www.gusucode.com > 动网论坛Dvbbs v8.3 > 动网论坛Dvbbs v8.3\code\源程序\admin\Admin.asp
<!--#include file="../conn.asp"-->
<!--#include file="inc/const.asp"-->
<!--#include file="../inc/md5.asp"-->
<!--#include file="../inc/myadmin.asp"-->
<%
Head()
Dim admin_flag
admin_flag=",18,"
CheckAdmin(admin_flag)
Dim body,username2,password2,oldpassword,oldusername,oldadduser,username1
'取出用户组管理员的组名 2002-12-13
Dim groupsname,titlepic,rs
Set rs=Dvbbs.Execute("select usertitle,grouppic from [dv_UserGroups] where UserGroupID=1 ")
groupsname=rs(0)
titlepic=rs(1)
set rs=Nothing
Dim id
id=Dvbbs.CheckNumeric(Request("id"))
Select Case Request("action")
Case "updat" : update()
Case "del" : Del()
Case "pasword" : pasword()
Case "newpass" : newpass()
Case "add" : addadmin()
Case "edit" : userinfo()
Case "savenew" : savenew()
Case Else
userlist()
End Select
If ErrMsg<>"" Then Dvbbs_Error
Footer()
Sub userlist()
%>
<table cellpadding="2" cellspacing="1" border="0" width="100%" align="center">
<tr>
<th style="text-align:center;" colspan=5>管理员管理(点击用户名进行操作)</th>
</tr>
<tr align=center>
<td width="30%" height=22 class="td1"><B>用户名</B></td><td width="25%" class="td2"><B>上次登录时间</B></td><td width="15%" class="td1"><B>上次登陆IP</B></td><td width="15%" class="td2"><B>操作</B></td>
</tr>
<%
set rs=Dvbbs.Execute("select * from "&admintable&" order by LastLogin desc")
do while not rs.eof
%>
<tr>
<td class=td1><a href="admin.asp?id=<%=rs("id")%>&action=pasword"><%=rs("username")%></a></td><td class=td2><%=rs("LastLogin")%></td><td class=td1><%=rs("LastLoginIP")%> </td><td class=td2><a href="admin.asp?action=del&id=<%=rs("id")%>&name=<%=Rs("adduser")%>" onclick="{if(confirm('删除后该管理员将不可进入后台!\n\n确定删除吗?')){return true;}return false;}">删除</a> <a href="admin.asp?id=<%=rs("id")%>&action=edit">编辑权限</a></td>
</tr>
<%
rs.movenext
loop
rs.close
set rs=nothing
%>
</table>
<%
end sub
Sub Del()
Dim UserTitle,sql,rs
Rem 更新撤销管理员后的等级名称 2004-4-29 Dvbbs.YangZheng
Sql = "SELECT Top 1 UserTitle From Dv_UserGroups Where MinArticle > 0 And ParentGID = 4 Order By UserGroupID"
Set Rs = Dvbbs.Execute(Sql)
If Rs.Eof And Rs.Bof Then
UserTitle = "新手上路"
Else
UserTitle = Rs(0)
End If
Dvbbs.Execute("DELETE FROM " & Admintable & " WHERE Id = " & id)
Dvbbs.Execute("UPDATE [Dv_User] SET Usergroupid = 4, UserClass = '" & UserTitle & "' WHERE Username = '" & Replace(Request("name"),"'","") & "'")
body="<li>管理员删除成功。"
Dv_suc(body)
End Sub
Sub pasword()
Dim AcceptIP,i,AddIP,rs
set Rs=Dvbbs.Execute("select * from "&admintable&" where id="&id)
oldpassword=rs("password")
oldadduser=rs("adduser")
AcceptIP = Rs("AcceptIP") &""
AddIP = Dvbbs.UserTrueIP
AddIP = Left(AddIP, InStrRev(AddIP, ".")-1)
AddIP = Left(AddIP, InStrRev(AddIP, ".")-1)
AddIP = AddIP &".*.*"
%>
<form action="?action=newpass" method=post>
<table cellpadding="2" cellspacing="1" border="0" width="100%" align="center">
<tr>
<th colspan=2 style="text-align:center;">管理员资料管理--密码修改
</th>
</tr>
<tr >
<td width="26%" align="right" class=td1>后台登录名称:</td>
<td width="74%" class=td1>
<input type=hidden name="oldusername" value="<%=rs("username")%>">
<input type=text name="username2" value="<%=rs("username")%>"> (可与注册名不同)
</td>
</tr>
<tr >
<td width="26%" align="right" class=td1>后台登录密码:</td>
<td width="74%" class=td1>
<input type="password" name="password2" value="<%=oldpassword%>"> (可与注册密码不同,如要修改请直接输入)
</td>
</tr>
<tr>
<td width="26%" align="right" class=td1 height=23>前台用户名称:</td>
<td width="74%" class=td1><%=oldadduser%>
</td>
</tr>
<tr>
<td width="26%" align="right" class=td1 height=23>添加只允许登陆IP列表:
</td>
<td width="74%" class=td1>
<textarea name="AddAcceptIP" cols="40" rows="8"><%
If AcceptIP<>"" or not IsNull(AcceptIP) Then
AcceptIP=Split(Trim(AcceptIP),"|")
For i=0 To Ubound(AcceptIP)
Response.Write AcceptIP(i)
If i<Ubound(AcceptIP) Then Response.Write vbCrLf
Next
End If
%></textarea><br><input type=button value="添加自已当前IP" onclick="AddAcceptIP.value+='\n<%=AddIP%>'"> <%=dvbbs.UserTrueIP%>
<fieldset class="fieldset" style="margin:2px 2px 2px 2px">
<legend><B>添加说明</B></legend>
<ol>
<LI><b>清空不填写即允许所有IP登陆后台。</b>
<LI><b><font color=red>尽量采用IP段的方式,如:10.10.*.*。</font></b>
<LI><b>注意:提交后在下次登陆将会生效,若IP填错将会无法登陆后台。</b>
<LI>添加IP后,该管理员访问IP必需符合允许IP列表才能登陆后台。 <LI>您可以添加多个允许IP,每个IP用回车分隔,允许IP的书写方式如202.152.12.1就允许了202.152.12.1这个IP的登陆后台,如202.152.12.*就允许了以202.152.12开头的IP登陆后台。
<LI>在添加多个IP的时候,请注意最后一个IP的后面不要加回车。
</ol></fieldset>
</td>
</tr>
<tr align="center">
<td colspan="2" class=td1>
<input type=hidden name="adduser" value="<%=oldadduser%>">
<input type=hidden name=id value="<%=id%>">
<input type="submit" name="Submit" value="更 新">
</td>
</tr>
</table>
</form>
<% Rs.close
Set Rs=nothing
End Sub
Sub newpass()
dim passnw,usernw,aduser
Dim AcceptIP,Tempstr,i,rs,sql
set rs=Dvbbs.Execute("select * from "&admintable&" where id="&id)
oldpassword=rs("password")
if request("username2")="" then
ErrMsg = "<li>请输入管理员名字。<a href=?>[ <font color=red>返回</font> ]</a>"
exit sub
else
usernw=trim(request("username2"))
end if
if request("password2")="" then
ErrMsg = "<li>请输入您的密码。<a href=?>[ <font color=red>返回</font> ]</a>"
exit sub
elseif trim(request("password2"))=oldpassword then
passnw=request("password2")
else
passnw=md5(request("password2"),16)
end if
if request("adduser")="" then
ErrMsg = "<li>请输入管理员名字。<a href=?>[ <font color=red>返回</font> ]</a>"
exit sub
else
aduser=trim(request("adduser"))
end if
Tempstr = Trim(Request.Form("AddAcceptIP"))
If Tempstr<>"" Then
Tempstr = Split(Tempstr,vbCrLf)
For i = 0 To ubound(Tempstr)
If Tempstr(i)<>"" and Tempstr(i)<>" " and Isnumeric(Replace(Replace(Tempstr(i),".",""),"*","")) and Instr(Tempstr(i),",")=0 Then
If i=0 or AcceptIP="" Then
AcceptIP = Tempstr(i)
Else
AcceptIP = AcceptIP & "|" & Tempstr(i)
End If
End If
Next
End If
If Len(AcceptIP)>=255 Then
ErrMsg = "<li>允许IP列表太多,超出了限制。<a href=?>[ <font color=red>返回</font> ]</a>"
exit sub
End If
set rs=Dvbbs.iCreateObject("adodb.recordset")
sql="select * from "&admintable&" where username='"&trim(Replace(request("oldusername"),"'",""))&"'"
rs.open sql,conn,1,3
if not rs.eof and not rs.bof then
Rs("username") = usernw
Rs("adduser") = aduser
Rs("password") = passnw
Rs("AcceptIP") = AcceptIP
''''''''''''''
'更新用户的的级别
'Dvbbs.Execute("update [dv_user] set usergroupid=1,userclass='"&groupsname&"',titlepic='"&titlepic&"' where username='"&trim(request("adduser"))&"'") '
body="<li>管理员资料更新成功,请记住更新信息。<br> 管理员:"&request("username2")&" <BR> 密 码:"&request("password2")&" <a href=?>[ <font color=red>返回</font> ]</a>"
Dv_suc(body)
rs.update
End if
rs.close
set rs=nothing
end sub
sub addadmin()
%>
<form action="?action=savenew" method=post>
<table cellpadding="2" cellspacing="1" border="0" width="100%" align="center">
<tr>
<th colspan=2 style="text-align:center;">管理员管理--添加管理员</th>
</tr>
<tr>
<td width="26%" align="right" class=td1>后台登录名称:</td>
<td width="74%" class=td1>
<input type=text name="username2" size=30> (可与注册名不同)
</td>
</tr>
<tr>
<td width="26%" align="right" class=td1>后台登录密码:</td>
<td width="74%" class=td1>
<input type="password" name="password2" size=33> (可与注册密码不同)
</td>
</tr>
<tr>
<td width="26%" align="right" class=td1 height=23>前台用户名称:</td>
<td width="74%" class=td1><input type=text name="username1" size=30> (本选项填写后不允许修改)
</td>
</tr>
<tr align="center">
<td colspan="2" class=td1>
<input type="hidden" name="isdisp" value="1" />
<input type="submit" class="button" name="Submit" value="添 加">
</td>
</tr>
</table>
</form>
<%
end sub
sub savenew()
dim adminuserid
if request.form("username2")="" then
ErrMsg = "请输入后台登录用户名!"
exit sub
end if
if request.form("username1")="" then
ErrMsg = "请输入前台登录用户名!"
exit sub
end if
if request.form("password2")="" then
ErrMsg = "请输入后台登录密码!"
exit sub
end if
dim isdisp,rs
If request("isdisp")="" then
isdisp=1
else
isdisp=cint(request("isdisp"))
end if
set rs=Dvbbs.Execute("select userid from [dv_user] where username='"&replace(request.form("username1"),"'","")&"'")
if rs.eof and rs.bof then
ErrMsg = "您输入的用户名不是一个有效的注册用户!"
exit sub
else
adminuserid=rs(0)
end if
set rs=Dvbbs.Execute("select username from "&admintable&" where username='"&replace(request.form("username2"),"'","")&"'")
if not (rs.eof and rs.bof) then
ErrMsg = "您输入的用户名已经在管理用户中存在!"
exit sub
end if
if isdisp=1 then
Dvbbs.Execute("update [dv_user] set usergroupid=1 , userclass='"&groupsname&"',titlepic='"&titlepic&"' where userid="&adminuserid&" ")
end if
Dvbbs.Execute("insert into "&Admintable&" (username,[password],adduser) values ('"&replace(request.form("username2"),"'","")&"','"&md5(replace(request.form("password2"),"'",""),16)&"','"&replace(request.form("username1"),"'","")&"')")
body="用户ID:"&adminuserid&" 添加成功,请记住新管理员后台登录信息,如需修改请返回管理员管理!"
Dv_suc(body)
end sub
sub userinfo()
dim menu(10,10),trs,k
menu(0,0)="常规管理"
menu(0,1)="<a href=setting.asp target=frmright>基本设置</a>@@1"
menu(0,2)="<a href=ForumAds.asp target=frmright>广告管理</a>@@2"
menu(0,3)="<a href=log.asp target=frmright>论坛日志</a>@@3"
menu(0,4)="<a href=help.asp target=frmright>帮助管理</a>@@4"
menu(0,5)="<a href=wealth.asp target=frmright>积分设置</a>@@5"
menu(0,6)="<a href=message.asp target=frmright>短信管理</a>@@6"
menu(0,7)="<a href=announcements.asp?boardid=0&action=AddAnn target=_blank>公告管理</a>@@7"
Rem 小易 去掉圈子
menu(0,8)="<a href=""ForumPay.asp"" target=main>交易管理</a>@@8"
menu(0,9)="<a href=""javascript:void(0);"" target=frmright> </a>@@9"
menu(0,10)="<a href=""ForumNewsSetting.asp"" target=main>首页调用</a>@@10"
menu(1,0)="论坛管理"
menu(1,1)="<a href=board.asp?action=add target=frmright>版面(分类)添加</a> | <a href=board.asp target=frmright>管理</a>@@11"
menu(1,2)="<a href=board.asp?action=permission target=frmright>分版面用户权限设置</a>@@12"
menu(1,3)="<a href=boardunite.asp target=frmright>合并版面数据</a>@@13"
menu(1,4)="<a href=update.asp target=frmright>重计论坛数据和修复</a>@@14"
menu(1,5)="<a href=link.asp?action=add target=frmright>友情论坛添加</a> | <a href=link.asp target=frmright>管理</a>@@15"
menu(2,0)="用户管理"
menu(2,1)="<a href=user.asp target=frmright>用户资料(权限)管理</a>@@16"
menu(2,2)="<a href=group.asp target=frmright>论坛用户组(等级)管理</a>@@17"
menu(2,3)="<a href=admin.asp?action=add target=frmright>管理员添加</a> | <a href=admin.asp target=frmright>管理</a>@@18"
menu(2,4)="<a href=Update_User.asp target=frmright>奖惩用户管理</a>@@19"
menu(2,5)="<a href=update.asp?action=updateuser target=frmright>重计用户各项数据</a>@@20"
menu(2,6)="<a href=SendEmail.asp target=frmright>用户邮件群发管理</a>@@21"
menu(3,0)="外观设置"
menu(3,1)="<a href=template.asp target=frmright>风格界面模板总管理</a>@@22"
menu(3,2)="<a href=label.asp target=frmright>自定义标签管理</a>@@23"
menu(4,0)="论坛帖子管理"
menu(4,1)="<a href=alldel.asp target=frmright>批量删除</a> | <a href=alldel.asp?action=moveinfo target=frmright>批量移动</a>@@24"
menu(4,2)="<a href=../recycle.asp target=_blank>回收站管理</a>@@25"
menu(4,3)="<a href=postdata.asp?action=Nowused target=frmright>当前帖子数据表管理</a>@@26"
menu(4,4)="<a href=postdata.asp target=frmright>数据表间帖子转换</a>@@27"
menu(5,0)="替换/限制处理"
menu(5,1)="<a href=badword.asp?reaction=badword target=frmright>脏话过滤设置</a>@@28"
menu(5,2)="<a href=badword.asp?reaction=splitreg target=frmright>注册过滤字符</a>@@29"
menu(5,3)="<a href=lockip.asp?action=add target=frmright>IP来访限定添加</a> | <a href=lockip.asp target=frmright>管理</a>@@30"
menu(5,4)="<a href=address.asp?action=add target=frmright>论坛IP库添加</a> | <a href=address.asp target=frmright>管理</a>@@31"
menu(6,0)="数据处理(Access)"
menu(6,1)="<a href=data.asp?action=CompressData target=frmright>压缩数据库</a>@@32"
menu(6,2)="<a href=data.asp?action=BackupData target=frmright>备份数据库</a>@@33"
menu(6,3)="<a href=data.asp?action=RestoreData target=frmright>恢复数据库</a>@@34"
menu(6,4)="<a href=data.asp?action=SpaceSize target=frmright>系统空间占用</a>@@35"
menu(7,0)="文件管理"
menu(7,1)="<a href=upUserface.asp target=frmright>上传头像管理</a>@@36"
menu(7,2)="<a href=uploadlist.asp target=frmright>上传文件管理</a>@@37"
menu(7,3)="<a href=bbsface.asp?Stype=3 target=frmright>注册头像管理</a> | <a href=bbsface.asp?Stype=2 target=frmright>发贴心情管理</a> | <a href=bbsface.asp?Stype=1 target=frmright>发贴表情管理</a>@@38"
menu(8,0)="菜单管理"
menu(8,1)="<a href=plus.asp target=frmright>论坛菜单管理</a>@@39"
menu(9,0)="道具中心管理"
menu(9,1)="<a href=plus_Tools_Info.asp?action=List target=frmright>道具资料设置</a>@@40"
menu(9,2)="<a href=plus_Tools_User.asp target=frmright>用户道具管理</a> | <a href=plus_Tools_User.asp?action=paylist target=frmright>交易信息管理</a>@@41"
menu(9,3)="<a href=MoneyLog.asp target=frmright>道具中心日志</a>@@42"
menu(9,4)="<a href=plus_Tools_Magicface.asp target=frmright>魔法表情设置</a>@@43"
menu(10,0)="扩展模块管理"
menu(10,1)="<a href=../bokeadmin.asp target=frmright>论坛博客系统管理</a>@@44"
'menu(10,2)="<a href=myspace.asp target=frmright>论坛个人空间管理</a>@@45"
Dim j,tmpmenu,menuname,menurl
Dim Rs,i,adminPower,admin_username
Set Rs=Dvbbs.Execute("select * from "&admintable&" where id="&id)
admin_username = Rs("username")
adminPower=","&Rs("flag")&","
Rs.Close:Set Rs=Nothing
%>
<form action="admin.asp?action=updat" method=post name=adminflag>
<table cellpadding="2" cellspacing="1" border="0" width="100%" align="center">
<tr><th height=25><b>管理员权限管理</b>(请选择相应的权限分配给管理员 <%=admin_username%>)</th></tr>
<tr><td height=25 class="forumHeaderBackgroundAlternate"><b>>>全局权限</b></td></tr>
<tr>
<td class=td1>
<%
For i=0 To ubound(menu,1)
Response.Write "<b>"&menu(i,0)&"</b><br>"
'on error resume next
For j=1 To UBound(menu,2)
If IsEmpty(menu(i,j)) Then exit for
'tmpmenu(0)为名称,tmpmenu(1)为编号
tmpmenu=Split(menu(i,j),"@@")
on error resume next
Response.Write "<input type=""checkbox"" class=""checkbox"" name=""flag"" value="""&tmpmenu(1)&""""
If InStr(adminPower,","&tmpmenu(1)&",")>0 Then Response.Write " checked"
Response.write ">"&tmpmenu(1)&"."&tmpmenu(0)&" "
If Err Then Err.Clear:Response.write "<Script language='javascript'>alert('"&i&"##"&j&"##"&menu(i,j)&"');</script>"
Next
Response.write "<br/><br/>"
Next
%>
<input type=hidden name=id value="<%=id%>">
<input type="submit" class="button" name="Submit" value="更新"><input name=chkall type=checkbox class="checkbox" value=on onclick=CheckAll(this.form)>选择所有权限
</td>
</tr>
</table>
</form>
<%
End Sub
sub update()
' 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35
'Response.Write request("flag")
'response.end
Dim rs,sql
set rs=Dvbbs.iCreateObject("adodb.recordset")
sql="select * from "&admintable&" where id="&id
rs.open sql,conn,1,3
if not rs.eof and not rs.bof then
rs("flag")=replace(Request("flag")," ","")
body="<li>管理员更新成功,请记住更新信息。"
Dv_suc(body)
rs.update
if rs("adduser")=Dvbbs.membername then session("flag")=replace(request("flag")," ","")
end if
rs.close
set rs=nothing
end sub
%>