修复所有权限问题

2017-11-02 16:21:23 +08:00
parent bca76d88a6
commit ae46b5a98a
20 changed files with 60 additions and 296 deletions
--- a/.settings/org.eclipse.core.resources.prefs
+++ b/.settings/org.eclipse.core.resources.prefs
@@ -0,0 +1,2 @@
 eclipse.preferences.version=1
 encoding//WebRoot/module/limits_check.jsp=UTF-8
--- a/WebRoot/JSPhandle/limits_check_delete.jsp
+++ b/WebRoot/JSPhandle/limits_check_delete.jsp
@@ -1,72 +0,0 @@
 <%@ page language="java" import="java.sql.*"
 	contentType="text/html;charset=utf-8"%>
 <%
 	String path = request.getContextPath();
 	String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
 			+ path + "/";
 %>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <head>
 <base href="<%=basePath%>">
 <title></title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0">
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--  
    <link rel="stylesheet" type="text/css" href="styles.css">  
    -->
 </head>
 <body>
 	<%
 		request.setCharacterEncoding("utf-8");
 		boolean flag = false;
 		if (session.getAttribute("actualuser") == null) {
 			out.println(
 					"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录，请重新登录。');window.location.href='index.html'</script>");
 			return;
 		}
 		Object user0 = session.getAttribute("actualuser");
 		String users = (String) user0;
 	%>
 	<%
 		String driver = "com.mysql.jdbc.Driver";
 		String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
 		String use = "root";
 		String password = "";
 		Class.forName(driver);
 		try{
 		PreparedStatement sql = null;
 		ResultSet rs = null;
 		Connection conn = null;
 		conn = DriverManager.getConnection(url, use, password);
 		sql = conn.prepareStatement("select * from show_user where userName=? and Administrator=1");
 		sql.setString(1, users);
 		rs = sql.executeQuery();
 			if (rs.next()) {
 				flag = true;
 			}
 		rs.close();
 		sql.close();
 		conn.close();
 		} catch (Exception ex) {
 			ex.printStackTrace();
 		}
 	%>
 	<!-- 判断是否是管理员 -->
 	<%
 		if (flag == true) {
 			response.setHeader("refresh", "0;url=../delete_user.jsp");
 		} else if (flag == false) {
 			out.println("<script language=javascript>alert('你不是管理员，不能访问此版块')</script>");
 			response.setHeader("refresh", "1;url=../mainframe.jsp");
 		}
 	%>
 </body>
 </html>
--- a/WebRoot/JSPhandle/limits_check_manage.jsp
+++ b/WebRoot/JSPhandle/limits_check_manage.jsp
@@ -1,71 +0,0 @@
 <%@ page language="java" import="java.sql.*"
 	contentType="text/html;charset=utf-8"%>
 <%
 	String path = request.getContextPath();
 	String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
 			+ path + "/";
 %>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <head>
 <base href="<%=basePath%>">
 <title>My JSP 'check.jsp' starting page</title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0">
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--  
    <link rel="stylesheet" type="text/css" href="styles.css">  
    -->
 </head>
 <body>
 	<%
 		request.setCharacterEncoding("utf-8");
 		boolean flag = false;
 		if (session.getAttribute("actualuser") == null) {
 			out.println(
 					"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录，请重新登录。');window.location.href='index.html'</script>");
 			return;
 		}
 		Object user0 = session.getAttribute("actualuser");
 		String users = (String) user0;
 	%>
 	<%
 		String driver = "com.mysql.jdbc.Driver";
 		String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
 		String use = "root";
 		String password = "";
 		Class.forName(driver);
 		try{
 		PreparedStatement sql = null;
 		ResultSet rs = null;
 		Connection conn = null;
 		conn = DriverManager.getConnection(url, use, password);
 		sql = conn.prepareStatement("select * from show_user where userName=? and Administrator=1");
 		sql.setString(1, users);
 		rs = sql.executeQuery();
 		if (rs.next()) {
 			flag = true;
 		}
 		rs.close();
 		sql.close();
 		conn.close();
 		} catch (Exception ex) {
 			ex.printStackTrace();
 		}
 	%>
 	<!-- 判断是否是管理员 -->
 	<%
 		if (flag == true) {
 			response.setHeader("refresh","0;url=../manage_user.jsp");  
 		} else if (flag == false) {
 			out.println("<script language=javascript>alert('你不是管理员，不能访问此版块')</script>");
 		 response.setHeader("refresh","1;url=../mainframe.jsp");  
 		}
 	%>
 </body>
 </html>
--- a/WebRoot/JSPhandle/limits_check_show.jsp
+++ b/WebRoot/JSPhandle/limits_check_show.jsp
@@ -1,72 +0,0 @@
 <%@ page language="java" import="java.sql.*"
 	contentType="text/html;charset=utf-8"%>
 <%
 	String path = request.getContextPath();
 	String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
 			+ path + "/";
 %>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <head>
 <base href="<%=basePath%>">
 <title></title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0">
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--  
    <link rel="stylesheet" type="text/css" href="styles.css">  
    -->
 </head>
 <body>
 	<%
 		request.setCharacterEncoding("utf-8");
 		boolean flag = false;
 		if (session.getAttribute("actualuser") == null) {
 			out.println(
 					"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录，请重新登录。');window.location.href='index.html'</script>");
 			return;
 		}
 		Object user0 = session.getAttribute("actualuser");
 		String users = (String) user0;
 	%>
 	<%
 		String driver = "com.mysql.jdbc.Driver";
 		String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
 		String use = "root";
 		String password = "";
 		Class.forName(driver);
 		try{
 		PreparedStatement sql = null;
 		ResultSet rs = null;
 		Connection conn = null;
 		conn = DriverManager.getConnection(url, use, password);
 		sql = conn.prepareStatement("select * from show_user where userName=? and Administrator=1");
 		sql.setString(1, users);
 		rs = sql.executeQuery();
 		if (rs.next()) {
 			flag = true;
 		}
 		rs.close();
 		sql.close();
 		conn.close();
 		} catch (Exception ex) {
 			ex.printStackTrace();
 		}
 	%>
 	<!-- 判断是否是管理员 -->
 	<%
 		if (flag == true) {
 			response.setHeader("refresh","0;url=../show_user.jsp");  
 		} else if (flag == false) {
 			out.println("<script language=javascript>alert('你不是管理员，不能访问此版块')</script>");
 		 response.setHeader("refresh","1;url=../mainframe.jsp");  
 		}
 	%>
 </body>
 </html>
--- a/WebRoot/JSPhandle/vipdownload_check_show.jsp
+++ b/WebRoot/JSPhandle/vipdownload_check_show.jsp
@@ -1,72 +0,0 @@
 <%@ page language="java" import="java.sql.*"
 	contentType="text/html;charset=utf-8"%>
 <%
 	String path = request.getContextPath();
 	String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
 			+ path + "/";
 %>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>
 <head>
 <base href="<%=basePath%>">
 <title></title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0">
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--  
    <link rel="stylesheet" type="text/css" href="styles.css">  
    -->
 </head>
 <body>
 	<%
 		request.setCharacterEncoding("utf-8");
 		boolean flag = false;
 		if (session.getAttribute("actualuser") == null) {
 			out.println(
 					"<script language=javascript>alert('登录超时 (1440 秒未活动)或未登录，请重新登录。');window.location.href='index.html'</script>");
 			return;
 		}
 		Object user0 = session.getAttribute("actualuser");
 		String users = (String) user0;
 	%>
 	<%
 		String driver = "com.mysql.jdbc.Driver";
 		String url = "jdbc:mysql://localhost:3306/db_school?useUnicode=true&characterEncoding=utf-8";
 		String use = "root";
 		String password = "";
 		Class.forName(driver);
 		try{
 		PreparedStatement sql = null;
 		ResultSet rs = null;
 		Connection conn = null;
 		conn = DriverManager.getConnection(url, use, password);
 		sql = conn.prepareStatement("select * from show_user where userName=? and VIP=1");
 		sql.setString(1, users);
 		rs = sql.executeQuery();
 		if (rs.next()) {
 			flag = true;
 		}
 		rs.close();
 		sql.close();
 		conn.close();
 		} catch (Exception ex) {
 			ex.printStackTrace();
 		}
 	%>
 	<!-- 判断是否是管理员 -->
 	<%
 		if (flag == true) {
 			response.setHeader("refresh","0;url=../x2_resource.jsp");  
 		} else if (flag == false) {
 			out.println("<script language=javascript>alert('你不是VIP，不能访问此版块')</script>");
 		 response.setHeader("refresh","1;url=../mainframe.jsp");  
 		}
 	%>
 </body>
 </html>
--- a/WebRoot/add_admin.jsp
+++ b/WebRoot/add_admin.jsp
@@ -17,6 +17,9 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 <%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/add_adminjob.jsp
+++ b/WebRoot/add_adminjob.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp" %>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/change_admin.jsp
+++ b/WebRoot/change_admin.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/change_user.jsp
+++ b/WebRoot/change_user.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/delete_admin.jsp
+++ b/WebRoot/delete_admin.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/delete_job.jsp
+++ b/WebRoot/delete_job.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/delete_user.jsp
+++ b/WebRoot/delete_user.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/edit_admin.jsp
