modifyuser.asp

本程序是一款比较完善的图书租赁系统

<!--#include file="conn.asp"-->
<!--#include file="ChkErr.asp"-->
<!--#include file="ResultMsg.asp"-->
<!--#include file="md5.asp"-->
<!--#include file="ChkEmail.asp"-->
<%
'判断用户状态是否失效
If IsEmpty(Session("UserID"))=True Then
	Response.Write GetErr(7)
	Response.End
End If

If Request("IsModify")<>"" Then
	'判断要更改的用户是否存在
	Set objRS=Server.CreateObject("ADODB.RecordSet")
	strSQL="SELECT UI_ID_N FROM [UserInfo] WHERE UI_ID_N="&Request("uid")
	objRS.Open strSQL,objConn,1,3
	If objRS.BOF Or objRS.EOF Then
		Response.Write "<br><br><br>"
		ResultMsg("要修改的用户没有找到！")
		objRS.Close
		Set objRS=Nothing
		CloseDatabase
		Response.End
	End If
	objRS.Close
	
	'检查输入的合法性
	'密码
	If Request("ChangePassword")<>"" Then
		If Request("Password")="" Then
			ResultMsg("如果选择了更改密码，则必须输入密码！")
			Response.End
		End If
		
		If Len(Request("Password"))>20 Then
			ResultMsg("密码请不要超过20个字符！")
			Response.End
		End If
		
		If InStr(Request("Password"),"'")>0 Then
			ResultMsg("字符“'”为非法输入，请去掉此字符！")
			Response.End
		End If
	End If
	'Email
	If IsValidEmail(Request("Email"))=False Then
		ResultMsg("Email输入不符合规范，请返回重新输入！")
		Response.End
	End If
	'QQ
	If Request("QQ")<>"" Then
		If IsNumeric(Request("QQ"))=False Then
			ResultMsg("QQ号码必须为数字，请返回重新输入！")
			Response.End
		End If
	End If
	'当管理员修改时判断
	If Request("ChangeBy")="admin" Then
		'判断用户是否为管理员
		strSQL="SELECT UI_IsAdmin_B FROM [UserInfo] WHERE UI_ID_N="&Session("UserID")
		objRS.Open strSQL,objConn,1,3
		If objRS("UI_IsAdmin_B")=False Then
			objRS.Close
			Response.Write GetErr(8)
			CloseDatabase
			Response.End
		End If
		objRS.Close
		'供应商
		If IsNumeric(Request("Provider"))=False Or Request("Provider")="" Then
			Response.Write GetErr(1)
			Response.End
		End If
		'管理员
		If Request("IsAdmin")<>"true" AND Request("IsAdmin")<>"false" Then
			Response.Write GetErr(1)
			Response.End
		End If
		'锁定
		If Request("IsLocked")<>"true" AND Request("IsLocked")<>"false" Then
			Response.Write GetErr(1)
			Response.End
		End If
		'信用等级
		If IsNumeric(Request("CerRank"))=False Or Request("CerRank")="" Then
			ResultMsg("信用等级不能留空！")
			Response.End
		End If
	End If
	
	'取得用户信息
	If Request("ChangePassword")<>"" Then
		UserPassword=md5(Request("Password"))
	End If
	Email=Request("Email")
	QQ=Request("QQ")
	ProviderID=Request("Provider")
	If ProviderID<>0 Then
		IsProvider=True
	Else
		IsProvider=False
	End If
	IsAdmin=Request("IsAdmin")
	IsLocked=Request("IsLocked")
	CerRank=Request("CerRank")
	
	'根据情况建立SQL语句更新数据库
	If Request("ChangeBy")="admin" Then
		If Request("ChangePassword")<>"" Then
			strSQL="UPDATE [UserInfo] SET UI_PI_ID_FN="&ProviderID&",UI_Password_S='"&UserPassword&"',UI_IsLocked_B="&IsLocked&",UI_CerRank_N="&CerRank&",UI_IsProvider_B="&IsProvider&",UI_Email_S='"&Email&"',UI_QQ_S='"&QQ&"',UI_IsAdmin_B="&IsAdmin&" WHERE UI_ID_N="&Request("uid")
		Else
			strSQL="UPDATE [UserInfo] SET UI_PI_ID_FN="&ProviderID&",UI_IsLocked_B="&IsLocked&",UI_CerRank_N="&CerRank&",UI_IsProvider_B="&IsProvider&",UI_Email_S='"&Email&"',UI_QQ_S='"&QQ&"',UI_IsAdmin_B="&IsAdmin&" WHERE UI_ID_N="&Request("uid")
		End If
	Else
		If Request("ChangePassword")<>"" Then
			strSQL="UPDATE [UserInfo] SET UI_Password_S='"&UserPassword&"',UI_Email_S='"&Email&"',UI_QQ_S='"&QQ&"' WHERE UI_ID_N="&Request("uid")
		Else
			strSQL="UPDATE [UserInfo] SET UI_Email_S='"&Email&"',UI_QQ_S='"&QQ&"' WHERE UI_ID_N="&Request("uid")
		End If
	End If
	objConn.Execute(strSQL)
	
	'输出结果
	Response.Write "<br><br><br>"
	ResultMsg("用户信息更新完毕！")
	
	CloseDatabase
	Response.End
Else
	'判断输入是否合法
	If IsNumeric(Request("uid"))=False Or Request("uid")="" Then
		Response.Write GetErr(1)
		Response.End
	End If

