fjy8018/VANTEN
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

修复所有权限问题

Browse Source
This commit is contained in:
FJY
2017-11-02 16:21:23 +08:00
parent bca76d88a6
commit ae46b5a98a
20 changed files with 60 additions and 296 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.settings/org.eclipse.core.resources.prefs Normal file
View File

@@ -0,0 +1,2 @@
eclipse.preferences.version=1
encoding//WebRoot/module/limits_check.jsp=UTF-8

72
WebRoot/JSPhandle/limits_check_delete.jsp
View File

@@ -1,72 +0,0 @@
<%@ page language="java" import="java.sql.*"
contentType="text/html;charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<%
request.setCharacterEncoding("utf-8");
boolean flag = false;
if (session.getAttribute("actualuser") == null) {
out.println(
"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录,请重新登录。');window.location.href='index.html'</script>");
return;
}
Object user0 = session.getAttribute("actualuser");
String users = (String) user0;
%>
<%
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
String use = "root";
String password = "";
Class.forName(driver);
try{
PreparedStatement sql = null;
ResultSet rs = null;
Connection conn = null;
conn = DriverManager.getConnection(url, use, password);
sql = conn.prepareStatement("select * from show_user where userName=? and Administrator=1");
sql.setString(1, users);
rs = sql.executeQuery();
if (rs.next()) {
flag = true;
}
rs.close();
sql.close();
conn.close();
} catch (Exception ex) {
ex.printStackTrace();
}
%>
<!-- 判断是否是管理员 -->
<%
if (flag == true) {
response.setHeader("refresh", "0;url=../delete_user.jsp");
} else if (flag == false) {
out.println("<script language=javascript>alert('你不是管理员,不能访问此版块')</script>");
response.setHeader("refresh", "1;url=../mainframe.jsp");
}
%>
</body>
</html>

71
WebRoot/JSPhandle/limits_check_manage.jsp
View File

@@ -1,71 +0,0 @@
<%@ page language="java" import="java.sql.*"
contentType="text/html;charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>My JSP 'check.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<%
request.setCharacterEncoding("utf-8");
boolean flag = false;
if (session.getAttribute("actualuser") == null) {
out.println(
"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录,请重新登录。');window.location.href='index.html'</script>");
return;
}
Object user0 = session.getAttribute("actualuser");
String users = (String) user0;
%>
<%
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
String use = "root";
String password = "";
Class.forName(driver);
try{
PreparedStatement sql = null;
ResultSet rs = null;
Connection conn = null;
conn = DriverManager.getConnection(url, use, password);
sql = conn.prepareStatement("select * from show_user where userName=? and Administrator=1");
sql.setString(1, users);
rs = sql.executeQuery();
if (rs.next()) {
flag = true;
}
rs.close();
sql.close();
conn.close();
} catch (Exception ex) {
ex.printStackTrace();
}
%>
<!-- 判断是否是管理员 -->
<%
if (flag == true) {
response.setHeader("refresh","0;url=../manage_user.jsp");
} else if (flag == false) {
out.println("<script language=javascript>alert('你不是管理员,不能访问此版块')</script>");
response.setHeader("refresh","1;url=../mainframe.jsp");
}
%>
</body>
</html>

72
WebRoot/JSPhandle/limits_check_show.jsp
View File

@@ -1,72 +0,0 @@
<%@ page language="java" import="java.sql.*"
contentType="text/html;charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<%
request.setCharacterEncoding("utf-8");
boolean flag = false;
if (session.getAttribute("actualuser") == null) {
out.println(
"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录,请重新登录。');window.location.href='index.html'</script>");
return;
}
Object user0 = session.getAttribute("actualuser");
String users = (String) user0;
%>
<%
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
String use = "root";
String password = "";
Class.forName(driver);
try{
PreparedStatement sql = null;
ResultSet rs = null;
Connection conn = null;
conn = DriverManager.getConnection(url, use, password);
sql = conn.prepareStatement("select * from show_user where userName=? and Administrator=1");
sql.setString(1, users);
rs = sql.executeQuery();
if (rs.next()) {
flag = true;
}
rs.close();
sql.close();
conn.close();
} catch (Exception ex) {
ex.printStackTrace();
}
%>
<!-- 判断是否是管理员 -->
<%
if (flag == true) {
response.setHeader("refresh","0;url=../show_user.jsp");
} else if (flag == false) {
out.println("<script language=javascript>alert('你不是管理员,不能访问此版块')</script>");
response.setHeader("refresh","1;url=../mainframe.jsp");
}
%>
</body>
</html>

72
WebRoot/JSPhandle/vipdownload_check_show.jsp
View File

@@ -1,72 +0,0 @@
<%@ page language="java" import="java.sql.*"
contentType="text/html;charset=utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title></title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<%
request.setCharacterEncoding("utf-8");
boolean flag = false;
if (session.getAttribute("actualuser") == null) {
out.println(
"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录,请重新登录。');window.location.href='index.html'</script>");
return;
}
Object user0 = session.getAttribute("actualuser");
String users = (String) user0;
%>
<%
String driver = "com.mysql.jdbc.Driver";
String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
String use = "root";
String password = "";
Class.forName(driver);
try{
PreparedStatement sql = null;
ResultSet rs = null;
Connection conn = null;
conn = DriverManager.getConnection(url, use, password);
sql = conn.prepareStatement("select * from show_user where userName=? and VIP=1");
sql.setString(1, users);
rs = sql.executeQuery();
if (rs.next()) {
flag = true;
}
rs.close();
sql.close();
conn.close();
} catch (Exception ex) {
ex.printStackTrace();
}
%>
<!-- 判断是否是管理员 -->
<%
if (flag == true) {
response.setHeader("refresh","0;url=../x2_resource.jsp");
} else if (flag == false) {
out.println("<script language=javascript>alert('你不是VIP不能访问此版块')</script>");
response.setHeader("refresh","1;url=../mainframe.jsp");
}
%>
</body>
</html>

3
WebRoot/add_admin.jsp
View File

@@ -17,6 +17,9 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/add_adminjob.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp" %>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/change_admin.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/change_user.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/delete_admin.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/delete_job.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/delete_user.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

1
WebRoot/edit_admin.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
boolean flag = false;

1
WebRoot/edit_user.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
boolean flag = false;

1
WebRoot/manage_user.jsp
View File

@@ -17,6 +17,7 @@
</head>
<body>
<%@ include file="/module/top.jsp"%>
<%@ include file="/module/limits_check.jsp"%>
<div class="container">
<%
if (session.getAttribute("actualuser") == null) {

19
WebRoot/module/limits_check.jsp Normal file
View File

@@ -0,0 +1,19 @@
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!-- 判断是否是管理员 -->
<%
Object LimitsName = "管理员";
if (!adminuser.equals("管理员")) {/* 已在top.jsp中声明此处报错正常 */
out.println("<script language=javascript>alert('你不是管理员,不能访问此版块');window.location.href='mainframe.jsp'</script>");
/* out.println(adminuser); */
return;
} else {
/* out.println(adminuser); */ /* 已在top.jsp中声明此处报错正常 */
}
Object user0 = session.getAttribute("actualuser");
/* out.println("欢迎"+user0);//输出当前session用户 */
%>

18
WebRoot/module/limits_check_vip.jsp Normal file
View File

@@ -0,0 +1,18 @@
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
+ path + "/";
%>
<!-- 判断是否是管理员 -->
<%
if (!adminuser.equals("VIP用户")) {/* 已在top.jsp中声明此处报错正常 */
out.println(
"<script language=javascript>alert('你不是VIP用户不能访问此版块');window.location.href='mainframe.jsp'</script>");
return;
} else {
out.println(adminuser);/* 已在top.jsp中声明此处报错正常 */
}
Object user0 = session.getAttribute("actualuser");
/* out.println("欢迎"+user0);//输出当前session用户 */
%>

6
WebRoot/module/sidebar.jsp
View File

@@ -56,14 +56,14 @@
</ul>
<ul class="nav nav-sidebar text-center">
<h3>用户管理</h3>
<li><a href="JSPhandle/limits_check_manage.jsp">修改用户</a></li>
<li><a href="JSPhandle/limits_check_show.jsp">查看用户</a></li>
<li><a href="manage_user.jsp">管理用户</a></li>
<li><a href="show_user.jsp">查看用户</a></li>
</ul>
<ul class="nav nav-sidebar text-center">
<h3>云服务</h3>
<li><a href="chartroom/login.jsp">聊天室</a></li>
<li><a href="index.jsp">论坛</a></li>
<li><a href="JSPhandle/vipdownload_check_show.jsp">信2资源站维护中</a></li>
<li><a href="x2_resource.jsp">信2资源站维护中</a></li>
</ul>
</div>
<script src="../js/jquery-1.11.2.min.js" type="text/javascript"></script>

6
WebRoot/module/top.jsp
View File

@@ -56,8 +56,8 @@
data-toggle="dropdown" role="button" aria-expanded="false">用户管理<span
class="caret"></span></a>
<ul class="dropdown-menu" role="menu">
<li><a href="JSPhandle/limits_check_manage.jsp">管理用户</a></li>
<li><a href="JSPhandle/limits_check_show.jsp">查看用户</a></li>
<li><a href="manage_user.jsp">管理用户</a></li>
<li><a href="show_user.jsp">查看用户</a></li>
</ul></li>
<li class="dropdown"><a href="#" class="dropdown-toggle"
data-toggle="dropdown" role="button" aria-expanded="false">云服务<span
@@ -65,7 +65,7 @@
<ul class="dropdown-menu" role="menu">
<li><a href="chartroom/login.jsp">聊天室</a></li>
<li><a href="index.jsp">论坛</a></li>
<li><a href="JSPhandle/vipdownload_check_show.jsp">信2资源站维护中</a></li>
<li><a href="x2_resource.jsp">信2资源站维护中</a></li>
</ul></li>
<li class="divider"></li>
</ul>

6
WebRoot/show_user.jsp
View File

@@ -88,13 +88,13 @@
%>
</table>
</div>
<div class="admin_btn pull-right"><a href="add_adminjob.jsp">
<div class="admin_btn pull-right"><a href="#">
<button type="button" class="btn btn-primary">查询</button>
</a>
<a href="JSPhandle/limits_check_manage.jsp">
<a href="manage_user.jsp">
<button type="button" class="btn btn-success">修改</button>
</a>
<a href="JSPhandle/limits_check_delete.jsp">
<a href="delete_user.jsp">
<button type="button" class="btn btn-danger">删除</button>
</a>
</div>