📄 edit.asp
字号:
<%submit=request("submit")
function HTMLEncode(fString)
fString = replace(fString, ">", ">")
fString = replace(fString, "<", "<")
fString = Replace(fString, CHR(13), "")
fString = Replace(fString, CHR(10), "<BR>")
HTMLEncode = fString
end function
'版主回复时的返回
if submit="返 回" then
response.write "<script>location='default.asp'</script>"
response.end
end if%>
<!--#include file="conn.asp"-->
<!--#Include file="md5.asp"-->
<%'用户注册
if submit="注 册" then%>
<%username=request("username")
nickname=request("nickname")
sql="select username,nickname from [admin]"
set rs=conn.execute(sql)
do while not rs.eof
if rs("username")=username then
response.Write "<script>alert('此用户名已存在!');javascript:history.go(-1);</script>"
response.end
elseif rs("nickname")=nickname then
response.Write "<script>alert('此昵称已有人使用,请重新输入!');javascript:history.go(-1);</script>"
response.end
end if
rs.movenext
loop
rs.close
realname=request("realname")
password=request("password")
sex=request("sex")
qq=request("qq")
email=request("email")
homepage=request("homepage")
from=request("from")
phone=request("phone")
bzface=request("bzface")
if sex="" then
response.write "<script>alert('请选择性别!');javascript:history.go(-1);</script>"
response.end
end if
password=md5(password)
sql="select * from [admin] where (id is null)"
rs.open sql,conn,2,3
rs.addnew
rs("username")=username
rs("password")=password
rs("nickname")=nickname
rs("flag")=3
rs("bzface")=bzface
rs("from")=from
rs("sex")=sex
rs("qq")=qq
rs("email")=email
rs("homepage")=homepage
rs("phone")=phone
rs("realname")=realname
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
session("user")=username
session("username")=nickname
session("flag")=3
session("bzface")=bzface
session("from")=from
session("sex")=sex
session("qq")=qq
session("email")=email
session("homepage")=homepage
session("phone")=phone%>
<script>alert('欢迎<%=nickname%>的加入,离开请点击"退出登录"!!');location='default.asp'</script>
<%end if%>
<%'用户修改
if submit="修 改" then%>
<%username=request("username")
nickname=request("nickname")
nick=session("username")
if nickname<>nick then
sql="select nickname from [admin] where nickname='"&nickname&"'"
set rs=conn.execute(sql)
if not rs.eof then
response.Write "<script>alert('此昵称已有人使用,请重新输入!');javascript:history.go(-1);</script>"
response.end
end if
rs.close
end if
password=request("password")
sex=request("sex")
qq=request("qq")
email=request("email")
homepage=request("homepage")
from=request("from")
phone=request("phone")
bzface=request("bzface")
if sex="" then
response.write "<script>alert('请选择性别!');javascript:history.go(-1);</script>"
response.end
end if
password=md5(password)
sql="select * from [admin] where username='"&username&"'"
rs.open sql,conn,2,3
rs("password")=password
rs("nickname")=nickname
rs("bzface")=bzface
rs("from")=from
rs("sex")=sex
rs("qq")=qq
rs("email")=email
rs("homepage")=homepage
rs("phone")=phone
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
session("username")=nickname
session("bzface")=bzface
session("from")=from
session("sex")=sex
session("qq")=qq
session("email")=email
session("homepage")=homepage
session("phone")=phone%>
<script>alert('<%=username%>,您的资料已经修改成功,离开请点击"退出登录"!!');location='default.asp'</script>
<%end if%>
<%'用户回复
if submit="回 应" then
return=request("userrep")
id=request("id")
repname=session("username")
oldname=request("oldname")
return=HTMLEncode(replace(trim(return),"'",""))
sql="select * from [return] where (id is null)"
rs.open sql,conn,2,3
rs.addnew
rs("return")=return
rs("repname")=repname
rs("messid")=id
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing%>
<script>alert('<%=oldname%>的留言回复成功,谢谢!');location='default.asp'</script>
<%end if%>
<%'编辑留言
if submit="编 辑" then
content=request("content")
id=request("id")
ip=request("ip")
one=request("one")
content=HTMLEncode(replace(trim(content),"'",""))
if one="" then
one=0
end if
sql="select content,ip,one from [message] where id="&id
rs.open sql,conn,2,3
rs("content")=content
rs("ip")=ip
rs("one")=one
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
response.Write "<script>alert('您的留言已更改成功!');location='default.asp'</script>"
end if%>
<%'访客留言
if submit="发 言" then
nname=request("username")
from=request("from")
sex=request("sex")
qq=request("qq")
email=request("email")
homepage=request("homepage")
phone=request("phone")
face=request("face")
content=request("content")
one=request("one")
ip=request("ip")
if one="" then
one=0
end if
content=HTMLEncode(replace(trim(content),"'",""))
sql="select * from message"
rs.open sql,conn,1,1
rscount=rs.recordcount+1
rs.close
sql="select * from message where (id is null)"
rs.open sql,conn,2,3
rs.addnew
rs("name")=nname
rs("from")=from
rs("ip")=ip
rs("sex")=sex
rs("qq")=qq
rs("email")=email
rs("homepage")=homepage
rs("phone")=phone
rs("face")=face
rs("content")=content
rs("one")=one
rs("time")=now()
rs("messid")=rscount
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing%>
<script>alert('留言添加成功,谢谢<%=nname%>的参与!');location='default.asp'</script>
<%end if%>
<%'版主回复
if submit="回 复" then%>
<!--#include file="session.asp"-->
<%reply=request("reply")
id=request("id")
sql="select * from message where id="&id
rs.open sql,conn,2,3
rs("reply")=reply
rs("replyname")=session("username")
rs("bzface")=session("bzface")
rs.update
username=rs("name")
rs.close
set rs=nothing%>
<script>alert('<%=username%>的留言回复成功!');location='default.asp'</script>
<%conn.close
set conn=nothing
end if%>
<%'参数更改
if submit="更 改" then%>
<!--#Include file="adminsession.asp"-->
<%pgsize=request("pgsize")
webname=request("webname")
logo=request("logo")
url=request("url")
vversion=request("version")
floatflag=request("floatflag")
floatimage=request("floatimage")
floaturl=request("floaturl")
webmastername=request("webmastername")
webmasterqq=request("webmasterqq")
webmasteremail=request("webmasteremail")
flashurl=request("flashurl")
photoup=request("photoup")
music=request("music")
if floatflag=1 and floatimage="" then
response.Write "<script>alert('如果您要出现浮动图片,请输入图片路径!');javascript:history.go(-1);</script>"
response.end
end if
sql="select pgsize,url,logo,version,webname,floatimage,floaturl,floatflag,webmastername,webmasterqq,webmasteremail,flashurl,photoup,music from [config] where conid=1"
rs.open sql,conn,2,3
rs("pgsize")=pgsize
rs("url")=url
rs("logo")=logo
rs("version")=vversion
rs("webname")=webname
if floatflag=1 then
rs("floatflag")=floatflag
else
rs("floatflag")=0
end if
if photoup=1 then
rs("photoup")=photoup
else
rs("photoup")=0
end if
rs("floaturl")=floaturl
rs("floatimage")=floatimage
rs("webmastername")=webmastername
rs("webmasterqq")=webmasterqq
rs("webmasteremail")=webmasteremail
rs("flashurl")=flashurl
rs("music")=music
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
response.write "<script>alert('参数设定成功!');location='config.asp'</script>"
end if%>
<%'用户权限修改
if submit="修改" then%>
<!--#Include file="adminsession.asp"-->
<%username=request("username")
id=request("id")
flag=request("flag")
if username="" then
response.write "<script>alert('用户名不能为空!');location='adminuser.asp'</script>"
response.end
end if
sql="select username,flag from [admin] where id="&id
rs.open sql,conn,2,3
rs("username")=username
if flag<>"" then
rs("flag")=flag
end if
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing%>
<script>alert('用户<%=username%>修改成功!');location='adminuser.asp'</script>
<%end if%>
<%'用户密码修改
if submit="更改" then%>
<!--#Include file="adminsession.asp"-->
<%username=request("username")
if username="请选择用户" then
response.write "<script>alert('请选择一个用户进行修改!');javascript:history.go(-1);</script>"
response.end
end if
password=request("password")
password=md5(password)
sql="select password from [admin] where username='"&username&"'"
rs.open sql,conn,2,3
rs("password")=password
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing%>
<script>alert('用户<%=username%>的密码修改成功!');location='adminuser.asp?action=edit'</script>
<%end if%>
<%'用户删删除
if submit="删除" then%>
<!--#Include file="adminsession.asp"-->
<%id=request("id")
username=request("username")
sql="delete from [admin] where id="&id
conn.execute(sql)
conn.close
set conn=nothing%>
<script>alert('用户<%=username%>删除成功!');location='adminuser.asp?action=add'</script>
<%end if%>
<%'颜色保存
if submit="保 存" then
skinname=request("skinname")
sql="select skinname from [skin] where skinname='"&skinname&"'"
set rs=conn.execute(sql)
if not rs.eof then
response.write "<script>alert('此颜色风格已在数据库中,请重新命名!');javascript:history.go(-1);</script>"
response.end
end if
rs.close
bgcolor=request("bgcolor")
tabbgcolor=request("tabbgcolor")
tdbgcolor=request("tdbgcolor")
td1bgcolor=request("td1bgcolor")
td2bgcolor=request("td2bgcolor")
sql="select * from [skin] where (id is null)"
rs.open sql,conn,2,3
rs.addnew
rs("skinname")=skinname
rs("bgcolor")=bgcolor
rs("tabbgcolor")=tabbgcolor
rs("tdbgcolor")=tdbgcolor
rs("td1bgcolor")=td1bgcolor
rs("td2bgcolor")=td2bgcolor
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing%>
<script>alert('颜色方案 <%=skinname%> 保存成功,要使用此颜色方案,请选定');location='skin.asp'</script>
<%end if%>
<%'颜色选定
if submit="选定颜色" then
id=request("id")
sql="select * from [skin] where id="&id
set rs=conn.execute(sql)
set rs1=server.CreateObject("adodb.recordset")
sql="select bgcolor,tabbgcolor,tdbgcolor,td1bgcolor,td2bgcolor from [config] where id=1"
rs1.open sql,conn,2,3
rs1("bgcolor")=rs("bgcolor")
rs1("tabbgcolor")=rs("tabbgcolor")
rs1("tdbgcolor")=rs("tdbgcolor")
rs1("td1bgcolor")=rs("td1bgcolor")
rs1("td2bgcolor")=rs("td2bgcolor")
rs1.update
rs1.close
skinname=rs("skinname")
rs.close
set rs=nothing
set rs1=nothing
conn.close
set conn=nothing%>
<script>alert('恭喜你,你已成功选定<%=skinname%>!');location='skin.asp'</script>
<%end if%>
<%'删除颜色
if submit="删除颜色" then
id=request("id")
if id=1 then
response.write "<script>alert('对不起,此颜色方案为系统默认,不允许删除!');javascript:history.go(-1);</script>"
response.end
end if
skinname=request("skinname")
sql="select skinname from [skin] where id="&id
set rs=conn.execute(sql)
skinname=rs("skinname")
rs.close
set rs=nothing
sql="delete from [skin] where id="&id
conn.execute(sql)
conn.close
set conn=nothing%>
<script>alert('<%=skinname%>删除成功!');location='skin.asp'</script>
<%end if%>
<%'编辑颜色
if submit="编辑颜色" then
id=request("id")
if id=1 then
response.write "<script>alert('对不起,此颜色方案为系统默认,不允许编辑!');javascript:history.go(-1);</script>"
response.end
end if
sql="select * from [skin] where id="&id
set rs=conn.execute(sql)
bgcolor2=rs("bgcolor")
tabbgcolor2=rs("tabbgcolor")
tdbgcolor2=rs("tdbgcolor")
td1bgcolor2=rs("td1bgcolor")
td2bgcolor2=rs("td2bgcolor")
skinname=rs("skinname")%>
<script>location="skin.asp?skinname=<%=skinname%>&bgcolor2=<%=bgcolor2%>&tabbgcolor2=<%=tabbgcolor2%>&tdbgcolor2=<%=tdbgcolor2%>&td1bgcolor2=<%=td1bgcolor2%>&td2bgcolor2=<%=td2bgcolor2%>"</script>
<%conn.close
set conn=nothing
end if%>
<%'照片更改
if submit="更 新" then
phototitle=request("phototitle")
photocomment=request("photocomment")
photoid=request("photoid")
sql="select * from [photo] where photoid="&photoid
rs.open sql,conn,2,3
rs("phototitle")=phototitle
rs("photocomment")=photocomment
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
response.write "<script>alert('图片资料更改成功');location='photo.asp'</script>"
end if%>
<%'版权所有:血剑无痕 18529820 wkwmd@sina.com%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -