reg.asp

一套完整的学生课程管理系统

<!-- #include file="utility/const.asp" -->
<!-- #include file="utility/md5.asp" -->

<%
	'****************************************
	'目的：			新生注册处理
	'开始时间：		2005-5-31
	'最后修改时间：	2005-6-4 16:09
	'编写人：		某某某
	'****************************************
	dim userID
	dim userName
	dim userPassword
	dim userGrade
	dim userSex
	dim userPhone
	dim userEmail
	dim userAddress
	dim sql
	dim rs
	
	'将表单里面的值取出赋给对应的变量
	userID = Trim(Request.Form("userID"))
	userName = Trim(Request.Form("userName"))
	userPassword = Trim(Request.Form("userPassword"))
	userGrade = Trim(Request.Form("userGrade"))
	userSex = Request.Form("userSex")
	userPhone = Trim(Request.Form("userPhone"))
	userEmail = Trim(Request.Form("userEmail"))
	userAddress = Trim(Request.Form("userAddress"))
	
	'信息完整性检查
	if(userID = "" or userName = "" or userPassword = "" or userGrade = "") then
		Alert("对不起，请填充所有必填字段后再提交！")
		GoBack()
		Response.End
	end if
	
	'检查用户输入的确认密码和密码是否一致
	if(userPassword <> Trim(Request.Form("userPasswordChk"))) then
		Alert("对不起，确认密码不正确，请查实后再提交！")
		GoBack()
		Response.End
	end if
	
	'检查学号是否已经存在，如果存在就拒绝操作
	sql = "select count(*) from student where ID = '" & userID & "'"
	Set rs = ExecuteQuery(sql)
	if(rs(0)<>0) then
		Alert("对不起，该学号已经有人使用，请查实！")
		GoBack()
		Response.end
	end if
	
	'过滤非法字符
	userID = CheckStr(userID)
	
	'加密密码
	userPassword = md5(userPassword)
	
	'添加学生信息到数据库中
	sql = "insert into student "
	sql = sql & "(ID,sName,sGrade,sSex,sEmail,sPhone,sAddress,sPassword) "
	sql = sql & " values ('" & userID & "','"
	sql = sql & userName & "','"
	sql = sql & userGrade & "','"
	sql = sql & userSex & "','"
	sql = sql & userEmail & "','"
	sql = sql & userPhone & "','"
	sql = sql & userAddress & "','"
	sql = sql & userPassword & "')"
	ExecuteNonQuery(sql)
	
	Session("userID") = userID
	Session("userName") = userName
	Session("userType") = "student"
	Session("userCheck") = 0
	
	Alert("注册成功，请等待管理员审核！")
	Go("index.asp")
%>