manageteacher.asp

一套完整的学生课程管理系统

<!-- #include file="utility/checkAdmin.asp" -->
<!-- #include file="utility/md5.asp" -->

<%
	'****************************************
	'目的：			处理管理员信息
	'开始时间：		2005-6-2 20:39
	'最后修改时间：	2005-6-2 20:39
	'编写人：		某某某
	'****************************************
	
	'定义相关变量
	dim actionType			'操作类型
	dim teacherID			'教师编号
	dim teacherPassword		'教师密码
	dim sql				
	dim rs
	
	'将URL中的值取出并赋给变量
	actionType = Request.QueryString("actionType")
	teacherID = Request.QueryString("teaID")
	
	'如果通过以上检查，则判断操作类型并执行对应操作
	Select case (actionType)
		case "add": 	
			addTeacher()			'添加教师信息
		case "delete":	
			deleteTeacher()			'删除教师信息
		case "changePsw":
			changePsw()				'修改教师密码
	end Select
	
	'添加新的教师信息
	Sub addTeacher()
		dim teacherName
		dim teacherFlag
		
		teacherName = Trim(Request.Form("userName"))
		teacherPassword = Trim(Request.Form("userPassword"))
		teacherFlag = Trim(Request.Form("userFlag"))
		
		'信息是否完整
		if(teacherName = "" or teacherPassword = "" or teacherFlag = "") then
			Alert("您输入的信息不完整，请重新输入")
			GoBack()
			Response.End
		'密码是否匹配
		elseif(teacherPassword <> Trim(Request.Form("userPasswordChk"))) then
			Alert("两次输入的密码不匹配，操作失败！")
			GoBack()
			Response.End
		else
			'信息填充无误，继续判断用户是否已经存在
			sql = "select count(*) from teacher where tName = '" & teacherName & "'"
			set rs = ExecuteQuery(sql)
			if(rs(0) <> 0) then
				Alert("该用户已存在，请修改姓名以后重试！")
				GoBack()
				Response.End
			end if
			rs.close()
			set rs = nothing
			
			'加密密码
			tPassword = md5(tPassword)
			
			'用户不存在，执行添加操作
			sql = "insert into teacher (tName,tPassword,tFlag) values ('"
			sql = sql & teacherName & "','"
			sql = sql & teacherPssword & "','"
			sql = sql & teacherFlag & "')"
			ExecuteNonQuery(sql)
			Alert("成功添加 " & teacherFlag & " 级别的 " & teacherName & " ！")
			Go("listTeacher.asp")
		end if
	end Sub
	
	'删除指定ID的教师信息
	Sub deleteTeacher()
		if(teacherID = "") then
			Alert("参数丢失，拒绝操作！")
			GoBack()
			Response.end
		elseif(teacherID = Session("userID")) then
			Alert("您不能删除当前用户，操作失败！")
			GoBack()
			Response.end
		else
			sql = "delete from teacher where ID = " & teacherID
			ExecuteNonQuery(sql)
			Alert("操作成功，您删除了编号为 " & teacherID & " 的教师的信息。")
			Go("listTeacher.asp")
		end if	
	end Sub
	
	'修改指定ID的教师信息
	Sub changePsw()
		teacherPassword = Trim(Request.Form("teaPassword"))
		if(teacherID = "") then
			Alert("参数丢失，拒绝操作！")
			GoBack()
			Response.end
		'信息是否完整		
		elseif(teacherPassword = "") then
			Alert("信息填充不完整，操作失败！")
			GoBack()
			Response.End
		'两次输入的密码是否匹配
		elseif(teacherPassword <> Trim(Request.Form("teaPasswordChk"))) then
			Alert("两次输入的密码不匹配，操作失败！")
			GoBack()
			Response.End
		else
			'加密密码
			teacherPassword = md5(teacherPassword)
			sql = "update teacher set tPassword = '" & teacherPassword & "'"
			sql = sql & "where ID = " & teacherID
			ExecuteNonQuery(sql)
			Alert("操作成功，请继续其他操作！")
			Go("welcome.htm")
		end if
	end Sub
	
%>