admin.asp

许愿墙（仿QQ爱墙）V15免费版

<!--#include file="_conn.asp"-->
<!--#include file="inc/function.asp"-->
<!--#include file="inc/md5.asp"-->
<%
'/////////////////////////////////////////////////////
'// 程序: ASPK爱墙 1.5	 作者: 姬宏波	2007.10.07  //
'// 主页：www.aspk.net   邮箱: Jihongbo@gmail.com   //
'/////////////////////////////////////////////////////
Call Chk_Post()

Select Case request("cmd")
	Case "add"
		Call Chk_Time(KEEP_TIME)
		Call AddLove()
	Case "del"
		Call DelLove()
	Case "edit"
		Call EditPWD()
	Case "login"
		Call Chk_Time(KEEP_TIME)
		Call ChkLogin()
	Case Else
		conn.close		
		Set conn=Nothing
		response.redirect "default.asp"
End Select 

Sub AddLove() 
	Dim key,getcode
		key=Int(request("key"))	
		getcode=Int(session("getcode"))
	If key<>getcode Then 
		response.write "<script type='text/javascript'>alert('验证码错误');history.go(-1);</script>"
		response.End
	End If 
	Dim send,pick,info
		send=Trim(request("send"))
		pick=Trim(request("pick"))
		info=Trim(request("info"))
	If BadWord(send,BAN_LIST) Or BadWord(pick,BAN_LIST) Or BadWord(info,BAN_LIST) Then
		response.write "<script type='text/javascript'>alert('您用词不当');history.go(-1);</script>"
		response.End 
	End If
	Dim sql,rs,ip,face,icon,id
	send=ReplaceBadChar(send)
	If send="" Then send="匿名"
	pick=ReplaceBadChar(pick)
	info=server.htmlencode(info)
	ip=GetIP()	
	face=request("face")
	icon=request("icon")	
	sql="Select * From LOVE"
	Set rs=server.CreateObject("adodb.recordset")
	rs.open sql,conn,1,3	
	rs.addnew
	rs("Info")=info
	rs("Send")=send
	rs("Pick")=pick
	rs("IP")=ip
	rs("PostDate")=Now()
	rs("Face")=face
	rs("Icon")=icon
	rs.update
	id=rs("ID")
	rs.close
	Set rs=Nothing
	conn.close		
	Set conn=Nothing
	response.write "<script type='text/javascript'>alert('成功添加\n你的字条编号是["&id&"]  ');location.href='default.asp?id="&id&"';</script>"
End Sub  

Sub DelLove()
	If session("_ASPK")<>"ok" Then response.redirect "default.asp"
	Dim id
		id=CLng(request("id"))
	conn.execute "Delete From LOVE Where ID ="&id
	conn.close		
	Set conn=Nothing
	response.write "<script type='text/javascript'>alert('成功删除');location.href='list.asp';</script>"
End Sub

Sub EditPWD()
	If session("_ASPK")<>"ok" Then response.redirect "default.asp"
	Dim username,password
		username=MD5(ReplaceBadChar(request("username")))
		password=MD5(ReplaceBadChar(request("password")))
	conn.execute "Update ASPK Set [username]='"&username&"',[password]='"&password&"'"
	conn.close		
	Set conn=Nothing
	response.write "<script type='text/javascript'>alert('成功修改');location.href='list.asp';</script>"
End Sub 

Sub ChkLogin()
	Dim key,getcode
		key=Int(request("key"))
		getcode=Int(session("getcode"))
	If key<>getcode Then 
		response.write "<script type='text/javascript'>alert('验证码错误！');history.go(-1);</script>"
		response.End
	End If
	Dim username,password,sql,rs
	username=MD5(ReplaceBadChar(request("username")))
	password=MD5(ReplaceBadChar(request("password")))
	sql="Select * From ASPK Where [username]='"&username&"' And [password]='"&password&"'"
	Set rs=server.CreateObject("adodb.recordset")
	rs.open sql,conn,1,1
	If rs.eof And rs.bof Then
		rs.close
		Set rs=Nothing
		conn.close		
		Set conn=Nothing
		response.write ("用户名或密码错误")
		response.End
	End If		
	rs.close		
    Set rs=Nothing
	conn.close		
	Set conn=Nothing
	session("_ASPK")="ok"
	session.timeout=10
	response.write "<script type='text/javascript'>alert('成功登录\n退出请关浏览器');location.href='list.asp';</script>"
End Sub 
%>