admin_lockuser.asp

公司企业网站管理系统全站源码,用于企业内部对网站的管理

<!--#include file="conn.asp"-->
<!-- #include file="inc/const.asp" -->
<!--#include file="inc/dv_clsother.asp"-->
<!-- #include file="inc/GroupPermission.asp" -->
<!--#include file="inc/md5.asp"-->
<!--#include file="dv_dpo/cls_dvapi.asp"-->
<%
'============================
'7.2修改说明:               =
'优化参数提取流程           =
'对奖励或惩罚数值做大小限制 =
'============================
Dvbbs.Loadtemplates("")
Dim username
Dim locktype
Dim ip,BoardID
Dim TotalUseTable
Dim AdminUserPer
Dim UpdateBoardID,i,Rs,Sql
AdminUserPer=false
If (Dvbbs.master or Dvbbs.boardmaster or Dvbbs.superboardmaster) and Cint(Dvbbs.GroupSetting(42))=1 Then
	AdminUserPer=True 
Else 
	AdminUserPer=False
End If
If Dvbbs.UserGroupID > 3 And CInt(Dvbbs.GroupSetting(42))=1 Then
	AdminUserPer=True
End If 
If Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(42))=1 Then
	AdminUserPer=True
ElseIf Dvbbs.FoundUserPer and Cint(Dvbbs.GroupSetting(42))=0 Then
	AdminUserPer=False
End If
Dim userid
Dim action
action=Request("action")
userid=Request("userid")
username=Request("name")
ip=Dvbbs.UserTrueIP
Dvbbs.stats="管理用户"
Dvbbs.nav()
If username="" Then
	Response.redirect "showerr.asp?ErrCodes=<li>请指定所操作的用户！&action=OtherErr"
Else
	username=Dvbbs.CheckStr(username)
End If
Dvbbs.Head_Var 2,0,"",""
Dvbbs.ShowErr()
If userid<> "" Then
	userid=Dvbbs.CheckStr(userid)
	If Not IsNumeric(userid) Then Response.redirect "showerr.asp?ErrCodes=<li>非法的参数。&action=OtherErr"
Else
	Set Rs=Dvbbs.Execute("SELECT UserID FROM [Dv_User] WHERE Username = '"&Username&"' ")
	If Not Rs.EOF Then
		UserID=Rs(0)
	Else
		UserID=0
	End If
	Set Rs=Nothing
End If 

If Not Dvbbs.ChkPost()  Then
	Response.redirect "showerr.asp?ErrCodes=<li>您不要从外部提交数据&action=OtherErr"
End If
If action="power" Then
	Call Poweruser()
ElseIf action="DelTopic" then
	Call DelTopic()
ElseIf action="getpermission" then
	Call boardlist()
ElseIf action="userBoardPermission" then
	Call GetUserPermission()
ElseIf action="saveuserpermission" then
	Call saveuserpermission()
ElseIf action="DelUserReply" then
	Call DelUserReply()
Else
	Call lockuser()
End If

Dvbbs.activeonline()
Dvbbs.footer()

Sub lockuser()
	Dim canlockuser
	canlockuser=false
	if (Dvbbs.master or Dvbbs.boardmaster or Dvbbs.superboardmaster) and Cint(Dvbbs.GroupSetting(28))=1 Then
		canlockuser=True 
	Else
		canlockuser=False 
	End If
	If Dvbbs.UserGroupID > 3 And CInt(Dvbbs.GroupSetting(28))=1 Then canlockuser=True
	If Dvbbs.FoundUserPer And  Cint(Dvbbs.GroupSetting(28))=1 Then
		canlockuser=True
	ElseIf Dvbbs.FoundUserPer and Cint(Dvbbs.GroupSetting(28))=0 Then 
		canlockuser=False 
	End If 

	If Not canlockuser then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr"
	
	Dim UserStatus
	If action="lock_1" Then
		UserStatus = 1
		locktype="锁定"
	ElseIf action="lock_2" then
		UserStatus= 2
		locktype="屏蔽"
	ElseIf action="lock_3" then
		UserStatus = 0
		locktype="解锁"
	Else
		Response.redirect "showerr.asp?ErrCodes=<li>请指定正确的参数！&action=OtherErr"
		Exit Sub
	End If

	'-----------------------------------------------------------------
	'系统整合
	'-----------------------------------------------------------------
	Dim DvApi_Obj,DvApi_SaveCookie,SysKey
	If DvApi_Enable Then
		Md5OLD = 1
		SysKey = Md5(username&DvApi_SysKey,16)
		Md5OLD = 0
		Set DvApi_Obj = New DvApi
			DvApi_Obj.NodeValue "syskey",SysKey,0,False
			DvApi_Obj.NodeValue "action","lock",0,False
			DvApi_Obj.NodeValue "username",username,1,False
			DvApi_Obj.NodeValue "userstatus",UserStatus,1,False
			DvApi_Obj.SendHttpData
			If DvApi_Obj.Status = "1" Then
				Response.redirect "showerr.asp?ErrCodes="& DvApi_Obj.Message &"&action=OtherErr"
			End If
		Set DvApi_Obj = Nothing
	End If
	'-----------------------------------------------------------------

	Dvbbs.Execute("update [dv_user] set LockUser="&UserStatus&" where userid="&userid&" and UserGroupID > 1")
	sql="insert into Dv_log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作："&locktype& "','"&ip&"',6)"
	Dvbbs.Execute(sql)

	Dvbbs.Dvbbs_suc("<li>您选择的用户已经"&locktype&"。您的操作已经记录在案。")
End Sub

Sub Poweruser()
	Dim title,content
	Dim canlockuser
	canlockuser=false
	If (Dvbbs.master or Dvbbs.boardmaster or Dvbbs.superboardmaster) And CInt(Dvbbs.GroupSetting(43))=1 Then
		canlockuser=True 
	Else 
		canlockuser=False 
	End If 
	If Dvbbs.UserGroupID > 3 And  Cint(Dvbbs.GroupSetting(43))=1 Then canlockuser=True 
	If Dvbbs.FoundUserPer And  CInt(Dvbbs.GroupSetting(43))=1 Then
		canlockuser=True 
	ElseIf Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(43))=0 Then
		canlockuser=False
	End If 

	If Not canlockuser Then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr"
	If request("checked")="yes" Then
		Dim doWealth,douserEP,douserCP,douserPower
		Dim doWealthMsg,douserEPMsg,douserCPMsg,douserPowerMsg,allMsg
		doWealth=Request("doWealth")
		douserEP=Request("douserEP")
		douserCP=Request("douserCP")
		douserPower=Request("douserPower")		
		If Not IsNumeric(doWealth)  Then 
			doWealth="0"
			doWealthMsg=""
		Else
			If CInt(doWealth)>50 Or CInt(doWealth)<-50 Then
				doWealth="0"
				doWealthMsg=""
			Else
				doWealthMsg="金钱" & doWealth & "，"
			End If
		End If
		
		If Not IsNumeric(douserEP) Then
			douserEP="0"
			douserEPMsg=""
		Else 
			If CInt(douserEP)>50 Or CInt(douserEP)<-50Then
				douserEP="0"
				douserEPMsg=""
			Else
				douserEPMsg="经验" & douserEP & "，"
			End If
		End If 

		If Not IsNumeric(douserCP) Then
			douserCP="0"
			douserCPMsg=""
		Else
			If CInt(douserCP)>50 Or CInt(douserCP)<-50 Then
				douserCP="0"
				douserCPMsg=""
			Else
				douserCPMsg="魅力" & douserCP & "，"
			End If
		End If

		If Not IsNumeric(douserPower) Then
			douserPower="0"
			douserPowerMsg=""
		Else
			If CInt(douserPower)>5 Or CInt(douserPower)<-5 Then
				douserPower="0"
				douserPowerMsg=""
			Else
				douserPowerMsg="威望" & douserPower
			End If
		End If

		If doWealthMsg="" and douserEPMsg="" and douserCPMsg="" and douserPowerMsg="" Then
			allmsg="没有对用户进行分值操作"
		Else
			allmsg="用户操作：" & doWealthMsg & douserEPMsg & douserCPMsg & douserPowerMsg
		End If

		allmsg=Dvbbs.Checkstr(allmsg)
		title=request.form("title")
		content=request.form("content")
		content="原因：" & title & content
		content=Dvbbs.Checkstr(content)
		if request.form("title")="" and request.form("content")="" then Response.redirect "showerr.asp?ErrCodes=<li>请写明操作原因。&action=OtherErr"

		sql="insert into Dv_log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作："&content& "，"&allmsg&"','"&ip&"',5)"
		Dvbbs.Execute(sql)
		If allmsg<>"" Then
			Dvbbs.Execute("update [dv_user] set userWealth=userWealth+"&doWealth&",userCP=userCP+"&douserCP&",userEP=userEP+"&douserEP&",userPower=userPower+"&douserPower&" where userid="&userid&"")
		End If
		locktype="成功操作"
		Dvbbs.Dvbbs_suc("<li>您选择的用户已经"&locktype&"。<li>您的操作已经记录。")
	Else
%>
<FORM METHOD=POST ACTION="admin_lockuser.asp?action=power">
<table style="width:70%" cellspacing="1" cellpadding="3" align="center" class=tableborder1>
  <tr> 
    <th height=24>论坛管理中心－－您要进行的操作是奖励用户</th>
  </tr>   
  <tr> 
    <td class=tablebody1 height=24><b>
      操作理由</b>：  
	  <select name="title" size=1>
<option value="">自定义</option>
<option value="多次发表好文章">多次发表好文章</option>
<option value="对社区建设有贡献">对社区建设有贡献</option>
<option value="多次发表灌水帖子">多次发表灌水帖子</option>
<option value="多次发表广告帖子">多次发表广告帖子</option>
	  </select>
	  <input type="text" name="content" size=50>  *</td>
  </tr>   
  <tr> 
    <td class=tablebody1 height=24><b>
      用户操作</b>：  金钱
	<select name="doWealth" size=1>

<%for i=-50 to 50%>
<option value="<%=i%>" <%if cint(i)=cint(0) then%>selected<%end if%>><%=i%></option>
<%next%>
	</select>&nbsp;魅力
	<select name="douserCP" size=1>

<%for i=-50 to 50%>
<option value="<%=i%>" <%if cint(i)=cint(0) then%>selected<%end if%>><%=i%></option>
<%next%>
	</select>&nbsp;经验
	<select name="douserEP" size=1>

<%for i=-50 to 50%>