	'判断用户是否为管理员
	Dim strSQL,objRS
	Dim IsAdmin
	strSQL="SELECT UI_ID_N,UI_IsAdmin_B FROM [UserInfo] WHERE UI_ID_N="&Session("UserID")
	Set objRS=Server.CreateObject("ADODB.RecordSet")
	objRS.Open strSQL,objConn,1,3
	IsAdmin=objRS("UI_IsAdmin_B")
	objRS.Close

	'若用户不是管理员则判断其修改的是否为自己的信息
	If IsAdmin=False Then
		If Cint(Request("uid"))<>Cint(Session("UserID")) Then
			Response.Write GetErr(8)
			CloseDatabase
			Response.End
		End If
	End If

	'取得用户信息
	Dim UserName,Email,QQ
	Dim Provider,IsProvider,ProviderID
	Dim IsLocked,IsAdmin2
	Dim RentCount,CerRank
	strSQL="SELECT * FROM [UserInfo] WHERE UI_ID_N="&Request("uid")
	objRS.Open strSQL,objConn,1,3
	If objRS.BOF Or objRS.EOF Then
		ResultMsg("对不起，此用户不存在或已被删除！")
		objRS.Close
		CloseDatabase
		Response.End
	End If

	UserName=objRS("UI_Name_S")
	Email="<input type=text name=Email maxlength=50 size=30 value="&objRS("UI_Email_S")&">"
	QQ="<input type=text name=QQ maxlength=20 size=30 value="&objRS("UI_QQ_S")&">"
	IsProvider=objRS("UI_IsProvider_B")
	ProviderID=objRS("UI_PI_ID_FN")
	RentCount=objRS("UI_RentCount_N")
	CerRank=objRS("UI_CerRank_N")
	'若用户为管理员，才可修改用户属性选项
	If IsAdmin=True Then
		If objRS("UI_IsLocked_B")=True Then
			IsLocked="<input type=radio name=IsLocked value=true checked>是<input type=radio name=IsLocked value=false>否"
		Else
			IsLocked="<input type=radio name=IsLocked value=true>是<input type=radio name=IsLocked value=false checked>否"
		End If
		
		If objRS("UI_IsAdmin_B")=True Then
			IsAdmin2="<input type=radio name=IsAdmin value=true checked>是<input type=radio name=IsAdmin value=false>否"
		Else
			IsAdmin2="<input type=radio name=IsAdmin value=true>是<input type=radio name=IsAdmin value=false checked>否"
		End If
		
		CerRank="<input type=text name=CerRank value="&objRS("UI_CerRank_N")&" maxlength=5 size=2>"
	Else
		IsLocked=objRS("UI_IsLocked_B")
		IsAdmin2=objRS("UI_IsAdmin_B")
	End If
	objRS.Close

	'如果用户是供应商，取得供应商信息
	strSQL="SELECT * FROM [ProviderInfo]"
	objRS.Open strsQL,objConn,1,3
	Provider="<select name=Provider><option value=0>不是供应商</option>"
	For i=1 To objRS.RecordCount
		If objRS("PI_ID_N")=ProviderID Then
			Provider=Provider&"<option value="&objRS("PI_ID_N")&" selected>"&objRS("PI_Name_S")&"</option>"
		Else
			Provider=Provider&"<option value="&objRS("PI_ID_N")&">"&objRS("PI_Name_S")&"</option>"
		End If
		objRS.MoveNext
	Next
	Provider=Provider&"</select>"
	objRS.Close

%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name=vs_targetSchema content="http://schemas.microsoft.com/intellisense/ie5">
<link href="style.css" rel="stylesheet" type="text/css">
<title>察看用户信息</title>
<script language="javascript" src="JS\inc.js"></script>
</head>
<body>
<form action="modifyUser.asp">
<table class=tableborder1 align=center  cellspacing=1 cellpadding=3 width=100% height=100%>
<tr><th colspan=2 id=tabletitlelink height=25 style=font-weight:normal align=center>用户信息</th></tr>
<tr><td class=TableBody2 align=right width=25%>用户名：</td><td class=TableBody1 align=left><%=UserName%></td></tr>
<tr><td class=TableBody2 align=right width=25%>密码：</td><td class=TableBody1 align=left><input type=text name=Password size=20><input type=checkbox name=ChangePassword value=yes>修改密码</td></tr>
<tr><td class=TableBody2 align=right width=25%>Email：</td><td class=TableBody1 align=left><%=Email%></td></tr>
<tr><td class=TableBody2 align=right width=25%>QQ：</td><td class=TableBody1 align=left><%=QQ%></td></tr>
<tr><td class=TableBody2 align=right width=25%>供应商：</td><td class=TableBody1 align=left><%=Provider%></td></tr>
<tr><td class=TableBody2 align=right width=25%>管理员：</td><td class=TableBody1 align=left><%=IsAdmin2%></td></tr>
<tr><td class=TableBody2 align=right width=25%>锁定：</td><td class=TableBody1 align=left><%=IsLocked%></td></tr>
<tr><td class=TableBody2 align=right width=25%>信用等级：</td><td class=TableBody1 align=left><%=CerRank%></td></tr>
<tr><td class=TableBody2 align=right width=25%>租赁次数：</td><td class=TableBody1 align=left><%=RentCount%>次</td></tr>
<tr><td class=TableBody2 align=center width=25% colspan=2><input type=submit value=修改>&nbsp;<input type=button value=关闭 onclick=vbscript:window.close()></td></tr>
</table>
<input type=hidden name=uid value=<%=Request("uid")%>><input type=hidden name=IsModify value=yes>
<%
If IsAdmin=True Then
	Response.Write "<input type=hidden name=ChangeBy value=admin>"
Else
	Response.Write "<input type=hidden name=ChangeBy value=user>"
End If
%>
</form>
</body>
</html>
<%End If%>