guestdel.asp

一套设计精美的学校网站全站系统

<!--#include file="include/conn.asp"-->
<!--#include file="include/config.asp"-->
<%
if request.cookies("key")="super" then

usernamecookie=request.cookies("UserName")
passwdcookie=replace(trim(Request.cookies("passwd")),"'","''")
KEYcookie=replace(trim(request.cookies("KEY")),"'","''")
if usernamecookie="" or passwdcookie="" then
response.write "<script>alert('您无权删除此留言！');history.go(-1);</Script>"
response.end
else

'判断用户的合法性
  set rs=server.createobject("adodb.recordset")
  sql="select * from admin where username='"&usernamecookie&"'"
  rs.open sql,conn,1,1
  if rs.eof and rs.bof then
             response.write "<script>alert('您无权删除此留言！');history.go(-1);</Script>"
            response.end
         end if
  IF passwdcookie<>rs("passwd") THEN
          response.write "<script>alert('您无权删除此留言！');history.go(-1);</Script>"
           response.end
      END IF
   '下面判断用户级别实际在有用户级别是都应该判断
   if KEYcookie<>rs("OSKEY") then
      response.redirect "index_face.asp"
      response.end
    end if
           rs.close
           set rs=nothing
end if
    reviewid=cint(request("reviewid"))
    set rs=server.createobject("adodb.recordset")
    sql="select * from review where reviewid="&reviewid
   	rs.open sql,conn,1,3
   	rs.Delete
   	rs.Close
    set rs=nothing
    conn.close
    set conn=nothing
response.redirect "guestbook.asp"
else
response.write "<script>alert('您无权删除此留言！');history.go(-1);</Script>"
response.end
end if
 %>