<!--#include file="JsonPost_1000006.gds"-->
|
<%'微信OA用户验证
|
code=request("code")
|
NewAdmin=request("NewAdmin")
|
If code<>"" Then
|
appUrl="https://qyapi.weixin.qq.com/cgi-bin/user/getuserinfo"
|
Origin="access_token="&access_token&"&code="&code
|
HTMLCODE= GetBody(appUrl,Origin)
|
If Mid(HTMLCODE,3,6)="UserId" Then
|
HTMLCODE = Replace(HTMLCODE,"{""UserId"":""","")
|
OA_weixinUserID = left(HTMLCODE,Instr(HTMLCODE,"""")-1)
|
Set rs = Server.CreateObject("ADODB.Recordset")
|
'If OA_weixinUserID="ylkx_vicgame" Then OA_weixinUserID="ylkx_zengqin"
|
sql="select OA_User,OA_User_ID,OA_DepartmentID,OA_Name,OA_Power=isnull(OA_Power,''),OA_execLevel,OA_OrderClass from OA_User where OA_execLevel>-1 and OA_weixinUserID='"&OA_weixinUserID&"'"
|
rs.open sql,objConn,1,1
|
If Not rs.Eof Then
|
Response.Cookies("CAME")("admin") = rs("OA_User")
|
Response.Cookies("CAME")("adminID") = rs("OA_User_ID")
|
Response.Cookies("CAME")("adminDepartmentID")=rs("OA_DepartmentID")
|
Response.Cookies("CAME")("adminName") = rs("OA_Name")
|
Response.Cookies("CAME")("admin_Power") = rs("OA_Power")
|
Response.Cookies("CAME")("admin_execLevel") = rs("OA_execLevel")
|
If InStr(rs("OA_Power"),",020114")>0 Then '查看全部订单权限
|
Set IPrs = Server.CreateObject("ADODB.Recordset")
|
sql="select stuff((select ','+vOrder2 from dictionary where vtitle='OrderClass' and vType>0 for xml path('')),1,1,'')"
|
IPrs.open sql,objConn,1,1
|
If not IPrs.eof Then
|
OA_OrderClass=IPrs(0)
|
End If
|
IPrs.close()
|
Else
|
OA_OrderClass=rs("OA_OrderClass")
|
End If
|
If OA_OrderClass="" Then
|
Response.Write "账号权限不足"
|
Response.END
|
End If
|
Response.Cookies("CAME")("admin_OrderClass")=OA_OrderClass
|
Response.Cookies("CAME").Expires=now()+1
|
Else
|
Response.Redirect "/"
|
End if
|
rs.close()
|
Else
|
'Response.Redirect "/"
|
Response.Write HTMLCODE
|
Response.END
|
End If
|
'Response.END
|
End if
|
|
'刷新权限
|
If NewAdmin="1" Then
|
Response.Cookies("CAME")("admin") = ""
|
Response.Cookies("CAME")("adminID") = ""
|
Response.Cookies("CAME")("adminName") = ""
|
Response.Cookies("CAME")("adminDepartmentID") = ""
|
Response.Cookies("CAME")("admin_Power") = ""
|
Response.Cookies("CAME")("admin_execLevel") = ""
|
Response.Cookies("CAME")("admin_OrderClass")=""
|
Response.Cookies("CAME").Expires=Date()-1
|
session("admin")=""
|
Response.Redirect "https://open.weixin.qq.com/connect/oauth2/authorize?appid="&corpid&"&redirect_uri=https://"&Request.ServerVariables("HTTP_HOST")&Request.ServerVariables("URL")&"&response_type=code&scope=SCOPE&state="&state&"#wechat_redirect"
|
|
'用户登陆&记录在线用户
|
Elseif Request.Cookies("CAME")("admin_OrderClass")<>"" Then
|
session("admin")=Request.Cookies("CAME")("admin")
|
session("adminID") = Request.Cookies("CAME")("adminID")
|
session("adminName")= Request.Cookies("CAME")("OA_Name")
|
session("adminDepartmentID")=Request.Cookies("CAME")("adminDepartmentID")
|
session("admin_Power") = Request.Cookies("CAME")("admin_Power")
|
session("admin_execLevel") = Request.Cookies("CAME")("admin_execLevel")
|
session("admin_OrderClass")=Request.Cookies("CAME")("admin_OrderClass")
|
session.Timeout=60
|
'Response.Write session("admin_Power")
|
'Response.end
|
'ElseIf session("admin_OrderClass")<>"" and session("adminID")<>"" Then
|
|
else
|
'Request.ServerVariables("QUERY_STRING")
|
If Request.ServerVariables("QUERY_STRING")<>"" then
|
state=Replace(Request.ServerVariables("QUERY_STRING"),"&","|")
|
End If
|
'Response.Write "https://open.weixin.qq.com/connect/oauth2/authorize?appid="&corpid&"&redirect_uri=https://"&Request.ServerVariables("HTTP_HOST")&Request.ServerVariables("URL")&"&response_type=code&scope=SCOPE&state="&state&"#wechat_redirect"
|
'Response.end
|
Response.Redirect "https://open.weixin.qq.com/connect/oauth2/authorize?appid="&corpid&"&redirect_uri=https://"&Request.ServerVariables("HTTP_HOST")&Request.ServerVariables("URL")&"&response_type=code&scope=SCOPE&state="&state&"#wechat_redirect"
|
end If
|
|
'权限载入
|
admin_Power=session("admin_Power")
|
admin_OrderClass=session("admin_OrderClass")
|
admin_OrderClass=Replace(admin_OrderClass," ","")
|
OrdClassListSql=Replace(admin_OrderClass,",","','")
|
OrdClassInt = ubound(SPLIT(OrdClassListSql,"','"))
|
|
UnitIDCookies=Request.Cookies("UnitIDCookies")
|
|
'Response.Cookies("CAME")("admin_OrderClass")=""
|
'session("admin_OrderClass")=""
|
'Response.Cookies("CAME").Expires=Date()-1
|
%>
|