www.gusucode.com > 动网论坛Dvbbs v8.3 > 动网论坛Dvbbs v8.3\code\源程序\admin_lockuser.asp
<!--#include file="conn.asp"--> <!-- #include file="inc/const.asp" --> <!--#include file="inc/dv_clsother.asp"--> <!-- #include file="inc/GroupPermission.asp" --> <!--#include file="inc/md5.asp"--> <!--#include file="dv_dpo/cls_dvapi.asp"--> <% '============================ '7.2修改说明: = '优化参数提取流程 = '对奖励或惩罚数值做大小限制 = '============================ Dvbbs.Loadtemplates("") Dim username Dim locktype Dim ip,BoardID Dim TotalUseTable Dim AdminUserPer Dim UpdateBoardID,i,Rs,Sql AdminUserPer=false If (Dvbbs.master or Dvbbs.boardmaster or Dvbbs.superboardmaster) and Cint(Dvbbs.GroupSetting(42))=1 Then AdminUserPer=True Else AdminUserPer=False End If If Dvbbs.UserGroupID > 3 And CInt(Dvbbs.GroupSetting(42))=1 Then AdminUserPer=True End If If Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(42))=1 Then AdminUserPer=True ElseIf Dvbbs.FoundUserPer and Cint(Dvbbs.GroupSetting(42))=0 Then AdminUserPer=False End If Dim userid Dim action action=Request("action") userid=Request("userid") username=Request("name") ip=Dvbbs.UserTrueIP Dvbbs.stats="管理用户" Dvbbs.nav() If username="" Then Response.redirect "showerr.asp?ErrCodes=<li>请指定所操作的用户!&action=OtherErr" Else username=Dvbbs.CheckStr(username) End If Dvbbs.Head_Var 2,0,"","" Dvbbs.ShowErr() If userid<> "" Then userid=Dvbbs.CheckStr(userid) If Not IsNumeric(userid) Then Response.redirect "showerr.asp?ErrCodes=<li>非法的参数。&action=OtherErr" Else Set Rs=Dvbbs.Execute("SELECT UserID FROM [Dv_User] WHERE Username = '"&Username&"' ") If Not Rs.EOF Then UserID=Rs(0) Else UserID=0 End If Set Rs=Nothing End If If Not Dvbbs.ChkPost() Then Response.redirect "showerr.asp?ErrCodes=<li>您不要从外部提交数据&action=OtherErr" End If If action="power" Then Call Poweruser() ElseIf action="DelTopic" then Call DelTopic() ElseIf action="getpermission" then Call boardlist() ElseIf action="userBoardPermission" then Call GetUserPermission() ElseIf action="saveuserpermission" then Call saveuserpermission() ElseIf action="DelUserReply" then Call DelUserReply() Else Call lockuser() End If Dvbbs.activeonline() Dvbbs.footer() Dvbbs.PageEnd() Sub lockuser() Dim canlockuser canlockuser=false if (Dvbbs.master or Dvbbs.boardmaster or Dvbbs.superboardmaster) and Cint(Dvbbs.GroupSetting(28))=1 Then canlockuser=True Else canlockuser=False End If If Dvbbs.UserGroupID > 3 And CInt(Dvbbs.GroupSetting(28))=1 Then canlockuser=True If Dvbbs.FoundUserPer And Cint(Dvbbs.GroupSetting(28))=1 Then canlockuser=True ElseIf Dvbbs.FoundUserPer and Cint(Dvbbs.GroupSetting(28))=0 Then canlockuser=False End If If Not canlockuser then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" Dim UserStatus If action="lock_1" Then UserStatus = 1 locktype="锁定" ElseIf action="lock_2" then UserStatus= 2 locktype="屏蔽" ElseIf action="lock_3" then UserStatus = 0 locktype="解锁" Else Response.redirect "showerr.asp?ErrCodes=<li>请指定正确的参数!&action=OtherErr" Exit Sub End If '----------------------------------------------------------------- '系统整合 '----------------------------------------------------------------- Dim DvApi_Obj,DvApi_SaveCookie,SysKey If DvApi_Enable Then Md5OLD = 1 SysKey = Md5(username&DvApi_SysKey,16) Md5OLD = 0 Set DvApi_Obj = New DvApi DvApi_Obj.NodeValue "syskey",SysKey,0,False DvApi_Obj.NodeValue "action","lock",0,False DvApi_Obj.NodeValue "username",username,1,False DvApi_Obj.NodeValue "userstatus",UserStatus,1,False DvApi_Obj.SendHttpData If DvApi_Obj.Status = "1" Then Response.redirect "showerr.asp?ErrCodes="& DvApi_Obj.Message &"&action=OtherErr" End If Set DvApi_Obj = Nothing End If '----------------------------------------------------------------- Dvbbs.Execute("update [dv_user] set LockUser="&UserStatus&" where userid="&userid&" and UserGroupID > 1") sql="insert into Dv_log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作:"&locktype& "','"&ip&"',6)" Dvbbs.Execute(sql) Dvbbs.Dvbbs_suc("<li>您选择的用户已经"&locktype&"。您的操作已经记录在案。") End Sub Sub Poweruser() Dim title,content Dim canlockuser canlockuser=false If (Dvbbs.master or Dvbbs.boardmaster or Dvbbs.superboardmaster) And CInt(Dvbbs.GroupSetting(43))=1 Then canlockuser=True Else canlockuser=False End If If Dvbbs.UserGroupID > 3 And Cint(Dvbbs.GroupSetting(43))=1 Then canlockuser=True If Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(43))=1 Then canlockuser=True ElseIf Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(43))=0 Then canlockuser=False End If If Not canlockuser Then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" If request("checked")="yes" Then Dim doWealth,douserEP,douserCP,douserPower Dim doWealthMsg,douserEPMsg,douserCPMsg,douserPowerMsg,allMsg doWealth=Request("doWealth") douserEP=Request("douserEP") douserCP=Request("douserCP") douserPower=Request("douserPower") If Not IsNumeric(doWealth) Then doWealth="0" doWealthMsg="" Else If CInt(doWealth)>50 Or CInt(doWealth)<-50 Then doWealth="0" doWealthMsg="" Else doWealthMsg="金钱" & doWealth & "," End If End If If Not IsNumeric(douserEP) Then douserEP="0" douserEPMsg="" Else If CInt(douserEP)>50 Or CInt(douserEP)<-50Then douserEP="0" douserEPMsg="" Else douserEPMsg="积分" & douserEP & "," End If End If If Not IsNumeric(douserCP) Then douserCP="0" douserCPMsg="" Else If CInt(douserCP)>50 Or CInt(douserCP)<-50 Then douserCP="0" douserCPMsg="" Else douserCPMsg="魅力" & douserCP & "," End If End If If Not IsNumeric(douserPower) Then douserPower="0" douserPowerMsg="" Else If CInt(douserPower)>5 Or CInt(douserPower)<-5 Then douserPower="0" douserPowerMsg="" Else douserPowerMsg="威望" & douserPower End If End If If doWealthMsg="" and douserEPMsg="" and douserCPMsg="" and douserPowerMsg="" Then allmsg="没有对用户进行分值操作" Else allmsg="用户操作:" & doWealthMsg & douserEPMsg & douserCPMsg & douserPowerMsg End If allmsg=Dvbbs.Checkstr(allmsg) title=request.form("title") content=request.form("content") content="原因:" & title & content content=Dvbbs.Checkstr(content) if request.form("title")="" and request.form("content")="" then Response.redirect "showerr.asp?ErrCodes=<li>请写明操作原因。&action=OtherErr" sql="insert into Dv_log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作:"&content& ","&allmsg&"','"&ip&"',5)" Dvbbs.Execute(sql) If allmsg<>"" Then Dvbbs.Execute("update [dv_user] set userWealth=userWealth+"&doWealth&",userCP=userCP+"&douserCP&",userEP=userEP+"&douserEP&",userPower=userPower+"&douserPower&" where userid="&userid&"") End If locktype="成功操作" Dvbbs.Dvbbs_suc("<li>您选择的用户已经"&locktype&"。<li>您的操作已经记录。") Else %> <FORM METHOD=POST ACTION="admin_lockuser.asp?action=power"> <table style="width:98%" cellspacing="1" cellpadding="0" align="center" class=tableborder1> <tr> <th height=24>论坛管理中心--您要进行的操作是奖励用户</th> </tr> <tr> <td class=tablebody1 height=24><b> 操作理由</b>: <select name="title" size=1> <option value="">自定义</option> <option value="多次发表好文章">多次发表好文章</option> <option value="对社区建设有贡献">对社区建设有贡献</option> <option value="多次发表灌水帖子">多次发表灌水帖子</option> <option value="多次发表广告帖子">多次发表广告帖子</option> </select> <input type="text" name="content" size=50> *</td> </tr> <tr> <td class=tablebody1 height=24><b> 用户操作</b>: 金钱 <select name="doWealth" size=1> <%for i=-50 to 50%> <option value="<%=i%>" <%if cint(i)=cint(0) then%>selected<%end if%>><%=i%></option> <%next%> </select> 魅力 <select name="douserCP" size=1> <%for i=-50 to 50%> <option value="<%=i%>" <%if cint(i)=cint(0) then%>selected<%end if%>><%=i%></option> <%next%> </select> 积分 <select name="douserEP" size=1> <%for i=-50 to 50%> <option value="<%=i%>" <%if cint(i)=cint(0) then%>selected<%end if%>><%=i%></option> <%next%> </select> 威望 <select name="douserPower" size=1> <%for i=-5 to 5%> <option value="<%=i%>" <%if cint(i)=cint(0) then%>selected<%end if%>><%=i%></option> <%next%> </select> *</td> </tr> <input type=hidden value="yes" name="checked"> <input type=hidden value="<%=userid%>" name="userid"> <input type=hidden value="<%=username%>" name="name"> <tr> <td class=tablebody2 height=24> 请慎重使用管理员的管理职能,管理员所有操作将被记录 <input type="Submit" name=Submit value="确认操作"></td> </tr> </table> </FORM> <% end if End Sub '删除用户1-10天内主题 Sub Deltopic() Dim DelDate, Suserid Dim Todaynum Dim Trs, ii, SplitBoardID Dim j DelDate = Dvbbs.checkstr(request.form("delTopicDate")) suserid = Dvbbs.checkstr(request.form("SetUserID")) Dim Canlockuser Canlockuser = False If (Dvbbs.Master Or Dvbbs.Boardmaster Or Dvbbs.Superboardmaster) And CInt(Dvbbs.GroupSetting(29)) = 1 Then Canlockuser = True Else Canlockuser = False End If If Dvbbs.UserGroupID >3 And CInt(Dvbbs.GroupSetting(29))=1 Then canlockuser=True If Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(29))=1 Then Canlockuser = True ElseIf Dvbbs.FoundUserPer And CInt(Dvbbs.GroupSetting(29))=0 Then Canlockuser = False End If If Not canlockuser Then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" if DelDate="" or Not IsNumeric(DelDate) Then Response.redirect "showerr.asp?ErrCodes=<li>非法的参数。&action=OtherErr" If suserid="" or not isnumeric(suserid) then Response.redirect "showerr.asp?ErrCodes=<li>非法的参数。&action=OtherErr" '删除帖子表中数据 '更新用户帖子数,用户删除帖子数为该帖所有回复数,回复人的删除帖子数不更新 ii = 0 REM 查询加入TOPICID排序避免有百万主题时超时 2004-5-22 Dv.Yz If IsSqlDataBase=1 Then Set Rs = Dvbbs.Execute("SELECT TopicID, Child, BoardID, PostTable, Dateandtime FROM [Dv_Topic] WHERE (NOT Boardid IN (444, 777)) AND PostUserID = " & Suserid & " AND DateDiff(d, DateAndTime, " & SqlNowString & ") < " & DelDate & " ORDER BY TopicID") Else Set Rs = Dvbbs.Execute("SELECT TopicID, Child, BoardID, PostTable, dateandtime FROM [Dv_Topic] WHERE (NOT boardid IN (444, 777)) AND PostUserID = " & Suserid & " AND DateDiff('d', DateAndTime, " & SqlNowString & ") < " & DelDate & " ORDER BY TopicID") End If If Not Rs.EOF Then Sql=Rs.GetRows(-1) Rs.Close:Set Rs = Nothing For j = 0 To Ubound(Sql,2) ii = ii + 1 TotalUseTable = Sql(3,j) '更新发贴用户数据 Dvbbs.Execute("UPDATE [Dv_User] SET Userpost = Userpost - 1, UserDel = UserDel - "&Sql(1,j)&"-1 WHERE userid="&suserid) '更新主题状态 Dvbbs.Execute("UPDATE [Dv_topic] SET locktopic = boardid, boardid = 444 WHERE topicid = "&Sql(0,j)) '更新帖子状态 Dvbbs.Execute("UPDATE "&TotalUseTable&" SET locktopic = boardid, boardid=444 WHERE rootid = "&Sql(0,j)) If DateDiff("d",Sql(4,j),Now())=0 Then todaynum=Sql(1,j) Else todaynum=0 End If '得到该帖子所属论坛的上级论坛ID Set Trs=Dvbbs.Execute("SELECT ParentStr, ParentID FROM Dv_board WHERE boardid ="&Sql(2,j)) If Trs(1)=0 Then UpdateBoardID=Sql(2,j) Else UpdateBoardID=trs(0) & "," & Sql(2,j) End If '更新版面数据 Dvbbs.Execute("update Dv_board set postnum=postnum-"&Sql(1,j)&"-1,topicNum=topicNum-1,todayNum=todayNum-"&todayNum&" where boardid in ("&UpdateBoardID&")") '更新版面缓存 '更新总数据 Dvbbs.Execute("update dv_setup set Forum_TodayNum=Forum_todayNum-"&todaynum&",Forum_postNum=Forum_postNum-"&Sql(1,j)&"-1,Forum_TopicNum=Forum_topicNum-1") '更新总设置缓存 Dvbbs.ReloadSetupCache CLng(Dvbbs.CacheData(7,0))-1,7 Dvbbs.ReloadSetupCache CLng(Dvbbs.CacheData(8,0))-Sql(1,j)-1,8 Dvbbs.ReloadSetupCache CLng(Dvbbs.CacheData(9,0))-todaynum,9 '更新最后回复数据 Dim UpdateBoardID1 UpdateBoardID1=UpdateBoardID LastCount Sql(2,j),Sql(0,j),0,1 Dvbbs.ReloadBoardInfo UpdateBoardID1 Next End If Set Rs = Nothing set Trs = Nothing Sql = "INSERT INTO Dv_Log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作:删除该用户主题 "&ii&" 条。','"&ip&"',6)" Dvbbs.Execute(SQL) Dvbbs.Dvbbs_suc("<li>删除该用户主题 "&ii&" 条。<li>该用户删除帖子数为所删帖所有回复数,回复人的删除帖子数不更新") End Sub '删除某用户指定日期内所有回复贴 Sub DelUserReply() Dim DelDate,suserid,DelBBS Dim todaynum Dim trs,ii,SplitBoardID Dim j DelDate=Dvbbs.checkstr(request.form("delTopicDate")) suserid=Dvbbs.checkstr(request.form("SetUserID")) DelBBS=Left(Replace(request.form("DelBBS"),"'",""),8) Dim canlockuser canlockuser=false if (Dvbbs.master or Dvbbs.boardmaster or dvbbs.superboardmaster) and Cint(Dvbbs.GroupSetting(29))=1 Then canlockuser=True Else canlockuser=False End If If Dvbbs.UserGroupID >3 And Cint(Dvbbs.GroupSetting(29))=1 Then canlockuser=True If Dvbbs.FoundUserPer and Cint(Dvbbs.GroupSetting(29))=1 Then canlockuser=True ElseIf Dvbbs.FoundUserPer and Cint(Dvbbs.GroupSetting(29))=0 then canlockuser=False End If If Not canlockuser Then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" If DelDate="" or not isnumeric(DelDate) Then Response.redirect "showerr.asp?ErrCodes=<li>非法的参数。&action=OtherErr" If suserid="" or not isnumeric(suserid) Then Response.redirect "showerr.asp?ErrCodes=<li>非法的参数。&action=OtherErr" '删除帖子表中数据 ii=0 If IsSqlDataBase=1 then Set Rs=Dvbbs.Execute("SELECT Announceid, rootid, boardid, dateandtime FROM "&DelBBS&" WHERE (NOT boardid IN (444, 777)) AND PostUserID = "&suserid&"AND NOT ParentID = 0 AND Datediff(d, Dateandtime, "&SqlNowString&") < "&DelDate) Else Set Rs=Dvbbs.Execute("SELECT Announceid, rootid, boardid, dateandtime FROM "&DelBBS&" WHERE (NOT boardid IN (444, 777)) AND PostUserID = "&suserid&" AND NOT ParentID = 0 AND Datediff('d', Dateandtime, "&SqlNowString&") < "&DelDate) End if If Not Rs.EOF Then Sql=Rs.GetRows(-1) Rs.Close:Set Rs=Nothing For j=0 To Ubound(Sql,2) ii=ii+1 '更新发贴用户数据 Dvbbs.Execute("UPDATE [dv_user] SET userpost = userpost - 1, UserDel = UserDel - 1, UserWealth = UserWealth - "&Dvbbs.Forum_user(3)&", userEP = userEP - "&Dvbbs.Forum_user(8)&", userCP = userCP - "&Dvbbs.Forum_user(13)&" WHERE userid = "&suserid) Dvbbs.Execute("UPDATE "&DelBBS&" SET locktopic = boardid, boardid = 444 WHERE Announceid = "&Sql(0,j)) isEndReply Sql(1,j),Sql(0,j),1 If DateDiff("d",Sql(3,j),Now())=0 Then todaynum=1 Else todaynum=0 End If '得到该帖子所属论坛的上级论坛ID Set trs=Dvbbs.Execute("SELECT ParentStr, ParentID FROM dv_board WHERE boardid = "&Sql(2,j)) If trs(1)=0 Then UpdateBoardID=Sql(2,j) Else UpdateBoardID=trs(0) & "," & Sql(2,j) End If '更新版面数据 Dvbbs.Execute("UPDATE dv_board SET postnum = postnum - 1, todayNum = todayNum - "&todayNum&" WHERE boardid IN ("&UpdateBoardID&")") '更新总数据 Dvbbs.Execute("UPDATE dv_setup SET Forum_TodayNum = Forum_todayNum - "&todaynum&", Forum_postNum = Forum_postNum - 1") '更新总设置缓存 Dvbbs.ReloadSetupCache CLng(Dvbbs.CacheData(8,0))-1,8 Dvbbs.ReloadSetupCache CLng(Dvbbs.CacheData(9,0))-todaynum,9 '更新最后回复数据 LastCount Sql(2,j),Sql(1,j),Sql(0,j),2 Next End if Set Rs=Nothing Set Trs=Nothing Sql="insert into Dv_log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作:删除该用户回复 "&ii&" 条。','"&ip&"',6)" Dvbbs.Execute(SQL) Dvbbs.Dvbbs_suc("<li>删除该用户回复 "&ii&" 条。") End Sub Sub boardlist() Dim trs Dim dispboard If Not AdminUserPer Then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" Else dispboard=True End If If Not IsNumeric (request("userid")) then Response.redirect "showerr.asp?ErrCodes=<li>错误的用户参数。&action=OtherErr" Response.Write "<table style=""width:98%"" cellspacing=1 cellpadding=0 align=center class=tableborder1>" Response.Write "<tr><th colspan=6 height=23 align=left>编辑"&request("username")&"论坛权限(红色表示该用户在该版面有自定义权限)</th></tr>" Response.Write "<tr><td colspan=6 class=tablebody1 height=25><a href=?action=userBoardPermission&boardid=0&userid="&request("userid")&">编辑该用户在其它页面的权限</a>(主要针对短信部分设置)</td></tr>" '----------------------boardinfo-------------------- Response.Write "<tr><td colspan=6 class=tablebody1><B>点击论坛名称进入编辑状态</B><BR>" Dim reBoard_Setting,FBoardMaster FBoardMaster=False sql="select * from dv_board order by rootid,orders" set rs=Dvbbs.iCreateObject("adodb.recordset") rs.open sql,conn,1,1 Do while Not rs.eof reBoard_Setting=split(rs("Board_Setting"),",") if rs("parentID")>0 and rs("depth")>0 then set trs=Dvbbs.Execute("select boardmaster from dv_board where boardid in ("&rs("ParentStr")&") order by orders") Do While Not trs.EOF If Cint(reBoard_Setting(40))=1 and not FBoardMaster Then If InStr("|"&trs(0)&"|","|"&Dvbbs.membername&"|")>0 Then FBoardMaster=True Else FBoardMaster=False End If End If i=i+1 If FBoardMaster Then Exit Do if i>9 Then Exit Do trs.MoveNext Loop End If If Dvbbs.boardmaster And InStr("|"&rs("BoardMaster")&"|","|"&Dvbbs.membername&"|")=0 then dispboard=False If FBoardMaster Then dispboard=True If Dvbbs.master or Dvbbs.superboardmaster Then dispboard=True if dispboard Then If Rs("depth")>0 Then for i=1 to rs("depth") Response.Write " " Next End If If rs("child")>0 Then Response.Write "<img src=""skins/default/plus.gif"">" Else Response.Write "<img src=""skins/default/nofollow.gif"">" End If %> <a href="?action=userBoardPermission&boardid=<%=rs("boardid")%>&userid=<%=request("userid")%>&name=<%=request("name")%>"> <% set trs=Dvbbs.Execute("select uc_userid from dv_UserAccess where uc_Boardid="&rs("boardid")&" and uc_userid="&request("userid")) if not (trs.eof and trs.bof) then Response.Write "<font color=red>" if rs("parentid")=0 then Response.Write "<b>" Response.Write rs("boardtype") if rs("parentid")=0 then Response.Write "</b>" if rs("child")>0 then Response.Write "("&rs("child")&")" end if Response.Write "</font></a><br>" FBoardMaster=false dispboard=false rs.MoveNext loop set trs=nothing set rs=nothing Response.Write "</td></tr></table>" End Sub Sub GetUserPermission() If Not AdminUserPer Then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" Dim usertitle If Not IsNumeric(request("userid")) then Response.redirect "showerr.asp?ErrCodes=<li>错误的用户参数。&action=OtherErr" If Not IsNumeric(Dvbbs.boardid) then Response.redirect "showerr.asp?ErrCodes=<li>错误的用户参数。&action=OtherErr" Dim UserGroupID,membername,boardtype set rs=Dvbbs.Execute("select u.UserGroupID,ug.title,u.username from [dv_user] u inner join dv_UserGroups UG on u.userGroupID=ug.userGroupID where u.userid="&request("userid")) UserGroupID=rs(0) usertitle=rs(1) membername=rs(2) set rs=Dvbbs.Execute("select boardtype from dv_board where boardid="&Dvbbs.boardid) if rs.eof and rs.bof then boardtype="论坛其他页面" else boardtype=rs(0) end if Dim reGroupSetting Dim FoundGroup,FoundUserPermission,FoundGroupPermission FoundGroup=false FoundUserPermission=false FoundGroupPermission=false set rs=Dvbbs.Execute("select * from dv_UserAccess where uc_boardid="&Dvbbs.boardid&" and uc_userid="&request("userid")) If Not (rs.eof and rs.bof) Then reGroupSetting=rs("uc_Setting") FoundGroup=true FoundUserPermission=true End If if not foundgroup then set rs=Dvbbs.Execute("select * from dv_BoardPermission where boardid="&Dvbbs.boardid&" and groupid="&usergroupid) if not(rs.eof and rs.bof) then reGroupSetting=rs("PSetting") FoundGroup=true FoundGroupPermission=true end if end if if not foundgroup then set Rs=Dvbbs.Execute("select * from dv_usergroups where usergroupid="&usergroupid) If rs.eof And rs.bof Then Response.Write "未找到该用户组!" response.end Else FoundGroup=true FoundGroupPermission=true reGroupSetting=rs("GroupSetting") End If End If %> <script src="images/manage/admin.js" type="text/javascript"></script> <FORM METHOD="POST" ACTION="?action=saveuserpermission"> <input type="hidden" name="userid" value="<%=request("userid")%>"/> <input type="hidden" name="BoardID" value="<%=Dvbbs.boardid%>"/> <input type="hidden" name="username" value="<%=membername%>"/> <input type="hidden" name="name" value="<%=membername%>"/> <table cellpadding="3" cellspacing="1" align="center" class="tableborder1"> <tr><th colspan="6" height="23" align="left">编辑 <%=membername%> 在 <%=boardtype%> 权限</th></tr> <tr><td colspan="6" height="25" class="tablebody1">注意:该用户属于 <B><%=usertitle%></B> 用户组中,如果您设置了他的自定义权限,则该用户权限将以自定义权限为主</td></tr> <tr> <td height="23" colspan="4" class="tablebody1"><input type="radio" name="isdefault" value="1" <%if FoundGroupPermission then%>checked<%end if%>><B>使用用户组默认值</B> (注意: 这将删除任何之前所做的自定义设置)</td> </tr> <tr> <td height="23" colspan="4" class="tablebody1"><input type="radio" name="isdefault" value="0" <%if FoundUserPermission then%>checked="true"<%end if%>><B>使用自定义设置</B> </td> </tr> <% GroupPermission(reGroupSetting) %> <input type="hidden" value="yes" name="groupaction"> </FORM> </table> <% End Sub Sub SaveUserPermission() if not AdminUserPer then Response.redirect "showerr.asp?ErrCodes=<li>您没有权限执行此操作。&action=OtherErr" if not isnumeric(request("userid")) then Response.redirect "showerr.asp?ErrCodes=<li>错误的用户参数。&action=OtherErr" if not isnumeric(Dvbbs.boardid) then Response.redirect "showerr.asp?ErrCodes=<li>错误的版面参数。&action=OtherErr" Dim trs '最后一次进行验证,主要为验证版主是否所操作的版面版主 Dim reboard_setting,fboardmaster fboardmaster=false if Dvbbs.boardmaster and (Not Dvbbs.FoundUserPer) and (not (Dvbbs.master or Dvbbs.superboardmaster)) Then set rs=Dvbbs.Execute("select boardmaster,parentid,depth,Board_Setting from dv_board where boardid="&Dvbbs.boardid) if not(rs.eof and rs.bof) then reBoard_Setting=split(rs(3),",") if rs("parentID")>0 and rs("depth")>0 then set trs=Dvbbs.Execute("select boardmaster from dv_board where boardid in ("&rs("ParentStr")&") order by orders") do while not trs.eof if Cint(reBoard_Setting(40))=1 And Not FBoardMaster Then if instr("|"&trs(0)&"|","|"&Dvbbs.membername&"|")>0 Then FBoardMaster=True else FBoardMaster=False end if end if i=i+1 if FBoardMaster then exit do if i>9 then exit do trs.movenext loop end if if not fboardmaster then if instr("|"&rs(0)&"|","|"&membername&"|")=0 then Dvbbs.AddErrMsg "您不是该版面的版主,无权进行用户权限操作。" end if Else Response.redirect "showerr.asp?ErrCodes=<li>您不是该版面的版主,无权进行用户权限操作。&action=OtherErr" End If End If Dim myGroupSetting Dim IsGroupSetting,MyIsGroupSetting,FoundSetting myGroupSetting=GetGroupPermission If request("isdefault")=1 Then Dvbbs.Execute("delete from dv_UserAccess where uc_boardid="&Dvbbs.boardid&" and uc_userid="&Dvbbs.CheckStr(request("userid"))) Else set rs=Dvbbs.Execute("select * from dv_UserAccess where uc_boardid="&Dvbbs.boardid&" and uc_userid="&Dvbbs.CheckStr(request("userid"))) if rs.eof and rs.bof Then Dvbbs.Execute("insert into Dv_UserAccess (uc_userid,uc_boardid,uc_setting) values ("&Dvbbs.CheckStr(request("userid"))&","&Dvbbs.boardid&",'"&myGroupSetting&"')") else Dvbbs.Execute("update dv_UserAccess set uc_setting='"&myGroupSetting&"' where uc_boardid="&Dvbbs.boardid&" and uc_userid="&Dvbbs.CheckStr(request("userid"))) End If End If Dim IsGroupSetting1 IsGroupSetting=Get_board_AccUserList(Dvbbs.boardid) IsGroupSetting1=Get_Board_GroupSetting(Dvbbs.boardid) If IsGroupSetting="" Then IsGroupSetting=IsGroupSetting1 ElseIf IsGroupSetting1<>"" Then IsGroupSetting=IsGroupSetting&","& IsGroupSetting1 End If Dvbbs.Execute("update dv_Board set IsGroupSetting='"&IsGroupSetting&"' Where BoardID="&Dvbbs.boardid) sql="insert into Dv_log (l_touser,l_username,l_content,l_ip,l_type) values ('"&username&"','"&Dvbbs.membername&"','用户操作:设置权限。','"&ip&"',5)" Dvbbs.Execute(SQL) Dvbbs.Dvbbs_suc("<li>设置用户权限成功。您的操作已经记录") Dvbbs.ReloadBoardCache Dvbbs.boardid End Sub '更新指定论坛信息,取主题和最后回复作者及时间 'flag=1为根据主题ID判断,2为根据回复ID判断是否版面最后回复 Function LastCount(boardid,topicid,ireplyid,flag) LastCount=false Dim LastTopic,LastRootid,LastPostTime,LastPostUser Dim LastPost,uploadpic_n,Lastpostuserid,Lastid Dim trs Dim LastPostInfo set trs=Dvbbs.Execute("select LastPost from dv_board where boardid="&boardid) if not (trs.eof and trs.bof) then LastPostInfo=split(trs(0),"$") if ubound(LastPostInfo)=7 then if flag=1 then if clng(LastPostInfo(6))=topicid then LastCount=true elseif flag=2 then if clng(LastPostInfo(1))=ireplyid then LastCount=true end if end if end if if LastCount then set trs=Dvbbs.Execute("select top 1 T.title,b.Announceid,b.dateandtime,b.username,b.postuserid,b.rootid from "&Dvbbs.NowUseBBS&" b inner join dv_Topic T on b.rootid=T.TopicID where b.boardid="&boardid&" order by b.announceid desc") if not(trs.eof and trs.bof) then Lasttopic=replace(left(trs(0),15),"$","") LastRootid=trs(1) LastPostTime=trs(2) LastPostUser=trs(3) LastPostUserid=trs(4) Lastid=trs(5) else LastTopic="无" LastRootid=0 LastPostTime=now() LastPostUser="无" LastPostUserid=0 Lastid=0 end if LastPost=LastPostUser & "$" & LastRootid & "$" & LastPostTime & "$" & LastTopic & "$" & uploadpic_n & "$" & LastPostUserID & "$" & LastID & "$" & BoardID LastPost = Dvbbs.CheckStr(LastPost) Dim SplitUpBoardID,SplitLastPost SplitUpBoardID=split(UpdateBoardID,",") For i=0 to ubound(SplitUpBoardID) set trs=Dvbbs.Execute("select LastPost from dv_board where boardid="&SplitUpBoardID(i)) if not (trs.eof and trs.bof) then SplitLastPost=split(trs(0),"$") if ubound(SplitLastPost)=7 and clng(LastRootID)<>clng(SplitLastPost(1)) then Dvbbs.Execute("update dv_board set LastPost='"&LastPost&"' where boardid="&SplitUpBoardID(i)) end if end if Next Dvbbs.ReloadBoardCache UpdateBoardID End if set trs=Nothing End function '删除回复过程中判断该回复是否最后发言,如果是则更新主题LastPost数据并回复-1 '入口: 'TopicID--主题ID 'iReplyID--回复ID 'isUpdate--是否更新时间 '出口:isEndReply=true/false Function IsEndReply(TopicID,iReplyID,isUpdate) isEndReply=false Dim trs Dim LastPostInfo,iTotalUseTable Dim LastTopic,body,LastRootid,LastPostTime,LastPostUser Dim LastPost,uploadpic_n,LastPostUserID,LastID,istop set trs=Dvbbs.Execute("select LastPost,PostTable,istop from dv_Topic where Topicid="&Topicid) if not (trs.eof and trs.bof) then LastPostInfo=split(trs(0),"$") iTotalUseTable=trs(1) istop=trs(2) if ubound(LastPostInfo)=7 then if Clng(LastPostInfo(1))=Clng(iReplyID) then isEndReply=true end if end if if isEndReply and isUpdate=1 then set trs=Dvbbs.Execute("select top 1 topic,body,Announceid,dateandtime,username,PostUserid,rootid,boardid from "&iTotalUseTable&" where (not boardid in (444,777)) and rootid="&TopicID&" order by Announceid desc") if not(trs.eof and trs.bof) then body=trs(1) LastRootid=trs(2) LastPostTime=trs(3) LastPostUser=replace(trs(4),"$","") LastTopic=left(replace(body,"$",""),20) LastPostUserID=trs(5) LastID=trs(6) BoardID=trs(7) else LastTopic="无" LastRootid=0 LastPostTime=now() LastPostUser="无" LastPostUserID=0 LastID=0 Boardid=0 end if if istop=1 then LastPostTime=dateadd("d",100,LastPostTime) LastPost=LastPostUser & "$" & LastRootid & "$" & LastPostTime & "$" & replace(left(LastTopic,20),"$","") & "$" & LastPostInfo(4) & "$" & LastPostUserID & "$" & LastID & "$" & BoardID LastPost = Dvbbs.CheckStr(LastPost) Dvbbs.Execute("update dv_topic set LastPost='"&LastPost&"',child=child-1,LastPostTime='"&LastPostTime&"' where topicid="&TopicID) elseif isupdate=1 and not isendreply then Dvbbs.Execute("update dv_topic set child=child-1 where topicid="&topicid) end if set trs=nothing End Function Function Get_board_AccUserList(bid) Dim Rs,tmp Set Rs=Dvbbs.Execute("Select uc_userid from dv_UserAccess where uc_boardid="&bid&"") tmp="" If Not Rs.EOF Then Do while Not Rs.EOF If tmp="" Then tmp="0_"&rs(0) Else tmp=tmp&",0_"&rs(0) End If Rs.MoveNext Loop Get_board_AccUserList=tmp Else Get_board_AccUserList="" End If Set Rs=Nothing End Function Function Get_Board_GroupSetting(bid) Dim Rs,tmp Set Rs=Dvbbs.Execute("select GroupID From Dv_BoardPermission Where BoardID="&bid) tmp="" If Not Rs.EOF Then Do while Not Rs.EOF If tmp="" Then tmp=rs(0) Else tmp=tmp&","&rs(0) End If Rs.MoveNext Loop Get_Board_GroupSetting=tmp Else Get_Board_GroupSetting="" End If Set Rs=Nothing End Function %>