save_member.asp

前台完全分离了HTML与ASP

<!--#include file="md5.asp"-->
<%
'***********************************************
'* Admin Member RECORD FUNCTION
'* 你可以对以下内容进行任何修改，但请保留版权，谢谢。
'* 零点设计在线  Power by marquee 2005年5s月
'***********************************************
Function replaceBadWord(word)
  Dim badword,badArray
   badword="$,%,^,&,(,),',"&chr(34)&",|,<,>,;,~"
   badArray=split(badword,",")
   for i=0 to ubound(badArray)
   word=replace(word,badArray(i),"")
   next
   replaceBadWord=word
End Function

Function del_member(del_id)
  dim get_did
  get_did=split(del_id,",")
  for i=0 to ubound(get_did)
   del_sql="delete * from ZD_Member where id="&get_did(i)                           '删除数据库记录
   Conn.Execute(del_sql)
   del_member = del_member & "成功删除记录号为:<font color=red>"&get_did(i)&"</font>的用户!"&"<br>"
  next
  call SaveLog(Session("member"),"成功删除ID为"&del_id&"用户",now(),"用户删除",getIP(),true)
End Function

Function saveMember()
 Set chkRs=Server.CreateObject("Adodb.Recordset")
 chkRs.open "select * from ZD_Member where MemberID = '"&Request.Form("memberID")&"'",conn,1,1
 IF chkRs.eof Then
  chkRs.close
  Set chkRs = nothing
  Set rs=Server.CreateObject("Adodb.Recordset")
  sql="select * from ZD_Member"
  rs.open sql,conn,1,3
  rs.addnew
  rs("memberID")=replaceBadWord(Request.Form("memberID"))
  rs("memberpass")=md5(replaceBadWord(Request.Form("memberPass")))
  rs("regtime")=date()
  rs("MemberType")=Request.Form("MemberType")
  IF Request.Form("isAdmin")="true" Then
   rs("ZAdmin")=true
  Else
   rs("ZAdmin")=false
  End IF
  IF Request.Form("isLimit")=true Then
   rs("isLimit")=true
  End IF
  IF Request.Form("leftdays")<>"" Then
   rs("leftdays")=date()+cint(Request.Form("leftdays"))
  End IF
  rs.update
  rs.close
  set rs=nothing
  saveMember = "成功添加用户：<span class=""importantText"">" & Request.Form("memberID") & "</span>"
  call SaveLog(Session("member"),"成功添加新的用户"&Request.Form("memberID"),now(),"添加新用户",getIP(),true)
 Else
  saveMember = "对不起该用户已经被注册，请重新填写一个用户名！"
 End IF
End Function

Function saveEditeMember()
  Set rs=Server.CreateObject("Adodb.Recordset")
  sql="select * from ZD_Member where id="&Request.Form("EditeID")
  rs.open sql,conn,1,3
  IF rs.eof Then
    Response.Redirect("err.asp?message=错误的用户编辑！")
	Response.End
  End IF
  rs("MemberType")=Request.Form("MemberType")
  IF Request.Form("memberPass")<>"" Then
   rs("memberpass")=md5(replaceBadWord(Request.Form("memberPass")))
  End IF
  IF Request.Form("isAdmin")="true" Then
   rs("ZAdmin")=true
  Else
   rs("ZAdmin")=false
  End IF
  IF Request.Form("isLimit")="true" Then
   rs("isLimit")=true
  Else
   rs("isLimit")=false
  End IF
  IF Request.Form("leftdays")<>"" Then
   rs("leftdays")=date()+cint(Request.Form("leftdays"))
  Else
   rs("leftdays")=date()
  End IF
  rs.update
  cmdMessage = "成功修改用户：<span class=""importantText"">" & rs("memberID") & "</span>"
  call SaveLog(Session("member"),"成功修改用户"&rs("memberID"),now(),"修改用户",getIP(),true)
  rs.close
  set rs=nothing
  saveEditeMember=cmdMessage
End Function
%>