📄 onlineadmin.asp
字号:
<%@ LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>在线用户管理</title>
<!--CSS样式表-->
<style type="text/css">
<!--
a:visited,a:link { text-decoration: none; color: #003399}
a:hover { color: red; font-weight: bold}
a.linkwhite:link,a.linkwhite:visited { text-decoration:none; color:white}
a.linkwhite:hover { text-decoration: underline; color:white}
a.linkblack:link,a.linkblack:visited { text-decoration:none; color:black}
a.linkblack:hover { text-decoration: underline; color:black}
input { font-family: "宋体"; font-size: 9pt}
td { font-family: "宋体"; font-size: 9pt; color: #000000}
.en { font-family:"Verdana", "Arial"; font-size: 9pt}
.white { color: #FFFFFF}
.line { line-height: 20px}
.title { font-size: 14px }
-->
</style>
</head>
<body bgcolor="#F5F5F5">
<%
'这部分代码与下面的if Request.ServerVariables ("REQUEST_METHOD")="POST" then语句中的内容基本相同,可参考其中的注释
'如果已经通过管理员登录验证,就直接提交管理内容
if session("admin_pass")="ok" then
'这个条件控制有2个方面的重要作用:一方面是如果在其他页面(adminspeak.asp和useradmin.asp)中通过管理员登录过,
'进入该页面时就直接执行这个if语句中的代码,就用不到该页面后半部分if Request.ServerVariables ("REQUEST_METHOD")="POST" then语句中的代码
'另一方面是在提交本页面中管理内容时不必重新进行管理员帐号,密码和权限的验证就可以直接提交到数据库中
'创建数据库连接对象
set newconn=server.CreateObject ("ADODB.Connection")
dbpath=server.mappath("chatroom.mdb")
newconn.open "driver={Microsoft Access Driver (*.mdb)};dbq="&dbpath
'封锁用户的IP
for each item in Request.Form ("Ip")
if item<>"" then
hisid=item
newsql="select FaultUserID from Fault where FaultUserID='" & hisid & "'"
set newrecord=newconn.Execute (newsql)
if not newrecord.bof then
newsql1="update Fault set IPIfClosed=true,IPCloseCount=ipclosecount+1,IPCloseTime='" & date() & "',IPOpenTime='" & dateadd("d",1,date()) & "' where FaultUserID='" & hisid & "'"
newconn.Execute (newsql1)
else
newsql2="select onlineuserip from UserOnLine where onlineuserid='" & hisid & "'"
set newrecord1=newconn.Execute (newsql2)
hisip=newrecord1("onlineuserip")
newsql3="insert into Fault(FaultUserID,FaultIP,IPCloseTime,IPOpenTime,IPCloseCount,ipifclosed) values ('" & hisid & "','" & hisip & "','" & date() & "','" & dateadd("d",1,date()) & "',1,1)"
newconn.Execute (newsql3)
newrecord1.close
set newrecord1=nothing
end if
newsql4="select RoomName from UserOnLine where OnLineUserID='" & hisid & "'"
set newrecord2=newconn.Execute (newsql4)
hisroom=newrecord2(0)
newsql5="update RoomInfo set HowManyUsers=HowManyUsers-1 where RoomName='" & hisroom & "'"
newconn.Execute (newsql5)
newsql6="delete from UserOnLine where OnLineUserID='" & hisid & "'"
newconn.Execute (newsql6)
'通知所有在线用户某个IP已经被封
newsql7="select OnLineUserID from UserOnLine"
set newrecord3=newconn.Execute (newsql7)
if not newrecord3.bof then
do while not newrecord3.eof
application(newrecord3(0))="<br>因为用户" & hisid & "严重犯规,其IP--<font color=vbred>" & hisip & "</font>--已经被封!<br><br>" & application(newrecord3(0))
newrecord3.movenext
loop
end if
'反馈给管理员执行的封某用户的IP已经执行成功
Response.Write "<br>用户" & hisid & "的IP地址--<font color=vbred>" & hisip & "</font>--已经被封!<br>"
newrecord.close
set newrecord=nothing
newrecord2.close
set newrecord2=nothing
newrecord3.close
set newrecord3=nothing
end if
next
'封锁用户的帐号
for each item in Request.Form ("cUserID")
if item <>"" then
hisid=item
newsql="select FaultUserID from Fault where FaultUserID='" & hisid & "'"
