add_member.asp

大家好

<%@ Language=VBScript %>
<%
	function fixQuotes(theString)
			fixQuotes=Replace(theString,"'","''")
	end function
	DIM username,password
	On Error Goto 0
	username=Session("username")
	Set con=Server.CreateObject("ADODB.Connection")
	con.Open Application("DBCon_ConnectionString")
	strSql="SELECT * FROM yonghu WHERE yonghu='"+username+"'"
	Set rs=con.Execute(strSql) 
	if not rs.EOF then'有
		Response.write "此用户已存在!请另择大名进行注册！"&"<br>"
		response.write "<a href='"&"member_reg.asp"&"'>"&"按此返回注册页面！"&"</a>"
		set rs=nothing
		con.close
		response.end
	end if
	strSql="INSERT yonghu VALUES('"+username+"','"+Request.Form("password")
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("danwei")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("guojia")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("chengshi")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("dizhi")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("youbian")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("lianxiren")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("dianhua")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("e_mail")))
	strSql=strSql+"','"+fixQuotes(TRIM(Request.Form("zhuye")))
	strSql=strSql+"',getdate()"
	strSql=strSql+",1)"
	insertnum=0
'	response.write strsql
	Set rs=con.Execute(strSql,insertnum)
	if insertnum=1 then
		'成功
		'修改有效值
		response.redirect "../syspages/sys_regsuc.htm"
	else
		response.redirect "../syspages/error.htm"
	end if
%>