private void GetAddManage()
{
builder.Append(Out.Div("title", "后台帐号添加"));
//读取我的帐号
BCW.Model.Manage mymodel = new BCW.BLL.Manage().GetModel(BCW.User.Users.userId());
if (mymodel.ID != 1)
{
Utils.Error("以你的权限还不能添加帐号", "");
}
string ac = Utils.GetRequest("ac", "all", 1, "", "");
if (Utils.ToSChinese(ac) == "添加帐号")
{
string strUser = Out.UBB(Utils.GetRequest("strUser", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "用户名应该是由6-15字母、数字的组合"));
string strPass = Out.UBB(Utils.GetRequest("strPass", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "密码应该是由6-15位字母、数字的组合"));
string strPassr = Out.UBB(Utils.GetRequest("strPassr", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "确认密码应该是由6-15位字母、数字的组合"));
//检查是否重复
if (new BCW.BLL.Manage().ExistsUser(strUser))
{
Utils.Error("用户名" + strUser + "已存在", "");
}
if (strPass != strPassr)
{
Utils.Error("确认密码不正确", "");
}
BCW.Model.Manage model = new BCW.Model.Manage();
model.sUser = strUser;
model.sPwd = Utils.MD5(strPass);
model.sKeys = "";
model.sTime = DateTime.Now;
new BCW.BLL.Manage().Add(model);
int MaxId = new BCW.BLL.Manage().GetMaxId() - 1;
model.ID = MaxId;
model.sKeys = BCW.User.Users.SetUserKeys(MaxId, strUser, new Rand().RandNum(10));
model.sKeys = Utils.Mid(model.sKeys, 0, model.sKeys.Length - 4);
new BCW.BLL.Manage().UpdateKeys(model);
Utils.Success("添加帐号", "帐号添加成功..", Utils.getUrl("manage.aspx"), "1");
}
else
{
string strText = "*用户名/,*密码:/,*确认密码/,,";
string strName = "strUser,strPass,strPassr,act";
string strType = "text,password,password,hidden";
string strValu = "'''add";
string strEmpt = "false,false,false,";
string strIdea = "/用户名与密码必须是字母和数字的组合/";
string strOthe = "添加帐号|reset,manage.aspx,post,1,red|blue";
builder.Append(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe));
builder.Append(Out.Tab("<div class=\"hr\"></div>", Out.Hr()));
}
builder.Append(Out.Tab("<div>", ""));
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx") + "\">返回上一级</a><br />");
builder.Append(Out.Tab("</div><div class=\"title\"><a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>", "<a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>"));
builder.Append(Out.Tab("</div>", "<br />"));
}
private void GetDelUser()
{
Master.Title = "后台帐号删除";
//读取我的帐号
int aid = 0;
aid = int.Parse(Utils.GetRequest("aid", "all", 1, @"^[0-9]\d*$", "0"));
string info = Utils.GetRequest("info", "all", 1, "", "");
BCW.BLL.Manage bll = new BCW.BLL.Manage();
BCW.Model.Manage mymodel = bll.GetModel(BCW.User.Users.userId());
if (mymodel.ID != 1)
{
Utils.Error("以你的权限还不能删除帐号", "");
}
if (aid == 1)
{
Utils.Error("系统保留帐号不能删除", "");
}
if (info != "ok")
{
builder.Append(Out.Tab("<div class=\"title\">", ""));
builder.Append("确定删除此帐号吗<br />");
builder.Append(Out.Tab("</div>", ""));
builder.Append(Out.Tab("<div>", ""));
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?info=ok&act=del&aid=" + aid + "") + "\">确定删除</a><br />");
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx") + "\">先留着吧..</a>");
builder.Append(Out.Tab("</div>", "<br />"));
}
else
{
new BCW.BLL.Manage().Delete(aid);
Utils.Success("删除帐号", "删除修改成功..", Utils.getUrl("manage.aspx"), "1");
}
}
protected void Page_Load(object sender, EventArgs e)
{
string AdminPath = ConfigHelper.GetConfigString("AdminPath");
//后台管理员权限判断
int ManageId = new BCW.User.Manage().IsManageLogin();
if (ManageId == 0)
{
Response.Redirect("/" + AdminPath + "/login.aspx");
Response.End();
}
string PageUrl = Utils.getPageUrl().ToLower();
DataSet ds = new BCW.BLL.Manage().GetManageList("sTime,sUserIP", "ID=" + ManageId + "");
if (ds == null || ds.Tables[0].Rows.Count == 0)
{
Response.Redirect("/" + AdminPath + "/login.aspx");
Response.End();
}
else
{
////特殊功能限制
//if (Utils.GetTopDomain().Contains("kb288.net"))
//{
// if (PageUrl.Contains("/xml/") && !PageUrl.Contains("/xml/guess"))
// {
// if (!PageUrl.Contains("/xml/stkset.aspx") && !PageUrl.Contains("/xml/six49set.aspx"))
// {
// if (ManageId != 1 && ManageId != 3 && ManageId != 4 && ManageId != 5)
// {
// Utils.Error("权限不足", "");
// }
// }
// }
//}
//else
//{
// if (PageUrl.Contains("/xml/") && !PageUrl.Contains("/xml/guess"))
// {
// if (Utils.GetTopDomain().Contains("tuhao") || Utils.GetTopDomain().Contains("th"))
// {
// if (ManageId != 1 && ManageId != 2 && ManageId != 4 && ManageId != 13)
// {
// Utils.Error("权限不足", "");
// }
// }
// else
// {
// if (ManageId != 1 && ManageId != 9 && ManageId != 11)
// {
// Utils.Error("权限不足", "");
// }
// }
// }
//}
//if (PageUrl.Contains("/guess/") || PageUrl.Contains("/guessbc/"))
//{
// if (Utils.GetTopDomain().Contains("tuhao") || Utils.GetTopDomain().Contains("th"))
// {
// if (ManageId == 3 || ManageId == 12)
// {
// Utils.Error("权限不足", "");
// }
// }
//}
DateTime LoginTime = DateTime.Parse(ds.Tables[0].Rows[0]["sTime"].ToString());
string LoginUserIP = ds.Tables[0].Rows[0]["sUserIP"].ToString();
int lIp = Utils.ParseInt(ub.Get("SiteVerifyIP"));
int lTime = Utils.ParseInt(ub.Get("SiteLoginExpir"));
string UsIP = Utils.DelLastChar(Utils.GetUsIP(), ".");
string LoginUserIP2 = "";
try
{
LoginUserIP2 = Utils.DelLastChar(LoginUserIP, ".");
}
catch { }
if ((lTime > 0 && LoginTime.AddMinutes(lTime) < DateTime.Now) || (lIp > 0 && LoginUserIP2 != UsIP))
{
UsIP = Utils.DelLastChar(UsIP, ".");
if (UsIP != "121.14" && UsIP != "119.147" && UsIP != "182.16" && UsIP != "119.42")
{
new Out().head(Utils.ForWordType(_Title));
Response.Write(Out.Tab("<div class=\"title\">", ""));
if ((lTime > 0 && LoginTime.AddMinutes(lTime) < DateTime.Now))
{
Response.Write("登录超时,请重新登录");
}
else
{
Response.Write("您目前使用的网络IP与上次有明显不同(上次IP:" + LoginUserIP + "),请重新登录");
}
Response.Write(Out.Tab("</div>", ""));
string strText = "用户,密码";
string strName = "userName,userPass";
string strType = "text,password";
string strValu = "''";
string strEmpt = "false,false";
string strIdea = "/";
string strOthe = "登录后台|reset,/" + AdminPath + "/login.aspx,post,1,red|blue";
Response.Write(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe));
Response.Write(new Out().foot());
Response.End();
}
}
}
//二级管理限制
string ManIDS = "#" + ub.Get("SiteManIDS") + "#";
if (ManIDS.Contains("#" + ManageId + "#"))
{
bool IsPass = false;
string strUrl = "login.aspx,default.aspx,/man/,class.aspx,PK10set.aspx,classact.aspx,classok.aspx,book.aspx,forum.aspx,blacklist.aspx,moderator.aspx,mebook.aspx,thread.aspx,reply.aspx,group.aspx,chat.aspx";
string[] Temp = strUrl.Split(",".ToCharArray());
for (int i = 0; i < Temp.Length; i++)
{
if (PageUrl.Contains("" + Temp[i] + ""))
{
IsPass = true;
break;
}
}
if (!IsPass)
{
Utils.Error("权限不足", "");
}
}
string foot = string.Empty;
if (_IsFoot == true)
{
foot += Out.Tab("<div class=\"ft\">", "");
foot += "<a href=\"" + Utils.getUrl("/" + AdminPath + "/inter.aspx?backurl=" + Utils.PostPage(1) + "") + "\">[功能]</a>";
foot += "<a href=\"" + Utils.getUrl("/default.aspx") + "\">返回首页</a><br />";
foot += Out.Tab("</div>", "");
}
foot += "<!--Powered by kubao.cc " + ub.Get("SiteVersion") + " @author Light-->";
//头部
new Out().head(Utils.ForWordType("" + ub.Get("SiteName") + "-" + _Title));
//尾部
FootResult.Append(Utils.ForWordType(foot) + new Out().foot());
}
protected void Page_Load(object sender, EventArgs e)
{
Master.Title = "后台管理";
string ac = Utils.GetRequest("ac", "all", 1, "", "");
if (Utils.ToSChinese(ac) == "登录后台")
{
string userName = Utils.GetRequest("userName", "post", 2, @"^[A-Za-z0-9]+$", "请正确输入用户名");
string userPass = Utils.GetRequest("userPass", "post", 2, @"^[A-Za-z0-9]+$", "请正确输入密码");
BCW.Model.Manage model = new BCW.Model.Manage();
model.sUser = userName;
model.sPwd = Utils.MD5(userPass);
BCW.BLL.Manage bll = new BCW.BLL.Manage();
if (bll.GetManageRow(model) > 0)
{
BCW.Model.Manage modelManage = bll.GetModelByModel(model.sUser, model.sPwd);
builder.Append(Out.Tab("<div class=\"title\">", ""));
builder.Append("登录成功");
builder.Append(Out.Tab("</div>", "<br />"));
builder.Append(Out.Tab("<div>", ""));
builder.Append("上次登录:" + DT.DateDiff(DateTime.Now, Convert.ToDateTime(modelManage.sTime)) + "前");
string VE = ConfigHelper.GetConfigString("VE");
string SID = ConfigHelper.GetConfigString("SID");
builder.Append("<br /><a href=\"Default.aspx?" + VE + "=" + Utils.getstrVe() + "&" + SID + "=" + modelManage.sKeys + new Rand().RandNume(4) + "\">马上进入后台</a>");
//更新登录时间
modelManage.sTime = DateTime.Now;
bll.UpdateTimeIP(modelManage);
}
else
{
builder.Append(Out.Tab("<div class=\"title\">", ""));
builder.Append("登录失败");
builder.Append(Out.Tab("</div>", ""));
builder.Append(Out.Tab("<div>", "<br />"));
builder.Append("<a href=\"" + Utils.getUrl("login.aspx") + "\">返回继续</a>");
}
builder.Append(Out.Tab("</div>", ""));
}
else if (ac == "exit")
{
string AdminPath = ConfigHelper.GetConfigString("AdminPath");
//后台管理员权限判断
int ManageId = new BCW.User.Manage().IsManageLogin();
if (ManageId == 0)
{
Response.Redirect("/" + AdminPath + "/login.aspx");
Response.End();
}
//更新Keys
BCW.Model.Manage modelkeys = new BCW.Model.Manage();
modelkeys.ID = BCW.User.Users.GetIDByKeys(Utils.getstrU());
modelkeys.sKeys = BCW.User.Users.SetUserKeys(modelkeys.ID, "", new Rand().RandNum(10));
modelkeys.sKeys = Utils.Mid(modelkeys.sKeys, 0, modelkeys.sKeys.Length - 4);
new BCW.BLL.Manage().UpdateKeys(modelkeys);
builder.Append(Out.Tab("<div>", ""));
builder.Append("退出成功<br />");
builder.Append("<a href=\"" + Utils.getUrl("login.aspx") + "\">继续登录</a>");
builder.Append(Out.Tab("</div>", ""));
}
else
{
builder.Append(Out.Tab("<div class=\"title\">", ""));
builder.Append("欢迎您进入管理后台");
builder.Append(Out.Tab("</div>", ""));
string strText = "用户,密码";
string strName = "userName,userPass";
string strType = "text,password";
string strValu = "''";
string strEmpt = "false,false";
string strIdea = "/";
string strOthe = "登录后台|reset,login.aspx,post,0,red|blue";
builder.Append(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe));
}
}
private void GetUserList()
{
builder.Append(Out.Div("title", "帐号列表"));
builder.Append(Out.Tab("<div>", "<br />"));
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=add") + "\">添加帐号</a>");
builder.Append(Out.Tab("</div>", "<br />"));
int pageIndex;
int recordCount;
int pageSize = Convert.ToInt32(ub.Get("SiteListNo"));
string[] pageValUrl = { "act" };
pageIndex = Utils.ParseInt(Request.QueryString["page"]);
if (pageIndex == 0)
{
pageIndex = 1;
}
// 开始读取帐号
int ManageId = new BCW.User.Manage().IsManageLogin();
IList <BCW.Model.Manage> listManage = new BCW.BLL.Manage().GetManages(pageIndex, pageSize, out recordCount);
if (listManage.Count > 0)
{
int k = 1;
foreach (BCW.Model.Manage n in listManage)
{
if (k % 2 == 0)
{
builder.Append(Out.Tab("<div class=\"text\">", ""));
}
else
{
builder.Append(Out.Tab("<div>", ""));
}
if (ManageId == n.ID)
{
builder.AppendFormat("<a href=\"" + Utils.getUrl("manage.aspx?act=edit&aid={0}") + "\">[管理]>{1}({0}号)</a><br />上次登录:{2}", n.ID, n.sUser, n.sTime);
if (ManageId == 1)
{
builder.Append("<br />登录IP:" + n.sUserIP + "");
}
builder.Append("<br />");
}
else
{
if (ManageId == 1)
{
builder.AppendFormat("<a href=\"" + Utils.getUrl("manage.aspx?act=edit&aid={0}") + "\">[管理]>{1}({0}号)</a><br />上次登录:{2}", n.ID, n.sUser, n.sTime);
builder.Append("<br />登录IP:" + n.sUserIP + "");
builder.Append("<br />");
}
}
k++;
builder.Append(Out.Tab("</div>", ""));
}
// 分页
builder.Append(BasePage.MultiPage(pageIndex, pageSize, recordCount, Utils.getPageUrl(), pageValUrl, "page", 0));
}
else
{
builder.Append(Out.Div("text", "没有相关记录"));
builder.Append(Out.Tab("", "<br />"));
}
builder.Append(Out.Tab("<div class=\"hr\"></div>", Out.RHr()));
builder.Append(Out.Tab("<div>", ""));
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=edit") + "\">修改我的帐号</a><br />");
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=check") + "\">后台登录设置</a><br />");
builder.Append(Out.Tab("</div><div class=\"title\"><a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>", "<a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>"));
builder.Append(Out.Tab("</div>", "<br />"));
}
private void GetEditManage()
{
//读取我的帐号
BCW.BLL.Manage bll = new BCW.BLL.Manage();
BCW.Model.Manage mymodel = bll.GetModel(BCW.User.Users.userId());
int myaid = mymodel.ID;
string myaUser = mymodel.sUser;
int aid = 0;
string aUser = "";
aid = int.Parse(Utils.GetRequest("aid", "all", 1, @"^[0-9]\d*$", "0"));
if (aid == 0)
{
aid = myaid;
aUser = myaUser;
}
else
{
if (myaid != 1 && myaid != aid)
{
Utils.Error("以你的权限还不能修改他人帐号", "");
}
if (bll.GetModel(aid) == null)
{
Utils.Error("帐号不存在", "");
}
BCW.Model.Manage model = bll.GetModel(aid);
aid = model.ID;
aUser = model.sUser;
}
string ac = Utils.GetRequest("ac", "all", 1, "", "");
if (Utils.ToSChinese(ac) == "修改帐号")
{
string strUser = Utils.GetRequest("strUser", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "用户名应该是由6-15字母、数字的组合");
string strPass = Utils.GetRequest("strPass", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "密码应该是由6-15位字母、数字的组合");
string strPassr = Utils.GetRequest("strPassr", "post", 2, @"^[(A-Za-z0-9)]{6,15}$", "确认密码应该是由6-15位字母、数字的组合");
if (new BCW.BLL.Manage().ExistsUser(strUser, aid))
{
Utils.Error("用户名" + strUser + "已存在", "");
}
if (strPass != strPassr)
{
Utils.Error("确认密码不正确", "");
}
BCW.Model.Manage model = new BCW.Model.Manage();
model.sUser = strUser;
model.sPwd = Utils.MD5(strPass);
model.ID = aid;
new BCW.BLL.Manage().Update(model);
Utils.Success("修改帐号", "帐号修改成功..", Utils.getUrl("manage.aspx"), "1");
}
else
{
builder.Append(Out.Div("title", "管理:" + aUser + ""));
string strText = "*用户名/,*密码:/,*确认密码/,,";
string strName = "strUser,strPass,strPassr,aid,act";
string strType = "text,password,password,hidden,hidden";
string strValu = "'''" + aid + "'edit";
string strEmpt = "false,false,false,,";
string strIdea = "/用户名与密码必须是字母和数字的组合/";
string strOthe = "修改帐号|reset,manage.aspx,post,1,red|blue";
builder.Append(Out.wapform(strText, strName, strType, strValu, strEmpt, strIdea, strOthe));
}
builder.Append(Out.Tab("<div class=\"hr\"></div>", Out.Hr()));
builder.Append(Out.Tab("<div>", ""));
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx?act=del&aid=" + aid + "") + "\">删除帐号</a><br />");
builder.Append("<a href=\"" + Utils.getUrl("manage.aspx") + "\">返回上一级</a><br />");
builder.Append(Out.Tab("</div><div class=\"title\"><a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>", "<a href=\"" + Utils.getUrl("default.aspx") + "\">返回管理中心</a>"));
builder.Append(Out.Tab("</div>", "<br />"));
}
