📄 index.asp

📁 1、整个程序共三个文件（数据库、WEB页面、md5文件） 2、管理员功能（添加
💻 ASP
📖 第 1 页 / 共 2 页
字号:
12 下一页
<!--#include file="Md5.asp"--><%
'设置作品文件名
dim Url
Url="Index.asp"'Url为作品的地址


'防SQL注入
squery=lcase(Request.ServerVariables("QUERY_STRING"))
sURL=lcase(Request.ServerVariables("HTTP_HOST"))
allquery=squery+sURL
If InStr(allquery,"%20")<>0 or InStr(allquery,"%27")<>0 or InStr(allquery,"'")<>0 or InStr(allquery,"%a1a1")<>0 or InStr(allquery,"%24")<>0 or InStr(allquery,"$")<>0 or InStr(allquery,"%3b")<>0 or InStr(allquery,";")<>0 or InStr(allquery,"%%")<>0 or InStr(allquery,"%3c")<>0 or InStr(allquery,"<")<>0 or InStr(allquery,">")<>0 or InStr(allquery,"--")<>0 or InStr(allquery,"sp_")<>0 or InStr(allquery,"xp_")<>0 or InStr(allquery,"exec")<>0 or InStr(allquery,"\")<>0 or InStr(allquery,"delete")<>0 or InStr(allquery,"dir")<>0 or InStr(allquery,"exe")<>0 or InStr(allquery,"select")<>0 or InStr(allquery,"Update")<>0 or InStr(allquery,"cmd")<>0 or InStr(allquery,"*")<>0 or InStr(allquery,"^")<>0 or InStr(allquery,"(")<>0 or InStr(allquery,")")<>0 or InStr(allquery,"+")<>0 or InStr(allquery,"copy")<>0 or InStr(allquery,"format")<>0 or not(isnumeric(Request("id"))) then
	Response.redirect "/"
	Response.End
End If

'数据库连接
dim conn,connstr
on error resume next
connstr="DBQ="+server.mappath("#Date.mdb")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};" '数据库连接地址
Set conn=server.createobject("ADODB.CONNECTION")
conn.open connstr

'判断是否登陆
Function checkadmin()
	If Session("Wm_Admin")="" then
		Response.redirect "?action=login"
		Response.End
	End If
End Function

'获取浏览器action
action=Request.Querystring("action")

'获取浏览器id
Id=Request.Querystring("Works_Id")

'Id是否为空
If Id<>"" and not isnumeric(Id) then
	Response.Write "<script>alert('非法的ID！');this.location.href='"&Url&"';</SCRIPT>"
	Response.End
End If
%>
<html>

<head>
<title>+++::  乌蒙design  ::+++[本站作品V1.0]</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta http-equiv="Content-Language" content="zh-cn">
<style>
body,td,th {
	/*文字大小*/
	font-size: 12px;
	/*文字颜色*/
	color: #2E2E2E;
	/*文字行距*/
	line-height: 20px;
	/*滚动条亮边的颜色*/
	scrollbar-3dlight-color:#CCCCCC;
	/*滚动条空白部分的颜色*/	
	scrollbar-highlight-color:#CCCCCC;
	/*滚动条凸出部分的颜色*/
	scrollbar-face-color:#FFFFFF;
	/*上下按钮上三角箭头的颜色*/
	scrollbar-arrow-color:#CCCCCC;
	/*立体滚动条阴影的颜色*/
	scrollbar-shadow-color:#FFFFFF;
	/*滚动条强阴影的颜色*/
	scrollbar-darkshadow-color:#000000;
	/*滚动条的基本颜色*/
	scrollbar-base-color:#CCCCCC;
	/*滚动条的背景颜色*/
	scrollbar-track-color:#FFFFFF;
}

a:link {
	color: #2E2E2E;
	/*删除超链接下划线*/
	text-decoration: none;
}

a:visited {
	/*删除超链接下划线*/
	text-decoration: none;
	/*超链接颜色*/
	color: #2E2E2E;
}

a:hover {
	/*超链接鼠标颜色*/
	color: #FF6600;
}

.input {
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: transparent;
	width: 130px;
}

.bmit {
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: transparent;
	width: 80px;
}

.text{
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: transparent;
}
</style>
</head>

<body bgcolor="#CCCCCC" topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0">

