📄 admin.asp
字号:
<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<!--#include file="top.asp"-->
<%
select case request("act")
case "check"
call check()
case "main"
call main()
case "logout"
call logout()
case "update"
call update()
case else
call login()
end select
sub login()
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=urlname%> - 后台管理</title>
</head>
<body>
<%
if session("err")>=3 then
errinfo="错误次数太多,请稍后再登陆!"
error(errinfo)
exit sub
end if
if session(Variable&Names)=Variable then
sucinfo="您已成功登陆管理,请进行相关操作<br><p align=""center""><input type=""button"" onClick=""javascript:window.location.href='main.asp';"" value=""管理留言""> <input type=""button"" onClick=""javascript:window.location.href='?act=main';"" value=""后台管理"">"
suc(sucinfo)
exit sub
end if
%>
<table width="70%" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#000000" bgcolor="#C1FFC1">
<tr>
<td>
<form action="?act=check" method="post">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" height="70%">
<tr>
<td width="50%" height="50%" align="center" valign="top">
<table width="480" border="0" align="center" cellspacing="0" cellpadding="3" bgcolor="#C1FFC1" bordercolor="#f0f0f0" style="border-collapse: collapse">
<tr>
<td width="156" align="right">帐 号:</td>
<td width="306"><input type="text" name="names" size="22" class="style4"></td>
</tr>
<tr>
<td align="right">密 码:</td>
<td><input name="password" type="password" class="style4" size="22"></td>
</tr>
<tr>
<td align="right">验证码:</td>
<td><input name="adminid" type="text" class="style4" size="12" maxlength="4">
<img src="code.asp"></td>
</tr>
<tr>
<td> </td>
<td><br><input name="submit" type="submit" class="style3" value="确 定">
<input name="submit2" type="reset" class="style3" value="重 置"></td>
</tr>
</table>
</td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<%
end sub
sub check()
If Not ChkPost Then
errinfo="对不起,请不要从外部提交数据!"
error(errinfo)
exit sub
End If
dim name,password,lasttime,adminid
name=trim(replace(request("names"),"'",""))
if Trim(Request.Form("password"))="" then
errinfo="登录密码没有填写"
error(errinfo)
exit sub
else
password=md5(trim(replace(Request("password"),"'","")))
end if
adminid=request.Form("adminid")
lasttime=session("lasttime")
if lasttime+3/8640>=now() then '限制登录时间间隔,防止非法攻击
errinfo="操作太频繁,请稍后再登录"
error(errinfo)
exit sub
end if
if session("adminid")<>adminid or not isnumeric(adminid) or adminid="" then
errinfo="验证码输入错误,请输入正确的验证码"
error(errinfo)
exit sub
end if
session("lasttime")=now()
sql="Select * from admin where id=1"
set rs=server.CreateObject("adodb.recordset")
rs.open sql,conn,1,3
if name=rs("name") and password=rs("password") then
session(Variable&Names)=Variable '成功登录后,设置全局变量
session("err")=0
sucinfo="您已成功登陆管理,请进行相关操做<p align=""center""><input type=""button"" onClick=""javascript:window.location.href='main.asp';"" value=""管理留言""> <input type=""button"" onClick=""javascript:window.location.href='?act=main';"" value=""后台管理"">"
suc(sucinfo)
exit sub
else
errinfo="账号或密码错误!"
error(errinfo)
session("err")=session("err")+1
exit sub
end if
rs.close
set rs=nothing
end sub
sub main()
if not session(Variable&Names)=Variable then
errinfo="你没有登录或已经退出登录"
error(errinfo)
exit sub
end if
%>
<title><%=urlname%> - 后台管理</title>
<form method="POST" action="?act=update">
<table width="70%" height="45%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#C1FFC1" >
<tr>
<td height="30" colspan="3" align="center">留言本管理</td>
</tr>
<tr>
<td width="17%" height="30" align="right">留言本名称:</td>
<td width="30%" bordercolor="#000000">
<input name="urlname" type="text" class="style4" value="<%=urlname%>" size="20"></td>
<td width="52%" rowspan="6" bordercolor="#000000"><img align="absmiddle" src=images/ad.gif></td><td width="1%"></td>
</tr>
<tr>
<td width="17%" height="30" align="right">管理员名称:</td>
<td> <input name="names" type="text"class="style4" value="<%=names%>" size="20"></td>
</tr>
<tr>
<td width="17%" height="30" align="right">每页公告数:</td>
<td> <input name="page" type="text" class="style4" value="<%=page%>" size="12">
</td>
</tr><tr>
<td width="17%" height="30" align="right">每页留言数:</td>
<td> <input name="perpage" type="text" class="style4" value="<%=perpage%>" size="12">
</td>
</tr>
<tr>
<td width="17%" height="30" align="right">留言本状态:</td>
<td> 开放 <input name="locks" type="radio" class="style5" value="0" checked<%If locks="0" Then%> <%End If%>>
关闭 <input name="locks" type="radio" class="style5" value="1" checked<%If locks="1" Then%> <%End If%>>
</td>
</tr>
<tr><td align="right"><input name="Submit" type="Submit" class="style3" value="确 定"></td><td> <input name="Submit2" type="reset" class="style3"value="重 置"></td>
</tr>
</table>
</form>
<%
conn.close
set rs=nothing
end sub
sub logout()
session("admin")="logout"
session(Variable&Names)=""
password=""
response.redirect "main.asp"
end sub
sub update()
If Not ChkPost Then
errinfo="对不起,请不要从外部提交数据"
error(errinfo)
exit sub
End If
dim urlname,names,page,perpage,locks
urlname=request.Form("urlname")
names=request.Form("names")
perpage=request.Form("perpage")
page=request.Form("page")
locks=request.Form("locks")
if urlname="" or names="" or perpage="" or page="" then
errinfo="请完整填写各项内容"
error(errinfo)
exit sub
elseif not(isnumeric(page)) or not(isnumeric(perpage)) then
errinfo="每页显示数必须是数字"
error(errinfo)
exit sub
end if
Set rs= Server.CreateObject("ADODB.Recordset")
sql="select * from admin where id=1"
rs.open sql,conn,3,2
rs.update
rs("urlname")=urlname
rs("name")=names
rs("perpage")=perpage
rs("page")=page
rs("lock")=locks
rs.update
rs.close
sucinfo="修改成功"
suc(sucinfo)
end sub
%>
<!--#include file="bottom.asp"-->
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -