📄 admin_check.asp
字号:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="../localhost.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="show_error.asp"-->
<!--#include file="../lockip.asp"-->
<!--#include file="../config.asp"-->
<!--#include file="../check_function.asp"-->
<!--#include file="../check_email.asp"-->
<%
response.expires=now()-1
'response.buffer=true
Response.CacheControl = "no-cache"
dim action
action=lcase(trim(request.querystring("action")))
select case action
case "sys_setup"
if session("purview")<3 or isnull(session("purview")) then
call error("对不起,你无权访问该页!--><a href='admin_main.asp' target='_parent'>返回管理首页</a>")
call Iserror()
response.end
end if
dim explain
explain=request.form("explain")
'进行字符过滤
dim sys_info
sys_info=request.form("sys_info")
'数据库默认为选中状态,如is_open被选中,意思为系统开放。
select case sys_info
case "1, 2, 3, 4"
call opendb()
conn.execute("update eric_config set Is_open=false,Is_reg=false,Is_upload=false,Is_login=false,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "2, 3, 4"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=false,Is_upload=false,Is_login=false,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "2, 3"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=false,Is_upload=false,Is_login=true,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "2, 4"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=false,Is_upload=true,Is_login=false,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "3, 4"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=true,Is_upload=false,Is_login=false,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "2"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=false,Is_upload=true,Is_login=true,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "3"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=true,Is_upload=false,Is_login=true,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "4"
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=true,Is_upload=true,Is_login=false,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case ""
call opendb()
conn.execute("update eric_config set Is_open=true,Is_reg=true,Is_upload=true,Is_login=true,remark='" & explain & "'")
call closedb()
response.redirect "../show_success.asp?info=系统参数设置成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case else
call error("当选中关闭系统时必须选中其它项!")
call Iserror()
response.end
end select
case "add_manager"
if session("purview")<3 or isnull(session("purview")) then
call error("对不起,你无权访问该页!--><a href='admin_main.asp' target='_parent'>返回管理首页</a>")
call Iserror()
response.end
end if
if check_len(request.form("username"),"[用户名]",20,0) or _
check_len(request.form("password"),"[密码]",20,0) or _
check_small_len(request.form("password"),"[密码]",8) or _
check_len(request.form("passwordq"),"[密码确认]",20,0) or _
check_small_len(request.form("passwordq"),"[密码确认]",8) or _
check_len(request.form("teacher_name"),"[教师名]",10,0) or _
check_len(request.form("remark"),"[备注]",500,0) then
finderror=true
call show_error()
response.end
end if
if request.form("password")<>request.form("passwordq") then
call error("两次输入密码不一致")
call Iserror()
response.end
else
dim username,password,teacher_name,remark,limit
username=request.form("username")
password=request.form("password")
teacher_name=request.form("teacher_name")
remark=request.form("remark")
limit=request.form("purview")
'md5加密
'过滤字符
'判断用户名,教师名是否已经存在
call opendb()
set rs=conn.execute ("select eric_manager,teacher from eric_manager where eric_manager='" & username & "' or teacher='" & teacher_name & "'")
if not rs.eof then
call error("用户名或者教师名已经存在!请与系统管理员联系--><a href='javascript:history.go(-1)'>返回</a>")
call Iserror()
call closers()
call closedb()
response.end
else
sql_10="insert into eric_manager (eric_manager,eric_password,teacher,purview,remark) values ('" & username & "','" & password & "','" & teacher_name & "','" & limit & "','" & remark & "')"
'call opendb()
conn.execute (sql_10)
'call closedb()
if limit<3 then
'向class表中插入数据
sql_11="insert into class (parentId,parentStr,className) values ('0','0','" & teacher_name & "')"
conn.execute (sql_11)
call closedb()
'生成文件夹路径
folder_path=server.mappath("..\upload\" & teacher_name)
'建立该教师的文件夹
set fs=createobject("scripting.filesystemobject")
if not fs.folderexists(folder_path) then
fs.createfolder(folder_path)
else
set fs=nothing
call error("已经存在该文件夹!,请与<a href='mailto:mlzboy@yahoo.com.cn'>我们联系</a>!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end if
if fs.folderexists(folder_path) then
set fs=nothing
response.redirect "../show_success.asp?info=添加操作成功!已建立该教师文件夹!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
response.end
end if
else
call closedb()
response.redirect "../show_success.asp?info=添加管理员操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
end if
end if
end if
case "add_class"
if session("purview")>2 then
call error("对不起,该系统目前该功能只对教师开放,如有需要,请自建一个教师帐号!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>")
call Iserror()
response.end
end if
dim add
add=request.form("class_er")
if add="" then
call error("班级名称不能为空!")
call Iserror()
response.end
end if
'字符过滤
add=add
ad=request.form("class_er")'经过过滤
call opendb()
'判断是否已经存在该文件夹
set rs=conn.execute ("select eric_manager,class_e from eric_manager where eric_manager='" & session("teacher") & "'" )
if not rs.eof then
'add=rs("class_e") & add
'instr(rs("class_e"),"|")=0
dim class_e
class_e=rs("class_e")
if class_e<>"" then
if instr(class_e,"|")=0 and class_e=add then
call error("已经存在该班级的文件夹!请与系统管理员联系!")
call Iserror()
response.end
elseif instr(class_e,"|")>0 then
array_class_e=split(class_e,"|")
for i=0 to ubound(array_class_e)
if array_class_e(i)=add then
call error("已经存在该班级的文件夹!请与系统管理员联系!")
call Iserror()
response.end
end if
next
end if
add=rs("class_e") & "|" & add'当班级不止一个时用filter隔开班级
end if
call closers()
'更新eric_manager表中内容
conn.execute("update eric_manager set class_e='" & add & "' where eric_manager='" & session("teacher") & "'")
'向class表中插入内容
set rs=conn.execute("select id,className,childId from class where classname='" & session("teacher_name") & "'")
if not rs.eof then
id=rs("id")'该教师的编号
childid=rs("childid")
call closers()
conn.execute("insert into class (parentID,parentStr,className) values ('" & id & "','" & id & "','" & ad & "')")
set rs=conn.execute("select id from class where classname='" & ad & "' order by id desc")'此处order by id desc的用处是取得刚刚插入的数据库的rs("id")
if not rs.eof then
if isnull(childid) or childid="" then '注意usnull()这个函数
conn.execute("update Class set ChildID='" & rs("id") & "' where ID=" & id)
else
Conn.execute("update Class set ChildID=ChildID+','+'" & rs("id") & "' where ID=" & id)
end if
end if
call closers()
'response.write rs("id")
call closedb()
'生成文件夹路径
dim folder_path_02
dim path
'path="..\upload\" & teacher_name & addd '这句是错的,没有定义teacher_name这个变量
path="..\upload\" & session("teacher_name") & "\" & ad
folder_path_02=server.mappath(path)
'建立该教师的班级的文件夹
set fs=createobject("scripting.filesystemobject")
if not fs.folderexists(folder_path_02) then
fs.createfolder(folder_path_02)
if fs.folderexists(folder_path_02) then
set fs=nothing
response.redirect "../show_success.asp?info=添加班级操作成功!已建立该班级的文件夹,你可以对该班级布置作业了--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
response.end
else
set fs=nothing
call error("出现未知错误,请与<a href='mailto:mlzboy@yahoo.com.cn'>我们联系</a>!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end if
else
call error("已经存在该文件夹,请与系统管理员联系!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end if
else
call closers()
call closedb()
call error("出现未知错误,请与<a href='mailto:mlzboy@yahoo.com.cn'>我们联系</a>!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end if
else
call error("出现未知错误,请与<a href='mailto:mlzboy@yahoo.com.cn'>我们联系</a>!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end if
'+----------------------------------------------------------------------------------
'|此种方法亦可,但执行效率较低
'|dim add
'| add=request.form("class_er")
'| add="|" & add
'| sql_04="select * from eric_manager where eric_manager='" & session("teacher") & "'"
'sql_05="insert into class (parentID,parentStr,ChildID,ClassName) values (
'| call opendb()
'| set rs1=server.createobject("adodb.recordset")
'| rs1.open sql_04,conn,3,3
'| if not rs1.eof then
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -