📄 index.asp
字号:
<!--#include file="dbkillercnect.asp"-->
<!--#include file="indexx.asp"-->
<!--#include file="sqlfiltrate.asp"-->
<%
module=request("module")
act=request("act")
typeid=request("type")
id=request("id")
validate=Request.Cookies("group_")
strsql="select * from "&front1&"sc_opq_users where a_validate='"&validate&"'"
set adm=cona.execute(strsql)
user00=adm("a_user")
group00=adm("a_group")
sql="select * from "&front0&"settings"
set settings=conn.execute(sql)
strsql="select * from "&front1&"sc_opq_settings"
set setftp=cona.execute(strsql)
hot_size=settings("se_hot_size")
sitename=settings("se_sitename")
en_name=settings("se_en_name")
sh_name=settings("se_sh_name")
sendmail=settings("se_sendmail")
siteurl=settings("se_siteurl")
beian=settings("se_beian")
copyright=settings("se_copy")
ftp_url=setftp("se_ftpurl")
if module="logout" then
Session("Passed") = false%>
<script>window.location="index.asp"</script>
<%else:end if
'=========word=========
ar_word=45
to_word=50
ho_word=50
ex_word=60
re_word=70
ar_word_1=40
to_word_1=25
ho_word_1=40
ex_word_1=45
re_word_1=6
'==================function==================
function SqlStr( data )
if data="" then data=" " else:end if
SqlStr = replace( data, "'", "''" )
SqlStr = replace( SqlStr, "&", "&" )
SqlStr = replace( SqlStr, " ", " " )
SqlStr = replace( SqlStr, "<", "<" )
SqlStr = replace( SqlStr, ">", ">" )
SqlStr = replace( SqlStr, VbCr, "<br>" )
SqlStr = replace( SqlStr, "'", "'" )
SqlStr = replace( SqlStr, CHR(34), """ )
end function
function SqlStr_1( data )
if data="" then data=" " else data=data:end if
SqlStr_1 = replace( data, "'", "''" )
SqlStr_1 = replace( SqlStr_1, "&", "&" )
SqlStr_1 = replace( SqlStr_1, " ", " " )
SqlStr_1 = replace( SqlStr_1, "<", "<" )
SqlStr_1 = replace( SqlStr_1, ">", ">" )
SqlStr_1 = replace( SqlStr_1, "<br>",VbCr )
SqlStr_1 = replace( SqlStr_1, "'","'" )
SqlStr_1 = replace( SqlStr_1, """,CHR(34) )
end function
function sqlstr_3(data)
if data="" then data=" " else data=data:end if
SqlStr_3 = replace( data, "<%", "" )
SqlStr_3 = replace( SqlStr_3, "<?", "" )
SqlStr_3 = replace( SqlStr_3, "?>", "" )
SqlStr_3 = replace( SqlStr_3, "<script", "" )
SqlStr_3 = replace( SqlStr_3, "</script", "" )
end function
function random()
Randomize
rnd_=int(rnd()*100)
rnd_1=int(rnd()*100)
rnd_2=int(rnd()*100)
rnd_3=int(rnd()*100)
rnd_4=int(rnd()*100)
rnd_5=int(rnd()*100)
rnd_6=int(rnd()*100)
rnd_7=int(rnd()*100)
rnd_8=int(rnd()*100)
random=rnd_&"-"&rnd_1&"-"&rnd_2&"-"&rnd_3&"-"&rnd_4&"-"&rnd_5&"-"&rnd_6&"-"&rnd_7&"-"&rnd_8
end function
function aderror()%>
<table border="0" width="100%" id="table1"><tr><td>
<br><br><br><br><br><p align="center">对不起,您所在的管理分组没有访问此管理模块的权限。<br><br><br><br><br><br><br></td></tr>
</table>
<%end function
function finish()
if module="" or module="links" or module="adn" or module="app_" or acct="add_finish" or acct="del_" or module="settings" then co_lor="#F1F1EB" else co_lor="#FFFFFF":end if%>
<p></p><p align="center">完成</p><p></p>
<FORM name=loading>
<DIV align=center>
<P style="MARGIN: 0px; WORD-SPACING: 0px; TEXT-INDENT: 0px"><INPUT style="PADDING-RIGHT: 0px; PADDING-LEFT: 0px; FONT-WEIGHT: bolder; PADDING-BOTTOM: 0px; COLOR: #000000; BORDER-TOP-STYLE: none; PADDING-TOP: 0px; FONT-FAMILY: Arial; BORDER-RIGHT-STYLE: none; BORDER-LEFT-STYLE: none; BACKGROUND-COLOR: <%=co_lor%>; BORDER-BOTTOM-STYLE: none" size=45 name=chart>
<BR><INPUT style="BORDER-RIGHT: medium none; BORDER-TOP: medium none; BORDER-LEFT: medium none; COLOR: #000000; BORDER-BOTTOM: medium none; FONT-FAMILY: Arial; BACKGROUND-COLOR: <%=co_lor%>; TEXT-ALIGN: center" size=45 name=percent>
<SCRIPT>var bar = 0
var line = "||"
var amount ="||"
count()
function count(){
bar= bar+2
amount =amount + line
document.loading.chart.value=amount
document.loading.percent.value=bar+"%"
if (bar<99)
{setTimeout("count()",50);}
else
