getpwd.asp

一个小巧的论坛程序 本程序基本功能： 可开设任意数目的讨论区类别和版块 使用Cookies

<!--#include file="up.asp"--><!--#include file="md5.asp"-->
<br><%
t1="<table border='0' cellpadding='0' cellspacing='0' style='border-collapse: collapse' width='98%' align=center><tr><td background='pic/"&sp&"3.gif' height=30 bgcolor="&c2&"> <p style='margin:5px'><img border='0' src='pic/fl.gif'> <font color='#FFFFFF'><b>"
t2="</b></font></p></td></tr></table><table align=center border=1 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bordercolor="&c1&" width=98% >"
d1="<tr><td width=100% >"
d2="</td></tr></table>"
menu=request.querystring("menu")
select case menu
case""
%><form method=POST name=kbbs action=?menu=postname>
<%=t1%>重 设 密 码<%=t2&d1%>
<p style="margin: 10">请输入你的用户名： <input type="text" name="name" size="20"> <input type="submit" value=" 提   交 " name="B1"> <input type="reset" value=" 重   置 " name="B2"><%=d2%>
</form>
<%case"postname"
getpwd=true
name=check2(Request.Form("name"))
set rs=myconn.execute("select question from [user] where name='"&name&"'")
if rs.eof then
mes="·该用户不存在·"
getpwd=false
else
question=rs("question")
set sr=myconn.execute("select name from [admin] where name='"&name&"'")
if not sr.eof then
mes="该用户是管理员或版主，忘记密码请与管理员联系！"
getpwd=false
end if
set sr=nothing
end if
set rs=nothing
if getpwd=false then
%><%=t1%>错 误 信 息<%=t2&d1%><p style="margin: 10"><%=mes%><%=d2%>
<%else%>
<form method="POST" action="?menu=get"><%=t1%>回答问题<%=t2&d1%><input type="hidden" name="name" size="20" value="<%=name%>">
<p style="margin: 6">提示问题：<%=kbbs(question)%></p><p style="margin: 6">问题回答：<input type="text" name="answer" size="20"></p><p style="margin: 6">
<input type="submit" value=" 提   交 " name="B1"> <input type="reset" value=" 重   置 " name="B2"></p><%=d2%> <%=d2%></form>
<%end if%>
<%case"get"
name=check2(Request.Form("name"))
answer=check2(Request.Form("answer"))
answer=md5(answer)
set rs=myconn.execute("select name from [user] where name='"&name&"' and answer='"&answer&"'")
if rs.eof then
%><%=t1%>错 误 信 息<%=t2&d1%><p style="margin: 10">·你填写的信息错误·
<a href="javascript:history.go(-1)"> <img border="0" src="pic/re.gif"> 返 回</a></p><%=d2%>
<%else
%><form method="POST" action="?menu=change"><%=t1%>更 改 密 码<%=t2&d1%><p style="margin: 6">
<input type="hidden" name="name" size="20" value="<%=name%>"><input type="hidden" name="answer" size="20" value="<%=answer%>">新 密 码：
    <input type="password" name="newpwd" size="20">
  </p><p style="margin: 6">
重复密码：
    <input type="password" name="repwd" size="20">
  </p><p style="margin: 6">
<input type="submit" value=" 提   交 " name="B1"> <input type="reset" value=" 重   置 " name="B2"><%=d2%> <%=d2%></p><%=d2%></form><%end if
set rs=nothing%>
<%case"change"
name=check2(Request.Form("name"))
answer=check2(Request.Form("answer"))
newpwd=check2(Request.Form("newpwd"))
repwd=check2(Request.Form("repwd"))
function strLength(str)
       ON ERROR RESUME NEXT
       dim WINNT_CHINESE
       WINNT_CHINESE    = (len("论坛")=2)
       if WINNT_CHINESE then
          dim l,t,c
          dim i
          l=len(str)
          t=l
          for i=1 to l
             c=asc(mid(str,i,1))
             if c<0 then c=c+65536
             if c>255 then
                t=t+1
             end if
          next
          strLength=t
       else 
          strLength=len(str)
       end if
       if err.number<>0 then err.clear
end function
if isnull(newpwd) or newpwd="" or strlength(newpwd)>16 or Instr(newpwd,"=")>0 or Instr(newpwd,"%")>0 or Instr(newpwd,chr(32))>0 or Instr(newpwd,"?")>0 or Instr(newpwd,"&")>0 or Instr(newpwd,";")>0 or Instr(newpwd,",")>0 or Instr(newpwd,"'")>0 or Instr(newpwd,",")>0 or Instr(newpwd,chr(34))>0 or Instr(newpwd,chr(9))>0 or Instr(newpwd,"