| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179 |
- /*******************************************************************************
- * iNethinkCMS - 网站内容管理系统
- * Copyright (C) 2012-2013 inethink.com
- *
- * @author jackyang <69991000@qq.com>
- * @website http://cms.inethink.com
- * @version 1.3.6.0 (2013-08-14)
- *
- * This is licensed under the GNU LGPL, version 3.0 or later.
- * For details, see: http://www.gnu.org/licenses/gpl-3.0.html
- *******************************************************************************/
- using System;
- using System.Collections.Generic;
- using System.Text;
- using System.Web;
- using System.Data;
- using System.Data.SqlClient;
- using iNethinkCMS.Command;
- namespace iNethinkCMS.Web.UI
- {
- public class Admin_BasePage : BasePage
- {
- protected string SysLoginUserName;
- protected string SysLoginUserTrueName;
- protected string SysLoginUserPower;
- protected string SysLoginUserChannelPower;
- protected string SysRegisteredUsersChannelPower="";
- protected int SysLoginUserID = 0;
- protected int SysLoginUserType = 0;
- private bool _SysRegisteredUsersIsManage = false;
- /// <summary>
- /// 当前用户是否拥有后台管理权限
- /// </summary>
- public bool SysRegisteredUsersIsManage
- {
- get { return _SysRegisteredUsersIsManage; }
- set { _SysRegisteredUsersIsManage = value; }
- }
- /// <summary>
- /// 权限检查
- /// </summary>
- /// <returns></returns>
- public void CheckUserPower(string byUserPower)
- {
- //判断COOKIE信息,在正确情况下,重新写入SESSION
- if (String.IsNullOrEmpty(Command_Session.Get("admin_username")))
- {
- string JC_UserName = Command_Cookie.GetCookie("cookie_admin_username");
- string JC_PassWord = Command_Cookie.GetCookie("cookie_admin_password");
- if (!String.IsNullOrEmpty(JC_UserName) && !String.IsNullOrEmpty(JC_PassWord))
- {
- JC_UserName = JC_UserName.Replace("'", "").Replace(")", "").Replace(">", "").Replace("*", "").Replace("?", "").Replace("%", "");
- JC_PassWord = JC_PassWord.Replace("'", "").Replace(")", "").Replace(">", "").Replace("*", "").Replace("?", "").Replace("%", "");
- iNethinkCMS.BLL.BLL_iNethinkCMS_User bll = new iNethinkCMS.BLL.BLL_iNethinkCMS_User();
- iNethinkCMS.Model.Model_iNethinkCMS_User model = new iNethinkCMS.Model.Model_iNethinkCMS_User();
- model = bll.GetModel(JC_UserName);
- if (model != null)
- {
- if (model.UserType != 1)
- {
- try
- {
- if (model.UserPower == null || model.UserPower.Trim().Length <= 0)
- {
- _SysRegisteredUsersIsManage = false;
- }
- else {
- _SysRegisteredUsersIsManage = true;
- }
- string Vip = "";
- if (model.UserType > 2)
- {
- Vip = (model.UserType - 2).ToString();
- }
- iNethinkCMS.Model.Model_iNethinkCMS_User RegisterModel = bll.GetModel("RegisteredUsers" + Vip.Trim());
- if (RegisterModel == null)
- {
- RegisterModel = bll.GetModel("RegisteredUsers");
- }
- if (RegisterModel != null)
- {
- if (!_SysRegisteredUsersIsManage)
- {
- model.UserPower = RegisterModel.UserPower;
- }
- this.SysRegisteredUsersChannelPower = RegisterModel.UserChannelPower;
- }
- else
- {
- model.UserPower = "";
- model.UserChannelPower = "";
- this.SysRegisteredUsersChannelPower ="";
- }
- }
- catch
- {
- model.UserPower = "";
- model.UserChannelPower = "";
- this.SysRegisteredUsersChannelPower = "";
- }
- }
-
-
- if (Command_MD5.md5(siteConfig.CacheKey + Command_Function.GetUserIp() + model.SecurityCode) == JC_PassWord)
- {
- Command_Session.Add("admin_username", model.UserName);
- Command_Session.Add("admin_usertruename", model.UserTrueName);
- Command_Session.Add("admin_userpass", model.UserPass);
- Command_Session.Add("admin_userpower", model.UserPower);
- Command_Session.Add("admin_userchannelpower", model.UserChannelPower);
- Command_Session.Add("admin_loginuserid", model.ID.ToString());
- Command_Session.Add("admin_loginusertype", model.UserType.ToString());
- Command_Session.Add("admin_SysRegisteredUsersIsManage", this.SysRegisteredUsersIsManage.ToString());
- Command_Session.Add("admin_SysRegisteredUsersChannelPower", this.SysRegisteredUsersChannelPower);
- }
- }
- }
- }
- SysLoginUserName = Command_Session.Get("admin_username");
- SysLoginUserTrueName = Command_Session.Get("admin_usertruename");
- SysLoginUserPower = "login," + Command_Session.Get("admin_userpower") + ",";
- SysLoginUserChannelPower = Command_Session.Get("admin_userchannelpower");
- SysLoginUserID = Convert.ToInt32(Command_Session.Get("admin_loginuserid"));
- SysLoginUserType = Convert.ToInt32(Command_Session.Get("admin_loginusertype"));
- this.SysRegisteredUsersIsManage = Convert.ToBoolean(Command_Session.Get("admin_SysRegisteredUsersIsManage"));
- this.SysRegisteredUsersChannelPower = Command_Session.Get("admin_SysRegisteredUsersChannelPower");
- if (String.IsNullOrEmpty(SysLoginUserName) || String.IsNullOrEmpty(SysLoginUserPower))
- {
- Response.Clear();
- //Response.Redirect("~/admin/index.aspx");
- Response.Write("<script language=javascript>alert('您还没有登录,不能访问。');parent.location.href=\"/admin\";</script>");
- Response.End();
- }
- else
- {
- if (SysLoginUserPower.IndexOf(byUserPower + ",") < 0)
- {
- Response.Write("您并无当前页面/功能的操作权限!");
- Response.End();
- }
- }
- }
- /// <summary>
- /// 权限检查
- /// </summary>
- /// <returns></returns>
- public bool CheckUserPower(string byUserPower, string retun)
- {
- SysLoginUserName = Command_Session.Get("admin_username");
- SysLoginUserPower = "login," + Command_Session.Get("admin_userpower") + ",";
- if (SysLoginUserName == null || SysLoginUserPower == null)
- {
- return false;
- }
- else
- {
- if (SysLoginUserPower.IndexOf(byUserPower + ",") < 0)
- {
- return false;
- }
- else
- {
- return true;
- }
- }
- }
- }
- }
|
