admin.aspx

蓝丽Net留言系统说明手册 1:蓝丽Net留言系统亮点提示 蓝丽Net留言系统虽然开发的时间较短

<%@import namespace='system.data'%>
<%@import namespace='system.data.oledb'%>
<%
if request.querystring("exit")<>"" then session("lshdic")="":response.Redirect ("index.aspx")   '管理员退出
%>
<%if session("lshdic")<>"" then session("lshdic")="yes"  '在次赋予 SESSION 20分钟生命%>
<script language=vb runat='server'>
dim pass=configurationSettings.AppSettings("password")    '这是管理员密码
sub renzheng(sender as object,e as eventargs)   '管理员认证处理
if trim(text1.text)="" then msg1.text="提示:必须输入认证密钥":exit sub
if lcase(text1.text)=lcase(pass) then
session("lshdic")="yes"
text1.visible=false:bon1.visible=false:msg1.text="提示:您好管理员，SESSION身份以输入（默认20分钟的零操作过期时间，当然您可以通过web.Config文件自主定义），在关闭所有浏览器窗口及20分钟无操作后的以前您可以自由管理蓝丽Net留言系统<p><a href='index.aspx'>进入开始管理蓝丽Net留言系统</a><p>或等待1秒时间计时后自动转入"
response.write ("<meta http-equiv='Refresh' content='1;url=index.aspx'>")
else
msg1.text="提示:密码错误！":text1.text=""
end if
end sub
sub reply(sender as object,e as eventargs)       '回复留言处理（由于已认证，可不必操心SQL注入及回复ID非法）
dim conn1=ConfigurationSettings.AppSettings("databaseconn") & server.mappath(ConfigurationSettings.AppSettings("databasepath"))   '得到web.config中数据库的完整路径

dim link1=new oledbconnection(conn1)
link1.open()
dim com1=new oledbcommand("update table1 set reply=true,gengxindates='" & date.now & "' where id=" & request.querystring("reply"),link1)
dim rs=com1.executereader()
rs.close()
com1=new oledbcommand("insert into table1(body,dates,ip,link) values ('" & replace(txt1.text,"'","&$39;") & "','" & date.now & "','" & request.userhostaddress & "'," & request.querystring("reply") & ")" ,link1)
com1.executereader():rs.close():link1.close():rs=nothing:com1=nothing:link1=nothing
lijihuifu.visible=false:txt1.visible=false:msgg1.text="回复成功！1秒后自动返回"
response.write ("<meta http-equiv='Refresh' content='1.1;url=index.aspx'>")
end sub
</script>
<HTML>
<HEAD>
<META http-equiv="Content-Type" content="text/html; Charset=gb2312"/>
<META name="GENERATOR" content="网络程序员伴侣(Lshdic)2004_星钻超爽版"/>
<TITLE>蓝丽Net留言系统管理模式</TITLE>
<style>
*{font-size:12px;font-family:宋体}
a{color:maroon;text-Decoration:none;}
a:hover{color:blue;text-Decoration:underline;}
</style>
</HEAD>
<BODY>
<TABLE rules="all" bordercolor='menu' width="500" height="300" cellspacing="0" cellpadding="5" style='border-Collapse:collapse;' align=center>
<tr>
<td bgcolor="#619CE7" style='color:white;' height=20>
<center><b>蓝丽Net留言系统管理模式</b></center>
</td>
</tr>
<tr><Td style='padding:0;padding-left:5;'>

<form method="post" runat='server'>
<%
if request.querystring("reply")<>"" then    '管理员回复文章处理
if session("lshdic")="" then response.write ("<script>alert('拒绝冒充管理员');opener=null;close()</script>"):response.end
%>
<center><asp:label forecolor="red" font-bold="true" runat='server' id='msgg1'>提示:请输入您的回复内容，长度建议10万字以下</asp:label><br>
<asp:textbox runat='server' textMode="1" columns="70" rows="15" style='border:1 solid gray' id='txt1'>首先谢谢您留言本站：

</asp:textbox><br>
<asp:button runat='server' text="OK了，立即回复" onclick="reply" id='lijihuifu'/>
</center>
<%
response.end
end if
%>

<%if session("lshdic")="" or (session("lshdic")<>"" and request.form("text1")=pass) then%>
<center>
<asp:textbox id='text1' runat='server' style='border:1 solid black;height:20' onkeydown='if(event.keyCode==13){bon1.click();return false}'/><asp:button id='bon1' onclick="renzheng" runat='server' text="认证" onmouseover='this.style.color="red"' onmouseout='this.style.color=""' style='cursor:hand'/><p>
<asp:label id='msg1' forecolor="red" font-bold="true" runat='server'>提示:请输入管理员密码</asp:label>
</center>
<%
response.end
end if%>

<center><b><font color='red'>您已经通过身份验证，无须访问本页</font></b></center>
</form>