求求大家帮帮忙吧!!!

WangLuDongcai 2004-08-11 12:50:59

小弟下载了一个艺龙在线的整站程序
但是从登陆页面登陆后台以后
却出现一个页面,说什么
"对不起，为了系统安全，不允许从外部链接地址访问本系统的后台管理页面。"
请问怎么办呀,很着急呀!!!!!!!!!

...全文

102 8 打赏收藏转发到动态举报

写回复

用AI写文章

8 条回复

切换为时间正序

请发表友善的回复…

发表回复

aspgreener 2004-08-11

打赏
举报

看看一些配置文件\判断语句

Drowning 2004-08-11

打赏
举报

把以下代码去掉就可以了

dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
response.write " 对不起，为了系统安全，不允许直接输入地址访问本系统的后台管理页面。"
response.end
else
cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
if mid(ComeUrl,len(cUrl)+1,1)=":" then
cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
end if
cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
response.write " 对不起，为了系统安全，不允许从外部链接地址访问本系统的后台管理页面。"
response.end
end if
end if

WangLuDongcai 2004-08-11

打赏
举报

一下是我找到的代码
请帮小弟研究一下
<%
dim AdminName,AdminPurview,PurviewPassed
dim AdminPurview_Article,AdminPurview_Soft,AdminPurview_Photo,AdminPurview_Guest,AdminPurview_Others
dim rsGetAdmin,sqlGetAdmin
dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
response.write " 对不起，为了系统安全，不允许直接输入地址访问本系统的后台管理页面。"
response.end
else
cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
if mid(ComeUrl,len(cUrl)+1,1)=":" then
cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
end if
cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
response.write " 对不起，为了系统安全，不允许从外部链接地址访问本系统的后台管理页面。"
response.end
end if
end if

AdminName=replace(session("AdminName"),"'","")
if AdminName="" then
call CloseConn()
response.redirect "Admin_login.asp"
end if
sqlGetAdmin="select * from Admin where UserName='" & AdminName & "'"
set rsGetAdmin=server.CreateObject("adodb.recordset")
rsGetAdmin.open sqlGetAdmin,conn,1,1
if rsGetAdmin.bof and rsGetAdmin.eof then
rsGetAdmin.close
set rsGetAdmin=nothing
call CloseConn()
response.redirect "Admin_login.asp"
end if
AdminPurview=rsGetAdmin("Purview")
AdminPurview_Article=rsGetAdmin("AdminPurview_Article")
AdminPurview_Soft=rsGetAdmin("AdminPurview_Soft")
AdminPurview_Photo=rsGetAdmin("AdminPurview_Photo")
AdminPurview_Guest=rsGetAdmin("AdminPurview_Guest")
AdminPurview_Others=rsGetAdmin("AdminPurview_Others")
rsGetAdmin.close
set rsGetAdmin=nothing
PurviewPassed=True
if PurviewLevel>0 then
if AdminPurview>PurviewLevel then
PurviewPassed=False
else
if AdminPurview=2 then
select case CheckChannelID
case 0 '其他管理操作
PurviewPassed=CheckPurview(AdminPurview_Others,PurviewLevel_Others)
case 2 '文章频道
if AdminPurview_Article>PurviewLevel_Article then
PurviewPassed=False
end if
case 3 '下载频道
if AdminPurview_Soft>PurviewLevel_Soft then
PurviewPassed=False
end if
case 4 '图片频道
if AdminPurview_Photo>PurviewLevel_Photo then
PurviewPassed=False
end if
case 5 '留言板
if AdminType=True then
PurviewPassed=CheckPurview(AdminPurview_Guest,PurviewLevel_Guest)
else
PurviewPassed=True
end if
end select
end if
end if
end if
if PurviewPassed=False then
response.write " 对不起，你没有此项操作的权限。"
response.end
end if

function CheckPurview(AllPurviews,strPurview)
if isNull(AllPurviews) or AllPurviews="" or strPurview="" then
CheckPurview=False
exit function
end if
CheckPurview=False
if instr(AllPurviews,",")>0 then
dim arrPurviews,i
arrPurviews=split(AllPurviews,",")
for i=0 to ubound(arrPurviews)
if trim(arrPurviews(i))=strPurview then
CheckPurview=True
exit for
end if
next
else
if AllPurviews=strPurview then
CheckPurview=True
end if
end if
end function

function CheckClassMaster(AllMaster,MasterName)
if isNull(AllMaster) or AllMaster="" or MasterName="" then
CheckClassMaster=False
exit function
end if
CheckClassMaster=False
if instr(AllMaster,"|")>0 then
dim arrMaster,i
arrMaster=split(AllMaster,"|")
for i=0 to ubound(arrMaster)
if trim(arrMaster(i))=MasterName then
CheckClassMaster=True
exit for
end if
next
else
if AllMaster=MasterName then
CheckClassMaster=True
end if
end if
end function
%>