ycms@admin.asp

安全性好,适用于展示和进行资源下载的个人和大型网站使用!

<!--#include file="inc/conn.asp"-->
<!--#include file="../inc/md5.asp"-->
<%
call checkadmin("admin")
function splitadmin(myadmin,admin_admin)
splitadmin=false
if admin_admin<>"" then
admindata=split(admin_admin,",")
for i = 0 to ubound(admindata)
if trim(admindata(i))=trim(myadmin) then
splitadmin=true
exit for
end if
next
end if
end function
%>
<html><head>
<meta http-equiv="content-type" content="text/html;charset=utf-8">
<link rel="STYLESHEET" type="text/css" href="inc/css.css">
<script type='text/javascript' language='javascript' src='inc/js.js'></script>
</head>
<%
select case request.querystring("action")
case "newadminok"
if trim(replace(request("admin_pass"),"'",""))<>MD5(trim(replace(request("admin_pass"),"'",""))) then
Response.Write("<script>alert('瀵嗙爜鍜岀‘璁ゅ瘑鐮佷笉鍚岋紒璇蜂粠鏂拌緭鍏ワ紒');history.go(-1);</script>")
end if 


set rs=server.CreateObject("adodb.recordset")
sql="select * from [YCMS_admin]"
rs.open sql,conn,1,3
rs.addnew
rs("admin_name")=request.Form("admin_name")
rs("admin_pass")=MD5(trim(replace(request("admin_pass"),"'","")))
rs("admin_type")=cint(request.Form("admin_type"))
rs("admin_admin")=replace(request.Form("admin_admin")," ","")
rs("admin_user")=request.Form("admin_user")
rs("admin_lock")=cint(request.Form("admin_lock"))
rs.update
rs.close
response.Redirect"YCMS@Admin.asp"
case "editadminok"
if trim(replace(request("admin_pass"),"'",""))<>MD5(trim(replace(request("admin_pass"),"'",""))) then
Response.Write("<script>alert('瀵嗙爜鍜岀‘璁ゅ瘑鐮佷笉鍚岋紒璇蜂粠鏂拌緭鍏ワ紒');history.go(-1);</script>")
end if 

set rs=server.CreateObject("adodb.recordset")
sql="select * from [YCMS_admin] where id="&cint(request.Form("id"))
rs.open sql,conn,1,3
rs("admin_name")=request.Form("admin_name")
if trim(replace(request("admin_pass"),"'",""))<>"" then
rs("admin_pass")=MD5(trim(replace(request("admin_pass"),"'","")))
end if
rs("admin_type")=cint(request.Form("admin_type"))
if request.Form("admin_type")<>1 then
rs("admin_admin")=replace(request.Form("admin_admin")," ","")
end if
rs("admin_user")=request.Form("admin_user")
rs("admin_lock")=cint(request.Form("admin_lock"))
rs.update
rs.close
response.Redirect"YCMS@Admin.asp"

case ""
call admin()
case "editadmin"
set rs=server.CreateObject("adodb.recordset")
sql="select * from [YCMS_admin] where id="&request.querystring("id")
rs.open sql,conn,1,1%>
<script language="javascript">
function chk(){
if(document.form.admin_name.value==""){
alert("绠＄悊鍛樺悕绉颁笉鑳戒负绌猴紒");
document.form.admin_name.focus();
return false;}
return true;}
</Script>
<form method="post" name="form" id="form" onsubmit="return chk();" action="?action=editadminok">
<table width="100%" align='center' border="0" cellpadding="0" cellspacing="0" rules=none class=3d>
<tr class="title"  height="22"><td><b>&nbsp;<img src=img/ie.gif border=0 width=15 height=15 align=absMiddle>&nbsp;缂栬緫绠＄悊鍛