?? inc_role.asp
字號:
<%
'===================================================================
'= ASP FILENAME : /inc/inc_role.asp
'= CREATED TIME : 2006-4-17 11:10
'= LAST MODIFIED: 2006-4-17 11:10
'= VERSION INFO : CCASP Framework Ver 2.0.1 ALL RIGHTS RESERVED BY www.cclinux.com
'= DESCRIPTION : 權限控制配置文件
'= Change Log:
'===================================================================
%>
<%
'====================================================================================
'== 用戶訪問權限控制表
'====================================================================================
Dim d : d= "|||"
Dim GBL_strUserAction : GBL_strUserAction = ""
GBL_strUserAction = GBL_strUserAction &_
d & "FormAddBoardCtl|填寫新留言|board/board_add_form.asp|0" &_
d & "FormSaveAddBoardCtl|保存新留言|board/board_add_save.asp|1" &_
d & "FormMdyBoardCtl|修改新留言|board/board_mdy_form.asp|0" &_
d & "FormSaveMdyBoardCtl|修改新留言保存|board/board_mdy_save.asp|1" &_
d & "DelBoardCtl|刪除留言|board/board_del.asp|1" &_
d & "ShowBoardCtl|瀏覽留言|board/board_list.asp|0"&_
d & "ShowUserAllInfoCtl|用戶個人信息|user/user_info_show.asp|0" &_
d & "FormBaseInfoMdyCtl|用戶資料修改|user/user_basemdy_form.asp|0" &_
d & "UserFaceUpCtl|圖片上傳|user/upfile_userface.asp|0" &_
d & "FormSaveBaseInfoMdyCtl|用戶資料修改|user/user_basemdy_save.asp|1" &_
d & "FormPwdMdyCtl|用戶密碼修改|user/user_pwdmdy_form.asp|0" &_
d & "FormSavePwdMdyCtl|用戶密碼修改|user/user_pwdmdy_save.asp|1" &_
d & "FormFaceSetCtl|用戶首選簽名圖設置|user/user_face_set_form.asp|0" &_
d & "FormSaveFaceSetCtl|用戶首選簽名圖設置|user/user_face_set_save.asp|1" &_
d & "FormCartoonCtl|用戶卡通/qq簽名圖設置|user/user_cartoon_form.asp|0" &_
d & "FormSaveCartoonCtl|用戶卡通簽名圖設置|user/user_cartoon_save.asp|1" &_
d & "ShowUserMyFriendListCtl|用戶好友名單|user/user_my_friend_list.asp|0" &_
d & "ShowUserMyGoodTopicListCtl|用戶好貼收藏|user/user_my_good_topic_list.asp|0" &_
d & "ShowUserFavAlbumListCtl|我的相片收藏|user/user_my_fav_album_list.asp|0" &_
d & "DelUserCollection|刪除我的收藏|user/user_collection_del.asp|1" &_
d & "ShowUserMyTopicListCtl|用戶所發表帖子|user/user_my_topic_list.asp|0" &_
d & "ShowUserMyReplyListCtl|用戶所回復帖子|user/user_my_reply_list.asp|0" &_
d & "ShowUserMyBoardListCtl|用戶所回復帖子|user/user_my_board_list.asp|0" &_
d & "ShowUserMyAlbumListCtl|用戶所發表的相片|user/user_my_album_list.asp|0" &_
d & "ShowUserMyReviewListCtl|用戶所評論過的相片|user/user_my_review_list.asp|0" &_
d & "ShowPopCartoonFacelist|用戶選擇卡通頭像|user/user_cartoon_face.asp|0" &_
d & "FormShowUploadCtl|用戶簽名圖上傳|user/user_show_upload_form.asp|0" &_
d & "FormSaveShowUpload|用戶簽名圖上傳|user/user_show_upload_save.asp|1" &_
