index.asp

安全中心整站系统是一个网络安全类整站系统。由七个模块组成

else:end if
else:end if

'===================================Exploits===================================
if module="exploits" then
'=================Update=================
if act="up_date_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("p")="" or request.form("add")="" or request.form("content")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>	 
<%nonull=1
else:end if 

ex_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
ex_user=SqlStr(request.form("user"))
ex_p=SqlStr(request.form("p"))
ex_add=SqlStr(request.form("add"))
ex_content0=SqlStr(request.form("content"))

sql_update="update "&front0&"exploits set ex_name='"&ex_name&"',typeid="&typeid&",ex_user='"&ex_user&"',ex_p='"&ex_p&"',ex_add='"&ex_add&"',ex_content0='"&ex_content0&"' where id="&id
if nonull<>1 then
conn.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"exploits where id="&id
conn.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("p")="" or request.form("add")="" or request.form("content")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>	 
<%nonull=1
else:end if%>
<%ex_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
ex_user=SqlStr(request.form("user"))
ex_p=SqlStr(request.form("p"))
ex_add=SqlStr(request.form("add"))
ex_content0=SqlStr(request.form("content"))

sql_addnew="insert into "&front0&"exploits(ex_name,typeid,ex_user,ex_p,ex_add,ex_content0,ex_time00) values('"&ex_name&"',"&typeid&",'"&ex_user&"','"&ex_p&"','"&ex_add&"','"&ex_content0&"','"&date()&"')"
if nonull<>1 then
conn.execute(sql_addnew)
else:end if
else:end if
else:end if

'===================================Releases===================================
if module="releases" then
if group00="sadmin" or group00="admin" then
'=================Update=================
if act="up_date_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("add")="" or request.form("content")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>	 
<%nonull=1
else:end if 

re_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
re_user=SqlStr(request.form("user"))
re_add=SqlStr(request.form("add"))
re_content0=SqlStr(request.form("content"))

sql_update="update "&front0&"releases set re_name='"&re_name&"',typeid="&typeid&",re_user='"&re_user&"',re_add='"&re_add&"',re_content0='"&re_content0&"' where id="&id
if nonull<>1 then
conn.execute(sql_update)
else:end if
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"releases where id="&id
conn.execute(sql_del)
else:end if
'=================Addnew=================
if act="addnew_finish" then
if request.form("name")="" or request.form("type")="" or request.form("user")="" or request.form("add")="" or request.form("content")="" then%>
<script>alert("请将每一项填写完整"); history.back(-1)</script>	 
<%nonull=1
else:end if%>
<%re_name=SqlStr(request.form("name"))
typeid=SqlStr(request.form("type"))
re_user=SqlStr(request.form("user"))
re_add=SqlStr(request.form("add"))
re_content0=SqlStr(request.form("content"))

sql_addnew="insert into "&front0&"releases(re_name,typeid,re_user,re_add,re_content0,re_time00) values('"&re_name&"',"&typeid&",'"&re_user&"','"&re_add&"','"&re_content0&"','"&date()&"')"
if nonull<>1 then
conn.execute(sql_addnew)
else:end if
else:end if
else:end if
else:end if

'===================================Check===================================
if module="articletmp" then
'=================check=================
if act="check" then
sql_check="select * from "&front0&"articles where id="&id
set rs_check=connn.execute(sql_check)

ar_title=SqlStr(SqlStr_1(rs_check("ar_title")))
typeid=SqlStr(SqlStr_1(rs_check("typeid")))
ar_from=SqlStr(SqlStr_1(rs_check("ar_from")))
ar_user=SqlStr(SqlStr_1(rs_check("ar_user")))
ar_content0=SqlStr(SqlStr_1(rs_check("ar_content0")))
ar_time00=SqlStr(SqlStr_1(rs_check("ar_time00")))

sql_addnew="insert into "&front0&"articles(ar_title,typeid,ar_from,ar_user,ar_content0,ar_time00) values('"&ar_title&"',"&typeid&",'"&ar_from&"','"&ar_user&"','"&ar_content0&"','"&ar_time00&"')"
conn.execute(sql_addnew)
else:end if
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"articles where id="&id
connn.execute(sql_del)
else:end if
else:end if


if module="" or module="links" then
title0="——"&en_name
class0="checked"
else:end if

if module="articles" then 
title0="->安全文档"
class1="checked"
else:end if

if module="tools" then 
title0="->安全工具"
class2="checked"
else:end if

if module="holes" then 
title0="->安全漏洞"
class3="checked'"
else:end if

if module="exploits" then 
title0="->漏洞利用"
class4="checked" 
else:end if

if module="releases" then 
title0="->"&sh_name&"作品"
class5="checked" 
else:end if

if module="studio" then 
title0="->"&sh_name&"工作室"
class6="checked" 
else:end if

if module="articletmp" then 
title0="->安全文档审核"
class7="checked" 
else:end if

if module="about" then 
title0="->关于我们"
class8="checked" 
else:end if

if module="adn" then 
title0="->管理员管理"
class9="checked" 
else:end if
%>
<html>
<title><%=sitename%><%=title0%></title>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="keywords" content="<%=sitename%>">
<meta http-equiv="MSThemeCompatible" content="Yes">
<link rel="shortcut icon" href="/favicon.ico">
<link href="images/scc.css" type=text/css rel=stylesheet>
</head>
<body>

<table width='100%' height='80' border='0' cellpadding='1' cellspacing='1' bgcolor='#004E98'>
  <tr>
  <td bgcolor='#004E98' nowrap></td>
  <td bgcolor='#004E98' width='100%' align='center'>
	<img src='images/scccn.gif' width="212" height="40"> </td>
  </tr>
</table>

<div class='pixs2'></div>
<div align='center' class='heads'>
<a href='index.asp' title='返回主页' class='<%=class0%>'>主页</a>
<a href='index.asp?module=articles' title='安全文档' class='<%=class1%>'>安全文档</a>		 
<%if group00="sadmin" or group00="admin" then%>
<a href='index.asp?module=tools' title='安全工具' class='<%=class2%>'>安全工具</a>		  
<%else:end if%>
<a href='index.asp?module=holes' title='安全漏洞' class='<%=class3%>'>安全漏洞</a>
<a href='index.asp?module=exploits' title='漏洞利用' class='<%=class4%>'>漏洞利用</a>
<%if group00="sadmin" or group00="admin" then%>
<a href='index.asp?module=releases' title='<%=sh_name%>作品' class='<%=class5%>'><%=sh_name%>作品</a>
<%if group00="sadmin" then%>
<a href='index.asp?module=studio' title='工作室' class='<%=class6%>'>工作室</a>
<%else:end if%>
<%else:end if%>
<a href='index.asp?module=articletmp' title='安全文档审核' class='<%=class7%>'>安全文档审核</a>
<%if group00="sadmin" then%>
<a href='index.asp?module=about' title='关于我们' class='<%=class8%>'>关于我们</a>
<a href='index.asp?module=adn' title='管理员管理' class='<%=class9%>'>管理员管理</a>
<%else:end if%>
</div>
<div class="bar"></div>

<%'========================================Admin========================================


strsql="select * from "&front1&"sc_opq_users"
set adn=cona.execute(strsql)


if module="adn" then
if group00="sadmin" then
strsql="select * from "&front1&"sc_opq_users"
set adn=cona.execute(strsql)
if act="up_date_" or act="up_date_finish" then
strsql="select * from "&front1&"sc_opq_users where id="&id
set adnup=cona.execute(strsql)
else:end if
%>
<DIV class=2emboxs>
<DIV class=2emborder>
<P></P></DIV>
<DIV class=content>
<TABLE cellSpacing=0>
  <TBODY>
  <TR>
    <TD align=left width="100%"><IMG height=15 src="images/welcome.gif" 
      width=16 border=0>&nbsp; 欢迎 <%=user00%> 来到<%=sh_name%>管理页面！&nbsp; 您在 <%=group00%> 组中。 
</TD>
<TD noWrap><IMG height=15 src="images/enter.gif" width=16 
      border=0>&nbsp;<a href="index.asp?module=logout">注销管理员</a> 
    </TD>
</TR></TBODY></TABLE></DIV></DIV><br>
    <TD class=right>
      <DIV class=boxs>
      <DIV class=border>
      <P>管理员管理</P></DIV>
      <DIV class=content>

      <FIELDSET class=main><LEGEND align="center"><STRONG>
	  <a href="index.asp?module=adn&act=addnew"><font color="#004E98">===============新增管理员===============</font></a></STRONG></LEGEND>
	  <table border="0" width="100%" id="table1">
		<tr>
			<td>
<p></p>
<%if act="" then
do while not adn.eof%>

<tr>
<td width=20%></td>
<td>管理员名称：<%=adn("a_user")%></td><td>所属分组：<%=adn("a_group")%></td>
<!--<td>URL：<%'=rs_li("li_url")%></td>-->
<td><a href="index.asp?module=adn&act=up_date_&id=<%=adn("id")%>"><font color="#004E98">修改</font></a></td>
<td><a href="index.asp?module=adn&act=del_&id=<%=adn("id")%>"><font color=red>删除</font></a></td>
<td width=20%></td>
</tr>
<%adn.movenext
loop
else:end if%>
<%if act="addnew" then%>
		</table>
<center>
<form method="POST" action="index.asp?module=adn&act=addnew_finish">
<table border="0" width="100%">
<tr>
<td width="45%" align="right">管理员名称：</td>
<td align="left"><input type="text" name="user" size="20"></td>
</tr>
<tr>
<td width="45%" align="right">密&nbsp; &nbsp; &nbsp; &nbsp; 码：</td>
<td align="left"><input type="password" name="pwd" size="20"></td>
</tr>
<tr>
<td width="45%" align="right">确认密码：</td>
<td align="left"><input type="password" name="pwd_1" size="20"></td>
</tr>
<tr>
<td width="45%" align="right">所属分组：</td>
<td align="left"><select size="1" name="group">
<option value="sadmin">SAdmin</option>
<option value="admin">Admin</option>
<option value="articler">Articler</option>
</select></td>
</tr>
</table>
<p><input type="submit" value="提交" name="B1"><input type="reset" value="重置" name="B2"></p>
</form></center>
<%else:end if%>
<%if act="up_date_" then
a_user=adnup("a_user")
a_pwd=adnup("a_pwd")
a_group=adnup("a_group")%>
<center><form method="POST" action="index.asp?module=adn&act=up_date_finish&id=<%=adnup("id")%>">
<table border="0" width="100%">
<tr>
<td width="45%" align="right">管理员名称：</td>
<td align="left"><input type="text" name="user" size="20" value=<%=a_user%>></td>
</tr>
<tr>
<td width="45%" align="right">密&nbsp; &nbsp; &nbsp; &nbsp; 码：</td>
<td align="left"><input type="password" name="pwd" size="20" value=<%=a_pwd%>></td>
</tr>
<tr>
<td width="45%" align="right">所属分组：</td>
<%
if a_group="sadmin" then se1="selected" else:end if
if a_group="admin" then se2="selected" else:end if
if a_group="articler" then se3="selected" else:end if
%>
<td align="left"><select size="1" name="group">
<option value="sadmin" <%=se1%>>SAdmin</option>
<option value="admin" <%=se2%>>Admin</option>
<option value="articler" <%=se3%>>Articler</option>
</select></td>
</tr>
</table>
<p><input type="submit" value="提交" name="B1"><input type="reset" value="重置" name="B2"></p>
</form></center>
<%else:end if
if act="up_date_finish" or act="del_" or act="addnew_finish" then
if user00<>adm("a_user") then%>
<script>window.location="index.asp?module=logout"</script>
<%else:end if
finish()
else:end if%>
<p></p></td>
		</tr>
		</table>
      </FIELDSET> 
</DIV></DIV></TD></TR></TBODY></TABLE>
<%else
aderror()
end if
else:end if%>


<%'========================================Application========================================
if module="app_" then
if group00="sadmin" then
strsql="select * from "&front0&"studio order by id desc"
set rs_li=conn.execute(strsql)
'=================Delete=================
if act="del_" then
sql_del="delete * from "&front0&"studio where id="&id
conn.execute(sql_del)
else:end if
%>
<DIV class=2emboxs>
<DIV class=2emborder>
<P></P></DIV>
<DIV class=content>
<TABLE cellSpacing=0>