+++ b/WebRoot/edit_admin.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			boolean flag = false;
--- a/WebRoot/edit_user.jsp
+++ b/WebRoot/edit_user.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			boolean flag = false;
--- a/WebRoot/manage_user.jsp
+++ b/WebRoot/manage_user.jsp
@@ -17,6 +17,7 @@
 </head>
 <body>
 	<%@ include file="/module/top.jsp"%>
 	<%@ include file="/module/limits_check.jsp"%>
 	<div class="container">
 		<%
 			if (session.getAttribute("actualuser") == null) {
--- a/WebRoot/module/limits_check.jsp
+++ b/WebRoot/module/limits_check.jsp
@@ -0,0 +1,19 @@
 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
 <%
 	String path = request.getContextPath();
 	String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
 			+ path + "/";
 %>
 <!-- 判断是否是管理员 -->
 <%
 Object LimitsName = "管理员";
 	if (!adminuser.equals("管理员")) {/* 已在top.jsp中声明，此处报错正常 */
 		out.println("<script language=javascript>alert('你不是管理员，不能访问此版块');window.location.href='mainframe.jsp'</script>");
 /* 		out.println(adminuser); */
 		return; 
 	} else {
 		/*  out.println(adminuser); */ /* 已在top.jsp中声明，此处报错正常 */
 	}
 	Object user0 = session.getAttribute("actualuser");
 	/* out.println("欢迎"+user0);//输出当前session用户  */
 %>
--- a/WebRoot/module/limits_check_vip.jsp
+++ b/WebRoot/module/limits_check_vip.jsp
@@ -0,0 +1,18 @@
 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
 <%
 	String path = request.getContextPath();
 	String basePath = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort()
 			+ path + "/";
 %>
 <!-- 判断是否是管理员 -->
 <%
 	if (!adminuser.equals("VIP用户")) {/* 已在top.jsp中声明，此处报错正常 */
 		out.println(
 				"<script language=javascript>alert('你不是VIP用户，不能访问此版块');window.location.href='mainframe.jsp'</script>");
 		return;
 	} else {
 		out.println(adminuser);/* 已在top.jsp中声明，此处报错正常 */ 
 	}
 	Object user0 = session.getAttribute("actualuser");
 	/* out.println("欢迎"+user0);//输出当前session用户  */
 %>
--- a/WebRoot/module/sidebar.jsp
+++ b/WebRoot/module/sidebar.jsp
@@ -56,14 +56,14 @@
 		</ul>
 		<ul class="nav nav-sidebar text-center">
 			<h3>用户管理</h3>
-			<li><a href="JSPhandle/limits_check_manage.jsp">修改用户</a></li>
+			<li><a href="manage_user.jsp">管理用户</a></li>
-			<li><a href="JSPhandle/limits_check_show.jsp">查看用户</a></li>
+			<li><a href="show_user.jsp">查看用户</a></li>
 		</ul>
 		<ul class="nav nav-sidebar text-center">
 			<h3>云服务</h3>
 			<li><a href="chartroom/login.jsp">聊天室</a></li>
 			<li><a href="index.jsp">论坛</a></li>
-			<li><a href="JSPhandle/vipdownload_check_show.jsp">信2资源站（维护中）</a></li>
+			<li><a href="x2_resource.jsp">信2资源站（维护中）</a></li>
 		</ul>
 	</div>
 	<script src="../js/jquery-1.11.2.min.js" type="text/javascript"></script>
--- a/WebRoot/module/top.jsp
+++ b/WebRoot/module/top.jsp
@@ -56,8 +56,8 @@
 						data-toggle="dropdown" role="button" aria-expanded="false">用户管理<span
 							class="caret"></span></a>
 						<ul class="dropdown-menu" role="menu">
-							<li><a href="JSPhandle/limits_check_manage.jsp">管理用户</a></li>
+							<li><a href="manage_user.jsp">管理用户</a></li>
-							<li><a href="JSPhandle/limits_check_show.jsp">查看用户</a></li>
+							<li><a href="show_user.jsp">查看用户</a></li>
 						</ul></li>
 						<li class="dropdown"><a href="#" class="dropdown-toggle"
 						data-toggle="dropdown" role="button" aria-expanded="false">云服务<span
@@ -65,7 +65,7 @@
 						<ul class="dropdown-menu" role="menu">
 							<li><a href="chartroom/login.jsp">聊天室</a></li>
 							<li><a href="index.jsp">论坛</a></li>
-							<li><a href="JSPhandle/vipdownload_check_show.jsp">信2资源站（维护中）</a></li>
+							<li><a href="x2_resource.jsp">信2资源站（维护中）</a></li>
 						</ul></li>
 					<li class="divider"></li>
 				</ul>
--- a/WebRoot/show_user.jsp
+++ b/WebRoot/show_user.jsp
@@ -88,13 +88,13 @@
 								%>
 							</table>
 						</div>
-						<div class="admin_btn pull-right"><a href="add_adminjob.jsp">
+						<div class="admin_btn pull-right"><a href="#">
 								<button type="button" class="btn btn-primary">查询</button>
 							</a>
-							<a href="JSPhandle/limits_check_manage.jsp">
+							<a href="manage_user.jsp">
 								<button type="button" class="btn btn-success">修改</button>
 							</a> 
-							<a href="JSPhandle/limits_check_delete.jsp">
+							<a href="delete_user.jsp">
 								<button type="button" class="btn btn-danger">删除</button>
 							</a> 
 						</div>
		`@@ -0,0 +1,2 @@`
							`eclipse.preferences.version=1`
							`encoding//WebRoot/module/limits_check.jsp=UTF-8`