admin_password.asp

网络办公系统源码

<!--#include file="../config.asp"-->
<!--#include file="checklogin.asp"-->
<!--#include file="../inc/md5/ss_md5.asp"-->
<LINK href="style.css" type=text/css rel=stylesheet>
<%
Dim ID
Response.Write "<script language=""JavaScript"">" & vbCrLf
Response.Write "<!--" & vbCrLf
Response.Write "function CheckForm()" & vbCrLf
Response.Write "{" & vbCrLf
Response.Write "if (document.myform.password.value.length == 0)" & vbCrLf
Response.Write " {" & vbCrLf
Response.Write "alert(""请输入您的原始密码!"");" & vbCrLf
Response.Write "document.myform.password.focus();" & vbCrLf
Response.Write "return false;" & vbCrLf
Response.Write "}" & vbCrLf
Response.Write "if (document.myform.password1.value.length == 0)" & vbCrLf
Response.Write " {" & vbCrLf
Response.Write "alert(""请输入您的新密码!"");" & vbCrLf
Response.Write "document.myform.password1.focus();" & vbCrLf
Response.Write "return false;" & vbCrLf
Response.Write "}" & vbCrLf
Response.Write "if (document.myform.password2.value.length == 0)" & vbCrLf
Response.Write " {" & vbCrLf
Response.Write "alert(""请输入您的确认密码"");" & vbCrLf
Response.Write "document.myform.password2.focus();" & vbCrLf
Response.Write "return false;" & vbCrLf
Response.Write "}" & vbCrLf
Response.Write "return true;" & vbCrLf
Response.Write "}" & vbCrLf
Response.Write "//-->"
Response.Write "</script>" & vbCrLf
Dim Action
Action = LCase(Request("action"))
Set Rs = Server.CreateObject("adodb.recordset")
Select Case Action
	Case "save"
		Call svaeadmin
	Case Else
		Call PassMain
End Select
CloseConn

Private Sub PassMain()
	Response.Write "<table border=""0"" align=""center"" cellpadding=""2"" cellspacing=""1"" class=""tableBorder"">" & vbCrLf
	Response.Write " <tr>" & vbCrLf
	Response.Write " <th colspan=""2"">管理员密码修改</th></tr>" & vbCrLf
	Response.Write "<form method=Post name=""myform"" action=""admin_password.asp?action=save"" onSubmit=""return CheckForm();"">" & vbCrLf
	Response.Write " <tr> " & vbCrLf
	Response.Write " <td width=""25%"" align=""right"" nowrap class=""tablerow2"">管理员名称：</td>" & vbCrLf
	Response.Write " <td class=""tablerow1"" width=""75%"">"
	Response.Write Session("sysadminuid")
	Response.Write " </td>" & vbCrLf
	Response.Write " </tr>" & vbCrLf
	Response.Write " <tr> " & vbCrLf
	Response.Write " <td align=""right"" nowrap class=""tablerow2"">原始密码：</td>" & vbCrLf
	Response.Write " <td class=""tablerow1"">　<INPUT type=password size=25 name=password></td>" & vbCrLf
	Response.Write " </tr>" & vbCrLf
	Response.Write " <tr> " & vbCrLf
	Response.Write " <td align=""right"" nowrap class=""tablerow2"">新密码：</td>" & vbCrLf
	Response.Write " <td class=""tablerow1"">　<INPUT type=password size=25 name=password1></td>" & vbCrLf
	Response.Write " </tr>" & vbCrLf
	Response.Write " <tr> " & vbCrLf
	Response.Write " <td align=""right"" nowrap class=""tablerow2"">确认新密码：</td>" & vbCrLf
	Response.Write " <td class=""tablerow1"">　<INPUT type=password size=25 name=password2></td>" & vbCrLf
	Response.Write " </tr>" & vbCrLf
	Response.Write " <tr> " & vbCrLf
	Response.Write " <td align=""center"" colspan=""2"" class=""tablerow1"">" & vbCrLf
	Response.Write "<INPUT type=hidden name=id value="""
	Response.Write Session("Adminid")
	Response.Write """>" & vbCrLf
	Response.Write "<input type=""submit"" name=""Submit"" class=button value=""确认修改"">　" & vbCrLf
	Response.Write "</td>" & vbCrLf
	Response.Write " </tr></form>" & vbCrLf
	Response.Write "</table><BR>" & vbCrLf
End Sub


Private Sub svaeadmin()
	Dim password
	Set Rs = Server.CreateObject("ADODB.RecordSet")
	password = Request.Form("password")
	If checkpost = False Then

		 Call Message ( "您提交的数据不合法，请不要从外部提交注册。","back")
		 Call EndExit()
	End If
	If InStr(Request("password1"), "=") > 0 Or InStr(Request("password1"), "+") > 0 Or InStr(Request("password1"), "&") > 0 Or InStr(Request("password1"), "'") > 0 Or InStr(Request("password1"), " ") > 0 Or InStr(Request("password1"), "%") > 0 Then

		 Call Message ( "密码中含有非法字符。","back")
		 Call EndExit()
	End If
	If Request.Form("password") = "" Then

		 Call Message ( "您还没有输入原始密码。","back")
		 Call EndExit()
	End If
	If Request.Form("password1") = "" And Request.Form("password2") = "" Then

		 Call Message ( "您的密码不能为空。","back")
		 Call EndExit()
	End If
	If Request.Form("password1") <> Request.Form("password2") Then

		 Call Message ( "您输入的密码和确认密码不一致。","back")
		 Call EndExit()
	End If
	Rs.Open "Select * from oa_systemadmin where adminuid = '" & Session("sysadminuid") & "' ", conn, 1, 1
	If Rs.bof And Rs.EOF Then
		Response.Write "Sorry！没有找到此用户信息信息。"
	Else
		 If trim(Rs("adminpwd")) <> Ss_Md5_Check(password,trim(Rs("adminpwd"))) then 
		 Call Message ( "您输入的原始密码错误。","back")
		 Call EndExit()
		End If
	End If
	Rs.Close
	If founderr = True Then Exit Sub
	If founderr = False Then
		SQL = "select * from oa_systemadmin where adminuid = '" & Session("sysadminuid") & "'"
		Rs.Open SQL, conn, 1, 3
		Rs("adminpwd") = ss_md5(trim(Request.Form("password1")))
		Rs.update
		Rs.Close
		Set Rs = Nothing
		Call Message ( "密码修改成功。","back")
		 Call EndExit()
	End If
End Sub

%>