sqlset.asp

嘉缘人才6.0精简 ,很好用的人才系统

<!--#include file="../../conn/conn.asp" -->
<!--#include file="../../Inc/Commoncode.asp" -->
<!--#include file="../checkvalid.asp" -->
<%
If Not FRAdminLevel(802) Then
	Call ErrorMsg()
End If
%>
<%
dim nownum
nownum=10
%>
<%
	Set rsinfo=conn.execute("select * from job_sqlset")
	if rsinfo.eof then
	else
		N_In		= rsinfo("N_In")
		Kill_IP		= rsinfo("Kill_IP")			
		WriteSql	= rsinfo("WriteSql")		
		alert_url	= rsinfo("alert_url")
		alert_info	= rsinfo("alert_info")
		kill_info	= rsinfo("kill_info")
		N_type		= rsinfo("N_type")
		Sec_Forms	= rsinfo("Sec_Forms")
		Sec_Form_open = rsinfo("Sec_Form_open")
	end if
	rsinfo.close
	Set rsinfo=Nothing 
	
action=trim(request("action"))
if action="save" then
   call saveconfig()
   response.Redirect "dispcont_web.asp"
end if
	
Sub saveconfig
	N_In		=replace(request.form("N_In"),"'","''")
	Kill_IP		=request.form("Kill_IP")			
	WriteSql	=request.form("WriteSql")		
	alert_url	=request.form("alert_url")
	alert_info	=request.form("alert_info")
	kill_info	=request.form("kill_info")
	N_type		=request.form("N_type")
	Sec_Forms	=request.form("Sec_Forms")
	Sec_Form_open=request.form("Sec_Form_open")
	sql="update job_sqlset set N_In='"&N_In&"',Kill_IP="&Kill_IP&",WriteSql="&WriteSql&",alert_url='"&alert_url&"',alert_info='"&alert_info&"',kill_info='"&kill_info&"',N_type="&N_type&",Sec_Forms='"&Sec_Forms&"',Sec_Form_open="&Sec_Form_open&" "
	conn.execute(sql)
End Sub 
'	response.end()
%>
<html>
<head> 
<title>后台管理LOG日志</title> 
<meta http-equiv="Content-Type" content="text/html; charset=gb2312"></head> 
<LINK href="../css/style.css" rel=stylesheet type=text/css>
<table cellpadding=2 cellspacing=1 border=0 width=98% class=tableBorder align=center>
<form action="?" method="post" name=form>
<input type="hidden" name="action" value="save">
	<tr>
		<th height="25" colspan="2">SQL通用防注入系统-设置</th>
	</tr>
	<tr>
		<td width="17%" class="altbg1">需要过滤的关键字：</td>
		<td width="82%" class="altbg2">&nbsp; <input name="N_In" type="text" value="<%=N_In%>" id="r_str" style=" " size="50">
        用&quot;|&quot;分开</td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">是否记录入侵者信息：</td>
		<td width="82%" class="altbg2">&nbsp; <select name="WriteSql" id="r_kill">
          <option value="1" <%if WriteSql=1 Then response.write "selected"%>>是</option>
          <option value="0" <%if WriteSql=0 Then response.write "selected"%>>否</option>
        </select></td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">是否启用锁定IP：</td>
		<td width="82%" class="altbg2">&nbsp; <select name="Kill_IP" id="r_kill0">
          <option value="1" <%if Kill_IP=1 Then response.write "selected"%>>是</option>
          <option value="0" <%if Kill_IP=0 Then response.write "selected"%>>否</option>
        </select></td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">是否启用安全表单：</td>
		<td width="82%" class="altbg2">&nbsp; <select name="Sec_Form_open" id="r_kill1">
          <option value="1" <%if Sec_Form_open=1 Then response.write "selected"%>>是</option>
          <option value="0" <%if Sec_Form_open=0 Then response.write "selected"%>>否</option>
        </select>
		慎用这个功能，除非你对对表单很了解，并确定对安全没影响！
		</td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">您认为安全的表单：</td>
		<td width="82%" class="altbg2">&nbsp; 
		<input name="Sec_Forms" type="text" value="<%=Sec_Forms%>" id="r_str0" style=" " size="50">
        用&quot;|&quot;分开</td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">出错后的处理方式：</td>
		<td width="82%" class="altbg2">&nbsp; <select name="N_type" id="r_kill2">
          <option value="1" <%if N_type=1 Then response.write "selected"%>>直接关闭网页</option>
          <option value="2" <%if N_type=2 Then response.write "selected"%>>警告后关闭</option>
		  <option value="3" <%if N_type=3 Then response.write "selected"%>>跳转到指定页面</option>
		  <option value="4" <%if N_type=4 Then response.write "selected"%>>警告后跳转</option>
        </select></td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">出错后跳转Url：</td>
		<td width="82%" class="altbg2">&nbsp; 
		<input name="alert_url" type="text" value="<%=alert_url%>" id="r_str1" style=" " size="30">注意，这里的都是半角符号，就是英文的！
		</td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">警告提示信息：</td>
		<td width="82%" class="altbg2">&nbsp; <textarea name="alert_info" cols="45" rows="4" id="r_err2" style=";  "><%=alert_info%></textarea>\n\n换行，
		</td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">阻止访问提示信息：</td>
		<td width="82%" class="altbg2">&nbsp; 
		<textarea name="kill_info" cols="45" rows="4" id="r_err3" style=";  "><%=kill_info%></textarea>\n\n换行
		</td>
	</tr>
	<tr>
		<td width="17%" class="altbg1">　</td>
		<td width="82%" class="altbg2">&nbsp;
          <input name="enter_3" type="submit" id="enter_3" value="提交"></td>
	</tr>
</form>
</table>
</body>
</html>