admin_save.asp

这是我根据动网新闻核心自行设计的校园新闻系统

<%
pageadmin=10
%>
<!--#include file="../login/check.asp" -->
<!--#include file="../../inc/conn.asp"-->
<!--#include file="../../inc/function.asp" -->
<!--#include file="../../inc/md5.asp"-->
<%
Dim action
action=request.querystring("action")

If issafestr(action)=false Then
	Response.Write "非法参数"
	Response.End
End If

Dim AdminName,AdminPassword,AdminPower
AdminName = Request.Form("adminname")
AdminPassword  = md5(Request.Form("adminpassword"))
AdminPower   = Request.Form("adminpower")
'判断输入的有效性
If adminname="" Or adminpassword="" Then
	Response.Write "<script>alert('用户名和密码不能为空');history.back();</script>"
	Response.End	
End If
If issafestr(adminname)=False Or issafestr(adminpassowrd)=False Or issafestr(adminpower)=False Then
	Response.Write "<script>alert('不能含有非法字符');history.back();</script>"
	Response.End
End If
Dim id
id=CInt(Request.QueryString("id"))
ct=","
ct=ct&Request.Form("category")
ct=ct&","
Dim rs,idd
If action="add" Then
	Set rs=conn.Execute("select max(id) from admin")
	If IsNull(rs(0)) Or rs(0)=Empty Then
		idd=1
	Else 
		idd=rs(0)+1
	End If
	Conn.Execute("insert into admin (id,adminname,adminpassword,adminpower,ct) values ("&idd&",'"&adminname&"','"&adminpassword&"','"&adminpower&"','"&ct&"')")
	Response.Write "<script>alert('添加管理员成功');location.href='admin_list.asp';</script>"
ElseIf action="edit" Then
	If Trim(Request.Form("adminpassword"))<>"" Then
		Conn.execute("update admin set adminname='"&adminname&"',adminpassword='"&adminpassword&"',adminpower='"&adminpower&"',ct='"&ct&"' where id="&id)
	Else
		Conn.execute("update admin set adminname='"&adminname&"',adminpower='"&adminpower&"',ct='"&ct&"' where id="&id)
	End If
	Response.Write "<script>alert('修改管理员成功');location.href='admin_list.asp';</script>"
End if

Call connclose()
%>