📄 usermanage.asp
字号:
<%@LANGUAGE="VBSCRIPT"%>
<!--#include file="Connections/StudentConn.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers="1"
MM_authFailedURL="Login.asp"
MM_grantAccess=false
If Session("MM_UserName") <> "" Then
If (false Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)
End If
%>
<%
' *** Edit Operations: declare variables
MM_editAction = CStr(Request("URL"))
If (Request.QueryString <> "") Then
MM_editAction = MM_editAction & "?" & Request.QueryString
End If
' boolean to abort record edit
MM_abortEdit = false
' query string to execute
MM_editQuery = ""
%>
<%
' *** Redirect if userName exists
MM_flag="MM_insert"
If (CStr(Request(MM_flag)) <> "") Then
MM_dupKeyRedirect="UserModify.asp"
MM_rsKeyConnection=MM_StudentConn_STRING
MM_dupKeyUserNameValue = CStr(Request.Form("UserName"))
MM_dupKeySQL="SELECT UserName FROM User WHERE UserName='" & MM_dupKeyUserNameValue & "'"
MM_adodbRecordset="ADODB.Recordset"
set MM_rsKey=Server.CreateObject(MM_adodbRecordset)
MM_rsKey.ActiveConnection=MM_rsKeyConnection
MM_rsKey.Source=MM_dupKeySQL
MM_rsKey.CursorType=0
MM_rsKey.CursorLocation=2
MM_rsKey.LockType=3
MM_rsKey.Open
If Not MM_rsKey.EOF Or Not MM_rsKey.BOF Then
' the userName was found - can not add the requested userName
MM_qsChar = "?"
If (InStr(1,MM_dupKeyRedirect,"?") >= 1) Then MM_qsChar = "&"
MM_dupKeyRedirect = MM_dupKeyRedirect & MM_qsChar & "UserName=" & MM_dupKeyUserNameValue
Response.Redirect(MM_dupKeyRedirect)
End If
MM_rsKey.Close
End If
%>
<%
' *** Insert Record: set variables
If (CStr(Request("MM_insert")) <> "") Then
MM_editConnection = MM_StudentConn_STRING
MM_editTable = "User"
MM_editRedirectUrl = "UserManage.asp"
MM_fieldsStr = "UserName|value|password|value|accesslevel|value"
MM_columnsStr = "UserName|',none,''|password|',none,''|accesslevel|none,none,NULL"
' create the MM_fields and MM_columns arrays
MM_fields = Split(MM_fieldsStr, "|")
MM_columns = Split(MM_columnsStr, "|")
' set the form values
For i = LBound(MM_fields) To UBound(MM_fields) Step 2
MM_fields(i+1) = CStr(Request.Form(MM_fields(i)))
Next
' append the query string to the redirect URL
If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then
If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then
MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
Else
MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
End If
End If
End If
%>
<%
' *** Insert Record: construct a sql insert statement and execute it
If (CStr(Request("MM_insert")) <> "") Then
' create the sql insert statement
MM_tableValues = ""
MM_dbValues = ""
For i = LBound(MM_fields) To UBound(MM_fields) Step 2
FormVal = MM_fields(i+1)
MM_typeArray = Split(MM_columns(i+1),",")
Delim = MM_typeArray(0)
If (Delim = "none") Then Delim = ""
AltVal = MM_typeArray(1)
If (AltVal = "none") Then AltVal = ""
EmptyVal = MM_typeArray(2)
If (EmptyVal = "none") Then EmptyVal = ""
If (FormVal = "") Then
FormVal = EmptyVal
Else
If (AltVal <> "") Then
FormVal = AltVal
ElseIf (Delim = "'") Then ' escape quotes
FormVal = "'" & Replace(FormVal,"'","''") & "'"
Else
FormVal = Delim + FormVal + Delim
End If
End If
If (i <> LBound(MM_fields)) Then
MM_tableValues = MM_tableValues & ","
MM_dbValues = MM_dbValues & ","
End if
MM_tableValues = MM_tableValues & MM_columns(i)
MM_dbValues = MM_dbValues & FormVal
Next
MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ") values (" & MM_dbValues & ")"
If (Not MM_abortEdit) Then
' execute the insert
Set MM_editCmd = Server.CreateObject("ADODB.Command")
MM_editCmd.ActiveConnection = MM_editConnection
MM_editCmd.CommandText = MM_editQuery
MM_editCmd.Execute
MM_editCmd.ActiveConnection.Close
If (MM_editRedirectUrl <> "") Then
Response.Redirect(MM_editRedirectUrl)
End If
End If
End If
%>
<%
set Recordset1 = Server.CreateObject("ADODB.Recordset")
Recordset1.ActiveConnection = MM_StudentConn_STRING
Recordset1.Source = "SELECT * FROM User ORDER BY id DESC"
Recordset1.CursorType = 0
Recordset1.CursorLocation = 2
Recordset1.LockType = 3
Recordset1.Open()
Recordset1_numRows = 0
%>
<%
Dim Repeat1__numRows
Repeat1__numRows = -1
Dim Repeat1__index
Repeat1__index = 0
Recordset1_numRows = Recordset1_numRows + Repeat1__numRows
%>
<%
' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
' create the list of parameters which should not be maintained
MM_removeList = "&index="
If (MM_paramName <> "") Then MM_removeList = MM_removeList & "&" & MM_paramName & "="
MM_keepURL="":MM_keepForm="":MM_keepBoth="":MM_keepNone=""
' add the URL parameters to the MM_keepURL string
For Each Item In Request.QueryString
NextItem = "&" & Item & "="
If (InStr(1,MM_removeList,NextItem,1) = 0) Then
MM_keepURL = MM_keepURL & NextItem & Server.URLencode(Request.QueryString(Item))
End If
Next
' add the Form variables to the MM_keepForm string
For Each Item In Request.Form
NextItem = "&" & Item & "="
If (InStr(1,MM_removeList,NextItem,1) = 0) Then
MM_keepForm = MM_keepForm & NextItem & Server.URLencode(Request.Form(Item))
End If
Next
' create the Form + URL string and remove the intial '&' from each of the strings
MM_keepBoth = MM_keepURL & MM_keepForm
if (MM_keepBoth <> "") Then MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
if (MM_keepURL <> "") Then MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1)
if (MM_keepForm <> "") Then MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
' a utility function used for adding additional parameters to these strings
Function MM_joinChar(firstItem)
If (firstItem <> "") Then
MM_joinChar = "&"
Else
MM_joinChar = ""
End If
End Function
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0048)http://www.cjol.com/headhunting/addexcellent.asp -->
<HTML>
<HEAD>
<TITLE>用户管理</TITLE>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2600.0" Name=GENERATOR>
<link href="home.css" rel="stylesheet" type="text/css">
<script language="JavaScript">
function checkpwd(){
if(document.form1.UserName.value=="")
{
alert("用户名不能为空!");
document.form1.UserName.focus();
return false;
}
if(document.form1.password.value=="")
{
alert("密码不能为空!");
document.form1.password.focus();
return false;
}
if (document.form1.password.value != document.form1.confirmpwd.value)
{
alert("两次输入的密码不一样!");
document.form1.confirmpwd.focus();
return false;
}
}
</script>
</HEAD>
<BODY text=#000000 bgColor=#ffffff leftMargin=0 topMargin=0>
<!--#include file="Top.asp"-->
<TABLE cellSpacing=0 cellPadding=0 width=750 align=center border=0>
<TBODY>
<TR>
<TD vAlign=top width=46 background=images/p_left_2.gif></TD>
<TD width="116" height="200" align="center" valign="top"><font size="5"><b><br>
<br>
用<br>
户<br>
管<br>
理</b></font></TD>
<TD height="200" width="588"> <br>
<br>
<font color="#FF0000"><b><font color="#339999">添加新用户:</font><br>
</b></font><br>
<form Name="form1" onsubmit="return checkpwd()" method="POST" action="<%=MM_editAction%>" >
<table width="300" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="30" align="right">用户名:</td>
<td height="30">
<input type="text" Name="UserName" maxlength="20">
</td>
</tr>
<tr>
<td height="30" align="right">密 码:</td>
<td height="30">
<input type="password" Name="password" maxlength="20">
</td>
</tr>
<tr>
<td height="30" align="right">确认密码:</td>
<td height="30">
<input type="password" Name="confirmpwd" maxlength="20">
</td>
</tr>
<tr>
<td height="30" align="right">用户权限:</td>
<td height="30">
<select Name="accesslevel">
<option value="1">管理员</option>
<option value="2" selected>普通用户</option>
</select>
</td>
</tr>
<tr align="center">
<td height="30" colspan="2">
<input type="submit" Name="Submit" value="添加用户">
</td>
</tr>
</table>
<input type="hidden" Name="MM_insert" value="true">
</form>
<br>
<font color="#FF0000"><b><font color="#339999">已有的用户:<br>
</font></b></font> <br>
<% If Not Recordset1.EOF Or Not Recordset1.BOF Then %>
<table width="500" border="1" cellspacing="0" cellpadding="0" bordercolor="#CC9900">
<tr align="center">
<td height="20">序号</td>
<td height="20">用户名</td>
<td height="20">密码</td>
<td height="20">权限</td>
<td height="20">操作</td>
</tr>
<%
While ((Repeat1__numRows <> 0) AND (NOT Recordset1.EOF))
%>
<tr align="center">
<td height="20"><%=(Recordset1.Fields.Item("id").Value)%></td>
<td height="20"><%=(Recordset1.Fields.Item("UserName").Value)%></td>
<td height="20">******</td>
<td height="20">
<% if Recordset1.Fields.Item("accesslevel").Value=1 then response.write "管理员" else response.write "普通用户" end if %>
</td>
<td height="20"><A HREF="UserModify.asp?<%= MM_keepNone & MM_joinChar(MM_keepNone) & "id=" & Recordset1.Fields.Item("id").Value %>">修改</A> <A HREF="UserDel.asp?<%= MM_keepNone & MM_joinChar(MM_keepNone) & "id=" & Recordset1.Fields.Item("id").Value %>">删除</A></td>
</tr>
<%
Repeat1__index=Repeat1__index+1
Repeat1__numRows=Repeat1__numRows-1
Recordset1.MoveNext()
Wend
%>
</table>
<br>
<% End If ' end Not Recordset1.EOF Or NOT Recordset1.BOF %>
<% If Recordset1.EOF And Recordset1.BOF Then %>
<p align="center"><br>
<br>
没有任何用户,请添加用户!<br>
<br>
</p>
<% End If ' end Recordset1.EOF And Recordset1.BOF %>
</TD>
</TR>
</TBODY>
</TABLE>
<!--#include file="CopyRight.asp"-->
</BODY>
</HTML>
<%
Recordset1.Close()
%>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -