users.asp
来自「ASP+SQL Server动态网站开发从基础到实践教程」· ASP 代码 · 共 146 行
ASP
146 行
<%@ Language=VBScript %>
<%Response.buffer=true
Level=0
'根据用户的选择,设定权限级别
Select Case request.querystring("action")
Case "edit" '查看用户列表
Level=3
Case "change" '修改用户信息
Level=3
Case "create" '创建文件
Level=3
Case "delete" '删除文件
Level=3
Case "dochange" '保存用户修改
Level=3
Case "docreate" '保存新增用户
Level=3
Case "logedit" '编辑日志
Level=2
Case "logdelete" '删除日志
Level=2
Case "logdeleteall" '删除所有日志
Level=2
End Select
%>
<!--#include File ="includes/check.inc"-->
<HTML>
<HEAD>
<meta http-equiv="content-type" content="text/html;charset=gb2312">
<title>aspEdit</title>
<link rel=stylesheet type="text/css" href="styles/style.css">
</HEAD>
<BODY>
<!--#include File ="includes/banner.inc"--><!--#include File ="includes/encryption.inc"--><!--#include File ="includes/db_open.inc"--><%
Select Case request.querystring("action")
Case "logedit" '编辑日志
response.write("<div align='center'>[<a href='users.asp?action=logdeleteall'>删除全部日志</a>]<br><br> <table border='0' cellpadding='0' cellspacing='0'><tr><td colspan='3' bgcolor='#31618c'><div align='center'><b><font color='white'>日志</font></b></div></td></tr><tr><td width='200' bgcolor='#31618c'><div align='center'><b><font size='-2'>用户名</font></b></div></td><td width='200' bgcolor='#31618c'><div align='center'><font size='-2'><b>日期</b></font></div></td><td bgcolor='#31618c'></td></tr>")
Set rs1=db.execute("SELECT * FROM [users] INNER JOIN log ON users.UserID = log.UserID;")
Do While not rs1.EOF '循环显示所有日志
response.write("<tr><td width='200'>" & DeCode(rs1.fields("UserName")) & "</td><td width='200'>" & rs1.fields("LogOnDate") & "</td><td><div align='right'><font size='-2'>[<a href='users.asp?action=logdelete&logid=" & rs1.fields("LogID") & "'>删除</a>]</font></div></td></tr>")
rs1.movenext
Loop
response.write("</table></div>")
Case "logdelete" '删除日志
If request.querystring("logid")<>"" then
'删除被选中的日志
db.Execute("DELETE FROM [log] WHERE (((log.logID)=" & request.querystring("logid") & "));")
response.write("选定的日志已经被删除.<br><br><br>Click <a href=users.asp?action=logedit>here</a> to proceed.")
Else
response.write("删除错误.<br><br><br>单击<a href=users.asp?action=logedit>这里</a> 继续.")
End if
Case "logdeleteall" '删除所有日志信息
'删除所有日志
db.Execute("DELETE * FROM [log];")
response.write("日志被清除.<br><br><br>单击<a href=users.asp?action=logedit>这里</a> 继续.")
Case "logon" '管理员登录
response.write("<div align='center'><form action='users.asp?action=dologon' method='post'><table border='0' cellpadding='0' cellspacing='1'><tr><td colspan='2' bgcolor='#31618c'><div align='center'><b><font color='white'>系统登录</font></b></div></td></tr><tr><td bgcolor='#31618c' width='75'><b><font size='-2'>用户名:</font></b></td><td><div align='right'><input type='text' name='UserName' size='24'></div></td></tr><tr><td bgcolor='#31618c' width='75'><b><font size='-2'>密码:</font></b></td><td><div align='right'><input type='password' name='password' size='24'></div></td></tr></table><input type='submit' name='submitButtonName' value='登录...'></form></div>")
Case "dologon" '用户权限验证
UserName=Encode(request.form("UserName")) '获得用户名,注意这里经过加密了
Password=Encode(request.form("Password")) '获得密码
Error=""
If UserName="" then Error = Error & "<li>No UserName entered."
If Password="" then Error = Error & "<li>No Password entered."
Set rs1=db.Execute("SELECT * FROM [users] WHERE UserName='" & UserName & "' AND Password='" & Password & "'")
If UserName<>"" AND Password<>"" AND rs1.EOF=true then Error = Error & "<li>用户名密码错误!"
If Error<>"" then response.write("<div align='left'>出现以下错误:<ul>" & Error & "</ul></div><br><br>Click <a href='javascript:history.back()'>here</a> to try again.")
If Error="" then
Session("aspEdit_UserName")=DeCode(UserName)
Session("aspEdit_Level")=rs1.fields("Level")
db.Execute("INSERT INTO log(UserID,LogOnDate) VALUES (" & rs1.fields("UserID") & ",'" & now & "');")
response.write("<br>You succesfully logged on.<br><br><br>Click <a href='aspedit.asp'>here</a> to proceed.")
end if
rs1.Close
Set rs1=Nothing
Case "level" '权限不够提示
response.write("你需要更高的权限.<br><br><br>单击<a href='aspedit.asp'>这里</a> 继续或者 <a href='users.asp?action=logon'>这里</a> 用另外一个用户名登录.")
Case "edit" '显示用户列表
response.write("<div align='center'>[<a href='users.asp?action=create'>创建新用户</a>]<br><br><table border='0' cellpadding='0' cellspacing='0'><tr><td colspan='4' bgcolor='#31618c'><div align='center'><b><font color='white'>帐号管理</font></b></div></td></tr><tr><td width='200' bgcolor='#31618c'><div align='center'><font size='-2'><b>用户名:</b></font></div></td><td width='200' bgcolor='#31618c'><div align='center'><font size='-2'><b>密码</b></font></div></td><td width='150' bgcolor='#31618c'><div align='center'><font size='-2'><b>权限等级</b></font></div></td><td width='70' bgcolor='#31618c'></td></tr>")
set rs1=db.Execute("SELECT * FROM [users]")
Do While Not rs1.EOF
response.write("<tr><td width='200'>" & DeCode(rs1.fields("UserName")) & "</td><td width='200'>" & DeCode(rs1.fields("Password")) & "</td><td width='150'><div align='center'>")
Level=""
For x=1 to rs1.fields("Level")
Level=Level & "I"
Next
response.write(Level & "</div></td><td width='70'><div align='right'><font size='-2'>[<a href='users.asp?action=change&userid=" & rs1.fields("UserID") & "'>edit</a>][<a href='users.asp?action=delete&userid=" & rs1.fields("UserID") & "'>delete</a>]</font></div></td></tr>")
rs1.MoveNext
Loop
rs1.Close
Set rs1=Nothing
response.write("</table></div>")
Case "delete" '删除用户
If request.querystring("userid")<>"" then
'删除被选择的用户
db.Execute("DELETE * FROM [users] WHERE (((users.UserID)=" & request.querystring("userid") & "));")
response.write("用户被删除.<br><br><br>单击<a href=users.asp?action=edit>这里</a> 继续.")
Else
response.write("出现错误!.<br><br><br>单击<a href=users.asp?action=edit>这里</a>继续.")
End if
Case "create" '创建用户
response.write("<div align='center'><form name='FormName' action='users.asp?action=docreate' method='post'><table border='0' cellpadding='0' cellspacing='1'><tr><td colspan='2' bgcolor='#31618c'><div align='center'><b><font color='white'>New User</font></b></div></td></tr><tr><td width='130' bgcolor='#31618c'><font size='-2'><b>用户名:</b></font></td><td><input type='text' name='UserName' size='24'></td></tr><tr><td width='130' bgcolor='#31618c'><font size='-2'><b>密码:</b></font></td><td><input type='text' name='Password' size='24'></td></tr><tr><td width='130' bgcolor='#31618c'><font size='-2'><b>权限:</b></font></td><td><input type='radio' value='1' name='Level' checked>I<br><input type='radio' value='2' name='Level'>II<br><input type='radio' value='3' name='Level'>III</td></tr></table><input type='submit' name='submitButtonName' value='创建新用户...'></form></div>")
Case "docreate" '创建用户的后台处理
UserName=Encode(request.form("UserName"))
Password=Encode(request.form("Password"))
Level=int(request.form("Level"))
If UserName="" then Error = Error & "<li>No UserName entered."
If Password="" then Error = Error & "<li>No Password entered."
Set rs1=db.Execute("SELECT * FROM [users] WHERE users.UserName='" & UserName & "';")
If UserName<>"" AND Password<>"" AND rs1.EOF<>true then Error = Error & "<li>UserName already exists."
If Error<>"" then response.write("<div align='left'>The following error(s) occured:<ul>" & Error & "</ul></div><br><br>Click <a href='javascript:history.back()'>here</a> to try again.")
If Error="" then
db.Execute("INSERT INTO [users]([UserName],[Password],[Level]) VALUES ('" & UserName & "','" & Password & "'," & Level & ");")
response.write("New User successfully created.<br><br><br>Click <a href='users.asp?action=edit'>here</a> to proceed.")
end if
rs1.Close
Set rs1=Nothing
Case "change" '编辑用户
Set rs1=db.Execute("SELECT * FROM users WHERE users.userid=" & request.querystring("userid") & ";")
response.write("<div align='center'><form name='FormName' action='users.asp?action=dochange&userid=" & rs1.fields("UserID") & "' method='post'><table border='0' cellpadding='0' cellspacing='1'><tr><td colspan='2' bgcolor='#31618c'><div align='center'><b><font color='white'>编辑用户</font></b></div></td></tr><tr><td width='130' bgcolor='#31618c'><font size='-2'><b>用户名:</b></font></td><td><input type='text' name='UserName' size='24' value='" & DeCode(rs1.fields("UserName")) & "'></td></tr><tr><td width='130' bgcolor='#31618c'><font size='-2'><b>密码:</b></font></td><td><input type='text' name='Password' size='24'value='" & DeCode(rs1.fields("Password")) & "'></td></tr><tr><td width='130' bgcolor='#31618c'><font size='-2'><b>权限:</b></font></td><td><input type='radio' value='1' name='Level'")
If rs1.fields("Level")=1 then response.write("checked")
response.write(">I<br><input type='radio' value='2' name='Level'")
If rs1.fields("Level")=2 then response.write("checked")
response.write(">II<br><input type='radio' value='3' name='Level'")
If rs1.fields("Level")=3 then response.write("checked")
response.write(">III</td></tr></table><input type='submit' name='submitButtonName' value='保存修改...'><input type='reset' name='resetButtonName' value='清空...'></form></div>")
Case "dochange" '保存编辑的数据
If request.querystring("userid")<>"" then
UserName=Encode(request.form("UserName"))
Password=Encode(request.form("Password"))
Level=int(request.form("Level"))
If UserName="" then Error = Error & "<li>No UserName entered."
If Password="" then Error = Error & "<li>No Password entered."
If Error<>"" then response.write("<div align='left'>The following error(s) occured:<ul>" & Error & "</ul></div><br><br>Click <a href='javascript:history.back()'>here</a> to try again.")
If Error="" then
db.Execute("UPDATE [users] SET [users].UserName = '" & UserName & "', [users].[Password] = '" & Password & "', [users].[Level] = " & Level & " WHERE (((users.UserID)=" & request.querystring("userid") & "));")
response.write("用户修改成功!.<br><br><br>单击<a href='users.asp?action=edit'>这里</a> 继续.")
end if
else
response.write("出现错误!<br><br><br>Click <a href=users.asp?action=edit>here</a> to proceed.")
End if
End Select%>
</BODY><!--#include File ="includes/db_close.inc"-->
</HTML>⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?