arrRCPopedomItem = Split(arrRCPopedom(I), ",", 3)
            If arrRCPopedomItem(2) = "1" Then
                If RootNodeList<>"" Then                
                    RootNodeList = RootNodeList & ","
                End If
                RootNodeList = RootNodeList & arrRCPopedomItem(0)
            End If

            ResClass_Process_Search arrRCPopedomItem(0), arrRCPopedomItem(1)

        Next
    End Function

    '资源配置递归搜索,并处理权限标识位'
    Private Function ResClass_Process_Search(Parent, Root_PopeFlag)
        Dim Sql, Rs, Sql2, Rs2, tmpPopeFlag
            Sql = "SELECT * FROM res_class_list WHERE Parent=" & Parent
        Set Rs = Db.ExeCute(Sql)
        While Not Rs.Eof
            
            Sql2 = "SELECT TOP 1 * FROM online_manage_resclass_popedom WHERE manager='" & UserName & "' AND class_id=" & Rs("id")
            Set Rs2 = Db.ExeCute(Sql2)
            If Not(Rs2.Eof And Rs2.Bof) Then
                '当前分类权限已经存在,则计算最终权限并更新'
                tmpPopeFlag = FLib.PopeFlag_OR(Root_PopeFlag, Rs2("pope_flag"))
                Sql2 = "UPDATE online_manage_resclass_popedom SET pope_flag='" & tmpPopeFlag & "' WHERE class_id=" & Rs("id") & " AND  manager='" & UserName & "'"
                Db.ExeCute(Sql2)
            Else
                '当前分类权限不存在,则插入新记录'
                Sql2 = "INSERT INTO online_manage_resclass_popedom (manager, class_id, pope_flag, root_node)VALUES('" & UserName & "', " & Rs("id") & ", '" & Root_PopeFlag & "', 0)"
                Db.ExeCute(Sql2)
            End If
            Rs2.Close()
            ResClass_Process_Search Rs("id"), Root_PopeFlag
            Rs.MoveNext
        Wend
        Rs.Close()
        Set Rs = Nothing
    End Function

    '函数:初始化当前用户所具有的权限列表'
    Private Function PopedomList_Process(role_popedom_list, self_popedom_list)

        If IsNull(role_popedom_list) Then
            role_popedom_list = ""
        End If

        If IsNull(self_popedom_list) Then
            self_popedom_list = ""
        End If

        If role_popedom_list = "" AND self_popedom_list = "" Then
            PopedomList = ""
            Exit Function
        End If

        '是否具有所有管理员权限'
        If role_popedom_list = "-1" Or self_popedom_list = "-1" Then
            PopedomList = "-1"
            Exit Function
        End If

        Dim tempPopedom_IdList
            tempPopedom_IdList = role_popedom_list

        '组合权限'
        If self_popedom_list <> "" Then
            If tempPopedom_IdList <> "" Then
                tempPopedom_IdList = tempPopedom_IdList & ","
            End If
            tempPopedom_IdList = tempPopedom_IdList & self_popedom_list
        End If    

        '取出当前用户具有的权限Key列表,以逗号隔开'
        Dim Sql, Rs
        Sql = "SELECT pope_key FROM popedom_list WHERE id IN (" & tempPopedom_IdList & ")"

        Set Rs = Db.ExeCute(Sql)
        While Not Rs.Eof
            If PopedomList = "" Then
                PopedomList = Rs("pope_key")
            Else
                PopedomList = PopedomList & "," & Rs("pope_key")

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -