private void GetAddManage() { builder.Append(Out.Div("title", "后台帐号添加")); //读取我的帐号 BCW.Model.Manage mymodel = new BCW.BLL.Manage().GetModel(BCW.User.Users.userId()); if (mymodel.ID != 1) { Utils.Error("以你的权限还不能添加帐号", ""); } string ac = Utils.GetRequest("ac", "all", 1, "", ""); if (Utils.ToSChinese(ac) == "添加帐号") { string strUser = Out.UBB(Utils.GetRequest("strUser", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "用户名应该是由6-15字母、数字的组合")); string strPass = Out.UBB(Utils.GetRequest("strPass", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "密码应该是由6-15位字母、数字的组合")); string strPassr = Out.UBB(Utils.GetRequest("strPassr", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "确认密码应该是由6-15位字母、数字的组合")); //检查是否重复 if (new BCW.BLL.Manage().ExistsUser(strUser)) { Utils.Error("用户名" + strUser + "已存在", ""); } if (strPass != strPassr) { Utils.Error("确认密码不正确", ""); } BCW.Model.Manage model = new BCW.Model.Manage(); model.sUser = strUser; model.sPwd = Utils.MD5(strPass); model.sKeys = ""; model.sTime = DateTime.Now; new BCW.BLL.Manage().Add(model); int MaxId = new BCW.BLL.Manage().GetMaxId() - 1; model.ID = MaxId; model.sKeys = BCW.User.Users.SetUserKeys(MaxId, strUser, new Rand().RandNum(10)); model.sKeys = Utils.Mid(model.sKeys, 0, model.sKeys.Length - 4); new BCW.BLL.Manage().UpdateKeys(model); Utils.Success("添加帐号", "帐号添加成功..", Utils.getUrl("manage.aspx"), "1"); } else { string strText = "*用户名/,*密码:/,*确认密码/,,"; string strName = "strUser,strPass,strPassr,act"; string strType = "text,password,password,hidden"; string strValu = "'''add"; string strEmpt = "false,false,false,"; string strIdea = "/用户名与密码必须是字母和数字的组合/"; string strOthe = "添加帐号|reset,manage.aspx,post,1,red|blue"; builder.Append(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe)); builder.Append(Out.Tab("<div class=\"hr\"></div>", Out.Hr())); } builder.Append(Out.Tab("<div>", "")); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx") + "\">返回上一级</a><br />"); builder.Append(Out.Tab("</div><div class=\"title\"><a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>", "<a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>")); builder.Append(Out.Tab("</div>", "<br />")); }
private void GetDelUser() { Master.Title = "后台帐号删除"; //读取我的帐号 int aid = 0; aid = int.Parse(Utils.GetRequest("aid", "all", 1, @"^[0-9]\d*$", "0")); string info = Utils.GetRequest("info", "all", 1, "", ""); BCW.BLL.Manage bll = new BCW.BLL.Manage(); BCW.Model.Manage mymodel = bll.GetModel(BCW.User.Users.userId()); if (mymodel.ID != 1) { Utils.Error("以你的权限还不能删除帐号", ""); } if (aid == 1) { Utils.Error("系统保留帐号不能删除", ""); } if (info != "ok") { builder.Append(Out.Tab("<div class=\"title\">", "")); builder.Append("确定删除此帐号吗<br />"); builder.Append(Out.Tab("</div>", "")); builder.Append(Out.Tab("<div>", "")); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?info=ok&act=del&aid=" + aid + "") + "\">确定删除</a><br />"); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx") + "\">先留着吧..</a>"); builder.Append(Out.Tab("</div>", "<br />")); } else { new BCW.BLL.Manage().Delete(aid); Utils.Success("删除帐号", "删除修改成功..", Utils.getUrl("manage.aspx"), "1"); } }
protected void Page_Load(object sender, EventArgs e) { string AdminPath = ConfigHelper.GetConfigString("AdminPath"); //后台管理员权限判断 int ManageId = new BCW.User.Manage().IsManageLogin(); if (ManageId == 0) { Response.Redirect("/" + AdminPath + "/login.aspx"); Response.End(); } string PageUrl = Utils.getPageUrl().ToLower(); DataSet ds = new BCW.BLL.Manage().GetManageList("sTime,sUserIP", "ID=" + ManageId + ""); if (ds == null || ds.Tables[0].Rows.Count == 0) { Response.Redirect("/" + AdminPath + "/login.aspx"); Response.End(); } else { ////特殊功能限制 //if (Utils.GetTopDomain().Contains("kb288.net")) //{ // if (PageUrl.Contains("/xml/") && !PageUrl.Contains("/xml/guess")) // { // if (!PageUrl.Contains("/xml/stkset.aspx") && !PageUrl.Contains("/xml/six49set.aspx")) // { // if (ManageId != 1 && ManageId != 3 && ManageId != 4 && ManageId != 5) // { // Utils.Error("权限不足", ""); // } // } // } //} //else //{ // if (PageUrl.Contains("/xml/") && !PageUrl.Contains("/xml/guess")) // { // if (Utils.GetTopDomain().Contains("tuhao") || Utils.GetTopDomain().Contains("th")) // { // if (ManageId != 1 && ManageId != 2 && ManageId != 4 && ManageId != 13) // { // Utils.Error("权限不足", ""); // } // } // else // { // if (ManageId != 1 && ManageId != 9 && ManageId != 11) // { // Utils.Error("权限不足", ""); // } // } // } //} //if (PageUrl.Contains("/guess/") || PageUrl.Contains("/guessbc/")) //{ // if (Utils.GetTopDomain().Contains("tuhao") || Utils.GetTopDomain().Contains("th")) // { // if (ManageId == 3 || ManageId == 12) // { // Utils.Error("权限不足", ""); // } // } //} DateTime LoginTime = DateTime.Parse(ds.Tables[0].Rows[0]["sTime"].ToString()); string LoginUserIP = ds.Tables[0].Rows[0]["sUserIP"].ToString(); int lIp = Utils.ParseInt(ub.Get("SiteVerifyIP")); int lTime = Utils.ParseInt(ub.Get("SiteLoginExpir")); string UsIP = Utils.DelLastChar(Utils.GetUsIP(), "."); string LoginUserIP2 = ""; try { LoginUserIP2 = Utils.DelLastChar(LoginUserIP, "."); } catch { } if ((lTime > 0 && LoginTime.AddMinutes(lTime) < DateTime.Now) || (lIp > 0 && LoginUserIP2 != UsIP)) { UsIP = Utils.DelLastChar(UsIP, "."); if (UsIP != "121.14" && UsIP != "119.147" && UsIP != "182.16" && UsIP != "119.42") { new Out().head(Utils.ForWordType(_Title)); Response.Write(Out.Tab("<div class=\"title\">", "")); if ((lTime > 0 && LoginTime.AddMinutes(lTime) < DateTime.Now)) { Response.Write("登录超时,请重新登录"); } else { Response.Write("您目前使用的网络IP与上次有明显不同(上次IP:" + LoginUserIP + "),请重新登录"); } Response.Write(Out.Tab("</div>", "")); string strText = "用户,密码"; string strName = "userName,userPass"; string strType = "text,password"; string strValu = "''"; string strEmpt = "false,false"; string strIdea = "/"; string strOthe = "登录后台|reset,/" + AdminPath + "/login.aspx,post,1,red|blue"; Response.Write(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe)); Response.Write(new Out().foot()); Response.End(); } } } //二级管理限制 string ManIDS = "#" + ub.Get("SiteManIDS") + "#"; if (ManIDS.Contains("#" + ManageId + "#")) { bool IsPass = false; string strUrl = "login.aspx,default.aspx,/man/,class.aspx,PK10set.aspx,classact.aspx,classok.aspx,book.aspx,forum.aspx,blacklist.aspx,moderator.aspx,mebook.aspx,thread.aspx,reply.aspx,group.aspx,chat.aspx"; string[] Temp = strUrl.Split(",".ToCharArray()); for (int i = 0; i < Temp.Length; i++) { if (PageUrl.Contains("" + Temp[i] + "")) { IsPass = true; break; } } if (!IsPass) { Utils.Error("权限不足", ""); } } string foot = string.Empty; if (_IsFoot == true) { foot += Out.Tab("<div class=\"ft\">", ""); foot += "<a href=\"" + Utils.getUrl("/" + AdminPath + "/inter.aspx?backurl=" + Utils.PostPage(1) + "") + "\">[功能]</a>"; foot += "<a href=\"" + Utils.getUrl("/default.aspx") + "\">返回首页</a><br />"; foot += Out.Tab("</div>", ""); } foot += "<!--Powered by kubao.cc " + ub.Get("SiteVersion") + " @author Light-->"; //头部 new Out().head(Utils.ForWordType("" + ub.Get("SiteName") + "-" + _Title)); //尾部 FootResult.Append(Utils.ForWordType(foot) + new Out().foot()); }
protected void Page_Load(object sender, EventArgs e) { Master.Title = "后台管理"; string ac = Utils.GetRequest("ac", "all", 1, "", ""); if (Utils.ToSChinese(ac) == "登录后台") { string userName = Utils.GetRequest("userName", "post", 2, @"^[A-Za-z0-9]+$", "请正确输入用户名"); string userPass = Utils.GetRequest("userPass", "post", 2, @"^[A-Za-z0-9]+$", "请正确输入密码"); BCW.Model.Manage model = new BCW.Model.Manage(); model.sUser = userName; model.sPwd = Utils.MD5(userPass); BCW.BLL.Manage bll = new BCW.BLL.Manage(); if (bll.GetManageRow(model) > 0) { BCW.Model.Manage modelManage = bll.GetModelByModel(model.sUser, model.sPwd); builder.Append(Out.Tab("<div class=\"title\">", "")); builder.Append("登录成功"); builder.Append(Out.Tab("</div>", "<br />")); builder.Append(Out.Tab("<div>", "")); builder.Append("上次登录:" + DT.DateDiff(DateTime.Now, Convert.ToDateTime(modelManage.sTime)) + "前"); string VE = ConfigHelper.GetConfigString("VE"); string SID = ConfigHelper.GetConfigString("SID"); builder.Append("<br /><a href=\"Default.aspx?" + VE + "=" + Utils.getstrVe() + "&" + SID + "=" + modelManage.sKeys + new Rand().RandNume(4) + "\">马上进入后台</a>"); //更新登录时间 modelManage.sTime = DateTime.Now; bll.UpdateTimeIP(modelManage); } else { builder.Append(Out.Tab("<div class=\"title\">", "")); builder.Append("登录失败"); builder.Append(Out.Tab("</div>", "")); builder.Append(Out.Tab("<div>", "<br />")); builder.Append("<a href=\"" + Utils.getUrl("login.aspx") + "\">返回继续</a>"); } builder.Append(Out.Tab("</div>", "")); } else if (ac == "exit") { string AdminPath = ConfigHelper.GetConfigString("AdminPath"); //后台管理员权限判断 int ManageId = new BCW.User.Manage().IsManageLogin(); if (ManageId == 0) { Response.Redirect("/" + AdminPath + "/login.aspx"); Response.End(); } //更新Keys BCW.Model.Manage modelkeys = new BCW.Model.Manage(); modelkeys.ID = BCW.User.Users.GetIDByKeys(Utils.getstrU()); modelkeys.sKeys = BCW.User.Users.SetUserKeys(modelkeys.ID, "", new Rand().RandNum(10)); modelkeys.sKeys = Utils.Mid(modelkeys.sKeys, 0, modelkeys.sKeys.Length - 4); new BCW.BLL.Manage().UpdateKeys(modelkeys); builder.Append(Out.Tab("<div>", "")); builder.Append("退出成功<br />"); builder.Append("<a href=\"" + Utils.getUrl("login.aspx") + "\">继续登录</a>"); builder.Append(Out.Tab("</div>", "")); } else { builder.Append(Out.Tab("<div class=\"title\">", "")); builder.Append("欢迎您进入管理后台"); builder.Append(Out.Tab("</div>", "")); string strText = "用户,密码"; string strName = "userName,userPass"; string strType = "text,password"; string strValu = "''"; string strEmpt = "false,false"; string strIdea = "/"; string strOthe = "登录后台|reset,login.aspx,post,0,red|blue"; builder.Append(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe)); } }
private void GetUserList() { builder.Append(Out.Div("title", "帐号列表")); builder.Append(Out.Tab("<div>", "<br />")); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=add") + "\">添加帐号</a>"); builder.Append(Out.Tab("</div>", "<br />")); int pageIndex; int recordCount; int pageSize = Convert.ToInt32(ub.Get("SiteListNo")); string[] pageValUrl = { "act" }; pageIndex = Utils.ParseInt(Request.QueryString["page"]); if (pageIndex == 0) { pageIndex = 1; } // 开始读取帐号 int ManageId = new BCW.User.Manage().IsManageLogin(); IList <BCW.Model.Manage> listManage = new BCW.BLL.Manage().GetManages(pageIndex, pageSize, out recordCount); if (listManage.Count > 0) { int k = 1; foreach (BCW.Model.Manage n in listManage) { if (k % 2 == 0) { builder.Append(Out.Tab("<div class=\"text\">", "")); } else { builder.Append(Out.Tab("<div>", "")); } if (ManageId == n.ID) { builder.AppendFormat("<a href=\"" + Utils.getUrl("manage.aspx?act=edit&aid={0}") + "\">[管理]>{1}({0}号)</a><br />上次登录:{2}", n.ID, n.sUser, n.sTime); if (ManageId == 1) { builder.Append("<br />登录IP:" + n.sUserIP + ""); } builder.Append("<br />"); } else { if (ManageId == 1) { builder.AppendFormat("<a href=\"" + Utils.getUrl("manage.aspx?act=edit&aid={0}") + "\">[管理]>{1}({0}号)</a><br />上次登录:{2}", n.ID, n.sUser, n.sTime); builder.Append("<br />登录IP:" + n.sUserIP + ""); builder.Append("<br />"); } } k++; builder.Append(Out.Tab("</div>", "")); } // 分页 builder.Append(BasePage.MultiPage(pageIndex, pageSize, recordCount, Utils.getPageUrl(), pageValUrl, "page", 0)); } else { builder.Append(Out.Div("text", "没有相关记录")); builder.Append(Out.Tab("", "<br />")); } builder.Append(Out.Tab("<div class=\"hr\"></div>", Out.RHr())); builder.Append(Out.Tab("<div>", "")); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=edit") + "\">修改我的帐号</a><br />"); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=check") + "\">后台登录设置</a><br />"); builder.Append(Out.Tab("</div><div class=\"title\"><a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>", "<a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>")); builder.Append(Out.Tab("</div>", "<br />")); }
private void GetEditManage() { //读取我的帐号 BCW.BLL.Manage bll = new BCW.BLL.Manage(); BCW.Model.Manage mymodel = bll.GetModel(BCW.User.Users.userId()); int myaid = mymodel.ID; string myaUser = mymodel.sUser; int aid = 0; string aUser = ""; aid = int.Parse(Utils.GetRequest("aid", "all", 1, @"^[0-9]\d*$", "0")); if (aid == 0) { aid = myaid; aUser = myaUser; } else { if (myaid != 1 && myaid != aid) { Utils.Error("以你的权限还不能修改他人帐号", ""); } if (bll.GetModel(aid) == null) { Utils.Error("帐号不存在", ""); } BCW.Model.Manage model = bll.GetModel(aid); aid = model.ID; aUser = model.sUser; } string ac = Utils.GetRequest("ac", "all", 1, "", ""); if (Utils.ToSChinese(ac) == "修改帐号") { string strUser = Utils.GetRequest("strUser", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "用户名应该是由6-15字母、数字的组合"); string strPass = Utils.GetRequest("strPass", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "密码应该是由6-15位字母、数字的组合"); string strPassr = Utils.GetRequest("strPassr", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "确认密码应该是由6-15位字母、数字的组合"); if (new BCW.BLL.Manage().ExistsUser(strUser, aid)) { Utils.Error("用户名" + strUser + "已存在", ""); } if (strPass != strPassr) { Utils.Error("确认密码不正确", ""); } BCW.Model.Manage model = new BCW.Model.Manage(); model.sUser = strUser; model.sPwd = Utils.MD5(strPass); model.ID = aid; new BCW.BLL.Manage().Update(model); Utils.Success("修改帐号", "帐号修改成功..", Utils.getUrl("manage.aspx"), "1"); } else { builder.Append(Out.Div("title", "管理:" + aUser + "")); string strText = "*用户名/,*密码:/,*确认密码/,,"; string strName = "strUser,strPass,strPassr,aid,act"; string strType = "text,password,password,hidden,hidden"; string strValu = "'''" + aid + "'edit"; string strEmpt = "false,false,false,,"; string strIdea = "/用户名与密码必须是字母和数字的组合/"; string strOthe = "修改帐号|reset,manage.aspx,post,1,red|blue"; builder.Append(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe)); } builder.Append(Out.Tab("<div class=\"hr\"></div>", Out.Hr())); builder.Append(Out.Tab("<div>", "")); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=del&aid=" + aid + "") + "\">删除帐号</a><br />"); builder.Append("<a href=\"" + Utils.getUrl("manage.aspx") + "\">返回上一级</a><br />"); builder.Append(Out.Tab("</div><div class=\"title\"><a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>", "<a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>")); builder.Append(Out.Tab("</div>", "<br />")); }