useradd2.asp

社区天地图文系统(核心:尘缘雅境图文系统) 版本: 1.0 本系统是ASP+ACCESS环境下开发成功

<!--#include file=conn.asp -->
<!--#include file="char.inc"-->
<!--#include file="chkuser.asp" -->
<!--#include file="../include/md5.asp"-->
<%
IF not(request.cookies("KEY")="super" or request.cookies("KEY")="typemaster" or  request.cookies("KEY")="bigmaster") THEN
response.redirect "index_face.asp"
response.end
else
usernamecookie=CheckStr(request.cookies("UserName"))
passwdcookie=replace(trim(Request.cookies("passwd")),"'","''")
KEYcookie=replace(trim(request.cookies("KEY")),"'","''")
if usernamecookie="" or passwdcookie="" then
response.redirect "login.asp"
response.end
else
'判断用户的合法性
  set rs=server.createobject("adodb.recordset")
  sql="select * from admin where username='"&usernamecookie&"'"
  rs.open sql,conn,1,1
  if rs.eof and rs.bof then
             response.redirect "login.asp"
            response.end
         end if
  IF passwdcookie<>rs("passwd") THEN
          response.redirect "login.asp"
           response.end
      END IF
   '下面判断用户级别实际在有用户级别是都应该判断
   if KEYcookie<>rs("OSKEY") then
      response.redirect "index_face.asp"
      response.end
    end if
           rs.close
           set rs=nothing
END IF
END IF
dim rs,tsql
dim rst
dim UserName
dim passwd
dim adder
dim depid
dim oskey
dim shenhe
adder=request.form("adder")
UserName=trim(request("UserName"))
depid=request.form("depid")
oskey=request.form("oskey")
passwd=md5(trim(request("passwd")))
if Instr(request("username"),"=")>0 or Instr(request("username"),"%")>0 or Instr(request("username"),chr(32))>0 or Instr(request("username"),"?")>0 or Instr(request("username"),"&")>0 or Instr(request("username"),";")>0 or Instr(request("username"),",")>0 or Instr(request("username"),"'")>0 or Instr(request("username"),",")>0 or Instr(request("username"),chr(34))>0 or Instr(request("username"),chr(9))>0 or Instr(request("username"),"