admin.asp

Etp Flash 留言板西乡香草天空美化版

<!--
 Etp Flash 留言本 1.5 Bulid 040815
 制作：Etp工作室-Etp21
 网站：http://www.etp21.com
 QQ:69483
 E-mail：Etp21@163.com
 -->

<!--#include file="conn.asp" -->
<%
    mode=request("mode")
        
    select case mode
    case "login"
        login()
    case "check"
       if session("admin")="true" then
          message("login")       
       else
          message("你尚未登陆！！！")
       end if 
    case "save"
        save()
    case "quit"
        session("admin")=""
        message("quit")
    case "del"
        del()
    case "gd"
        gd()
    case ""
    	read()
    end select	

function read()
	set rs=conn.execute("select * from info")
    	 if not rs.eof then
    	 out="&message="&"yes&name="&rs("name")&"&qq="&rs("qq")&"&mail="&rs("mail")&"&page="&rs("page")&"&info="&rs("info")&"&bookname="&rs("bookname")&"&kf="&rs("kf")		
    	 session("kf")=rs("kf")
	 rs.close
	 set rs=nothing
	 response.write killBadWords(out)
	 response.end	
    	 end if
end function 

function gd()
	chkout()
	chklog()
	id=request.Form("id")
	set rs1=server.CreateObject("adodb.recordset")
	        conn.Execute"Update gbook set gd=Not gd where id="&id 
		message("yes")
end function

function login()
	chkout()
    	pass=request.form("pass")
    	set rs=conn.execute("select * from info")
    	if not rs.eof then
    	     if rs("pass")=pass then    	
		session("admin")="true"
                message("login")
	     else
	        message("密码错误！！！")
	     end if	
    	else
        	message("指不到数据，请检查数据库！！！")
    	end if
end function 

function htmlencode(fString)
if not isnull(fString) then
    fString = Replace(fString, CHR(1), "")
    fString = Replace(fString, "&", "＆")
    htmlencode = fString
end if
end function

function save()
	chkout()
	chklog()
	
	pass1=request.Form("pass1")
	if pass1<>"" then
	    sql1="select * from info where pass='"&pass1&"'"
	   else
	    sql1="select * from info" 
	end if 
	 set rs1=server.CreateObject("adodb.recordset")
	 rs1.open sql1,conn,2,3
	if not rs1.eof then
	 rs1("name")=htmlencode(request.Form("name"))
	 rs1("qq")=htmlencode(request.Form("qq"))
	 rs1("mail")=htmlencode(request.Form("mail"))
	 rs1("page")=htmlencode(request.Form("page"))
	 rs1("info")=htmlencode(request.Form("info"))
	 rs1("bookname")=htmlencode(request.Form("bookname"))
	 if request.Form("kf")="true" then
			rs1("kf")=true
	 	 else
	 	 	rs1("kf")=false
	 end if
	 if pass1<>"" then
	  rs1("pass")=request.Form("pass2")
	 end if
	 rs1.update
	 rs1.close
	 set rs1=nothing
	 message("save")
	else
	 session("admin")=""
	 message("密码错误！！！")
	end if
end function 

function del()
	chkout()
	chklog()
	id=request.form("id")
	if id<>"" then
	   sql="delete from gbook where id="&id
	   conn.execute(sql)
	   message("yes")
	end if
end function

function chklog()
	if session("admin")<>"true" then
	   message("你尚未登陆！！！")
	end if
end function
%>