admin_add.asp

一个做得非常精美的进存销系统,可惜某些功能上做了限制．

<!--#include file="Conn.asp"-->
<!--#include file="Check.asp"-->
<!--#include file ="Inc/MD5.asp"-->
<html>
<head>
<title>管理中心</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<LINK href="Image/style.css" type=text/css rel=stylesheet>
<script language="JavaScript" src="Image/js.js"></SCRIPT>
</head>
<%
Dim isadmin
isadmin = Manage_Level(adl)
If Request.QueryString("action")="add" Then
    If isadmin="管理员" Then 
       Call UserSave
    Else
       Response.write "<script language='javascript'>alert('对不起,你没有权限进行此项操作!');" & chr(13)
       Response.write "window.document.location.href='Admin_Add.asp';</script>"
    End if
Else
%>
<script language="JavaScript">
<!--
function chk(theForm){
if (theForm.name.value == ""){
                alert("请输入姓名!");
                theForm.name.focus();
                return (false);
        } 
if (theForm.pwd.value == ""){
                alert("密码不能为空!");
                theForm.pwd.focus();
                return (false);
        } 
}
//-->
</script>
<body text="#000000">
<table cellpadding="2" cellspacing="1" border="0" width="95%" class="tableBorder" align=center>
  <form action="?action=add" method=post id=form1 name=form1 onSubmit="return chk(this)">
    <tr bgcolor=ffffff align="center"> 
      <th colspan=2 height=25>管理员管理－－添加管理员 </th>
    </tr>
    <tr bgcolor=ffffff> 
      <td width="26%" align="right" class=forumrow>名称：</td>
      <td width="74%" class=forumrow><input name="name" type=text maxlength="16"></td>
    </tr>
    <tr  bgcolor=ffffff> 
      <td width="26%" align="right" class=forumrow>密码：</td>
      <td width="74%" class=forumrow><input name="pwd" type="password" maxlength="16"></td>
    </tr>
    <tr align="center"  bgcolor=ffffff> 
      <td colspan="2" class=forumrow><input type="submit" name="Submit" value="添 加"></td>
    </tr>
  </form>
</table>
<%End if%>
</html>

<%
Sub UserSave
Dim ad,pwd,rs,useradd,Sql
ad = Trim(Request.Form("name"))
Set rs = Conn.Execute("Select User_Name From [HQ_User] Where User_Name='"&ad&"'")
If Not (Rs.Eof and Rs.Bof) Then
Response.write "<script language='javascript'>alert('此管理员已经存在!');" & chr(13)
Response.write "window.document.location.href='javascript:history.go(-1)';</script>"
Else
pwd = MD5(Request.Form("pwd"))
Set useradd = Server.CreateObject("ADODB.RecordSet")
Sql = "Select * From [HQ_User] Where (ID is null)"
useradd.Open Sql,Conn,1,3
useradd.addNew
useradd("User_Name") = ad
useradd("PassWord") = pwd
useradd("Levels") = "1|1|1|1"
useradd("LoginTime") = now()
useradd("IP") = Request.ServerVariables("REMOTE_HOST")
useradd.update
useradd.Close
Set useradd=Nothing
Conn.Close
Set Conn=Nothing

Response.Write "<script language=javascript>alert('新管理员添加成功!');"
Response.Write "window.document.location.href='Admin_List.asp';</script>"
End If
Set rs = Nothing
End Sub
%>