📄 user_action.asp
字号:
<!--#include file="conn.asp" -->
<!--#INCLUDE file="log_lib.asp" -->
<%
if not instr(1,Request.ServerVariables("http_Referer"),Request.ServerVariables ("SERVER_NAME"),1)=8 then
message "DLOG错误:提交的数据来自网站外部"
response.end
end if
set rs = Server.CreateObject("ADODB.Recordset")
if request("adduser")="true" then
username=request.form("username")
Password=request.form("Password")
n_password=request.form("n_password")
Email=request.form("Email")
qq=request.form("qq")
HomePage=request.form("HomePage")
underwrite=request.form("underwrite")
'if Email="" then Email="--"
if HomePage="" then HomePage="http://"
if Underwrite="" then underwrite="这个观员很懒,什么都没有留下"
HomePage=replace(HomePage,"'","''")
qq=replace(qq,"'","''")
if not IsNumeric(qq) then
qq=0
end if
username=replace(username,"'","''")
underwrite=replace(underwrite,"'","''")
Password=replace(Password,"'","''")
n_Password=replace(n_Password,"'","''")
Password=md5(Password)
Email=replace(Email,"'","''")
reg_time=now()
isad=0
ul=username
ull=getstrlength(ul)
'f Email="" then Email="--"
'if HomePage="" then HomePage="http://"
'if Underwrite="" then underwrite="这个观员很懒,什么都没有留下"
if ull>16 or ull<1 then
MESSAGE("<li>对不起,用户名长度不能长于16个字节(八个汉字)</li>")
response.end
end if
for i=1 to ull
x=mid(username,i,1)
for cc=1 to 32
if x=chr(cc) or x="<" or x=">" or x="?" or x="," or x=chr(34) or x=";" or x="%" then
MESSAGE("用户名只能是数字字母和中文 ")
response.end
end if
next
next
sql = "SELECT * FROM user_mdb where username= '" & username & "'"
rs.open sql,conn,1,3
if not (rs.Bof or rs.eof) then
isun="true"
MESSAGE("该名称的用户已经存在")
response.end
end if
If not isun="true" Then
rs.addnew
rs("Username")=Username
rs("Password")=Password
rs("email")=email
rs("qq")=qq
rs("homePage")=homePage
rs("reg_time")=reg_time
rs("isad")=isad
rs("underwrite")=underwrite
rs.update
sql= "UPDATE log_count Set U_COUNT = U_COUNT + 1 where COUNT_ID = 1"
conn.Execute(sql)
end if
Session("username"&dlog_session) = Username
Session("password"&dlog_session) = Password
'Response.Cookies(dlog_cookies_name)("Username")=username
'Response.Cookies(dlog_cookies_name)("Password")=password
rs.close()
Redirect "index.asp","用户添加成功,现在返回首页"
end if
if request.form("del_user")="true" then
checkuser()
un=request.form("un")
if not (isad=-1 or username=un) then
MESSAGE "侵权!!!!!"
response.end
end if
SQL = "Delete from user_mdb where username = '" & un & "'"
conn.Execute(sql)
sql= "UPDATE log_count Set u_COUNT = u_COUNT - 1 where COUNT_ID = 1"
conn.Execute(sql)
url="userlist.asp"
Response.Redirect(url)
end if
if request("edituser")="true" and (not request.form("del_user")="true") then
un=request.form("un")
un=replace(un,"'","''")
n_password=request.form("n_password")
Email=request.form("Email")
qq=request.form("qq")
HomePage=request.form("HomePage")
underwrite=request.form("underwrite")
HomePage=replace(HomePage,"'","''")
if HomePage="" then HomePage="http://"
qq=replace(qq,"'","''")
if not IsNumeric(qq) then
qq=0
end if
underwrite=replace(underwrite,"'","''")
if Underwrite="" then underwrite="这个观员很懒,什么都没有留下"
n_Password=replace(n_Password,"'","''")
Password=md5(Password)
Email=replace(Email,"'","''")
checkuser()
if not (isad=-1 or username=un) then
MESSAGE "侵权!!!!!"
response.end
else
sql = "SELECT * FROM user_mdb where username='"&un&"'"
rs.open sql,conn,1,3
if not rs.eof then
if n_Password<>"" then
rs("Password")=md5(n_Password)
Session("password"&dlog_session) = Password
if Request.Cookies(dlog_cookies_name)("Username")=username then
Response.Cookies(dlog_cookies_name)("Password")=rs("password")
end if
end if
rs("Email")=Email
rs("qq")=qq
rs("HomePage")=HomePage
rs("Underwrite")=Underwrite
rs.update
rs.close
url="usermdb.asp?un="&un
redirect url,"资料修改成功"
else
MESSAGE "www.imting.com提示: 没有记录"
end if
end if
end if
conn.Close
set conn=nothing
function getstrlength(str)
wordl=0
strl=len(str)
for i=1 to strl
strm=mid(str,i,1)
if asc(strm)<0 then
wordl=wordl+2
else
wordl=wordl+1
end if
next
getstrlength=wordl
end function
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -