📄 admin_admin.asp
字号:
<!--#include file="../inc/config.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="inc/error.asp"-->
<!--#include file="inc/FORMAT.asp"-->
<%
dim founderr,errmsg
founderr=false
errmsg=""
if session("adminlogin")<>sessionvar and session("flag")="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你尚未登录,或者超时了!请<a href='admin.asp'>重新登录</a>!"
call diserror()
response.end
else
if request.form("MM_insert") then
if request.form("action")="modpass" then
dim adminname,oldpwd,adminpwd,confirm
adminname=trim(replace(request.form("adminname"),"'",""))
oldpwd=trim(replace(request.form("oldpwd"),"'",""))
adminpwd=trim(replace(request.form("adminpwd"),"'",""))
flag=trim(replace(request.form("flag"),"'",""))
confirm=trim(replace(request.form("confirm"),"'",""))
if adminname="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入管理员名称!"
end if
if oldpwd="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入旧的管理员密码!"
end if
if adminpwd="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入新的管理员密码!"
end if
if adminpwd<>confirm then
founderr=true
errmsg=errmsg+"<br>"+"<li>你两次输入的管理员密码不相同!"
end if
if founderr then
call diserror()
response.end
else
sql="select * from admin where admin_name='"&adminname&"' and admin_password='"&oldpwd&"'"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
if rs.eof then
errmsg=errmsg+"<br>"+"<li>管理员名称或密码错误!"
call diserror()
response.end
else
rs("admin_password")=adminpwd
rs.update
rs.close
set rs=nothing
end if
end if
end if
if request.form("action")="newadmin" then
adminname=trim(replace(request.form("adminname"),"'",""))
adminpwd=trim(replace(request.form("adminpwd"),"'",""))
flag=trim(replace(request.form("flag"),"'",""))
confirm=trim(replace(request.form("confirm"),"'",""))
if adminname="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入管理员名称!"
end if
if adminpwd="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入管理员密码!"
end if
if adminpwd<>confirm then
founderr=true
errmsg=errmsg+"<br>"+"<li>你两次输入的管理员密码不相同!"
end if
if founderr then
call diserror()
response.end
else
sql="select * from admin"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs.addnew
rs("admin_name")=adminname
rs("admin_password")=adminpwd
rs("flag")=flag
rs.update
rs.close
set rs=nothing
response.redirect "admin_admin.asp?action=admin"
end if
end if
if request.form("action")="editadmin" then
if request.Form("id")="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须指定操作的对象!"
else
if not isInteger(request.form("id")) then
founderr=true
errmsg=errmsg+"<br>"+"<li>非法的文章分类id参数。"
end if
end if
adminname=trim(replace(request.form("adminname"),"'",""))
adminpwd=trim(replace(request.form("adminpwd"),"'",""))
flag=trim(replace(request.form("flag"),"'",""))
confirm=trim(replace(request.form("confirm"),"'",""))
if adminname="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入管理员名称!"
end if
if adminpwd="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须输入管理员密码!"
end if
if adminpwd<>confirm then
founderr=true
errmsg=errmsg+"<br>"+"<li>你两次输入的管理员密码不相同!"
end if
if founderr then
call diserror()
response.end
else
sql="select * from admin where admin_id="&request.form("id")
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs("admin_name")=adminname
rs("admin_password")=adminpwd
rs("flag")=flag
rs.update
rs.close
set rs=nothing
response.redirect "admin_admin.asp?action=admin"
end if
end if
if request.form("action")="deladmin" then
if request.Form("id")="" then
founderr=true
errmsg=errmsg+"<br>"+"<li>你必须指定操作的对象!"
else
if not isInteger(request.form("id")) then
founderr=true
errmsg=errmsg+"<br>"+"<li>非法的文章分类id参数。"
end if
end if
if founderr then
call diserror()
response.end
else
sql="select * from admin where admin_id="&request.form("id")
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs.delete
rs.close
set rs=nothing
response.redirect "admin_admin.asp?action=admin"
end if
end if
end if%>
<HTML><HEAD><TITLE>管理中心</TITLE>
<META http-equiv=Content-Type content="text/html; charset=gb2312"><LINK
href="inc/style.css" type=text/css rel=stylesheet>
<META content="MSHTML 6.00.2800.1126" name=GENERATOR>
</HEAD>
<body onkeydown=return(!(event.keyCode==78&&event.ctrlKey)) background=inc/dj_bg.gif>
<%if request.querystring("action")="modpass" then%>
<table width="400" border="1" align="center" cellpadding="4" cellspacing="0" bordercolor="#C0C0C0" bgcolor="#FFFFFF" style="border-collapse: collapse">
<form name="form1" method="post" action="admin_admin.asp">
<tr>
<td colspan="2"> <font color="#333333">修改管理员密码</font></td>
</tr>
<tr>
<td width="30%" bgcolor="#FFFFFF">管理员名称- </td>
<td width="70%" bgcolor="#FFFFFF"><input name="adminname" type="text" id="adminname" size="30">
</td>
</tr>
<tr>
<td width="30%" bgcolor="#FFFFFF">旧密码- </td>
<td bgcolor="#FFFFFF"><input type="password" name="oldpwd" size="30"></td>
</tr>
<tr>
<td bgcolor="#FFFFFF" class="chinese">新密码-</td>
<td bgcolor="#FFFFFF" class="chinese"> <input name="adminpwd" type="password" id="adminpwd" size="30">
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF" class="chinese">确认新密码- </td>
<td bgcolor="#FFFFFF" class="chinese"><input name="confirm" type="password" id="confirm" size="30"></td>
</tr>
<%if session("flag")>1 then
response.write ""
else
response.write "<tr>"&_
"<td bgcolor=#FFFFFF class=chinese>管理员权限-</td>"&_
"<td bgcolor=#FFFFFF class=chinese><select name='flag' id='flag'>"&_
"<option value='2'>普通管理员</option>"&_
"<option value='1'>超级管理员</option>"&_
"</select></td>"&_
"</tr>"
end if%>
<tr>
<td height="30" colspan="2" align="center" bgcolor="#F5F5F5"> <input type="submit" name="Submit" value="确定修改">
<input type="reset" name="Reset" value="清空重写"> </td>
</tr>
<input type="hidden" name="action" value="modpass">
<input type="hidden" name="MM_insert" value="true">
</form>
</table>
<%end if
if request.querystring("action")="admin" then
sql="select * from admin"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,1
%>
<%if session("flag")>1 then%>
<table align="center" width="400" height="37" border="1" cellpadding="0" cellspacing="0">
<tr>
<td align="center" bgcolor="#FFFFFF"><font color="#FF0000">你没有权限!!!</font></td>
</tr>
</table>
<% Else %>
<table width="98%" border="1" cellspacing="0" cellpadding="4" bgcolor="#F5F5F5" style="border-collapse: collapse" bordercolor="#C0C0C0">
<tr>
<td colspan="4"> <font color="#333333">管理员组</font></td>
</tr>
<tr bgcolor="#FFFFFF" align="center">
<td width="10%">编号</td>
<td width="36%">管理员名称</td>
<td width="24%">管理员权限</td>
<td width="30%">操作</td>
</tr>
<%do while not rs.eof%>
<tr bgcolor="#FFFFFF">
<td align="center"><%=rs("admin_id")%> </td>
<td><%=rs("admin_name")%> </td>
<td align="center"><%=rs("flag")%></td>
<td align="center" bgcolor="#FFFFFF">
<%if session("flag")>1 then%>
<% Else %>
<%if rs("issuper")<>1 then%>
<a href="admin_admin.asp?id=<%=rs("admin_id")%>&action=editadmin">edit</a>
<a href="admin_admin.asp?id=<%=rs("admin_id")%>&action=deladmin">del</a>
<%end if%>
<% End If %>
</td>
</tr>
<%rs.movenext
loop%>
</table>
<br>
<table width="400" border="1" align="center" cellpadding="4" cellspacing="0" bordercolor="#C0C0C0" style="border-collapse: collapse">
<form name="form2" method="post" action="">
<tr>
<td colspan="2"> <font color="#333333">新的管理员</font></td>
</tr>
<tr>
<td width="30%" bgcolor="#FFFFFF">名称- </td>
<td width="70%" bgcolor="#FFFFFF"><input name="adminname" type="text" class="textarea" id="adminname" size="30"></td>
</tr>
<tr>
<td bgcolor="#FFFFFF">密码- </td>
<td bgcolor="#FFFFFF"><input name="adminpwd" type="password" id="adminpwd" size="30"></td>
</tr>
<tr>
<td bgcolor="#FFFFFF">确认密码- </td>
<td bgcolor="#FFFFFF"><input name="confirm" type="password" id="confirm" size="30"></td>
</tr>
<tr>
<td bgcolor=#FFFFFF class=chinese>管理员权限-</td>
<td bgcolor=#FFFFFF class=chinese><select name='flag' id='flag'>
<option value='2'>普通管理员</option>
<option value='1'>超级管理员</option>
</select></td>
</tr>
<tr>
<td height="30" colspan="2" align="center" bgcolor="#F5F5F5"> <input type="submit" name="Submit" value="确定新增">
<input type="reset" name="Reset" value="清空重填"> </td>
</tr>
<input type="hidden" name="action" value="newadmin">
<input type="hidden" name="MM_insert" value="true">
</form>
</table><% End If %>
<%end if
if request.querystring("action")="editadmin" then
if request.querystring("id")="" then
errmsg=errmsg+"<br>"+"<li>请指定操作的对象!"
call diserror()
response.end
else
if not isinteger(request.querystring("id")) then
errmsg=errmsg+"<br>"+"<li>非法的酷站分类ID参数!"
call diserror()
response.end
end if
end if
sql="select * from admin where admin_id="&cint(request.querystring("id"))
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,1%>
<table width="400" border="1" align="center" cellpadding="4" cellspacing="0" bordercolor="#C0C0C0" style="border-collapse: collapse">
<form name="form2" method="post" action="">
<tr>
<td colspan="2"> <font color="#333333">编辑管理员</font></td>
</tr>
<tr>
<td width="26%" bgcolor="#FFFFFF">名称- </td>
<td width="74%" bgcolor="#FFFFFF"><input type="text" name="adminname" size="30" value="<%=rs("admin_name")%>">
</td>
</tr>
<tr>
<td bgcolor="#FFFFFF">密码- </td>
<td bgcolor="#FFFFFF"><input type="password" name="adminpwd" size="30" value="<%=rs("admin_password")%>"></td>
</tr>
<tr>
<td bgcolor="#FFFFFF">确认密码- </td>
<td bgcolor="#FFFFFF"><input type="password" name="confirm" size="30" value="<%=rs("admin_password")%>">
</td>
</tr><%if session("flag")>1 then
response.write ""
else
response.write "<tr>"&_
"<td bgcolor=#FFFFFF class=chinese>管理员权限-</td>"&_
"<td bgcolor=#FFFFFF class=chinese><select name='flag' id='flag'>"&_
"<option value='2'>普通管理员</option>"&_
"<option value='1'>超级管理员</option>"&_
"</select></td>"&_
"</tr>"
end if%>
<tr>
<td height="30" colspan="2" align="center" bgcolor="#F5F5F5"> <input type="submit" name="Submit" value="确定修改">
<input type="reset" name="Reset" value="清空重填"> </td>
</tr>
<input type="hidden" name="id" value="<%=rs("admin_id")%>">
<input type="hidden" name="action" value="editadmin">
<input type="hidden" name="MM_insert" value="true">
</form>
</table>
<%rs.close
set rs=nothing
end if
if request.querystring("action")="deladmin" then
if request.querystring("id")="" then
errmsg=errmsg+"<br>"+"<li>请指定操作的对象!"
call diserror()
response.end
else
if not isinteger(request.querystring("id")) then
errmsg=errmsg+"<br>"+"<li>非法的酷站分类ID参数!"
call diserror()
response.end
end if
end if
sql="select * from admin where admin_id="&cint(request.querystring("id"))
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,1
%>
<table width="98%" border="1" cellspacing="0" cellpadding="4" bordercolor="#C0C0C0" style="border-collapse: collapse">
<form name="form2" method="post" action="">
<tr>
<td colspan="2"> <font color="#333333">删除管理员</font></td>
</tr>
<tr>
<td bgcolor="#FFFFFF">名称- <br>
</td>
<td bgcolor="#FFFFFF"><%=rs("admin_name")%> </td>
</tr>
<tr>
<td bgcolor="#FFFFFF">密码-</td>
<td bgcolor="#FFFFFF"><%=rs("admin_password")%></td>
</tr>
<tr>
<td bgcolor="#FFFFFF"> 确认密码-</td>
<td bgcolor="#FFFFFF"><%=rs("admin_password")%> </td>
</tr>
<tr>
<td bgcolor="#FFFFFF">管理员权限-</td>
<td bgcolor="#FFFFFF"><%=rs("flag")%></td>
</tr>
<tr>
<td height="30" colspan="2" align="center" bgcolor="#F5F5F5"> <input type="submit" name="Submit" value="确定删除">
[<a href="admin_admin.asp?action=admin">返回</a>] </td>
</tr>
<input type="hidden" name="id" value="<%=rs("admin_id")%>">
<input type="hidden" name="action" value="deladmin">
<input type="hidden" name="MM_insert" value="true">
</form>
</table>
<%rs.close
set rs=nothing
end if%>
<br>
</td>
</tr>
</table>
<%end if
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -