delete.asp

一个网上的考试系统

<%@ LANGUAGE="VBSCRIPT" %>
<!--#include file="ADOVBS.INC"-->
<%
  id=cdbl(request("id"))
if request("adm")="" or request("pw")=""  then%>
<script LANGUAGE="VBSCRIPT">
<!--
msgbox "用户名和口令必须填写",0+64,"小妹软件"
-->
</script>
<%response.end
end if
	'DbPath = SERVER.MapPath("forum.mdb")
	'Set conn = Server.CreateObject("ADODB.Connection")
	'conn.open "driver={Microsoft Access Driver (*.mdb)};dbq=" & DbPath
	'set rs=server.createobject("adodb.recordset")
   'sqltext="select * from forumadm where adm='"&request("adm")&"' and pw='"&request("pw")&"' "
   'rs.open sqltext,conn,adOpenkeyset,adlockoptimistic,adcmdtext 
	Object = Request.Form("Object")
	set conn = Server.CreateObject ("adodb.connection")
	conn.Open "NetExamine","sa",""
	set userconn = Server.CreateObject ("adodb.recordset")	
	sqlstr = "select * from 管理员表 where 管理员名='"&request("adm")&"' and 密码='"&request("pw")&"' "
	userconn.Open sqlstr,conn
	
if userconn.eof and  userconn.bof  then
    response.write"您非管理员"
    userconn.close()
    set userconn = nothing
    conn.close()
    set conn = nothing
else
	userconn.close()
    set userconn = nothing
    conn.close()
    set conn = nothing
	DbPath = SERVER.MapPath("forum.mdb")
	Set Userconn = Server.CreateObject("ADODB.Connection")
	Userconn.open "driver={Microsoft Access Driver (*.mdb)};dbq=" & DbPath
	set rs=server.createobject("adodb.recordset")
    sql="delete from forum where id=cdbl('"&request("id")&"')  "
    Userconn.execute sql
    'rs.close
    set rs = nothing
    Userconn.close
    set Userconn = nothing
    response.redirect "default.asp"
end if

%>