⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 index.asp

📁 1、整个程序共三个文件(数据库、web页面、md5文件) 2、管理员功能(删除
💻 ASP
📖 第 1 页 / 共 2 页
字号:
🔍
12 
<!--#include file="Md5.asp"--><%
'设置QQ文件名
dim Url
Url="Index.asp"'Url为操作后返回的地址

'防SQL注入
squery=lcase(Request.ServerVariables("QUERY_STRING"))
sURL=lcase(Request.ServerVariables("HTTP_HOST"))
allquery=squery+sURL
If InStr(allquery,"%20")<>0 or InStr(allquery,"%27")<>0 or InStr(allquery,"'")<>0 or InStr(allquery,"%a1a1")<>0 or InStr(allquery,"%24")<>0 or InStr(allquery,"$")<>0 or InStr(allquery,"%3b")<>0 or InStr(allquery,";")<>0 or InStr(allquery,"%%")<>0 or InStr(allquery,"%3c")<>0 or InStr(allquery,"<")<>0 or InStr(allquery,">")<>0 or InStr(allquery,"--")<>0 or InStr(allquery,"sp_")<>0 or InStr(allquery,"xp_")<>0 or InStr(allquery,"exec")<>0 or InStr(allquery,"\")<>0 or InStr(allquery,"delete")<>0 or InStr(allquery,"dir")<>0 or InStr(allquery,"exe")<>0 or InStr(allquery,"select")<>0 or InStr(allquery,"Update")<>0 or InStr(allquery,"cmd")<>0 or InStr(allquery,"*")<>0 or InStr(allquery,"^")<>0 or InStr(allquery,"(")<>0 or InStr(allquery,")")<>0 or InStr(allquery,"+")<>0 or InStr(allquery,"copy")<>0 or InStr(allquery,"format")<>0 or not(isnumeric(Request("id"))) then
	Response.redirect "/"
	Response.End
End If

'数据库连接
dim conn,connstr
on error resume next
connstr="DBQ="+server.mappath("#Date.mdb")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};" '数据库连接地址
Set conn=server.createobject("ADODB.CONNECTION")
conn.open connstr

'过滤代码
Function htmlencode(fString)
If not isnull(fString) then
    fString = replace(fString, ">", "&gt;")
    fString = replace(fString, "<", "&lt;")
    fString = Replace(fString, CHR(32), "&nbsp;")
    fString = Replace(fString, CHR(9), "&nbsp;")
    fString = Replace(fString, CHR(34), "&quot;")
    fString = Replace(fString, CHR(39), "&#39;")
    fString = Replace(fString, CHR(13), "")
    fString = Replace(fString, CHR(10) & CHR(10), "</p><p> ")
    fString = Replace(fString, CHR(10), "<br> ")
	htmlencode = fString
End If
End Function

Function uhtmlencode(fString)
If not isnull(fString) then
	fString = Replace(fString, "&nbsp;", CHR(32))
	fString = Replace(fString, "&nbsp;", CHR(9))
	fString = Replace(fString, "&quot;", CHR(34))
	fString = Replace(fString, "&#39;", CHR(39))
	fString = Replace(fString, "", CHR(13))
	fString = Replace(fString, "</p><p> ", CHR(10) & CHR(10))
	fString = Replace(fString, "<br> ", CHR(10))
	uhtmlencode = fString
End If
End Function

'判断是否登陆
Function checkadmin()
	If Session("5izt_Admin")="" then
		Response.redirect "?action=login"
		Response.End
	End If
End Function

'获取浏览器action
action=Request.Querystring("action")

'获取浏览器id
Id=Request.Querystring("Qq_Id")

'Id是否为空
If Id<>"" and not isnumeric(Id) then
	Response.Write "<script>alert('非法操作:ID参数不能为空!');this.location.href='"&Url&"';</SCRIPT>"
	Response.End
End If
%>
<html>

<head>
<title>+++::  941网络技术交流群潜水用户管理  ::</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta http-equiv="Content-Language" content="zh-cn">
<style>
body,td,th {
	/*文字大小*/
	font-size: 12px;
	/*文字颜色*/
	color: #2E2E2E;
	/*文字行距*/
	line-height: 20px;
	/*滚动条亮边的颜色*/
	scrollbar-3dlight-color:#CCCCCC;
	/*滚动条空白部分的颜色*/	
	scrollbar-highlight-color:#CCCCCC;
	/*滚动条凸出部分的颜色*/
	scrollbar-face-color:#FFFFFF;
	/*上下按钮上三角箭头的颜色*/
	scrollbar-arrow-color:#CCCCCC;
	/*立体滚动条阴影的颜色*/
	scrollbar-shadow-color:#FFFFFF;
	/*滚动条强阴影的颜色*/
	scrollbar-darkshadow-color:#000000;
	/*滚动条的基本颜色*/
	scrollbar-base-color:#CCCCCC;
	/*滚动条的背景颜色*/
	scrollbar-track-color:#FFFFFF;
}

a:link {
	color: #2E2E2E;
	/*删除超链接下划线*/
	text-decoration: none;
}

a:visited {
	/*删除超链接下划线*/
	text-decoration: none;
	/*超链接颜色*/
	color: #2E2E2E;
}

a:hover {
	/*超链接鼠标颜色*/
	color: #FF6600;
}

.input {
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: transparent;
	width: 130px;
}

.bmit {
	font-size: 12px;
	border: 1px solid #CCCCCC;
	background-color: transparent;
	width: 80px;
}
</style>
</head>

<body bgcolor="#CCCCCC" topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0">
<script language="javascript">
//**********登记QQ调用**********
function Add(the){
	//判断昵称如果为空自动输入“网友”
	if(the.Qq_Name.value==""){
		the.Qq_Name.value="网友";
	}
	//判断昵称不能为以下特殊符号
	tChk = /^[^ \s~!@#$%\^\&\*\(\)_\+|\-\=\/\?:;'"\[\{\]\}`\.>,<\\]+$/;
	if(!tChk.exec(the.Qq_Name.value)){
		alert("请输入正确的姓名!\n\n姓名必须在1-10位之间,且不得含有特殊符号!");
		the.Qq_Name.focus();
		return false;
	}
	//判断昵称能大于5个汉字
	if(the.Qq_Name.value.length>10){
		alert("昵称不能大于5个汉字!");
		the.Qq_Name.focus();
		return false;
	}
	//判断QQ不能小于5
	if(the.Qq_Qq.value.length<5){
		alert("目前没有小于5位数的QQ号码!");
		the.Qq_Qq.focus();
		return false;
	}
	//判断QQ不能大于9
	if(the.Qq_Qq.value.length>9){
		alert("目前没有大于9位数的QQ号码!");
		the.Qq_Qq.focus();
		return false;
	}
	//判断QQ只能为数字
	if(isNaN(the.Qq_Qq.value))
		 {
		     alert("有不是数字的QQ吗?");
			 
			 return  false;		
		 }
}
//**********登陆后台调用**********
function Login(the){
	//判断管理员不能为空
	if(the.Admin_User.value==""){
		alert("管理员用户名不能为空!");
		the.Admin_User.focus();
		return false;
	}
	//判断管理员密码不能为空
	if(the.Admin_Pass.value==""){
		alert("管理员密码不能为空!");
		the.Admin_Pass.focus();
		return false;
	}
}

//**********修改管理员调用**********
function Modify_admin(the){
	//判断管理员不能为空
	if(the.Admin_User.value==""){
		alert("管理员用户名不能为空!");
		the.Admin_User.focus();
		return false;
	}
	//判断管理员旧密码不能为空
	if(the.Admin_Gps.value==""){
		alert("管理员旧密码不能为空!");
		the.Admin_Gps.focus();
		return false;
	}
	//判断管理员新密码不能为空
	if(the.Admin_Nps.value==""){
		alert("管理员新密码不能为空!");
		the.Admin_Nps.focus();
		return false;
	}
	//判断管理员新密码不得小于6个字符
	if(the.Admin_Nps.value.length<6){
		alert("管理员新密码不得小于6个字符!");
		the.Admin_Nps.focus();
		return false;
	}
	//判断管理员确认密码不能为空
	if(the.Admin_Pass.value==""){
		alert("管理员确认密码不能为空!");
		the.Admin_Pass.focus();
		return false;
	}
	//判断管理员两次新密码必须相等
	if(the.Admin_Nps.value!=the.Admin_Pass.value){
		alert("两次新密码不一致!");
		the.Admin_Nps.focus();
		return false;
	}
}

//**********删除QQ**********
function Del()
{
if(confirm("请确定是否删除QQ!"))
	return true;
else
	return false;

}
</script>
<table border="0" cellpadding="0" style="border-collapse: collapse" width="778" bgcolor="#FFFFFF" align="center">
	<tr>
		<td style="padding-left:15px;" height="25" valign="bottom">当前位置:<a href="/">首页</a> &gt; 941网络技术交流群潜水用户管理</td>
	</tr>
</table>
<table border="0" cellpadding="0" style="border-collapse: collapse" width="778" align="center">
	<tr>
		<td height="1"></td>
	</tr>
	<tr>
		<td bgcolor="#FFFFFF" style="padding-top:13px;"><%
Select Case action

'登记QQ调用
Case "add"

'判断是否外部提交
dim From_url,Serv_url
From_url = Cstr(Request.ServerVariables("HTTP_Referer"))
Serv_url = Cstr(Request.ServerVariables("Server_Name"))
If mid(From_url,8,len(Serv_url)) <> Serv_url Then
	Response.Write "<script>alert('警告!\n\你正在从外部提交数据!!\n\请立即终止!!');this.location.href='"&Url&"';</SCRIPT>"
	Response.End
End If

'二次判断,防止屏蔽JS后提交数据
Qq_Name=htmlencode(Request.form("Qq_Name"))
Qq_Qq=htmlencode(Request.form("Qq_Qq"))

If Qq_Name="" or Qq_Qq=""  then
	Response.Write "<script>alert('昵称、QQ必须填写!');this.location.href='"&Url&"';</SCRIPT>"
ElseIf len(Qq_name)>10 then
	Response.Write "<script>alert('昵称不能大于5个汉字!');this.location.href='"&Url&"';</SCRIPT>"
ElseIf not (isNumeric(Qq_Qq) or Qq_Qq="") then
	Response.Write "<script>alert('有不是数字的QQ吗?');this.location.href='"&Url&"';</SCRIPT>"
ElseIf len(Qq_Qq)<5 or len(Qq_Qq)>10 then
	Response.Write "<script>alert('目前没有大于9位数,小于5位数的QQ号码!');this.location.href='"&Url&"';</SCRIPT>"
Else
	Set mRs= Server.CreateObject("adodb.recordSet")
	mRs.open "Select * from [5izt_Qq]", conn, 1, 3
	mRs.addnew
		mRs("Qq_Name") = Qq_Name
		mRs("Qq_Qq") = Qq_Qq
		mRs("Qq_Time") = now()
		mRs("Qq_Ip") = Request.ServerVariables("REMOTE_ADDR")
		mRs("Qq_Validate") = 0
12

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -