admin_classadmin.asp

依蓝旅游网站管理系统Elan2008.SP2

<%
Class Class_Admin   
   Public AdminID, AdminName, AdminPassword, RndPassword, AdminManageCode
   Public Purview, LoginTimes, LastLoginTime, LastLoginIp
   Public ArrPurviewInChannel, ArrPurviewInClass, ArrPurviewOthers
   Public ErrorCode, AdminLevel, ArrLevelName(3)
   
   Private Sub Class_Initialize()
	  ErrorCode = 0
	  AdminID = Trim(Request.Cookies("Admin_"& EL_Sn)("AdminID"))
	  AdminName = Trim(Request.Cookies("Admin_"& EL_Sn)("AdminName"))
	  AdminPassword = Trim(Request.Cookies("Admin_"& EL_Sn)("AdminPassword"))
	  RndPassword = Trim(Request.Cookies("Admin_"& EL_Sn)("AdminRndPassword"))
	  AdminManageCode = Trim(Request.Cookies("Admin_"& EL_Sn)("AdminManageCode"))
	  If EnableSiteManageCode = True Then
	     If AdminManageCode <> SiteManageCode OR AdminManageCode = "" Then
		    ErrorCode = 1
			Exit Sub
		 End If
	  End If
	  If AdminID="" Or AdminName="" Or AdminPassword="" Or RndPassword="" Then         
		 ErrorCode = 1
      Else
	     ArrLevelName(0) = "非法管理员"
		 ArrLevelName(1) = "超级管理员"
		 ArrLevelName(2) = "频道管理员"
		 ArrLevelName(3) = "栏目管理员"
		 GetAdminInfo()
	  End If	  
   End Sub
   
   Private Sub Class_Terminate()
   End Sub
   
   Private Sub GetAdminInfo()
      Dim AdminCmd
	  Set AdminCmd = Server.CreateObject("ADODB.COMMAND")
	  With AdminCmd
	     .ActiveConnection = Conn
		 .CommandText = "EL_SP_AdminInfo"
		 .CommandType = 4
		 .Prepared = True
		 .Parameters.Append .CreateParameter("RETURN", 3, 4, 4)
		 .Parameters.Append .CreateParameter("@AdminID", 3, 1, 4, AdminID)
		 .Parameters.Append .CreateParameter("@AdminName", 200, 1, 50, AdminName)
		 .Parameters.Append .CreateParameter("@Password", 200, 1, 32, AdminPassword)
		 .Parameters.Append .CreateParameter("@RndPassword", 200, 2, 32)
		 .Parameters.Append .CreateParameter("@Purview", 3, 2, 4)
		 .Parameters.Append .CreateParameter("@EnableMultiLogin", 11, 2, 1)
		 .Parameters.Append .CreateParameter("@LoginTimes", 3, 2, 4)
		 .Parameters.Append .CreateParameter("@LastLoginTime", 135, 2, 8)
		 .Parameters.Append .CreateParameter("@LastLoginIp", 200, 2, 15)
		 .Parameters.Append .CreateParameter("@ArrPurviewInChannel", 200, 2, 500)
		 .Parameters.Append .CreateParameter("@ArrPurviewInClass", 200, 2, 500)
		 .Parameters.Append .CreateParameter("@ArrPurviewOthers", 200, 2, 500)
		 .Execute()
	  End With

	  If AdminCmd(0) <> 1 Then
	     Set AdminCmd = Nothing
		 ErrorCode = 1
	  Else
	     If AdminCmd(6) = False And RndPassword <> AdminCmd(4) Then
		    Set AdminCmd = Nothing
			ErrorCode = 2
		 Else
		    Purview = AdminCmd(5)
			LoginTimes = AdminCmd(7)
			LastLoginTime = AdminCmd(8)
			LastLoginIp = AdminCmd(9)
			ArrPurviewInChannel = AdminCmd(10)
			ArrPurviewInClass = AdminCmd(11)
			ArrPurviewOthers = AdminCmd(12)
			AdminLevel = ArrLevelName(Purview)
			Set AdminCmd = Nothing
		 End If
	  End If
   End Sub
   
   Public Function CheckAdminPurview(ByVal CheckPurviewID, CheckType)
      Dim ArrTempPurview, i
	  CheckAdminPurview = False
	  Select Case CheckType
	     Case 1: '频道权限
		         If EL_Common.ELClng(CheckPurviewID) = 0 Then Exit Function
				 If ArrPurviewInChannel = "" Or IsNull(ArrPurviewInChannel) Then Exit Function
				 ArrTempPurview = Split(ArrPurviewInChannel, ",") 
				 
		 Case 2: '分类权限
		         Dim arr, AllClassID
				 If EL_Common.ELClng(CheckPurviewID) = 0 Then Exit Function
				 If ArrPurviewInClass = "" Or IsNull(ArrPurviewInClass) Then Exit Function
				 arr = Split(ArrPurviewInClass, ",")
				 '遍历所有子类
				 AllClassID = ""
				 For i = 0 To Ubound(arr)
				    Dim S
					S = EL_Common.GetAllChildID(arr(i))
					AllClassID = EL_Common.Join2String(AllClassID, arr(i), ",")
					If S<>"" And NOT IsNULL(S) Then
				       AllClassID = EL_Common.Join2String(AllClassID, S, ",")
					End If
				 Next
				 ArrTempPurview = Split(AllClassID, ",")
				 				 
		 Case 3: '其他权限
		         If ArrPurviewOthers = "" Or IsNull(ArrPurviewOthers) Then Exit Function
				 ArrTempPurview = Split(ArrPurviewOthers, ",")
				 
		 Case Else: Exit Function
	  End Select		 
	  For i = 0 To Ubound(ArrTempPurview)
	     If EL_Common.ELClng(ArrTempPurview(i)) = EL_Common.ELClng(CheckPurviewID) Then
		    CheckAdminPurview = True
			Exit Function
		 End If
	  Next
   End Function
   
   Public Sub ShowPurviewError(PurviewErrorMessage)
      Response.Clear()
	  Dim strError
      strError = strError & "<html><head><title>系统错误信息</title><meta http-equiv='Content-Type' content='text/html; charset=gb2312'>"
	  strError = strError & "<link href='Admin_Style.css' type='text/css' rel='stylesheet'><body>"
      strError = strError & "<br><table cellpadding=5 cellspacing=1 border=0 width=400 style='border:1px solid #70777b' align=center>"
      strError = strError & "  <tr align='center' style='background:#0650D2;color:#FFFFFF;'><td height='25'><strong>管理权限错误</strong></td></tr>"
      strError = strError & "  <tr style='background:#F0F1F5;'><td height='80' valign='top'>"	
	  strError = strError & "<strong>错误原因：</strong><p class='redText'>"& PurviewErrorMessage &"</p><br>"
	  strError = strError & "</td></tr>"
      strError = strError & "  <tr align='center' style='background:#F0F1F5;'><td>"
      strError = strError & "<a href='javascript:window.history.back()'>【返回】</a>"
      strError = strError & "</td></tr>"
      strError = strError & "</table><br>"
      strError = strError & "</body></html>"
	  Response.Write strError
	  Call EL_Common.InsertLog(1, ComeURL, "越权操作", AdminName)
	  Call ApplicationTerminate()
	  Response.End()
   End Sub   
End Class
%>