feat(派单模块): 添加敏感信息隐藏功能

wanglizhong

2025-06-24 a51d070d364b0da8e5f8ea9203a6e50c8b4c0af3

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%> 
<%Session.CodePage=65001%> 
<!--#include virtual="/inc/chkadmin.gds"--> 
<!--#include virtual="/inc/function.gds"--> 
<% 
userID=trim(Request("userID")) 
If isDepartment("060102")=1 Then departmentName=trim(Request("departmentName")) 
C_ModuleID=trim(request("ModuleID")) 
if userID="" and departmentName="" then response.redirect "/" 
 
'各种返回信息 
SystemMessageType=trim(Request("SystemMessageType")) 
SMT=trim(Request("SMT")) 
if SystemMessageType<>"" then 
  if SMT="1" then 
    SystemMessageTXT="用户权限修改完成!!" 
  ElseIf SMT="2" then 
    SystemMessageTXT="请输入正确的员工ID" 
  end if 
end if 
 
Set rs = Server.CreateObject("ADODB.Recordset") 
If departmentName<>"" Then 
  sql="select OA_User_ID,OA_User,OA_Name,OA_Power,OA_execLevel from OA_User where OA_execLevel=4 and OA_User='"&departmentName&"_部门'" 
   
else 
  sql="select OA_User_ID,OA_User,OA_Name,OA_Power,OA_execLevel from OA_User where OA_User_ID="&userID 
  ReturnURL="AdminUser.gds?userID="&userID 
End if 
  rs.open sql,objConn,1,1 
  if rs.Eof then response.redirect "/AdminUser.gds" 
  userID    = rs("OA_User_ID") 
  OA_User_ID= rs("OA_User_ID") 
  OA_User    = rs("OA_User") 
  OA_Name    = rs("OA_Name") 
  OA_Power    = rs("OA_Power") 
  OA_execLevel    = rs("OA_execLevel") 
  rs.close() 
  TitleTXT=OA_Name&"&nbsp;&nbsp;账号" 
 
  '权限证验 
  if (isDepartment("060204")=1 and OA_execLevel<>"4") or (isDepartment("060102")=1 and OA_execLevel="4") Or session("admin_execLevel")="2" then 
  else 
    response.redirect "/" 
  end if 
  URLId="&userID="&userID 
  If OA_execLevel="4" then 
    ReturnURL="AdminUser_Department.gds" 
  else 
    ReturnURL="AdminUser.gds?userID="&userID 
  End if 
   
 
 
%> 
 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
    <head> 
        <title><%=LindemanAdmin%></title> 
        <!--#include virtual="/inc/ccs.gds"--> 
    </head> 
    <body onkeydown="xKeyEvent(event)"> 
        <!--#INCLUDE FILE="menu_header.gds" --> 
        <!-- content --> 
        <div id="content"> 
            <!--#INCLUDE FILE="AdminUser_menu_left.gds" --> 
            <!-- content / right --> 
            <div id="right"> 
                <!-- messages --> 
                <!-- forms --> 
                <div class="box"> 
                    <!-- box / title --> 
                    <div class="title"> 
                        <h5><%=TitleTXT%>权限管理&nbsp;&nbsp; 
                         
                        </h5> 
                         
                        <ul class="links"> 
                            <li><a href="?1=1<%=URLId%>">账号功能</a></li> 
                            <% 
                            sql="select ModuleID,ModuleName from OA_Module where ModuleLevel=1 order by id" 
                            rs.open sql,objConn,1,1 
                            do while not rs.Eof 
                            B_ModuleID=rs("ModuleID") 
                            B_ModuleName=rs("ModuleName") 
                            %> 
                            <li><a href="?ModuleID=<%=B_ModuleID%><%=URLId%>"><%=B_ModuleName%></a></li> 
                            <%rs.movenext 
                            loop 
                            rs.close()%> 
                            <li><a href="/AdminUser.gds?userID=<%=OA_User_ID%>">返回</a></li> 
                        </ul> 
                    </div> 
                    <!-- end box / title --> 
 
<% 
if C_ModuleID<>"" Then 
'权限管理 
            sql="select ModuleID,ModuleName from OA_Module where left(ModuleID,2)='"&C_ModuleID&"' and ModuleLevel=2 order by id" 
            rs.open sql,objConn,1,1 
            if rs.eof then 
            SystemMessageType=2 
            SystemMessageTXT="数据库中相关无数据！" 
            end if 
            do while not rs.Eof 
            FModuleID    = FModuleID&","&rs("ModuleID") 
            FModuleName    = FModuleName&","&rs("ModuleName") 
            rs.movenext 
            loop 
            FModuleID=SPLIT(FModuleID,",") 
            FModuleName=SPLIT(FModuleName,",") 
            rs.close() 
            %> 
 
                    <!--#include virtual="/inc/SystemMessages.gds" --> 
                    <div class="table"> 
                        <table> 
                            <thead> 
                                <tr> 
                                    <th class="left">功能模块1</th> 
                                    <th>功能权限</th> 
                                    <th class="last">功能描述</th> 
                                </tr> 
                            </thead> 
                            <tbody> 
    <form name="form1" method="post" action="admin_save.gds"> 
      <input name="admin_save" type="hidden" value="8"> 
      <input name="userID" type="hidden" value="<%=userID%>"> 
      <input name="A_ModuleID" type="hidden" value="<%=C_ModuleID%>"> 
      <input name="OA_Power" type="hidden" value="<%=OA_Power%>"> 
    <% 
    for i = 1 to UBOUND(FModuleID) 
    sql="select ModuleID,ModuleName,ModuleReadme from OA_Module where left(ModuleID,4)='"&FModuleID(i)&"' and ModuleLevel=3 order by id" 
    rs.open sql,objConn,1,1 
    j=1 
    do while not rs.Eof 
    ModuleID    = rs("ModuleID") 
    ModuleName    = rs("ModuleName") 
    ModuleReadme    = rs("ModuleReadme") 
 
    if j=1 then 
    FName=FModuleName(i) 
    else 
    FName="" 
    end if 
    %> 
      <tr> 
        <td class="category"><%=FName%></td> 
        <td class="T20" style="text-align: left;"><input name="ModuleID" type="checkbox" value="<%=ModuleID%>" id="col<%=i%>"<%if InStr(OA_Power,","&ModuleID&",")>0 then Response.Write " checked"%>> 
          <%=ModuleName%></td> 
        <td class="T20 last"><%=ModuleReadme%></td> 
      </tr> 
    <%j=j+1 
      rs.movenext 
      loop 
      rs.close() 
    next%> 
    <tr> 
        <td>&nbsp;</td> 
        <td><input type="submit" name="submit" value="提交" class="ui-button ui-widget ui-state-default ui-corner-all" role="button" aria-disabled="false"></td> 
        <td class="last">&nbsp;</td> 
    </tr> 
    </form> 
                            <%if i<18 then 
                            for j=i to 18%> 
                            <tr> 
                                <td>&nbsp;</td> 
                                <td>&nbsp;</td> 
                                <td class="last">&nbsp;</td> 
                            </tr> 
                            <%next 
                            end if%> 
                            </tbody> 
                        </table> 
                    </div> 
<%Else 
'管理查看 
            sql="select ModuleID,ModuleName from OA_Module where ModuleLevel=2 order by id" 
            rs.open sql,objConn,1,1 
            if rs.eof then 
            SystemMessageType=2 
            SystemMessageTXT="数据库中相关无数据！" 
            end if 
            do while not rs.Eof 
            FModuleID    = FModuleID&","&rs("ModuleID") 
            FModuleName    = FModuleName&","&rs("ModuleName") 
            rs.movenext 
            loop 
            FModuleID=SPLIT(FModuleID,",") 
            FModuleName=SPLIT(FModuleName,",") 
            rs.close() 
            %> 
 
                    <!--#include virtual="/inc/SystemMessages.gds" --> 
                    <form action="admin_save.gds" method="post"> 
                        <input name="admin_save" type="hidden" value="8_1"> 
                        <input name="userID" type="hidden" value="<%=userID%>"> 
                        <div style="padding: 0 20px;font-size: 13px;">员工ID:<input type="text" id="OldOAID" name="OldOAID" value="" style="width: 40px;">&nbsp;&nbsp;<input type="submit" name="submit" value="权限导入"><span>&nbsp;(注意:员工权限会被完全替换)</span></div> 
                    </form> 
                    <div class="table"> 
                        <table> 
                            <thead> 
                                <tr> 
                                    <th class="left">功能模块</th> 
                                    <th>功能权限</th> 
                                    <th class="last">功能描述</th> 
                                </tr> 
                            </thead> 
                            <tbody> 
                            <% 
                            for i = 1 to UBOUND(FModuleID) 
                            sql="select ModuleID,ModuleName,ModuleReadme from OA_Module where left(ModuleID,4)='"&FModuleID(i)&"' and ModuleLevel=3 order by id" 
                            rs.open sql,objConn,1,1 
                            j=1 
                            do while not rs.Eof 
                            ModuleID    = rs("ModuleID") 
                            ModuleName    = rs("ModuleName") 
                            ModuleReadme    = rs("ModuleReadme") 
                             
                            If InStr(OA_Power,","&ModuleID&",")>0 then 
                            if j=1 then 
                            FName=FModuleName(i) 
                            else 
                            FName="" 
                            end if 
                            %> 
                              <tr> 
                                <td class="category"><%=FName%></td> 
                                <td class="T20" style="text-align: left;"><%=ModuleName%></td> 
                                <td class="T20 last"><%=ModuleReadme%></td> 
                              </tr> 
                            <%j=j+1 
                            End if 
                              rs.movenext 
                              loop 
                              rs.close() 
                            next%> 
                            <%if i<8 then 
                            for j=i to 8%> 
                            <tr> 
                                <td>&nbsp;</td> 
                                <td>&nbsp;</td> 
                                <td class="last">&nbsp;</td> 
                            </tr> 
                            <%next 
                            end if%> 
                            </tbody> 
                        </table> 
                    </div> 
 
<%end if%> 
 
                </div> 
                <!-- end forms -->     
            </div> 
            <!-- end content / right --> 
        </div> 
        <!-- end content --> 
        <!--#include FILE="vicgame.asp"--> 
    </body> 
</html>