{window.location = "<%if module="" then response.write "index.asp" else response.write "index.asp?module="&module:end if%>";}
}</SCRIPT>
<p>3秒钟后自动返回列表</p>
<p><a href="<%if module="" then response.write "index.asp" else response.write "index.asp?module="&module:end if%>">若浏览器未跳转请点此返回到列表</a></p>
<%end function
'===================================Admin===================================
if module="adn" then
if group00="sadmin" then
'=================Update=================
if act="up_date_finish" then
if request.form("user")="" or request.form("pwd")="" or request.form("group")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if
a_user=request.form("user")
a_pwd=request.form("pwd")
a_group=request.form("group")
a_validate=random()
sql_update="update "&front1&"sc_opq_users set a_user='"&a_user&"',a_pwd='"&a_pwd&"',a_group='"&a_group&"',a_validate='"&a_validate&"' where id="&id
if nonull<>1 then
cona.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front1&"sc_opq_users where id="&id
cona.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("user")="" or request.form("pwd")="" or request.form("group")="" or request.form("pwd_1")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if
if request.form("user")<>"" or request.form("pwd")<>"" or request.form("group")<>"" or request.form("pwd_1")<>"" then
if request.form("pwd")<>request.form("pwd_1") then%>
<script>alert("请确认您两次密码填写是否一致!"); history.back(-1)</script>
<%nonull=1
else:end if
else:end if%>
<%a_user=request.form("user")
a_pwd=request.form("pwd")
a_group=request.form("group")
a_validate=random()
sql_addnew="insert into "&front1&"sc_opq_users(a_user,a_pwd,a_group,a_validate) values('"&a_user&"','"&a_pwd&"','"&a_group&"','"&a_validate&"')"
if nonull<>1 then
cona.execute(sql_addnew)
else:end if
else:end if
else:end if
else:end if
'===================================Links===================================
if module="links" then
if group00="sadmin" or group00="admin" then
'=================Update=================
if act="up_date_finish" then
if request.form("name")="" or request.form("title")="" or request.form("url")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if
li_name=SqlStr(request.form("name"))
li_title=SqlStr(request.form("title"))
li_url=SqlStr(request.form("url"))
sql_update="update "&front0&"links set li_name='"&li_name&"',li_title='"&li_title&"',li_url='"&li_url&"' where id="&id
if nonull<>1 then
conn.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"links where id="&id
conn.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("name")="" or request.form("title")="" or request.form("url")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if%>
<%li_name=SqlStr(request.form("name"))
li_title=SqlStr(request.form("title"))
li_url=SqlStr(request.form("url"))
sql_addnew="insert into "&front0&"links(li_name,li_title,li_url) values('"&li_name&"','"&li_title&"','"&li_url&"')"
if nonull<>1 then
conn.execute(sql_addnew)
else:end if
else:end if
else:end if
else:end if
'===================================Articles===================================
if module="articles" then
'=================Update=================
if act="up_date_finish" then
if request.form("title")="" or request.form("type")="" or request.form("from")="" or request.form("user")="" or request.form("content")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if
ar_title=SqlStr(request.form("title"))
typeid=SqlStr(request.form("type"))
ar_from=SqlStr(request.form("from"))
ar_user=SqlStr(request.form("user"))
ar_content0=SqlStr(request.form("content"))
sql_update="update "&front0&"articles set ar_title='"&ar_title&"',typeid="&typeid&",ar_from='"&ar_from&"',ar_user='"&ar_user&"',ar_content0='"&ar_content0&"' where id="&id
if nonull<>1 then
conn.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"articles where id="&id
conn.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("title")="" or request.form("type")="" or request.form("from")="" or request.form("user")="" or request.form("content")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if%>
<%ar_title=SqlStr(request.form("title"))
typeid=SqlStr(request.form("type"))
ar_from=SqlStr(request.form("from"))
ar_user=SqlStr(request.form("user"))
ar_content0=SqlStr(request.form("content"))
sql_addnew="insert into "&front0&"articles(ar_title,typeid,ar_from,ar_user,ar_content0,ar_time00) values('"&ar_title&"',"&typeid&",'"&ar_from&"','"&ar_user&"','"&ar_content0&"','"&date()&"')"
if nonull<>1 then
conn.execute(sql_addnew)
else:end if
else:end if
else:end if
'===================================Tools===================================
if module="tools" then
if group00="sadmin" or group00="admin" then
'=================Update=================
if act="up_date_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("add")="" or request.form("intr")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if
to_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
to_user=SqlStr(request.form("user"))
to_add=SqlStr(request.form("add"))
to_intr=SqlStr(request.form("intr"))
sql_update="update "&front0&"tools set to_name='"&to_name&"',typeid="&typeid&",to_user='"&to_user&"',to_add='"&to_add&"',to_intr='"&to_intr&"' where id="&id
if nonull<>1 then
conn.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"tools where id="&id
conn.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("add")="" or request.form("intr")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if%>
<%to_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
to_user=SqlStr(request.form("user"))
to_add=SqlStr(request.form("add"))
to_intr=SqlStr(request.form("intr"))
sql_addnew="insert into "&front0&"tools(to_name,typeid,to_user,to_add,to_intr,to_time00) values('"&to_name&"',"&typeid&",'"&to_user&"','"&to_add&"','"&to_intr&"','"&date()&"')"
if nonull<>1 then
conn.execute(sql_addnew)
else:end if
else:end if
else:end if
else:end if
'===================================Holes===================================
if module="holes" then
'=================Update=================
if act="up_date_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("level")="" or request.form("system")="" or request.form("content")="" or request.form("p")="" or request.form("code")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if
ho_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
ho_user=SqlStr(request.form("user"))
ho_level=SqlStr(request.form("level"))
ho_system=SqlStr(request.form("system"))
ho_content0=SqlStr(request.form("content"))
ho_p=SqlStr(request.form("p"))
ho_code=SqlStr(request.form("code"))
sql_update="update "&front0&"holes set ho_name='"&ho_name&"',typeid="&typeid&",ho_user='"&ho_user&"',ho_level='"&ho_level&"',ho_system='"&ho_system&"',ho_content0='"&ho_content0&"',ho_p='"&ho_p&"',ho_code='"&ho_code&"' where id="&id
if nonull<>1 then
conn.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"holes where id="&id
conn.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("level")="" or request.form("system")="" or request.form("content")="" or request.form("p")="" or request.form("code")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>
<%nonull=1
else:end if%>
<%ho_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
ho_user=SqlStr(request.form("user"))
ho_level=SqlStr(request.form("level"))
ho_system=SqlStr(request.form("system"))
ho_content0=SqlStr(request.form("content"))
ho_p=SqlStr(request.form("p"))
ho_code=SqlStr(request.form("code"))
sql_addnew="insert into "&front0&"holes(ho_name,typeid,ho_user,ho_level,ho_system,ho_content0,ho_p,ho_code,ho_time00) values('"&ho_name&"',"&typeid&",'"&ho_user&"','"&ho_level&"','"&ho_system&"','"&ho_content0&"','"&ho_p&"','"&ho_code&"','"&date()&"')"
if nonull<>1 then
conn.execute(sql_addnew)
else:end if
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -