saveedit.asp

一套设计精美的学校网站全站系统

<!--#include file=conn.asp--><!--#include file=../include/config.asp--><!--#include file="chkuser.asp" -->
<!--#include file="char.inc"--><!--#include file="../include/md5.asp"-->
<%
IF not(request.cookies("KEY")="super" or request.cookies("KEY")="typemaster" or  request.cookies("KEY")="bigmaster") THEN
response.redirect "index_face.asp"
response.end
else
usernamecookie=CheckStr(request.cookies("UserName"))
passwdcookie=replace(trim(Request.cookies("passwd")),"'","''")
KEYcookie=replace(trim(request.cookies("KEY")),"'","''")
if usernamecookie="" or passwdcookie="" then
response.redirect "login.asp"
response.end
else
'判断用户的合法性
  set rs=server.createobject("adodb.recordset")
  sql="select * from admin where username='"&usernamecookie&"'"
  rs.open sql,conn,1,1
  if rs.eof and rs.bof then
             response.redirect "login.asp"
            response.end
         end if
  IF passwdcookie<>rs("passwd") THEN
          response.redirect "login.asp"
           response.end
      END IF
   '下面判断用户级别实际在有用户级别是都应该判断
   if KEYcookie<>rs("OSKEY") then
      response.redirect "index_face.asp"
      response.end
    end if
           rs.close
           set rs=nothing
END IF
END IF

dim sql
dim sql11
dim rs
dim rs11
dim id
dim passwd,passwd1
dim username
dim oskey
dim depid
dim shenhe
dim fullname

username=htmlencode(request.form("username"))
fullname=htmlencode(request.form("fullname"))
passwd=htmlencode(request.form("passwd"))
passwd1=md5(trim(request.form("passwd")))
oskey=htmlencode(request.form("oskey"))
id=request("id")
depid=request.form("depid")
shenhe=request.form("shenhe")


dim depname
dim deptype
set rs11=server.createobject("adodb.recordset")
sql11="select * from dep where id="&depid
rs11.open sql11,conn,3,3
depname=rs11("depname")
deptype=rs11("deptype")
rs11.close


set rs=server.createobject("adodb.recordset")
sql="select * from admin where id="&id
rs.open sql,conn,3,3
rs("username")=username
rs("fullname")=fullname
if passwd<>rs("passwd") then
rs("passwd")=passwd1
end if
rs("oskey")=oskey
rs("depid")=depid
rs("depname")=depname
rs("deptype")=deptype
rs("shenhe")=shenhe
rs.update
rs.close

conn.close
set conn=nothing
response.write "<p align=center><font color=red>恭喜您!该用户资料已经修改成功!<br>"&freetime&"秒钟后返回上页!</font>"
response.write "<meta http-equiv=""refresh"" content="""&freetime&";url=usermanage.asp"">"
%>