![pic.jpg](https://i-blog.csdnimg.cn/blog_migrate/b6bd87b84613bd2d4a14e646100aa155.jpeg)
第二阶段的开发任务是加强权限的控制。如何判断一个人如何在一个页面有“添加、修改、删除、审核”等权限?以前的方法是加到栏目上,这种做法是比较浪费的,而且还不好控制。考虑:一个系统的操作权限(添加、修改、删除、审核)是有限的,根据有限的操作权限定义一个操作权限表,然后对模块进行操作权限的关联,同一类的人使用相同的角色,该角色对应统一的模块即可。
另外,页面如何禁止外部框架访问??如果禁用了外部框架访问,也就控制了人员对其他没有权限页面的访问。可以用以下脚本实现:
1
<%
@ Page language
=
"
c#
"
ContentType
=
"
text/javascript
"
%>
2
//
<script>
3
var
isRight
=
true
;
4
if
(top
==
self)
5![ExpandedBlockStart.gif](/Images/OutliningIndicators/ExpandedBlockStart.gif)
{
6
isRight = false;
7
}
8
else
9![ExpandedBlockStart.gif](/Images/OutliningIndicators/ExpandedBlockStart.gif)
{
10
try
11![ExpandedSubBlockStart.gif](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
{
12
if (top.document.domain != document.domain)
13![ExpandedSubBlockStart.gif](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
{
14
isRight = false;
15
}
16
}
17
catch(e)
18![ExpandedSubBlockStart.gif](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
{
19
isRight = false;
20
}
21
}
22
if
(
!
isRight)
23![ExpandedBlockStart.gif](/Images/OutliningIndicators/ExpandedBlockStart.gif)
{
24
window.top.location.href = "about:blank";
25
}
把该代码放到CheckFrame.js.aspx文件中,在页面中添加引用该代码
![None.gif](/Images/OutliningIndicators/None.gif)
2
![None.gif](/Images/OutliningIndicators/None.gif)
3
![None.gif](/Images/OutliningIndicators/None.gif)
4
![None.gif](/Images/OutliningIndicators/None.gif)
5
![ExpandedBlockStart.gif](/Images/OutliningIndicators/ExpandedBlockStart.gif)
![ContractedBlock.gif](/Images/OutliningIndicators/ContractedBlock.gif)
![dot.gif](https://www.cnblogs.com/Images/dot.gif)
6
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
7
![ExpandedBlockEnd.gif](/Images/OutliningIndicators/ExpandedBlockEnd.gif)
8
![None.gif](/Images/OutliningIndicators/None.gif)
9
![ExpandedBlockStart.gif](/Images/OutliningIndicators/ExpandedBlockStart.gif)
![ContractedBlock.gif](/Images/OutliningIndicators/ContractedBlock.gif)
![dot.gif](https://www.cnblogs.com/Images/dot.gif)
10
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
11
![ExpandedSubBlockStart.gif](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
![ContractedSubBlock.gif](/Images/OutliningIndicators/ContractedSubBlock.gif)
![dot.gif](https://www.cnblogs.com/Images/dot.gif)
12
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
13
![ExpandedSubBlockStart.gif](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
![ContractedSubBlock.gif](/Images/OutliningIndicators/ContractedSubBlock.gif)
![dot.gif](https://www.cnblogs.com/Images/dot.gif)
14
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
15
![ExpandedSubBlockEnd.gif](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
16
![ExpandedSubBlockEnd.gif](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
17
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
18
![ExpandedSubBlockStart.gif](/Images/OutliningIndicators/ExpandedSubBlockStart.gif)
![ContractedSubBlock.gif](/Images/OutliningIndicators/ContractedSubBlock.gif)
![dot.gif](https://www.cnblogs.com/Images/dot.gif)
19
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
20
![ExpandedSubBlockEnd.gif](/Images/OutliningIndicators/ExpandedSubBlockEnd.gif)
21
![ExpandedBlockEnd.gif](/Images/OutliningIndicators/ExpandedBlockEnd.gif)
22
![None.gif](/Images/OutliningIndicators/None.gif)
23
![ExpandedBlockStart.gif](/Images/OutliningIndicators/ExpandedBlockStart.gif)
![ContractedBlock.gif](/Images/OutliningIndicators/ContractedBlock.gif)
![dot.gif](https://www.cnblogs.com/Images/dot.gif)
24
![InBlock.gif](/Images/OutliningIndicators/InBlock.gif)
25
![ExpandedBlockEnd.gif](/Images/OutliningIndicators/ExpandedBlockEnd.gif)
<script language="javascript" src="../../Script/CheckFrame.js.aspx"></script>