<script>
function show(id)
{
	var obj=eval(id);
	
	if(obj.style.visibility=="hidden")
	{
	obj.style.position="relative";
	obj.style.visibility="visible";
	}
	else
	{
	obj.style.position="absolute";
	obj.style.visibility="hidden";	
	}

}

//**********登陆后台调用**********
function Login(the){
	//判断管理员不能为空
	if(the.Admin_User.value==""){
		alert("管理员用户名不能为空！");
		the.Admin_User.focus();
		return false;
	}
	//判断管理员密码不能为空
	if(the.Admin_Pass.value==""){
		alert("管理员密码不能为空！");
		the.Admin_Pass.focus();
		return false;
	}
}

//**********修改管理员调用**********
function Modify_admin(the){
	//判断管理员不能为空
	if(the.Admin_User.value==""){
		alert("管理员用户名不能为空！");
		the.Admin_User.focus();
		return false;
	}
	//判断管理员旧密码不能为空
	if(the.Admin_Gps.value==""){
		alert("管理员旧密码不能为空！");
		the.Admin_Gps.focus();
		return false;
	}
	//判断管理员新密码不能为空
	if(the.Admin_Nps.value==""){
		alert("管理员新密码不能为空！");
		the.Admin_Nps.focus();
		return false;
	}
	//判断管理员新密码不得小于6个字符
	if(the.Admin_Nps.value.length<6){
		alert("管理员新密码不得小于6个字符！");
		the.Admin_Nps.focus();
		return false;
	}
	//判断管理员确认密码不能为空
	if(the.Admin_Pass.value==""){
		alert("管理员确认密码不能为空！");
		the.Admin_Pass.focus();
		return false;
	}
	//判断管理员两次新密码必须相等
	if(the.Admin_Nps.value!=the.Admin_Pass.value){
		alert("两次新密码不一致！");
		the.Admin_Nps.focus();
		return false;
	}
}

//**********删除作品**********
function Del()
{
if(confirm("请确定是否删除作品！"))
	return true;
else
	return false;

}

</script>
<table border="0" cellpadding="0" style="border-collapse: collapse" width="778" bgcolor="#FFFFFF" align="center">
	<tr>
		<td style="padding-left:15px;" height="25" valign="bottom">当前位置：<a href="/">首页</a> &gt; 本站作品</td>
	</tr>
</table>
<table border="0" cellpadding="0" style="border-collapse: collapse" width="778" align="center">
	<tr>
		<td height="1"></td>
	</tr>
	<tr>
		<td bgcolor="#FFFFFF" style="padding-top:13px;">
		<table border="0" cellpadding="0" style="border-collapse: collapse" width="100%">
			<tr>
				<td><font color="#FF6600">·本站作品·</font></td>
				<td align="right" style="padding-right:13px;"><%
						If Session("Wm_Admin")<>"" then
							Response.Write "欢迎管理员『&nbsp;<font color='red'>"&Session("Wm_Admin")&"</font>&nbsp;』"
							Response.Write "&nbsp;&nbsp;<a href='?action=Add' style='color:black'>添加作品</a>"
							Response.Write "&nbsp;&nbsp;<a href='?action=modpass' style='color:black'>修改帐号</a>"
							Response.Write "&nbsp;&nbsp;<a href='?action=logout' style='color:black'>退出管理</a>"
						Else
							Response.Write"<a href='?action=login' style='color:#FF6600'>管理员登录</a>"
						End If
					%></td>
			</tr>
			<tr>
				<td bgcolor="#FF6600" height="1"></td>
				<td bgcolor="#FF6600" height="1"></td>
			</tr>
		</table>
		<%
Select Case action

'添加作品调用
Case "add"

Set mRs= Server.CreateObject("adodb.recordSet")
mRs.open "Select * from [Wm_Works]", conn, 1, 3
mRs.addnew
	mRs("Works_Name") = Request.form("Works_Name")
	mRs("Works_Yurl") = Request.form("Works_Yurl")
	mRs("Works_Durl") = Request.form("Works_Durl")
	mRs("Works_Size") = Request.form("Works_Size")
	mRs("Works_Hot") = Request.form("Works_Hot")
	mRs("Works_Info") = Request.form("Works_Info")
	mRs("Works_Time") = Now()
	
mRs.update
mRs.close
Set mRs = nothing
	Response.Write "<script>alert('作品添加成功！');this.location.href='"&Url&"';</SCRIPT>"
	Response.End

'修改作品调用
Case "Admin_modify"
	checkadmin
	If Id="" then
		Response.Write "<script>alert('非法操作：ID参数不能为空！');this.location.href='"&Url&"';</SCRIPT>"
		Response.End
	End If
	
	Set mRs=Server.CreateObject("adodb.recordSet")
	Sql="Select * from [Wm_Works] where Works_Id="&Id
	mRs.open Sql,conn,1,3
	mRs("Works_Name") = Request.form("Works_Name")
	mRs("Works_Yurl") = Request.form("Works_Yurl")
	mRs("Works_Durl") = Request.form("Works_Durl")
	mRs("Works_Size") = Request.form("Works_Size")
	mRs("Works_Hot") = Request.form("Works_Hot")
	mRs("Works_Info") = Request.form("Works_Info")
	mRs("Works_Time") = Now()
	mRs.update
	mRs.close
	Set mRs=nothing
	Response.Write "<script>alert('作品修改成功！');this.location.href='"&Url&"';</SCRIPT>"
	Response.End

'删除作品调用
Case "del"
	checkadmin
	If Id="" then
		Response.Write "<script>alert('非法操作：ID参数不能为空！');this.location.href='"&Url&"';</SCRIPT>"
	    Response.End
	End If
	
	conn.execute("delete from [Wm_Works] where Works_Id="&Id)
	Response.Write "<script>alert('作品删除成功！');this.location.href='"&Url&"';</SCRIPT>"
	Response.End

'修改管理员密码调用
Case "modpassed"
	checkadmin
	Admin_User=Request.form("Admin_User")
	Admin_Gps=md5(Request.form("Admin_Gps"))
	Admin_Nps=md5(Request.form("Admin_Nps"))
	Admin_Pass=md5(Request.form("Admin_Pass"))
	Set mRs=conn.execute("select * from [Wm_Admin] where Admin_User='"&Session("Wm_Admin")&"' and Admin_Pass='"&Admin_Gps&"'")
	If mRs.eof then
		Response.Write "<script>alert('旧密码错误？');this.location.href='?action=modpass';</SCRIPT>"
		Response.End
	End If
	
	conn.execute("update [Wm_Admin] Set Admin_User='"&Admin_User&"',Admin_Pass='"&Admin_Pass&"' where Admin_User='"&Session("Wm_Admin")&"'")
	Session.Contents.Remove("Wm_Admin")
	Response.Write "<script>alert('修改成功！\n\修改后的用户名为『"&Admin_User&"』\n\返回从新登陆！');this.location.href='"&Url&"';</SCRIPT>"
	Response.End

'退出后台调用
Case "logout"
	Session.Contents.Remove("Wm_Admin")
	Response.Write "<script>alert('管理这么长时间了是该休息了（退出管理成功）');this.location.href='"&Url&"';</SCRIPT>"
	Response.End

'登陆后台调用
Case "logincheck"
	Admin_User=Request.form("Admin_User")
	Admin_Pass=md5(Request.form("Admin_Pass"))	
	Set mRs=conn.execute("select * from [Wm_Admin] where Admin_User='"&Admin_User&"' and Admin_Pass='"&Admin_Pass&"'")
	If not mRs.eof then
		Session("Wm_Admin")=mRs("Admin_User")
		Response.Write "<script>alert('又到管理留言的时间了（登录成功）！');this.location.href='"&Url&"';</SCRIPT>"
		Response.End
	Else
		Response.Write "<script>alert('不是本站站长请不要乱登陆。');this.location.href='?action=login';</SCRIPT>"
		Response.End
	End If

'登陆页面
Case "login"
%><br>
		<br>
		<br>
		<table border="0" cellpadding="1" cellspacing="1" style="border-collapse: collapse" width="260" bgcolor="#CCCCCC" align="center">
			<tr>
				<td bgcolor="F3F3F3">
				<table border="0" cellpadding="0" style="border-collapse: collapse" width="100%">
					<tr>
12 下一页
💿 文件大小 17 K
👤 上传用户 tanghui2008
📂 所属分类数据库系统
🏷️ 相关标签

#WEB #md5 #程序 #数据库
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -