admin_do.asp

一个考勤评分系统

<!--''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''版权：野马原创                    ''''
''''联系：ctplr@163.com          ''''
''''说明：需要新功能联系我      ''''
''''QQ:214297587                    ''''
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
-->
<!--#include file="check.asp"-->
<!--#include file="conn.asp"-->
<!--#include file="MD5.asp"-->
<link href=../css.css rel=stylesheet>
<%if qx>2 then 
response.write "您的权限不够！"
else
%>
<body background="../back.gif" style='cursor:url("Mouse.ani")'>
<%
if request("action")="addadmin" then 
zh=request.form("zh")
sql="select * from adminboss where username='"&zh&"'"
rs.open sql,cn,3,3
if  not (rs.eof  or rs.bof ) then
response.write "<script>alert('账号已经存在，请重输')</script>"
response.write "<script>history.back()</script>"
else
rs.addnew
rs("username")=zh
rs("password")=MD5(request.form("mm"))
rs("qx")=request.form("qx")
rs("jl")=request.form("back")
rs.update
rs.close
set rs=nothing
response.write "<script>alert('操作成功')</script>"
response.write "<script>history.back()</script>"

end if
end if
if request("action")="xiugai" then 
aid=request("aid")
sql="select password  from adminboss where id="&aid
rs.open sql,cn,3,3
pwd=rs("password")
oldmm=MD5(trim(request("oldmm")))
mm1=trim(request("mm1"))
mm2=trim(request("mm2"))
if (mm1=empty and mm2=empty) then
response.redirect "main.asp"
elseif mm1<>mm2 then 
response.write "<script>alert('两次输入的新密码不一致')</script>"
response.write "<script>history.back()</script>"
elseif pwd<>oldmm then 
response.write "<script>alert('您的旧密码没有输入正确！')</script>"
response.write "<script>history.back()</script>"
else
rs("password")=MD5(mm1)
rs.update
rs.close
response.write "<script>alert('修改密码成功！')"
response.write "<script>history.back()</script>"
end if
end if
 

if request("action")="adminxiugai" then 
mm=request("mm")
aid=request("aid")
sql="select * from adminboss where id="&aid
rs.open sql,cn,3,3
if trim(mm)=""  then 
mm=rs("password")
else
mm=MD5(trim(replace(mm,",","")))
end if
rs("username")=request("zh")
rs("password")=mm
rs("jl")=request("beizhu")
rs("qx")=request("qx")
rs.update
rs.close
response.write "<script>alert('更新管理员信息成功！')</script>"
 response.write "<script>history.back()</script>"
end if


if request("action")="admindel" then 
isdel=request("isdel")
pid=request("id")
pname=request("name")
if pname=session("name") then 
response.write "<script>alert('不能自杀！')</script>"
response.write "<script>history.back()</script>"
elseif isdel=1 then 
response.write "<script>alert('请不要构造非法url从外部提交数据！')</script>"
response.write "<script>history.back()</script>"
else
sql="delete from adminboss where id="&pid
cn.Execute sql
cn.close
response.write "<script>alert('删除成功！！')</script>"
response.write "<script>history.back()</script>"
end if
end if
end if
%>