set newrecord=newconn.Execute (newsql)
if not newrecord.bof then
newsql1="update Fault set IDIfClosed=true,IDCloseCount=idclosecount+1,IDCloseTime='" & date() & "',IDOpenTime='" & dateadd("d",2,date()) & "' where FaultUserID='" & hisid & "'"
newconn.Execute (newsql1)
else
newsql2="insert into Fault(FaultUserID,IDCloseCount,IDCloseTime,IDOpenTime,idifclosed) values ('" & hisid & "',1,'" & date() & "','" & dateadd("d",2,date()) & "',1)"
newconn.Execute (newsql2)
end if
newsql3="select RoomName from UserOnLine where OnLineUserID='" & hisid & "'"
set newrecord1=newconn.Execute (newsql3)
hisroom=newrecord1(0)
newsql4="update RoomInfo set HowManyUsers=HowManyUsers-1 where RoomName='" & hisroom & "'"
newconn.Execute (newsql4)
newsql5="delete from UserOnLine where OnLineUserID='" & hisid & "'"
newconn.Execute (newsql5)
'通知所有在线用户某用户的帐号已经被封
newsql6="select OnLineUserID from UserOnLine"
set newrecord2=newconn.Execute (newsql6)
if not newrecord2.bof then
do while not newrecord2.eof
application(newrecord2(0))="<br>用户<font color=vbred>" & item & "</font>已经被封!<br><br>" & application(newrecord2(0))
newrecord2.movenext
loop
end if
'反馈给管理员执行的封某用户的帐号已经执行成功
Response.Write "<br>用户<font color=vbred>" & item & "</font>已经被封!<br>"
newrecord.close
set newrecord=nothing
newrecord1.close
set newrecord1=nothing
newrecord2.close
set newrecord2=nothing
end if
next
'把犯规用户踢出聊天室
for each item in Request.Form("kUserID")
if item<>"" then
hisid=item
newsql="select FaultUserID from Fault where FaultUserID='" & hisid & "'"
set newrecord=newconn.Execute (newsql)
if not newrecord.bof then
newsql1="update Fault set warnings=warnings+1 where FaultUserID='" & hisid & "'"
newconn.Execute (newsql1)
else
newsql2="insert into Fault(FaultUserID,warnings) values ('" & hisid & "',1)"
Response.Write newsql2
newconn.Execute (newsql2)
end if
newsql3="select RoomName from UserOnLine where OnLineUserID='" & hisid & "'"
set newrecord1=newconn.Execute (newsql3)
hisroom=newrecord1(0)
newsql4="update RoomInfo set HowManyUsers=HowManyUsers-1 where RoomName='" & hisroom & "'"
newconn.Execute (newsql4)
newsql5="delete from UserOnLine where OnLineUserID='" & hisid & "'"
newconn.Execute (newsql5)
'通知所有在线用户某用户已被踢出聊天室
newsql6="select OnlineUserID from UserOnLine"
set newrecord2=newconn.Execute (newsql6)
if not newrecord2.bof then
do while not newrecord2.eof
application(newrecord2(0))="<br>用户--<font color=vbred>" & hisid & "</font>--已经被踢出聊天室!<br><br>" & application(newrecord2(0))
newrecord2.movenext
loop
end if
application(item)="***kickout***"
Response.Write "用户<font color=vbred>" & hisid & "</font>已经被踢出聊天室!<br>"
newrecord.close
set newrecord=nothing
newrecord1.close
set newrecord1=nothing
newrecord2.close
set newrecord2=nothing
end if
next
newsql1="select OnLineUserID,NickName,RoomName,warnings,idclosecount,ipclosecount,OnLineuserip,logintime,lasttalkingtime from useronline left join fault on useronline.onlineuserid=fault.faultuserid"
set newrecord2=newconn.Execute (newsql1)
%>
<p align="center"><font color="#FF6633"><strong><big>在线用户信息管理</big></strong></font></p>
<form name="admin" method="POST" action="onlineadmin.asp">
<center>
<table border="1"
style="text-align: center; color: rgb(0,0,255)">
<tr>
<td>用户名</td>
<td>昵称</td>
<td>房间名</td>
<td>警告次数</td>
<td>ID被封次数</td>
<td>IP被封次数</td>
<td>是否Kick</td>
<td>封ID</td>
<td>Ip地址</td>
<td>封IP</td>
<td>登录时间</td>
<td>最后发言时间</td>
</tr>
<%
do while not newrecord2.eof
%>
<tr>
<td><a href="adminspeak.asp?userid=<% =newrecord2(0) %>">
<% =newrecord2(0) %>
</a></td>
<td><% =newrecord2(1) %></td>
<td><% =newrecord2(2) %></td>
<td><% =newrecord2(3) %></td>
<td><% =newrecord2(4) %></td>
<td><% =newrecord2(5) %></td>
<td><input name="kUserID" type="checkbox" value="<% =newrecord2(0) %>"></td>
<td><input name="cUserID" type="checkbox" value="<% =newrecord2(0) %>"></td>
<td><% =newrecord2(6) %></td>
<td><input name="Ip" type="checkbox" id="Ip" value="<% =newrecord2(0) %>"></td>
<td><% =newrecord2(7) %></td>
<td><% =newrecord2(8) %></td>
</tr>
<%
newrecord2.movenext
loop
%>
</table>
</center>
</p>
<table width="133" align="center">
<tr>
<td width="52"><div align="center">
<input type="submit" value="提交" name="B1">
</div></td>
<td width="12"><div align="center"></div></td>
<td width="53"><div align="center">
<input type="reset" value="重置" name="B2">
</div></td>
</tr>
</table>
<div align="center">
<center>
</center>
</div>
</form>
<center>
<a href="useradmin.asp">注册用户管理</a>
</center>
<center>
<a href="adminspeak.asp">发送信息</a>
</center>
<%
else'这个else是与if session("admin_pass")="ok" then语句相对应的
'以下这部分是用户直接请求该页面时的处理过程
'因为有if session("admin_pass")="ok" then语句的控制,所以如果在其他页面(adminspeak.asp和useradmin.asp)中通过管理员登录过,
'即session变量已经被赋值为ok,那么当请求进入该页面时就用不到这部分的,而只用到上面那些代码
'但如果用户没有在其他页面(onlineadmin.asp和useradmin.asp)中登录过管理员页面,当直接请求该页面时,就要用到这部分进行管理员登录界面的验证
'如果是通过POST方法将信息提交到该页面的,即是通过本页面中的管理员登录表单登录到该页面的,
'就判断管理员帐号和密码是否正确,他的权限是否是9,即是否具有管理员权限
if Request.ServerVariables ("REQUEST_METHOD")="POST" then
'创建数据库连接对象
set newconn=server.CreateObject ("ADODB.Connection")
'使用server对象的mappath方法取得数据库的存放路径
dbpath=server.mappath("chatroom.mdb")
'建立到数据源的物理连接,只有使用了Connection对象的Open方法后,到数据源的连接才算真正地建立
'这里是使用字符串的方法创建到数据源的连接,它相对于使用ODBC方法的好处是可以不受相对路径的限制
newconn.open "driver={Microsoft Access Driver (*.mdb)};dbq="&dbpath
'如果是使用ODBC连接数据库,就应该使用下面的3行代码替代上面使用字符串连接数据库的3行代码(注释行出外)
'创建数据库连接对象
'set myconn=server.CreateObject ("ADODB.Connection")
'建立连接数据源的信息
'myconn.ConnectionString ="DSN=ChatRoom"
'建立到数据源的物理连接,只有使用了Connection对象的Open方法后,到数据源的连接才算真正地建立
'myconn.Open
newsql="select Right from User where UserID='" & Request.Form ("Admin_UID") & "' and PWD='" & Request.Form ("Admin_PWD") & "'"
set newrecord0=newconn.Execute (newsql)
if newrecord0.bof then
Response.Write ("密码和帐号输入错误!<br>")
else
if newrecord0(0)=9 then
'如果帐号和密码都正确,而且具有管理员权限,就定义一个session变量记录管理员登录成功
'这不仅是为了在登录其他管理页面时不必重新进行管理员帐号,密码和权限的验证,
'同时保证了在提交本页面中管理内容时不必重新进行管理员帐号,密码和权限的验证
session("admin_pass")="ok"
'以下程序段是执行封锁用户的IP地址的
'逐项检查管理页面提交的封锁用户IP的复选框IP
for each item in Request.Form ("Ip")
'如果复选框被选中了,就封锁用户的IP地址,并把用户从聊天室中清除出去
if item<>"" then
'使用变量记录用户的帐号,item的值就是该用户的帐号,因为帐号能唯一确定一个用户
hisid=item
'从在线用户表中查找出该用户的IP地址
newsql2="select onlineuserip from UserOnLine where onlineuserid='" & hisid & "'"
set newrecord1=newconn.Execute (newsql2)
'使用变量记录该被封用户的IP地址
hisip=newrecord1("onlineuserip")
'从Fault表中查找该用户以前是否有犯规的记录.如果有,就更新该用户的记录
'如果没有,就在Fault表中插入一条新记录,记录该用户的IP地址被封
newsql="select FaultUserID from Fault where FaultUserID='" & hisid & "'"
set newrecord=newconn.Execute (newsql)
if not newrecord.bof then
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -