本文实现的是一个帐务管理系统中分级权限的控制,程序使用ASP和JavaScript编写,在装有IIS4.0的win NT服务器上运行,速度快,易维护。
权限级别划分如下:
①、院长和财务科长:不能输入,可以无限制查询、统计;
②、副院长:不能输入,可以查询、统计其分管部门的帐务;
③、部门领导:不能输入,可以查询、统计本部门的帐务;
④、会计:能输入各部门的帐务(一个会计有时要做几个部门的帐),只能查询、统计自己输入的帐务。
涉及的数据库和字段如下
①、JK_USER数据库及字段:id(序列号),bmid(部门号),username(用户名),pwd(口令),right(权限值);
②、BM数据库及字段:id(序列号) ,bmid(部门号);
③、JZPZ数据库及字段:id(序列号),bm(部门), zgs(子公司),xmz(项目组),xm(项目),sr(收入),zc(支出),szfx(收支方向),szxs(收支形式),rq(日期),jbr(经办人),lrr(录入人),szsm(收支说明);
④、ZGS数据库及字段:id(序列号),zgs(子公司)name(公司名),bmid(部门编号)。
1.首先进行用户身份合法性验证
将用户提交的用户名和口令与数据库JK_USER中的字段对照对照,以确定其合法性,只有合法的用户(系统管理员为其开过户)才可以进入,合法用户有四种权限级别,分别赋予“1”、“2”、“3”、“4”四种权限值。(程序略)。
2.凭证记帐(分级权限控制)
凭证记帐功能是专为会计人员服务的,其他人不可以使用,如以非会计人员身份进入凭证录入界面时,只有“查询记帐凭证”功能按钮可见,其它功能按钮不可见。录入的凭证先存放在一个临时表里,称为“未记帐凭证库”,只有运行“凭证记帐”功能后才进入“凭证库”在“未记帐凭证库”中的凭证可以修改。部分程序如下:
’非会计人员进入,不显示“凭证记帐”和“保存未记帐凭证”功能按钮
if (thisPage.firstEntered) then
if session(tright)<> 1 then
button1.hide
button2.hide
end if
…………
’自动填写时间和操作人
Textbox7.value=year(date) & - & month(date) & - & day(date)
Textbox9.value =session(username)
set cnn1=server.CreateObject(adodb.connection)
set rst1=server.CreateObject(adodb.recordset)
cnn1.CursorLocation=3
cnn1.ConnectionTimeout =30
cnn1.Open DSN=jky
rst1.Open select * from bm ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
RST1.MoveFirst
Id=rst1.Fields(id)
do while not rst1.EOF
Listbox3.addItem rst1.Fields(bmName),cint(rst1.Fields(id))
Response.Write rst1.Fields(bmname) & rst1.Fields(id)
rst1.MoveNext
loop
end if
rst1.Close
rst1.Open select zgsname from zgs where bmid= & id,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
rst1.MoveFirst
do while not rst1.EOF
Listbox4.addItem cstr(rst1.Fields(zgsname))
rst1.MoveNext
loop
end if
rst1.Close
cnn1.close
call writerst
end if
end function
………………
’凭证记帐
sub button2_onclick
dim s
s=Listbox1.selectedIndex
Response.Write s
end sub
sub listbox3_onchange
dim id,i
i=Listbox4.getCount()
do while i>-1
call Listbox4.removeItem(i)
i=i-1
loop
id=listbox3.getValue (listbox3.selectedIndex)
set cnn2=server.CreateObject(adodb.connection)
set rst2=server.CreateObject(adodb.recordset)
cnn2.CursorLocation=3
cnn2.ConnectionTimeout =30
cnn2.OpenDSN=jky
rst2.Open select zgsName from zgs where bmid= & id,cnn2,1,1,adcmdtext
if rst2.RecordCount >0 then
RST2.MoveFirst
do while not rst2.EOF
Listbox4.addItem cstr(rst2.Fields(zgsName))
rst2.MoveNext
loop
end if
rst2.Close
cnn2.Close
end sub
sub button2_onclick
set cnn5=server.CreateObject(adodb.connection)
cnn5.CursorLocation=3
cnn5.ConnectionTimeout =30
cnn5.OpenDSN=jky
cnn5.Execute insert into jzpz(bm,zgs,xmz,xm,sr,zc,szfx,szxs,rq,jbr,lrr,szsm) select bm,zgs,xmz,xm,sr,zc,szfx,szxs,rq,jbr,lrr,szsm from wjzpz where lrr= & session(username) &
cnn5.Execute delete from wjzpz where lrr= & session(username) &
end sub
3.数据查询(分级权限控制)
以凭证的字段为条件进行查询,在供选条件前有一方框供打“√”,其中“部门“条件必选(程序自动加上),部门内容由程序根据用户的权限自动从数据库中调用相应值,分公司内容根据所属部门自动调整,部分程序如下:
……………
’根据权限值进入相应的查询界面
……………
function thisPage_onenter()
set cnn1=server.CreateObject(adodb.connection)
set rst1=server.CreateObject(adodb.recordset)
cnn1.CursorLocation=3
cnn1.ConnectionTimeout =30
cnn1.Open dsn=jky
select case session(Tright)
case 3副院长
rst1.Open select bm.bmName from jk_user ,bm where JK_user.bmid=bm.id and jk_user.username =& session(username) & ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
RST1.MoveFirst
do while not rst1.EOF
Listbox1.addItem cstr(rst1.Fields(bmName))
rst1.MoveNext
loop
end if
rst1.Close
rst1.Open select zgsname from zgs ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
rst1.MoveFirst
do while not rst1.EOF
Listbox2.addItem cstr(rst1.Fields(zgsname))
rst1.MoveNext
loop
end if
rst1.Close
cnn1.close
Checkbox1.setChecked (true)
case 2部门经理
Listbox1.addItem session(bm)
rst1.Open select zgsname from zgs where bmid= & session(bmid),cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
rst1.MoveFirst
do while not rst1.EOF
Listbox2.addItem cstr(rst1.Fields(zgsname))
rst1.MoveNext
loop
end if
rst1.Close
cnn1.close
Checkbox1.setChecked (true)
Checkbox1.0
case 1会计
rst1.Open select bmName from bm ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
RST1.MoveFirst
do while not rst1.EOF
Listbox1.addItem cstr(rst1.Fields(bmName))
rst1.MoveNext
loop
end if
rst1.Close
rst1.Open select zgsname from zgs ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
rst1.MoveFirst
do while not rst1.EOF
Listbox2.addItem cstr(rst1.Fields(zgsname))
rst1.MoveNext
loop
end if
rst1.Close
cnn1.close
case 4院长
rst1.Open select bmName from bm ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
RST1.MoveFirst
do while not rst1.EOF
Listbox1.addItem cstr(rst1.Fields(bmName))
rst1.MoveNext
loop
end if
rst1.Close
rst1.Open select zgsname from zgs ,cnn1,1,1,adcmdtext
if rst1.RecordCount >0 then
rst1.MoveFirst
do while not rst1.EOF
Listbox2.addItem cstr(rst1.Fields(zgsname))
rst1.MoveNext
loop
end if
rst1.Close
cnn1.close
end select
end if
…………
end function
’按照权限查询凭证
sub button1_onclick
dim rst2,cnn2,str,i
dim bm(1),zgs(1),xmz(1),xm(1),szfx(1),szxs(1),rq(2),jbr(1)
bm(0)=Checkbox1.getChecked()
if bm(0) then
bm(1)=Listbox1.getText(Listbox1.selectedIndex )
str= and bm= & bm(1) &
end if
zgs(0)=Checkbox2.getChecked()
if zgs(0) then
zgs(1)=Listbox2.getText(Listbox2.selectedIndex )
str=str & and zgs =& zgs(1) &
end if
xmz(0)=Checkbox3.getChecked()
if xmz(0) then
xmz(1)=trim(txtxmz.value )
str=str & and xmz like % & xmz(1) & %
end if
xm(0)=Checkbox4.getChecked()
if xm(0) then
xm(1)=trim(tztxm.value )
str=str & and xm like % & xm(1) & %
end if
szfx(0)=Checkbox5.getChecked()
if szfx(0) then
szfx(1)=Listbox3.getText(Listbox3.selectedIndex )
str =str & and szfx = & szfx(1) &
end if
szxs(0)=Checkbox6.getChecked()
if szxs(0) then
szxs(1)=Listbox4.getText(Listbox4.selectedIndex )
str =str & and szxs = & szxs(1) &
end if
jbr(0)=Checkbox8.getChecked()
if jbr(0) then
jbr(1)=trim(txtjbr.value )
str =str & and jbr like % & jbr(1) & %
end if
set cnn2=server.CreateObject(adodb.connection)
set rst2=server.CreateObject(adodb.recordset)
cnn2.CursorLocation=3
cnn2.ConnectionTimeout =30
cnn2.Open dsn=jky
Response.Write <table border=1 cellPadding=0 cellSpacing=0 width=650 height=33 >
Response.Write <tr>
Response.Write <td width=100% colspan=6 height=44 align=middle bgcolor=lightblue>
Response.Write <p align=center><b><font color=#000084>记 帐 凭 证 列 表
Response.Write </font></b></p></td></tr>
Response.Write <tr>
Response.Write <td width=15% bgcolor=lightsteelblue>
Response.Write 部 门</td>
Response.Write <td width=20%bgcolor=lightsteelblue>
Response.Write 子公司</td>
Response.Write <td width=15% bgcolor=lightsteelblue>
Response.Write 项目组</td>
Response.Write <td width=15% bgcolor=lightsteelblue>
Response.Write 项目名/合同号</td>
Response.Write <td width=15% bgcolor=lightsteelblue>
Response.Write 收入金额(万元)</td>
Response.Write <td width=15% bgcolor=lightsteelblue>
Response.Write 支出金额(万元)</td></tr>
if session(Tright)=1 then
Response.Write AAAAAAAA
rst2.Open select * from jzpz where id>0 and lrr= & session(username) & & str ,cnn2,1,1,adcmdtext
else
Response.Write FFFFFFFFFFFFF
rst2.Open select * from jzpz where id>0 & str ,cnn2,1,1,adcmdtext
end if
if rst2.RecordCount >0 then
rst2.MoveFirst
rst2.PageSize =20
rst2.AbsolutePage =1
i=0
do while not rst2.EOF and i< rst2.PageSize
Response.Write <tr>
Response.Write <td width=15% bgcolor=lightgrey>& rst2.Fields(bm)& </td>
Response.Write <td width=15% bgcolor=lightgrey>& rst2.Fields(zgs)& </td>
Response.Write <td width=15% bgcolor=lightgrey>& rst2.Fields(xmz)& </td>
Response.Write <td width=15% bgcolor=lightgrey><a href=FMjz1.asp?Id=& rst2.Fields(id) & target=_blank> & rst2.Fields(xm)& </a></td>
Response.Write <td width=5% bgcolor=lightgrey>& rst2.Fields(sr)& </td>
Response.Write <td width=5% bgcolor=lightgrey>& rst2.Fields(zc)& </td>
Response.Write </tr>
i=i+1
rst2.MoveNext
loop
end if
Response.Write </table>
Response.Write </div>
j= rst2.PageCount
Response.Write <P align=center><b>共有页数:
for i=1 to j
Response.Write <a href=Fmjzpzck1.asp?ID= & i & target=_blank> & i & </a> &
if j mod 10= 0 then
Response.Write <br>
end if
next
Response.Write </b></p>
rst2.Close
cnn2.Close
…………
end sub
应用以上程序,可以根据用户的权限,按照用户的要求实行订制查询,该系统在win NT、IIS4.0和win98、PWS上运行通过。 |
加入最爱
热门小游戏分类 
