说三道四技术文摘-感悟人生的经典句子
说三道四 > 文档快照

还是这个问题

编辑:说三道四文库 发布时间:2018-06-24 07:32
HTML文档下载 WORD文档下载 PDF文档下载
小弟下载了一个艺龙在线的整站程序
但是从登陆页面登陆后台以后
却出现一个页面,说什么
"对不起,为了系统安全,不允许从外部链接地址访问本系统的后台管理页面。"
请问怎么办呀,很着急呀!!!!!!!!!
一下是我找到的代码
请帮小弟研究一下
<%
dim AdminName,AdminPurview,PurviewPassed
dim AdminPurview_Article,AdminPurview_Soft,AdminPurview_Photo,AdminPurview_Guest,AdminPurview_Others
dim rsGetAdmin,sqlGetAdmin
dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许直接输入地址访问本系统的后台管理页面。</font></p>"
response.end
else
cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
if mid(ComeUrl,len(cUrl)+1,1)=":" then
cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
end if
cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许从外部链接地址访问本系统的后台管理页面。</font></p>"
response.end
end if
end if

AdminName=replace(session("AdminName"),"'","")
if AdminName="" then
call CloseConn()
response.redirect "Admin_login.asp"
end if
sqlGetAdmin="select * from Admin where UserName='" & AdminName & "'"
set rsGetAdmin=server.CreateObject("adodb.recordset")
rsGetAdmin.open sqlGetAdmin,conn,1,1
if rsGetAdmin.bof and rsGetAdmin.eof then
rsGetAdmin.close
set rsGetAdmin=nothing
call CloseConn()
response.redirect "Admin_login.asp"
end if
AdminPurview=rsGetAdmin("Purview")
AdminPurview_Article=rsGetAdmin("AdminPurview_Article")
AdminPurview_Soft=rsGetAdmin("AdminPurview_Soft")
AdminPurview_Photo=rsGetAdmin("AdminPurview_Photo")
AdminPurview_Guest=rsGetAdmin("AdminPurview_Guest")
AdminPurview_Others=rsGetAdmin("AdminPurview_Others")
rsGetAdmin.close
set rsGetAdmin=nothing
PurviewPassed=True
if PurviewLevel>0 then
if AdminPurview>PurviewLevel then
PurviewPassed=False
else
if AdminPurview=2 then
select case CheckChannelID
case 0        '其他管理操作
PurviewPassed=CheckPurview(AdminPurview_Others,PurviewLevel_Others)
case 2        '文章频道
if AdminPurview_Article>PurviewLevel_Article then
PurviewPassed=False
end if
case 3       '下载频道
if AdminPurview_Soft>PurviewLevel_Soft then
PurviewPassed=False
end if
case 4       '图片频道
if AdminPurview_Photo>PurviewLevel_Photo then
PurviewPassed=False
end if
case 5       '留言板
if AdminType=True then
PurviewPassed=CheckPurview(AdminPurview_Guest,PurviewLevel_Guest)
else
PurviewPassed=True
end if
end select
end if
end if
end if
if PurviewPassed=False then
response.write "<br><p align=center><font color='red'>对不起,你没有此项操作的权限。</font></p>"
response.end
end if

function CheckPurview(AllPurviews,strPurview)
if isNull(AllPurviews) or AllPurviews="" or strPurview="" then
CheckPurview=False
exit function
end if
CheckPurview=False
if instr(AllPurviews,",")>0 then
dim arrPurviews,i
arrPurviews=split(AllPurviews,",")
for i=0 to ubound(arrPurviews)
if trim(arrPurviews(i))=strPurview then
CheckPurview=True
exit for
end if
next
else
if AllPurviews=strPurview then
CheckPurview=True
end if
end if
end function

function CheckClassMaster(AllMaster,MasterName)
if isNull(AllMaster) or AllMaster="" or MasterName="" then
CheckClassMaster=False
exit function
end if
CheckClassMaster=False
if instr(AllMaster,"|")>0 then
dim arrMaster,i
arrMaster=split(AllMaster,"|")
for i=0 to ubound(arrMaster)
if trim(arrMaster(i))=MasterName then
CheckClassMaster=True
exit for
end if
next
else
if AllMaster=MasterName then
CheckClassMaster=True
end if
end if
end function
%>
<!--#include file="Admin_PopMenu.asp"-->
那是因为你是从别的站点链接到这个页面的
两种方法解决
一种是把链接和这个页面所在站点统一一下
还有一种是把下面的代码去掉

dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许直接输入地址访问本系统的后台管理页

面。</font></p>"
response.end
else
cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
if mid(ComeUrl,len(cUrl)+1,1)=":" then
cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
end if
cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许从外部链接地址访问本系统的

后台管理页面。</font></p>"
response.end
end if
end if
看来真是初学者......
你把下面这些去掉就可以了
response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许直接输入地址访问本系统的后台管理页面。</font></p>"
response.end
不好意思,可能还要多,就是那些判断你是否非法进入的你给去掉就 可以了...

<%
dim AdminName,AdminPurview,PurviewPassed
dim AdminPurview_Article,AdminPurview_Soft,AdminPurview_Photo,AdminPurview_Guest,AdminPurview_Others
dim rsGetAdmin,sqlGetAdmin


AdminName=replace(session("AdminName"),"'","")
if AdminName="" then
call CloseConn()
response.redirect "Admin_login.asp"
end if
sqlGetAdmin="select * from Admin where UserName='" & AdminName & "'"
set rsGetAdmin=server.CreateObject("adodb.recordset")
rsGetAdmin.open sqlGetAdmin,conn,1,1
if rsGetAdmin.bof and rsGetAdmin.eof then
rsGetAdmin.close
set rsGetAdmin=nothing
call CloseConn()
response.redirect "Admin_login.asp"
end if
AdminPurview=rsGetAdmin("Purview")
AdminPurview_Article=rsGetAdmin("AdminPurview_Article")
AdminPurview_Soft=rsGetAdmin("AdminPurview_Soft")
AdminPurview_Photo=rsGetAdmin("AdminPurview_Photo")
AdminPurview_Guest=rsGetAdmin("AdminPurview_Guest")
AdminPurview_Others=rsGetAdmin("AdminPurview_Others")
rsGetAdmin.close
set rsGetAdmin=nothing
PurviewPassed=True
if PurviewLevel>0 then
if AdminPurview>PurviewLevel then
PurviewPassed=False
else
if AdminPurview=2 then
select case CheckChannelID
case 0        '其他管理操作
PurviewPassed=CheckPurview(AdminPurview_Others,PurviewLevel_Others)
case 2        '文章频道
if AdminPurview_Article>PurviewLevel_Article then
PurviewPassed=False
end if
case 3       '下载频道
if AdminPurview_Soft>PurviewLevel_Soft then
PurviewPassed=False
end if
case 4       '图片频道
if AdminPurview_Photo>PurviewLevel_Photo then
PurviewPassed=False
end if
case 5       '留言板
if AdminType=True then
PurviewPassed=CheckPurview(AdminPurview_Guest,PurviewLevel_Guest)
else
PurviewPassed=True
end if
end select
end if
end if
end if
if PurviewPassed=False then
response.write "<br><p align=center><font color='red'>对不起,你没有此项操作的权限。</font></p>"
response.end
end if

function CheckPurview(AllPurviews,strPurview)
if isNull(AllPurviews) or AllPurviews="" or strPurview="" then
CheckPurview=False
exit function
end if
CheckPurview=False
if instr(AllPurviews,",")>0 then
dim arrPurviews,i
arrPurviews=split(AllPurviews,",")
for i=0 to ubound(arrPurviews)
if trim(arrPurviews(i))=strPurview then
CheckPurview=True
exit for
end if
next
else
if AllPurviews=strPurview then
CheckPurview=True
end if
end if
end function

function CheckClassMaster(AllMaster,MasterName)
if isNull(AllMaster) or AllMaster="" or MasterName="" then
CheckClassMaster=False
exit function
end if
CheckClassMaster=False
if instr(AllMaster,"|")>0 then
dim arrMaster,i
arrMaster=split(AllMaster,"|")
for i=0 to ubound(arrMaster)
if trim(arrMaster(i))=MasterName then
CheckClassMaster=True
exit for
end if
next
else
if AllMaster=MasterName then
CheckClassMaster=True
end if
end if
end function
%>
<!--#include file="Admin_PopMenu.asp"-->
那么请问你把这些删掉
别人非法登陆怎么办??
这么多,我看你还是自己找
难道没有用户名密码验证吗
备案号:鲁ICP备13029499号-2 说三道四 www.s3d4.cn 说三道四技术文摘