d & "ShowCateListCtl|論壇板塊列表|forum/forum_cate.asp|0" &_
d & "ShowForumListCtl|論壇主題列表|forum/forum_list.asp|0" &_
d & "ShowForumContentCtl|瀏覽帖子|forum/forum_show.asp|0" &_
d & "FormAddTopicsCtl|發表論壇新貼|forum/forum_add_topics.asp|0" &_
d & "FormSaveAddTopicsCtl|發表論壇新貼|forum/forum_add_topics.asp|1" &_
d & "FormAddReplyCtl|回復帖子|forum/forum_add_reply.asp|0" &_
d & "DelTopicsCtl|刪除帖子|forum/forum_del.asp|1" &_
d & "MdyTopicsStatusCtl|改變帖子狀態|forum/forum_status.asp|1" &_
d & "SetTopicsGoodCtl|帖子設置為精華|forum/forum_good.asp|1" &_
d & "FormTopicsMoveCtl|移動帖子|forum/forum_move.asp|0" &_
d & "FormSaveTopicsMoveCtl|移動帖子|forum/forum_move_save.asp|1" &_
d & "ShowAllAlbumCtl|相冊列表顯示|album/album_list.asp|0" &_
d & "FormUpPhotoCtl|添加新相片|album/album_add_form.asp|0" &_
d & "FormSaveUpPhotoCtl|添加新相片|album/album_add_save.asp|1" &_
d & "FormPastePhotoCtl|粘貼網絡相片|album/album_paste_form.asp|0" &_
d & "FormSavePastePhotoCtl|粘貼網絡相片|album/album_paste_save.asp|1" &_
d & "ShowAlbumCtl|瀏覽相片|album/album_view.asp|0" &_
d & "FormSaveReviewCtl|添加相片評論|album/album_view_save.asp|1" &_
d & "DelReviewAlbumCtl|刪除相片評論|album/album_review_del.asp|1" &_
d & "DelAlbumCtl|刪除相片|album/album_del.asp|1" &_
d & "FormAddCollectionCtl|添加收藏|dialog/dialog_collection_form.asp|0" &_
d & "ShowAddressCtl|用戶資料瀏覽|address/address_list.asp|0" &_
d & "ShowPopUserInfoCtl|彈出窗口顯示用戶信息|user/address_userinfo_pop.asp|0" &_
d & "FormSaveAddCollectionCtl|添加收藏|dialog/dialog_collection_save.asp|0" &_
d & "ShowMeetListCtl|活動列表顯示|meet/meet_list.asp|0" &_
d & "ShowMeetDetailCtl|活動詳細信息|meet/meet_detail.asp|0" &_
d & "ShowJoinListPopCtl|活動報名表|meet/meet_joinlist_pop.asp|0" &_
d & "MeetJoinCtl|活動報名參與或退出報名|meet/meet_join.asp|1" &_
d & "FormAddMeetCtl|創建新活動|meet/meet_add_form.asp|0" &_
d & "FormSaveAddMeetCtl|創建新活動|meet/meet_add_form_save.asp|1" &_
d & "FormMdyMeetCtl|修改活動|meet/meet_mdy_form.asp|0" &_
d & "FormSaveMdyMeetCtl|修改活動|meet/meet_mdy_form_save.asp|1" &_
d & "FormSaveMeetBBSCtl|保存活動留言|meet/meet_bbs_save.asp|1" &_
d & "DelMeetBBSCtl|刪除活動留言|meet/meet_bbs_del.asp|1" &_
d & "ShowSmsMainCtl|用戶站內短信|sms/sms_list.asp|0" &_
d & "ShowSmsDetailCtl|站內短信查看|sms/sms_detail.asp|0" &_
d & "FormAddSmsCtl|寫站內短信|sms/sms_add_form.asp|0" &_
d & "FormSaveAddSmsCtl|寫站內短信|sms/sms_add_save.asp|1" &_
d & "DelSmsCtl|刪除站內短信|sms/sms_del|1" &_
d & "ShowPopSmileFacelistCtl|留言心情選擇|board/board_smile_face.asp|0" &_
d & "FormUserInfoDownCtl|用戶資料導出|address/address_user_down_form.asp|0" &_
d & "ShowClassmateSearchCtl|校友搜索|address/address_search_result.asp|0" &_
d & "FormClassmateSearchCtl|校友搜索|address/address_search_form.asp|0" &_
d & "AddressUserDownCtl|校友資料導出|address/address_user_down.asp|1" &_
d & "ShowArticleCtl|文章瀏覽|info/info_list.asp|0" &_
d & "ShowArticleDetailCtl|文章內容瀏覽|info/info_detail.asp|0" &_
d & "BoardDelCtl|刪除留言|board/board_del.asp|1"
'== 非校驗用戶權限
Dim GBL_strUserActionNoAuth : GBL_strUserActionNoAuth = ""
GBL_strUserActionNoAuth = GBL_strUserActionNoAuth &_
d & "HomePageCtl|首頁|index1.asp|0" &_
d & "ShowOnlineCtl|在線人數|online_frame.asp|0" &_
d & "ShowSuccCtl|成功提示|result/success.asp|0" &_
d & "ShowErrCtl|錯誤提示|result/error.asp|0" &_
d & "UserExitCtl|用戶退出登陸|user/user_exit.asp|1" &_
d & "ShowUserRegAnnounceCtl|服務條款和說明|user/user_announce.asp|0" &_
d & "FormUserRegisterCtl|用戶注冊|user/user_reg_form.asp|0" &_
d & "ShowInfoCtl|瀏覽|info/info.asp|0" &_
d & "FormSaveUserRegisterCtl|用戶注冊|user/user_reg_save.asp|1" &_
d & "FormUserLoginCtl|用戶登陸|user/user_login_form.asp|0" &_
d & "UserLoginCtl|用戶登陸|user/user_login.asp|1"
'===================================================================
'= Function : CheckPass(strUserName,strUserPassword,intFlag)
'= Time : Created At Jun,16,2004
'= Input : intFlag : 0 -- error redirect
'= 1 -- no error redirect
'= Output :
'= Description : check username and pwd by login and cookie
'===================================================================
Function CheckPass(strUserName,strUserPassword,intFlag)
Dim strAccount,strRealName,strAuthen,UserId,strIsMaster,strClew1
CheckPass = False
GBL_objPubDB.Clear()
GBL_objPubDB.TableName = "CLASS_USER"
GBL_objPubDB.SQLType = "SELECT"
GBL_objPubDB.Where = "USER_ACCOUNT='" & strUserName & "'"
GBL_objPubDB.AddField "USER_REALNAME,USER_ID,USER_IS_MASTER,USER_AUTHEN,USER_PASSWORD,USER_ACCOUNT",""
If Not GBL_objPubDB.SQLRSExecute() Then
CheckPass = False
Exit Function
End If
'== 校驗用戶是否存在
If GBL_objPubDB.intRSNum = 0 Then
If intFlag = 0 Then
Call ResultExecute(E_USER_PUB,"您輸入的密碼有誤或用戶不存在","ES_ERR")
End If
CheckPass = False
Exit Function
Else
'== 校驗用戶密碼是否正確
If strUserPassword <> GBL_objPubDB.objPubRS("USER_PASSWORD") Then
If intFlag = 0 Then
Call ResultExecute(E_USER_PUB,"您輸入的密碼有誤或用戶不存在","ES_ERR")
End If
CheckPass = False
Exit Function
Else
'== 校驗是否允許登陸
If GBL_objPubDB.objPubRS("USER_AUTHEN") = 8 Then
If intFlag = 0 Then
Call ResultExecute(E_USER_PUB,"您還尚未通過批準<br>請等待批準或聯系管理員","ES_ERR")
End If
CheckPass = False
Exit Function
End If
'== Get login user infomation now
Session.Contents.RemoveAll() '==???
strRealName = GBL_objPubDB.objPubRS("USER_REALNAME")
UserId = GBL_objPubDB.objPubRS("USER_ID")
strAccount = GBL_objPubDB.objPubRS("USER_ACCOUNT")
strAuthen = Cint(GBL_objPubDB.objPubRS("USER_AUTHEN"))
strIsMaster = GBL_objPubDB.objPubRS("USER_IS_MASTER")
'== Check user access
If CTL_USER_ACCESS Then
If Not CheckUserAccess(strUserName,strClew1) Then
Call ResultExecute(E_USER_PUB,strClew1,"ES_ERR")
Exit Function
End If
End If
'== Get login user infomation now
Session(GBL_strCookieURL & "SEN_strUserRealName") = strRealName
Session(GBL_strCookieURL & "SEN_UserId") = UserId
Session(GBL_strCookieURL & "SEN_strUserAccount") = strAccount
Session(GBL_strCookieURL & "SEN_strUserAuthen") = strAuthen
Session(GBL_strCookieURL & "SEN_strIsMaster") = strIsMaster
'== Update login user infomation now
GBL_objPubDB.Clear()
GBL_objPubDB.TableName = "CLASS_USER"
GBL_objPubDB.SQLType = "UPDATE"
GBL_objPubDB.Where = "USER_ACCOUNT='" & strUserName & "'"
GBL_objPubDB.AddField "USER_LAST_TIME",now()
GBL_objPubDB.AddSet "USER_LOGIN_COUNT = USER_LOGIN_COUNT + 1"
'== Get real ip
If Request.ServerVariables("HTTP_X_FORWARDED_FOR") <> "" Then
GBL_objPubDB.AddField "USER_LAST_IP", Request.ServerVariables("HTTP_X_FORWARDED_FOR")
Else
GBL_objPubDB.AddField "USER_LAST_IP", Request.ServerVariables("REMOTE_ADDR")
End If
If Not GBL_objPubDB.SQLRSExecute() Then
CheckPass = False
Exit Function
End If
'== Update level
Call UpdateLevel(GBL_intLoginLevel)
CheckPass = True
End If
End If
End Function
'===================================================================
'= Function : CheckUserAccess()
'= Time : Created At Jun,28,2004
'= Description : check user access to web
'===================================================================
Function CheckUserAccess(strUserAccount,ByRef strClew)
Dim strUserIp,arrUserIp
CheckUserAccess = True
'== check user account
GBL_objPubDB.Clear()
GBL_objPubDB.AllSQL = "SELECT * FROM CLASS_ACCESS WHERE ACCESS_CONTENT= '" & strUserAccount & "' AND ACCESS_ACTION_TYPE=0 "
GBL_objPubDB.SQLRSExecute()
Call ResultExecute(GBL_objPubDB.intErrNum,"check user access","ES_ERR")
If GBL_objPubDB.intRSNum > 0 Then
If GBL_objPubDB.objPubRS("ACCESS_TYPE") = 1 Then
strClew = "您被禁止登陸,"
If GBL_objPubDB.objPubRS("ACCESS_DESC") <> "" Then
strClew = strClew & "原因是:<br>" & GBL_objPubDB.objPubRS("ACCESS_DESC")
End If
CheckUserAccess = False
Exit Function
ElseIf GBL_objPubDB.objPubRS("ACCESS_TYPE") = 0 Then
Session(GBL_strCookieURL & "SEN_strUserAccess") = 0
CheckUserAccess = True
Exit Function
End If
End If
'== check user ip area
'== Get real ip
If Request.ServerVariables("HTTP_X_FORWARDED_FOR") <> "" Then
strUserIp = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
Else
strUserIp = Request.ServerVariables("REMOTE_ADDR")
End If
arrUserIp = Split(strUserIp,".")
If Not IsArray(arrUserIp) Then
Exit Function
End If
'== check ip exta
GBL_objPubDB.Clear()
GBL_objPubDB.AllSQL = "SELECT * FROM CLASS_ACCESS WHERE ACCESS_CONTENT='" & strUserIp & "' AND ACCESS_ACTION_TYPE=1 "
GBL_objPubDB.SQLRSExecute()
Call ResultExecute(GBL_objPubDB.intErrNum,"check user access","ES_ERR")
If GBL_objPubDB.intRSNum > 0 Then
If GBL_objPubDB.objPubRS("ACCESS_TYPE") = 1 Then
strClew = "您被禁止登陸,"
If GBL_objPubDB.objPubRS("ACCESS_DESC") <> "" Then
strClew = strClew & "原因是:<br>" & GBL_objPubDB.objPubRS("ACCESS_DESC")
End If
CheckUserAccess = False
Exit Function
ElseIf GBL_objPubDB.objPubRS("ACCESS_TYPE") = 0 Then
Session(GBL_strCookieURL & "SEN_strUserAccess") =_
Cint(GBL_objPubDB.objPubRS("ACCESS_TYPE"))
Exit Function
End If
End If
'== check ip D
GBL_objPubDB.Clear()
GBL_objPubDB.AllSQL = "SELECT * FROM CLASS_ACCESS WHERE ACCESS_CONTENT LIKE '%" & arrUserIp(0) & "." & arrUserIp(1) & "." & arrUserIp(2) & "%' AND ACCESS_ACTION_TYPE=2 "
GBL_objPubDB.SQLRSExecute()
Call ResultExecute(GBL_objPubDB.intErrNum,"check user access","ES_ERR")
If GBL_objPubDB.intRSNum > 0 Then
If GBL_objPubDB.objPubRS("ACCESS_TYPE") = 1 Then
strClew = "您被禁止登陸,"
If GBL_objPubDB.objPubRS("ACCESS_DESC") <> "" Then
strClew = strClew & "原因是:<br>" & GBL_objPubDB.objPubRS("ACCESS_DESC")
End If
CheckUserAccess = False
Exit Function
ElseIf GBL_objPubDB.objPubRS("ACCESS_TYPE") = 0 Then
Session(GBL_strCookieURL & "SEN_strUserAccess") =_
Cint(GBL_objPubDB.objPubRS("ACCESS_TYPE"))
Exit Function
End If
End If
End Function
'===================================================================
'= Function : UpdateLevel(intLevelNum)
'= Time : Created At Nov,10,2003
'= Input : intLevelNum : to add this level
'= Description : Get user now level
'===================================================================
Function UpdateLevel(intLevelNum)
GBL_objPubDB.Clear()
GBL_objPubDB.TableName = "CLASS_USER"
GBL_objPubDB.SQLType = "UPDATE"
GBL_objPubDB.Where = "USER_ID=" & Session(GBL_strCookieURL & "SEN_UserId") & " AND USER_ACCOUNT='" & Session(GBL_strCookieURL & "SEN_strUserAccount") & "'"
GBL_objPubDB.AddSet "USER_LEVEL=USER_LEVEL+" & intLevelNum
GBL_objPubDB.SQLExecute()
Call ResultExecute(GBL_objPubDB.intErrNum,"Level:" & intLevelNum,"ES_ERR")
End Function
'===================================================================
'= Function : AdminCheck()
'= Time : Created At DEC,20,2003
'= Input : None
'= Description : 是否有管理員權限
'===================================================================
Function AdminCheck()
If Session(GBL_strCookieURL & "SEN_strUserAuThen") <> 1 Or IsEmpty(Session(GBL_strCookieURL & "SEN_strUserAuThen")) Then
AdminCheck = FALSE
Exit Function
End If
AdminCheck = TRUE
End Function
%>
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -