📄 user_ad_set.asp
字号:
<!--#include file="../conn.asp" -->
<!--#include file="admin_lib.asp" -->
<%
'==============================
if not instr(1,Request.ServerVariables("http_Referer"),Request.ServerVariables ("SERVER_NAME"),1)=8 then
message "DLOG错误:提交的数据来自网站外部"
response.end
end if
'checkadmin
Username=Session("username"&dlog_session)
Password=Session("password"&dlog_session)
if username="" or password="" then
Username=replace(request.Cookies(dlog_cookies_name)("Username"),"'","")
Password=replace(request.Cookies(dlog_cookies_name)("Password"),"'","")
end if
sql= "SELECT isad FROM User_MDB where username = '" & Username & "' and password='" & Password & "'"
set rs_inc=conn.Execute(sql)
if not (rs_inc.BOF or rs_inc.eof) then
ulogin="true"
Session("username"&dlog_session) = Username
Session("password"&dlog_session) = Password
Session("isad"&dlog_session)=rs_inc("isad")
isad=Session("isad"&dlog_session)
end if
rs_inc.Close()
set rs_inc=nothing
if isad<>-1 then
Redirect "index.asp","不是真正管理员哦"
end if
'==============================
%>
<%
dim ad_Un,ad_num
if request("ad_set")="true" then
ad_un=Trim(replace(request("ad_Un"),"'","''"))
ad_num=Cint(request("ad_num"))
if ad_un="" then
message "用户名未填写"
response.end
end if
if ad_un=username then
message "为防止日志本处于无主人状态,管理员不能自杀"
response.end
end if
sql="SELECT username from user_mdb WHERE username='"&ad_un&"'"
set ADset=conn.EXECUTE(sql)
if ADset.bof or ADset.eof then
message "所要设置的用户名不存在"
response.end
end if
sql="update user_mdb SET isad="&ad_num&" WHERE username='"&ad_un&"'"
conn.EXECUTE(sql)
redirect "user_ad_set.asp","用户登记设置操作成功"
end if
%>
<html>
<head>
<title>LOG MANAGE</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" type="text/css" href="../styles.css">
</head>
<body bgcolor="#FFFFFF" text="#000000" leftmargin="0" topmargin="0">
<table width="728" border="0" cellspacing="0" cellpadding="0" height="100%">
<tr>
<td align="center">
<%if not (isad=-1 and Ulogin="true") then
message "对不起,你没有操作权限"
response.end
end if%>
<br>
<br>
<table border="0" cellspacing="1" cellpadding="4" bgcolor="#f0f0f0" width="374">
<form name=form1 method="POST" action="user_ad_set.asp"> <tr>
<td height="21" width="373"><b>用户等级设置:</b></td>
</tr>
<tr>
<td bgcolor="#FFFFFF" width="373"> 用户ID:
<input type="text" name="ad_Un" class="bk">
设为:
<select name="ad_num">
<option value="-1">总管理员</option>
<option value="-2" selected>副管理员</option>
<option value="0">普通观员</option>
</select>
</td>
</tr>
<tr>
<td align="right" width="373">
<input type="hidden" name="ad_set" value="true">
<input type="submit" name="Submit" value=" 确 认 ">
</td>
</tr></form>
</table>
<br>
<%
sql="SELECT username,isad from User_mdb where isad<0"
set ADset=conn.Execute(sql)
%>
<table width="374" border="0" cellspacing="1" cellpadding="4" bgcolor="#f0f0f0">
<tr>
<td>已有管理级名单:</td>
</tr>
<tr>
<td bgcolor="#FFFFFF"><b>总管理员</b><br>
<%
sql="SELECT username,isad from User_mdb where isad=-1"
set ADset=conn.Execute(sql)
do while not ADset.eof
%>
<a href="../usermdb.asp?un=<%=adset("username")%>" target="_blank"><%=adset("username")%></a>
<%
ADset.MoveNext
Loop
%>
<br><b>副管理员</b><br>
<%
sql="SELECT username,isad from User_mdb where isad=-2"
set ADset=conn.Execute(sql)
do while not ADset.eof
%>
<a href="../usermdb.asp?un=<%=adset("username")%>" target="_blank"><%=adset("username")%></a>
<%
ADset.MoveNext
Loop
adset.close
set ADset=nothing
%></td>
</tr>
</table>
<p> </p>
</td>
</tr>
</table>
</body>
</html>
<%
conn.close
set conn=nothing
%>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -