📄 classmana.asp

📁 该学校网站内容界面清新
💻 ASP
字号:
<!--#include file="conn.asp"-->
<%
Function checkPermission()
	If Session("admin")<>"" then 
		checkPermission=TRUE
	Else
		checkPermission=FALSE
	End if
End Function

tmp=checkPermission()
If tmp=TRUE then
%>

<%
If Request.QueryString("style")="del" Then
   on error resume next
   conn.execute("delete * from [classname] where classname='"&Request.Form("classname2")&"'")
   conn.execute("delete * from [imgbook] where classname='"&Request.Form("classname2")&"'")
ElseIf Request.QueryString("style")="modify" Then
   classname=Trim(Request.Form("newclassname"))
   If classname="" Then
      Response.Write("<script language=javascript>alert('非法操作！！！');history.back()</script>")
      Response.End()
   End If
   if instr(classname,"'") or instr(classname,"select") or instr(classname,"in") or instr(classname,"from") or instr(classname,"len") or instr(classname,"where") or instr(classname,"or") or instr(classname,"and") then
     Response.Write("<script language=javascript>alert('包含非法字符！！！');history.back();</script>")
	 Response.End
   end if                     
   on error resume next
   conn.execute("update [classname] set classname='"&classname&"' where classname='"&Request.Form("classname")&"'")
   conn.execute("update [imgbook] set classname='"&classname&"' where class='"&Request.Form("classname")&"'")
End If
If Request.QueryString("style")="add" Then
  classname=Trim(Request.Form("classname3"))
  if instr(classname,"'") or instr(classname,"select") or instr(classname,"in") or instr(classname,"from") or instr(classname,"len") or instr(classname,"where") or instr(classname,"or") or instr(classname,"and") then
    Response.Write("<script language=javascript>alert('包含非法字符！！！');history.back();</script>")
	Response.End
  end if                     
   conn.execute("insert into [classname] (classname) values ('"&classname&"')")
   Response.Write("<script language=javascript>alert('成功填加．请返回！');window.location.replace('classmana.asp')</script>")
End If

%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
<link href="style.css" rel="stylesheet" type="text/css">
</head>
<script language=javascript> 
function rusure()
{ question = confirm("此操作会影响到与本分类相关的图片．．．继续?") 
if (question !="0")
{ parent.right.location = "newclassmana.asp" } 
} 
function xxg()
{
  if (form3.classname3.value=="")
   {
     alert("请写上分类的名字！！！");
	 form3.classname3.focus();
	 return false;
	 }
  return true
  }
</script>

<body>
<br>
<br>
<%
if session("flag")>0 then
   Response.Write("<br><br><br><center>对不起。你没有权限进入此页面！！！</center>")
   Response.end 
end if
%>
<table width="100%" height="221" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td width="10%" height="47">&nbsp;</td>
    <td><strong>图片分类管理</strong><br> <br> <font color="#FF0000">注意：分类名称不可包含以下非法字符: 
      '、@、+、or、from、select、len、where、&amp;、and等</font></td>
  </tr>
  <tr> 
    <td height="111" rowspan="2">&nbsp;</td>
    <td><form name="form3" method="post" action="classmana.asp?style=add" onsubmit="return xxg()">
        <table width="100%" height="39" border="0" cellpadding="0" cellspacing="0">
          <tr> 
            <td width="11%" height="19">&nbsp;</td>
            <td width="51%" align="center">&nbsp;</td>
            <td width="38%">&nbsp;</td>
          </tr>
          <tr> 
            <td>填加分类</td>
            <td> <input name="classname3" type="text" id="classname"> &nbsp; <input type="submit" name="Submit3" value="填加"> 
            </td>
            <td>&nbsp;</td>
          </tr>
        </table>
      </form></td>
  </tr>
  <tr> 
    <td><form name="form1" method="post" action="classmana.asp?style=modify">
        <table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr> 
            <td width="11%">&nbsp;</td>
            <td width="89%">&nbsp;</td>
          </tr>
          <tr> 
            <td>更改分类</td>
            <td><select name="classname" id="select2">
                <% sql1="select * from classname"
		        set rs1=conn.execute(sql1)
				do while not rs1.eof  %>
                <option value=<%=rs1("classname")%>><%=rs1("classname")%></option>
                <% i=i+1
				    rs1.movenext
					loop  %>
              </select>
              该名为 
              <input name="newclassname" type="text" id="newclassname2"> &nbsp;&nbsp;&nbsp; 
              <input type="submit" name="Submit" value="修改" onClick="rusure();return false;"> 
            </td>
          </tr>
        </table>
      </form></td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td><form name="form2" method="post" action="classmana.asp?style=del">
        <table width="100%" border="0" cellspacing="0" cellpadding="0">
          <tr> 
            <td width="11%">&nbsp;</td>
            <td width="89%">&nbsp;</td>
          </tr>
          <tr> 
            <td>删除分类</td>
            <td> <select name="classname2" id="select3">
                <% sql1="select * from classname"
		        set rs1=conn.execute(sql1)
				do while not rs1.eof %>
                <option value=<%=rs1("classname")%>><%=rs1("classname")%></option>
                <% i=i+1
				    rs1.movenext
					loop  %>
              </select> &nbsp; <input type="submit" name="Submit2" value="删除"  onClick="rusure();return false;"></td>
          </tr>
        </table>
      </form></td>
  </tr>
</table>
</body>
</html>
<%
Else
	response.redirect "../../login.asp?postion=2"
End if
%>
💿 文件大小 4245 K
👤 上传用户 enterjqk
📂 所属分类 Internet/网络编程
🏷️ 相关标签

#网站
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -