📄 check.asp
字号:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="conn.asp"-->
<!--#include file="show_error.asp"-->
<!--#include file="lockip.asp"-->
<!--#include file="config.asp"-->
<!--#include file="check_function.asp"-->
<!--#include file="check_email.asp"-->
<%
'response.expires=now()-1
'response.buffer=true
if not Is_open then
call error("系统当前已关闭,不允许任何操作!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call show_error()
response.end
end if
if not Is_reg then
call error("系统当前已停止注册!")
call error("<a href='../index.htm'>前往-->首页</a>")
call show_error()
response.end
end if
dim action
action=lcase(trim(request.querystring("action")))
select case action
case "reg"
if check_len(request.form("username"),"[用户名]",20,0) or _
check_len(request.form("password"),"[密码]",20,0) or _
check_small_len(request.form("password"),"[密码]",8) or _
check_len(request.form("passwordq"),"[密码确认]",20,0) or _
check_small_len(request.form("passwordq"),"[密码确认]",8) or _
check_len(request.form("number"),"[学号]",13,0) or _
check_num(request.form("number"),"[学号]") or _
check_small_len(request.form("number"),"[学号]",11) or _
check_len(request.form("name"),"[姓名]",4,1) or _
check_len(request.form("email"),"[email]",80,1) or _
check_len(request.form("question"),"[密码提示问题]",50,0) or _
check_len(request.form("answer"),"[密码提示问题答案]",50,0) then
finderror=true
end if
if request.form("password")<>request.form("passwordq") then call error("两次输入密码不一致")
'检测email的正确性
dim email
email=request.form("email")
if not IsValidEmail(email) then call error("[email]出错!")
'call Iserror()
if request.form("teacher")="" or request.form("class_e")="" then
call error("请选择你的授课教师和你所在的班级!")
end if
'response.write request.form("teacher")
'response.write request.form("class_e")
if finderror=true then
call show_error()
response.end
else
'dim
username=request.form("username")
password=request.form("password")
number=request.form("number")
name=request.form("name")
'email前面已经定义 见行31
teacher=request.form("teacher")
class_e=request.form("class_e")
question=request.form("question")
answer=request.form("answer")
ip=request.form("ip")
'过滤非法字符
'判断用户名是否已经存在
dim sql_01
sql_01="select eric_username from eric_member where eric_username='" & username & "'"
call opendb()
Set rs=conn.Execute(sql_01)
if not rs.eof then
call error("该用户名已经存在,请选择其它用户名!")
call Iserror()
call closers()
call closedb()
response.end
end if
call closers()
'判断学号是否已经注册
dim sql_03
sql_03="select eric_number from eric_member where eric_number='" & number & "' or eric_name='" & name & "'"
set rs=conn.execute (sql_03)
if not rs.eof then
call error("该学号或者姓名已经注册存在,请与你的授课老师联系!")
call Iserror()
call closers()
call closedb()
response.end
end if
call closers()
'判断是否该教师教授该班级
set rs=conn.execute ("select teacher,class_e from eric_manager where teacher='" & teacher & "' and class_e<>''")
if not rs.eof then
'do while not rs.eof
class_ee=rs("class_e")
if instr(class_ee,"|")=0 then
if class_ee<>trim(class_e) then
call error("该教师不教授该班级!")
call Iserror()
response.end
else
chk_class_teacher=true
end if
elseif instr(class_ee,"|")>0 then
array_class_e=split(class_ee,"|")
for i=0 to ubound(array_class_e)
if array_class_e(i)=class_e then
chk_class_teacher=true
exit for
else
chk_class_teacher=false
'call error("该教师不教授该班级!")
'call Iserror()
'response.end
end if
next
end if
'rs.movenext
'loop
else
chk_class_teacher=false
end if
if chk_class_teacher=false then
call error("你所选择的教师不教授该班级,或者该教师尚未建立班级,请确认你选择了正确的班级和授课教师!")
call Iserror()
response.end
end if
dim sql_02
sql_02="insert into eric_member (eric_username,eric_password,eric_number,eric_name,teacher,class_e,email,question,answer,reg_ip) values ('" & username & "','" & password & "','" & number & "','" & name & "','" & teacher & "','" & class_e & "','" & email & "','" & question & "','" & answer & "','" & ip & "')"
'call opendb()
conn.execute sql_02
conn.execute ("update eric_config set reg_number=reg_number+1")
call closedb()
'server.transfer ("show_success.asp?info=恭喜注册成功!")
'response.end
response.redirect "show_success.asp?info=恭喜注册成功!"
end if
case "login"
'response.write session("confirmcode")
dim user,pwd,confirm
user=trim(request.form("user"))
pwd=trim(request.form("pwd"))
confirm=request.form("confirm")
if user="" or confirm="" or pwd="" then
call error("用户名、密码、验证码均不能为空!")
call Iserror()
response.end
elseif cstr(session("confirmcode"))<>cstr(trim(request.form("confirm"))) then
call error("验证码出错!")
call Iserror()
response.end
else
'非法字符过滤
dim sql_05
sql_05="select * from eric_member where eric_username='" & user & "' and eric_password='" & pwd & "'"
call opendb()
set rs_sql_05=conn.execute (sql_05)
if not rs_sql_05.eof then
session("our_teacher")=rs_sql_05("teacher")'授课的教师的真名
session("student_num_name")=right(rs_sql_05("eric_number"),2) & "_" & rs_sql_05("eric_name")'学号_真名
session("student")=user'用户名
session("purview")="1"
session("student_class")=rs_sql_05("class_e")
'response.write session("student_class")
'response.end
rs_sql_05.close
set rs_sql_05=nothing
call closedb()
response.redirect "main.asp"
response.end
else
rs_sql_05.close
set rs_sql_05=nothing
call closedb()
call error("用户名,密码出错!如果忘记密码请与授课教师联系。")
call Iserror()
response.end
end if
end if
'end if
case "modify_info"
'response.redirect "modify_info.asp"
'检测email的正确性
dim email_02
email_02=request.form("email")
if not IsValidEmail(email_02) then call error("[email]出错!")
if finderror=true then
call show_error()
response.end
else
call opendb()
'sql_06="select eric_username,email from eric_member where eric_username='" & session("student") & "'"
'Set rs=Server.CreateObject("ADODB.Recordset")
'rs.open sql_06,conn,3,3
'if not rs.eof then
' rs("email")="ddd"
' rs.update
' call closers()
' call closedb()
sql_06="update eric_member set email='" & email_02 & "' where eric_username='" & session("student") & "'"
conn.execute(sql_06)
call closedb()
response.redirect "show_success.asp?info=资料修改成功!--><a href='explain.asp'>返回管理首页</a>"
end if
case "modify_pwd"
dim old_pwd,chg_pwd,chg_pwdq
old_pwd=request.form("old_pwd")
chg_pwd=request.form("chg_pwd")
chg_pwdq=request.form("chg_pwdq")
if check_len(old_pwd,"[旧密码]",20,0) or _
check_small_len(old_pwd,"[旧密码]",8) or _
check_len(chg_pwd,"[新密码]",20,0) or _
check_small_len(chg_pwd,"[新密码]",8) or _
check_len(chg_pwdq,"[密码确认]",20,0) or _
check_small_len(chg_pwdq,"[密码确认]",8) then
finderror=true
call Iserror()
response.end
end if
if old_pwd="" or chg_pwd="" or chg_pwdq="" then
call error("不能为空!")
call Iserror()
response.end
end if
if request.form("chg_pwdq")<>request.form("chg_pwd") then
call error("两次输入新密码不一致!")
call Iserror()
response.end
else
call opendb()
sql_08="select eric_username,eric_password from eric_member where eric_username='" & session("student") & "' and eric_password='" & old_pwd & "'"
'set rs=conn.execute(sql_08)
set rs=server.createobject("adodb.recordset")
rs.open sql_08,conn,3,3
if not rs.eof then
rs("eric_password")=chg_pwd
rs.update
call closers()
call closedb()
response.redirect "show_success.asp?info=修改密码成功!--><a href='explain.asp'>返回管理首页</a>"
else
call error("密码错误!--><a href='javascript:history.go(-1)'>返回</a>")
call Iserror()
response.end
end if
end if
case "delete_upfile"
id=trim(request("id"))
'字符过滤
'response.write id
'删除数据库中的纪录
call opendb()
set rs=conn.execute("select upload_path from upload_info where id=" & id)
if not rs.eof then
upload_path=rs("upload_path")
call closers()
else
call closers()
call error("出现未知错误,请与系统管理员联系!")
call Iserror()
response.end
end if
conn.execute("delete from upload_info where id=" & id)
call closedb()
'删除相关作业文件
'生成文件夹路径
filename=server.mappath(upload_path)
'response.write filename
'repsponse.end
set fs=CreateObject("scripting.filesystemobject")
if fs.FileExists(FileName) then
fs.DeleteFile(FileName)
set fs=nothing
response.redirect "show_success.asp?info=删除文件成功!--><a href='explain.asp'>返回管理首页</a>"
response.end
else
call error("出现未知错误,请与系统管理员联系!")
call Iserror()
response.end
end if
case "logout"
session.abandon
response.redirect "show_success.asp?info=安全退出成功!"
response.end
case else
call error("出现未知错误,请与<a href='mailto:mlzboy@yahoo.com.cn'>我们联系</a>!")
call error("<a href='http://jjxy.zj.com'>前往-->Eric工作室</a>")
call Iserror()
response.end
end select
%>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -