admin.asp

全功能网上商城 免费版

<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="admin_conn.asp"-->
<html>
<head>
<META content="" name=keywords>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="admin.css" type="text/css">
<title>目前位置--管理中心</title>
<style type="text/css"><!--
a:link {color: #FFFFFF;text-decoration: none;}
a:visited {color: #FFFFFF;text-decoration: none;}
a:hover {color: #FFFF99;text-decoration: underline;}
tr {color: #FFFFFF;}
--></style>
</head>

<body topmargin="0" bgcolor="#336699" color=#ffffff>

<!--#include file="top.asp"-->

<table border="0" cellpadding="2" cellspacing="5" style="border-collapse: collapse" bordercolor="#222222" width="760" height="150" bgcolor="#336699" align="center">
    <tr><td width=125 valign="top">
<!--#include file="admin_left.asp"--> 
   </td><td valign="top" width=635>      
     <table border="1" cellpadding="2" cellspacing="4" style="border-collapse: collapse" bordercolor="#222222" width="100%">      
          <tr>
            <td width="100%">当前位置:<a href="admin.asp">网站管理中心</a>--首 页</td>
          </tr>
         
          <tr><td width="100%">             
		<%if session("admin")="" then%>
      <form method="post" action="checkadmin.asp">
    <p align="center"><b>网站管理员登陆</b></p>
    <p align="center">管理员名称 
    <input type="text" name="Username" size="11"> <br>
    <br>
    管理员密码 
    <input type="password" name="Password" size="11"><br>
    <br>验 证 码
        <input name="verifycode" type=text id="verifycode" size=6 maxlength=8>
                <img src="../verifycode.asp" width="40" height="10" style="border:1 solid #ffffff"><br>
                <br> 
&nbsp;<input type="submit" name="Submit" value="确认">
    <input type="reset" name="Submit2" value="复位"></p>
    
      </form>
      


<%else%>            
            
<%action=request("action")
	if action=""  then%>
        <p>&nbsp;&nbsp;<font color="#ffff00"><b>欢迎<%=session("admin")%>进入后台管理</b></font> <br><br><br>



<table  width=530 align=center>
      <font color=yellow>
      <b>特别提示：</b><br>
      1.默认的后台管理路径为<u>http://您的网址/guanli/admin.asp</u>，请将guanli文件夹重命名为尽量复杂的名称，并且不能让他人知道。<br>
      2.请不要将网站程序的任何文件拷贝给其他人，否则别人可能会分析源程序从而获得数据库文件及密码，危及您的网站的安全！<br>
      3.请定期下载备份网站文件。不喜欢备份的人，总有一天会哭笑不得的！<br>
      4.后台操作涉及整个网站的运行，请谨慎操作。在没弄明白前请不要随意尝试。<br>
      5.后台操作无法实现的功能，请直接修改页面文件，您可使用记事本、Frontpage等程序来修改html、asp源文件。<br>
      6.请牢牢记住管理员用户名和密码。<br><br>
     
</table>
		
		
		</p>

    <%else
	 select case action
		   case "news" 
				Response.Redirect("admin_news.asp")
		   case "prod"
				Response.Redirect("admin_prod.asp")
		   case "order"
		        Response.Redirect("admin_order.asp")
		   case "faq"
				Response.Redirect("admin_faq.asp")
		   case "client"
				Response.Redirect("admin_client.asp")
		   case "paytype"
				Response.Redirect("admin_paytype.asp")
		   case "manager"
				Response.Redirect("admin_manager.asp")
		   case "config"
				Response.Redirect("admin_config.asp")
		   case "adv"
				Response.Redirect("admin_adv.asp")
		   case "feedback"
		        Response.Redirect("admin_feedback.asp")
		   case "clearall"
				Response.Redirect("clearall.asp")
		   case "password"
				username=session("admin")
				Set rs = conn.Execute("select * from admin where username='"&username&"'")
				%>
				<form method="post" action="admin.asp?action=modifypost">
			    <p align="center"><b>管理员密码修改</b></p>
			    <p align="center">用户名称 
			    <input type="text" name="Username" size="11" value="<%=rs("username")%>"> <br>
			    <br>用户密码 <input type="text" name="Password" size="11" value="<%=rs("password")%>"><INPUT name=id TYPE="hidden" value=<%=rs("id")%>><br>
				<br>&nbsp;<input type="submit" name="Submit" value="确认">
				<input type="reset" name="Submit2" value="复位"></p></form>
				<%   
			    rs.close
				conn.close
				set rs=nothing
				set conn=nothing
	   
		   case else
			if request.form("id")="" then
			%>
				<script language="javascript">
				if 	(confirm("操作错误,系统拒绝你的访问,请点确定返回,或者点取消退出重新登录"))
				  location.href="admin.asp";
				else
				  location.href="quit.asp";
				</script>
			<%
			else
			end if
			end select%>
<%
   end if
end if
%>
		</td></tr>
		</table> 
	</td></tr>
  </table>
</body>
</html>


<%
id=request.form("id")
if action="modifypost" then

	
    Set rs=Server.CreateObject("ADODB.Recordset")
	sql="select * from admin where id="&id
	rs.open sql,conn,1,3
	if rs.eof and rs.bof then
	response.write "<script language='javascript'>"
	response.write "alert('用户不存在，或者被删除了！');"
	response.write "location.href='admin.asp?action=password';"			
	response.write "</script>"

	else
	rs("username")=Server.Htmlencode(Request("username"))
	rs("password")=Server.Htmlencode(Request("password"))	 
	rs.update
	end if
    
	rs.close
	conn.close
	set rs=nothing
	set conn=nothing
	response.write "<script language='javascript'>"
	response.write "alert('密码更新成功！\n\n请记住："&Request("password")&"');"
	response.write "location.href='admin.asp?action=password';"			
	response.write "</script>"
else
end if%>