📄 admin_check.asp
字号:
check_small_len(old_pwd,"[旧密码]",8) or _
check_len(chg_pwd,"[新密码]",20,0) or _
check_small_len(chg_pwd,"[新密码]",8) or _
check_len(chg_pwdq,"[密码确认]",20,0) or _
check_small_len(chg_pwdq,"[密码确认]",8) then
finderror=true
call Iserror()
response.end
end if
if old_pwd="" or chg_pwd="" or chg_pwdq="" then
call error("不能为空!")
call Iserror()
response.end
end if
if request.form("chg_pwdq")<>request.form("chg_pwd") then
call error("两次输入新密码不一致!")
call Iserror()
response.end
else
call opendb()
sql_08="select eric_manager,eric_password from eric_manager where eric_manager='" & session("teacher") & "' and eric_password='" & old_pwd & "'"
'set rs=conn.execute(sql_08)
set rs=server.createobject("adodb.recordset")
rs.open sql_08,conn,3,3
if not rs.eof then
rs("eric_password")=chg_pwd
rs.update
call closers()
call closedb()
response.redirect "../show_success.asp?info=修改密码成功!--><a href='control/admin_explain.asp'>返回管理首页</a>"
else
call closers()
call closedb()
call error("密码错误!--><a href='javascript:history.go(-1)'>返回</a>")
call Iserror()
response.end
end if
end if
case "delete_class"
class_e=trim(request.querystring("class"))
id=request.querystring("id")
'字符过滤
if isnumeric(id)=false or class_e="" then
call error("非法参数!")
call Iserror()
response.end
end if
call opendb()
set rs=conn.execute("select * from eric_manager where id=" & id)'从eric_manager表中取记录集
if rs.eof or isnull(rs("class_e")) or rs("class_e")="" then
call error("非法操作!该教师没有班级,或出现未知错误,请与系统管理员联系!")
call Iserror()
response.end
else
if instr(rs("class_e"),"|")=0 and class_e=rs("class_e") then
'向表eric_manager进行更新操作
conn.execute("update eric_manager set class_e='' where id=" & id)
elseif instr(rs("class_e"),"|")>0 then
array_class_e=split(rs("class_e"),"|")
call closers()
array_class_e_2=filter(array_class_e,class_e,false)' 使不含class_e的,生成新的数组,
new_class_e=trim(join(array_class_e_2,"|"))'合并数组
conn.execute("update eric_manager set class_e='" & new_class_e & "' where id=" & id)
end if
'对class表进行更新
set rs=conn.execute("select * from class where classname='" & session("teacher_name") & "'")
if rs.eof then
call error("出现未知错误1111")
call Iserror()
response.end
else
teacher_id=rs("id")'取得教师的id
child_id=trim(rs("childid"))'teacher的childid
if isnull(child_id) or child_id="" then
call error("出现未知错误2222")
call Iserror()
response.end
else
set rs1=conn.execute("select * from class where parentid='" & teacher_id & "' and classname='" & class_e & "'")'取得该教师的班级
class_id=trim(rs1("id"))'班级的id
child_id_2=rs("childid")'班级的childid
rs1.close
set rs1=nothing
if not (isnull(child_id_2) or child_id_2) then
if instr(child_id_2,",")=0 then
conn.execute("delete * from class where parentid='" & child_id_2 & "'")'删除单次作业
elseif instr(child_id_2,",")>0 then
array_child_id_2=split(child_id_2,",")
for z=0 to ubound(array_child_id_2)
conn.execute("delete * from class where parentid='" & trim(array_child_id_2(i)) & "'")'删除多次作业
next
else
call error("出现未知错误33333")
call Iserror()
response.end
end if
end if
conn.execute("delete * from class where id=" & class_id)'删除该班级
if instr(child_id,",")=0 then
conn.execute("update class set childid='' where id=" & teacher_id)'如果教师只有一个班级的情况
elseif instr(child_id,",")>0 then'教师多个班级的情况
array_child_id=split(child_id,",")
array_child_id_1=filter(array_child_id,trim(class_id),false)
new_childid=join(array_child_id_1,",")
conn.execute("update class set childid='" & new_childid & "' where id=" & teacher_id)
else
call error("出现未知错误44444")
call Iserror()
response.end
end if
'对homework表进行操作
conn.execute("delete * from homework where object_class='" & class_e & "'")
'对upload_info表进行操作
conn.execute("delete * from upload_info where class_e='" & class_e & "'")
'对eric_member进行操作
conn.execute("delete * from eric_member where class_e='" & class_e & "' and teacher='" & session("teacher_name") & "'")
'对相关班级的文件夹进行删除操作同时包括该班级下同学提交的所有作业
'生成文件夹路径
folder_path=server.mappath("..\upload\" & session("teacher_name") & "\" & class_e)
Set fs=CreateObject("Scripting.FileSystemObject")
fs.DeleteFolder(folder_path)
response.redirect "../show_success.asp?info=删除班级操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
end if
end if
end if
case "lock_ip"
if check_len(request.form("a"),"[a类]",3,1) or _
check_len(request.form("b"),"[b类]",3,1) or _
check_len(request.form("c"),"[c类]",3,1) or _
check_len(request.form("d"),"[d类]",3,1) or _
check_num(request.form("a"),"[a类]") or _
check_num(request.form("b"),"[b类]") or _
check_num(request.form("c"),"[c类]") or _
check_num(request.form("d"),"[d类]") then
finderror=true
call Iserror()
response.end
else
dim array_ip()
redim array_ip(3)
array_ip(0)=request.form("a")
array_ip(1)=request.form("b")
array_ip(2)=request.form("c")
array_ip(3)=request.form("d")
ip=join(array_ip,".")
call opendb()
conn.execute("insert into lockip (ip) values ('" & ip & "')")
call closedb()
response.redirect "../show_success.asp?info=封锁IP操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
response.end
end if
case "lock_c"
if check_len(request.form("a"),"[a类]",3,1) or _
check_len(request.form("b"),"[b类]",3,1) or _
check_len(request.form("c"),"[c类]",3,1) or _
check_num(request.form("a"),"[a类]") or _
check_num(request.form("b"),"[b类]") or _
check_num(request.form("c"),"[c类]") then
finderror=true
call Iserror()
response.end
else
redim array_ip(2)
array_ip(0)=request.form("a")
array_ip(1)=request.form("b")
array_ip(2)=request.form("c")
ip=join(array_ip,".")
call opendb()
conn.execute("insert into lockip (ip) values ('" & ip & "')")
call closedb()
response.redirect "../show_success.asp?info=封锁IP操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
response.end
end if
case "admin_modify_info"
'检测email的正确性
email=request.form("email")
if check_len(email,"[email]",80,1) then
finderror=true
call Iserror()
response.end
end if
if not IsValidEmail(email) then
call error("[email]出错!")
call Iserror()
response.end
end if
call opendb()
conn.execute("update eric_manager set email='" & email & "' where eric_manager='" & session("teacher") & "'")
call closedb()
response.redirect "../show_success.asp?info=修改资料操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "file_ext"
file_ext=request.form("file_ext")
'过滤字符
'检测扩展名
if instr(file_ext,",")=o and len(file_ext)=3 then
call opendb()
conn.execute("update eric_config set upload_extend='" & file_ext & "'")
call closedb()
elseif instr(file_ext,",")>0 then
array_file_ext=split(file_ext,",")
for i=0 to ubound(array_file_ext)
if len(array_file_ext(i))<>3 then
call error("非法文件类型!")
call Iserror()
response.end
else
end if
next
call opendb()
conn.execute("update eric_config set upload_extend='" & file_ext & "'")
call closedb()
else
call error("非法文件类型!")
call Iserror()
response.end
end if
response.redirect "../show_success.asp?info=设定上传文件类型参数成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
response.end
case "edit_homework"
if session("purview")>2 then
response.clear
call error("对不起该功能目前只对普通开放,系统管理员如有需要,请另建一教师账号,使用该功能!")
call Iserror()
response.end
end if
content=request.form("content")
id=trim(request.querystring("id"))
'过滤字符
if content="" then
call error("内容不能为空!")
call Iserror()
response.end
end if
'获得选中的是否允许上传的状态
is_upload_e=request.form("is_upload")
if is_upload_e="1" then
is_upload_e=true
elseif is_upload_e="-1" then
is_upload_e=false
end if
call opendb()
conn.execute("update homework set Is_upload=" & is_upload_e & ",content='" & content & "' where id=" & id)
call closedb()
response.redirect "../show_success.asp?info=修改作业操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
response.end
case "delete_lockip"
id=trim(request.querystring("id"))
'过滤字符
call opendb()
conn.execute("delete * from lockip where id=" & cint(id))
call closedb()
response.redirect "../show_success.asp?info=删除封锁的IP操作成功!--><a href='control/admin_main.asp' target='_parent'>返回管理首页</a>"
case "logout"
session.abandon
response.redirect "../show_success.asp?info=安全退出成功!"
response.end
case else
call error("出现未知错误,请与<a href='mailto:mlzboy@yahoo.com.cn'>我们联系</a>!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end select
%>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -