<!--#include FILE="odbc.asp"-->
|
<%
|
|
if session("adminID")="" Then
|
adminID=SafeRequest(Request("adminID"))
|
Response.Cookies("CAMEName")=admin
|
Response.Cookies("CAMEName").Expires=Date+30
|
Set adminrs = Server.CreateObject("ADODB.Recordset")
|
sql="select * from OA_User where OA_User_ID="&adminID
|
adminrs.open sql,objConn,1,1
|
|
if not adminrs.eof then
|
OA_Power=adminrs("OA_Power")
|
If isnull(OA_Power) Then OA_Power=""
|
admin_Power=OA_Power
|
If isDepartment("010103")=0 And session("adminID")="" Then
|
Set IPrs = Server.CreateObject("ADODB.Recordset")
|
sql="select vID from dictionary where vtitle='IPWhite' and vType=1 and vtext='"&Request.ServerVariables("REMOTE_ADDR")&"'"
|
IPrs.open sql,objConn,1,1
|
if IPrs.eof Then
|
'默认同意外部IP登陆
|
session("adminID")=adminrs("OA_User_ID")
|
Call OA_Running("用户外部IP登陆")
|
|
'Call OA_Running("用户外部IP登陆被禁止")
|
'response.redirect "/login.gds?LoginError=禁止外部登陆,如有需要请联系IT部"
|
'Response.End
|
End If
|
IPrs.close()
|
End If
|
If isDepartment("020114")=1 Then '查看全部订单权限
|
Set IPrs = Server.CreateObject("ADODB.Recordset")
|
sql="select stuff((select ','+vOrder2 from dictionary where vtitle='OrderClass' and vType>0 for xml path('')),1,1,'')"
|
IPrs.open sql,objConn,1,1
|
If not IPrs.eof Then
|
OA_OrderClass=IPrs(0)
|
End If
|
IPrs.close()
|
Else
|
OA_OrderClass=adminrs("OA_OrderClass")
|
End If
|
|
session("admin")=adminrs("OA_User")
|
session("adminID")=adminrs("OA_User_ID")
|
session("adminName")=adminrs("OA_Name")
|
session("adminDepartmentID")=adminrs("OA_DepartmentID")
|
session("admin_Power")=OA_Power
|
session("admin_execLevel")=adminrs("OA_execLevel")
|
session("admin_OrderClass")=OA_OrderClass
|
session.Timeout=60
|
|
Response.Cookies("CAME")("admin")=adminrs("OA_User")
|
Response.Cookies("CAME")("adminID")=adminrs("OA_User_ID")
|
Response.Cookies("CAME")("adminName")=adminrs("OA_Name")
|
Response.Cookies("CAME")("adminDepartmentID")=adminrs("OA_DepartmentID")
|
Response.Cookies("CAME")("admin_Power")="|,"&OA_Power
|
Response.Cookies("CAME")("admin_execLevel")=adminrs("OA_execLevel")
|
Response.Cookies("CAME")("admin_OrderClass")=OA_OrderClass
|
Response.Cookies("CAME").Expires=DateAdd("h",8,now())
|
|
|
end if
|
adminrs.close()
|
end If
|
|
|
|
|
|
'权限载入
|
admin_Power=session("admin_Power")
|
admin_OrderClass=session("admin_OrderClass")
|
admin_OrderClass=Replace(admin_OrderClass," ","")
|
OrdClassListSql=Replace(admin_OrderClass,",","','")
|
OrdClassInt = ubound(SPLIT(OrdClassListSql,"','"))
|
|
Function URLEncoding(vstrIn)
|
strReturn = ""
|
For i = 1 To Len(vstrIn)
|
ThisChr = Mid(vStrIn,i,1)
|
If Abs(Asc(ThisChr)) < &HFF Then
|
strReturn = strReturn & ThisChr
|
Else
|
innerCode = Asc(ThisChr)
|
If innerCode < 0 Then
|
innerCode = innerCode + &H10000
|
End If
|
Hight8 = (innerCode And &HFF00)\ &HFF
|
Low8 = innerCode And &HFF
|
strReturn = strReturn & "%" & Hex(Hight8) & "%" & Hex(Low8)
|
End If
|
Next
|
URLEncoding = strReturn
|
End Function
|
|
'POST方式提交网页
|
function SendPost(URL,POST)
|
|
Dim xmlHttp
|
Dim retStr
|
|
Set objXML = Server.CreateObject("MSXML2.ServerXMLHTTP")
|
on error resume next
|
if err then
|
Response.Write("<p>Error: " & err.description & "<p>")
|
Response.End
|
end if
|
|
' Call the remote machine the request
|
objXML.open "POST", URL, false
|
objXML.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
|
objXML.send(POST)
|
|
'Response.Write "objXML.readyState=" & objXML.readyState & "<br>"
|
i = 0
|
While objXML.readyState <> 4 And i < 5
|
'Response.Write objXML.readyState & "<br>"
|
i = i + 1
|
objXML.waitForResponse 100
|
Wend
|
|
'Response.Write "Err.Number=" & Err.Number & "<br>"
|
' return the response
|
If Err.Number = 0 Then 'if no error occurred
|
retStr = objXML.ResponseText 'wait for receive response from server
|
Else
|
retStr = "false" 'error message
|
End If
|
|
SendPost = retStr 'return the response to the caller
|
|
' clean up
|
set objXML = nothing
|
end Function
|
|
%>
|
