Control of this article is a billing management system to control the hierarchical permissions, the program is written using ASP and JavaScript, in the IIS4.0-equipped win NT Server running, fast, easy to maintain.
The permission levels are divided as follows:
①, Dean and finance chief: Can not enter, unlimited inquiries, statistics;
②, Vice President: Can not be entered, inquiries, statistics of its departments in charge of the accounts;
③, department leaders: can not be entered, inquiries, statistics of the department's accounts;
④, Accounting: Can enter the accounts of various departments (an accounting sometimes to do several departments of the account), can only query, statistics of their own input accounts.
The databases and fields involved are as follows
①, Jk_user database and fields: ID (serial number), Bmid (department number), username (username), pwd (password), right (permission value);
②, BM Database and fields: ID (serial number), Bmid (department number);
③, JZPZ databases and fields: ID (serial number), BM (department), ZGS (subsidiary), XMZ (Project team), XM (Project), SR (income), ZC (expenditure), SZFX (revenue direction), Szxs (Income form), RQ (date), JBR (operator), LRR (input person), SZSM (income statement);
④, Zgs database and fields: ID (serial number), ZGS (subsidiary) name (company name), Bmid (department number).
1. First, authenticate the legality of user identity
Compare user names and passwords submitted by users against fields in database Jk_user, to determine its legality, only legitimate users (the system administrator for its open transfer) can enter, the legitimate user has four kinds of permission levels, respectively, given "1", "2", "3", "4" four kinds of rights values. (Cheng).
2. Voucher Accounting (Hierarchical rights Control)
Voucher Accounting function is designed for accountants, other people can not use, such as as a non-accounting personnel into the credentials entry interface, only the "Query Accounting voucher" function button visible, other function buttons are not visible. Entry vouchers are stored in a temporary table, known as the "No Accounting voucher library", only after the "voucher accounting" feature has been run into the voucher library the vouchers in the "No Accounting voucher library" can be modified. Some of the procedures are as follows:
' Non-accountants entry, no ' voucher accounting ' and ' save non-billing vouchers ' feature button
if (thispage.firstentered) then
If session ("Tright") <> "1" Then
Button1.hide
Button2.hide
End If
............
' Auto fill time and operator
Textbox7.value=year (date) & "-" & Month (date) & "-" & Day (date)
Textbox9.value =session ("username")
Set Cnn1=server. CreateObject ("Adodb.connection")
Set Rst1=server. CreateObject ("Adodb.recordset")
Cnn1. Cursorlocation=3
Cnn1. ConnectionTimeout =30
Cnn1. Open "Dsn=jky"
Rst1. Open "SELECT * from BM", Cnn1,1,1,adcmdtext
If Rst1. RecordCount >0 Then
RST1. MoveFirst
Id=rst1. Fields ("id")
Do as not rst1. Eof
Listbox3.additem Rst1. Fields ("Bmname"), CInt (Rst1. Fields ("id"))
' Response.Write Rst1. Fields ("Bmname") & Rst1. Fields ("id")
Rst1. MoveNext
Loop
End If
Rst1. Close
Rst1. Open "Select Zgsname from Zgs where bmid=" & Id,cnn1,1,1,adcmdtext
If Rst1. RecordCount >0 Then
Rst1. MoveFirst
Do as not rst1. Eof
Listbox4.additem CStr (Rst1. Fields ("Zgsname"))
Rst1. MoveNext
Loop
End If
Rst1. Close
Cnn1.close
Call Writerst
End If
End Function
..................
' Voucher accounting
Sub Button2_onclick
Dim s
S=listbox1.selectedindex
Response.Write S
End Sub
Sub Listbox3_onchange
Dim id,i
I=listbox4.getcount ()
Do While I>-1
Call Listbox4.removeitem (i)
I=i-1
Loop
Id=listbox3.getvalue (Listbox3.selectedindex)
Set Cnn2=server. CreateObject ("Adodb.connection")
Set Rst2=server. CreateObject ("Adodb.recordset")
Cnn2. Cursorlocation=3
Cnn2. ConnectionTimeout =30
Cnn2. Open "Dsn=jky"
Rst2. Open "Select Zgsname from Zgs where bmid=" & Id,cnn2,1,1,adcmdtext
If Rst2. RecordCount >0 Then
RST2. MoveFirst
Do as not rst2. Eof
Listbox4.additem CStr (rst2. Fields ("Zgsname"))
Rst2. MoveNext
Loop
End If
Rst2. Close
Cnn2. Close
End Sub
Sub Button2_onclick
Set Cnn5=server. CreateObject ("Adodb.connection")
Cnn5. Cursorlocation=3
Cnn5. ConnectionTimeout =30
Cnn5. Open "Dsn=jky"
Cnn5. Execute "INSERT into Jzpz (BM,ZGS,XMZ,XM,SR,ZC,SZFX,SZXS,RQ,JBR,LRR,SZSM) Select Bm,zgs,xmz,xm,sr,zc,szfx,szxs,rq, Jbr,lrr,szsm from Wjzpz where Lrr= ' "& Session (" username ") &" ' "
Cnn5. Execute "Delete from Wjzpz where Lrr= '" & Session ("username") & ""
End Sub
3. Data query (Hierarchical rights Control)
Query with the field of the voucher, before the selection conditions have a side box to play "√", where the "department" conditions must be selected (program automatically plus), the department content by the program according to the user's permissions automatically call the corresponding value from the database, branch content according to the department automatically adjusted, some of the procedures are as follows:
...............
' Enter the corresponding query interface according to the permission value
...............
function Thispage_onenter ()
Set Cnn1=server. CreateObject ("Adodb.connection")
Set Rst1=server. CreateObject ("Adodb.recordset")
Cnn1. Cursorlocation=3
Cnn1. ConnectionTimeout =30
Cnn1. Open "Dsn=jky"
Select Case session ("Tright")
Case "3" ' Vice Dean
Rst1. Open "Select Bm.bmname from Jk_user, BM where jk_user.bmid=bm.id and jk_user.username = '" & Session ("username") & " ' ", Cnn1,1,1,adcmdtext
If Rst1. RecordCount >0 Then
RST1. MoveFirst
Do as not rst1. Eof
ListBox1.AddItem CStr (Rst1. Fields ("Bmname"))
Rst1. MoveNext
Loop
End If
Rst1. Close
Rst1. Open "Select Zgsname from Zgs", CNN1,