user.asp

学校网站管理系统

Response.End
end if
if request.form("pass")="" or strLength(request.form("pass"))>16 or strLength(request.form("pass"))<6 then
Response.Write("<script>alert('请输入密码不能大于16小于6！');javascript:history.back();</script>")
Response.End		
end if
if request.form("passpass")="" then
Response.Write("<script>alert('确认密码不能为空！');javascript:history.back();</script>")
Response.End		
end if
if request.form("pass")<>request.form("passpass") then
Response.Write("<script>alert('密码和确认密码输入不一致！');javascript:history.back();</script>")
Response.End		
end if
if request.form("user")=request.form("pass") then
Response.Write("<script>alert('为了安全！请您不要输入相同的用户名和密码！');javascript:history.back();</script>")
Response.End		
end if
if request.form("question")=request.form("answer") then
Response.Write("<script>alert('为了安全起见！您输入的密码问题和密码问题答案不能相同！');javascript:history.back();</script>")
Response.End		
end if
if request.form("question")="" then
Response.Write("<script>alert('密码问题不能为空！');javascript:history.back();</script>")
Response.End		
end if

if request.form("answer")="" then
Response.Write("<script>alert('密码答案不能为空！');javascript:history.back();</script>")
Response.End	
end if
if request.form("mail")<>"" then
if IsValidEmail(request.form("mail"))=false then
Response.Write("<script>alert('您的邮箱地址输入有误！');javascript:history.back();</script>")
Response.End	
end if
end if
if request.form("passport")<>"" then
if not isnumeric(request.form("passport")) or len(cstr(request.form("passport")))>20 then
Response.Write("<script>alert('身份证号码不能超过20位数字！');javascript:history.back();</script>")
Response.End		
end if
end if
if request.form("qq")<>"" then
if not isnumeric(request.form("qq")) or len(cstr(request.form("qq")))>10 then
Response.Write("<script>alert('QQ号码不能超过10位数字，您可以选择不输入！');javascript:history.back();</script>")
Response.End		
end if
end if
username=request.form("user")
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from [YC_user] where user_name='"&username&"'",conn,1,3
if not rs.eof and not rs.bof then
Response.Write("<script>alert('这个用户名已经被别人使用了');javascript:history.back();</script>")
Response.End
end if
rs.addnew
rs("user_name")=trim(request.Form("user"))
rs("user_pass")=MD5(trim(replace(request("pass"),"'","")))
rs("user_question")=trim(request.Form("question"))
rs("user_answer")=MD5(trim(replace(request("answer"),"'","")))
rs("user_true_name")=trim(request.Form("truename"))
rs("user_sex")=trim(request.Form("sex"))
rs("user_web")=trim(request.Form("web"))
rs("user_tel")=trim(request.Form("tel"))
rs("user_passport")=trim(request.Form("passport"))
rs("user_qq")=trim(request.Form("qq"))
rs("user_mail")=trim(request.Form("mail"))
rs("user_face")=trim(request.Form("face"))
rs("user_tel")=request.Form("tel")
rs("user_passport")=request.Form("passport")
rs("user_address")=trim(request.Form("address"))
rs("user_admin")=1
if user_mode=3 then
rs("pass")=true
end if
rs("user_reg_date")=date()
rs.update
rs.close
if user_mode=2 then
Response.Write "<script>alert('正在审核过程中，请耐心等候……');location.href='index.asp';</script>"
else
Response.Write "<script>alert('欢迎成为本站会员，您的用户名为〖"&username&"〗！');location.href='index.asp';</script>"
end if
Response.End
set rs=nothing
end if
end sub
'●●●●●●●●●●●●●●●●●●●●
'●过程名：list()                      ●
'●功  能：用户列表 。                 ●
'●●●●●●●●●●●●●●●●●●●●
sub list()
if userlogin<>sys then
response.write"<SCRIPT>alert('请登陆后操作,请返回！');javascript:history.go(-1)</SCRIPT>"
response.end
end if%>
<table border="0" cellspacing="0" cellpadding="0">
<tr><td class=righttopleft></td>
<td class=righttopcenter>&emsp;<img border=0 src='img/mor.gif' align=absmiddle>&nbsp;会员列表</td>
</tr></table>
<table border="0" cellspacing="0" cellpadding="0"><tr>
<td class=rightcenterleft></td>
<td  class=rightcentercenter valign=top>
<table border="1"   cellspacing="0" cellpadding="0" align=center bordercolor=#007100 width=100% rules=rows frame=void>
<%
if request("search")<>"" then
sql="select * from [YC_user] where user_name like '%"&request("word")&"%' and pass=true  order by id DESC"
else
sql="select * from [YC_user] where pass=true order by id desc"
end if
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,1
if not rs.bof and not rs.eof then
rs.pagesize=20
i=1
mypage=request("page")
if mypage="" then
mypage=1
else
mypage=cint(mypage)
end if
pages=rs.pagecount
rs.absolutepage=mypage
do while not rs.eof%>
<tr height=25  onmouseout="this.style.backgroundColor=''" onmouseover="this.style.backgroundColor='#c8e446'">
<td width=80%>&nbsp;<img src="<%=rs("user_face")%>" title="<img src=<%=rs("user_face")%> border=1>" width=16 height=16 border=1 align=absmiddle>&nbsp;<a href="sms.asp?action=send&user=<%=rs("user_name")%>" title="发送短信给[<%=rs("user_name")%>]"><%=rs("user_name")%></a></td>
<td width=5%><%=rs("user_sex")%></td>
<td width=5%><img src=img/tel.gif title="<%if rs("user_tel")="" then response.write""&rs("user_tel")&"没有电话" else response.write rs("user_tel")%>"></td>
<td width=5%><img src=img/qq.gif title="<%if rs("user_qq")="" then response.write""&rs("user_name")&"没有QQ" else response.write rs("user_qq")%>"></td>
<td width=5%><img src=img/email.gif title="<%if rs("user_mail")="" then response.write""&rs("user_name")&"没有邮箱" else response.write rs("user_mail")%>"></td>
<td width=5%><img src=img/web.gif title="点击浏览&nbsp;<b><font color=red>[<%=rs("user_name")%>]</font></b>&nbsp;的主页:<%if rs("user_web")="" then response.write""&rs("user_name")&"没有主页" else response.write rs("user_web")%>" onclick="window.open('<%=rs("user_web")%>');">&nbsp;</td>
</tr>
<%
if num=rs.pagesize then exit do end if
num=num+1
rs.movenext
loop
end if
if rs.eof and rs.bof then
response.write"<tr><td colspan=6 height=60 align=center>"
response.write"没有任何会员"
response.write"</td></tr>"
else
response.write"<tr><td colspan=6 height=25 align=center class=bg>"
response.write "&emsp;&emsp;共有会员<font color=red>"&rs.recordcount&"</font>人，每页<font color=red>"&rs.pagesize&"</font>人，分<font color=red>"&mypage&"</font>/"&rs.pagecount&"页&emsp;&emsp;&emsp;"
%>
<script language="javascript">
function showPageLink(sUrl,iPage,iCount){
var i;
i=Math.max(1,iPage-1);
document.write("<a href=\""+sUrl+"1\"><FONT face=Webdings>9</FONT></a> ");
document.write("<a href=\""+sUrl+i+"\"><FONT face=Webdings>7</FONT></a> <b>");
for(i=Math.max(1,iPage-5);i<iPage;i++){
document.write("<a href=\""+sUrl+i+"\">"+i+"</a> ");}
document.write("<font color='#ff3333'>"+iPage+"</font> ");
for(i=iPage+1;i<=Math.min(iCount,iPage+5);i++){
document.write("<a href=\""+sUrl+i+"\">"+i+"</a> ");}
i=Math.min(iCount,iPage+1);
document.write("</b><a href=\""+sUrl+i+"\"><FONT face=Webdings>8</FONT></a> ");
document.write("<a href=\""+sUrl+iCount+"\"><FONT face=Webdings>:</FONT></a> ");}
showPageLink("?action=list&page=",<%=mypage%>,<%=pages%>);
</script>
</td></tr>
<%end if%></table></TD></TR></table>

<table border="0" cellspacing="0" cellpadding="0"><tr>
<td  class=rightfootleft></td><td class=rightfootcenter></td></tr></table>
</td></tr></table><%call br%>
<%rs.close
set rs=nothing
end sub
sub user_login()
title="会员登陆"
user=request("user")
dim username,password,CookieDate
username=replace(trim(request("user")),"'","")
password=MD5(trim(replace(request("pass"),"'","")))
CookieDate=request("YCMS_Cookie")
if int(request("code"))<>int(Session("code")) then
Response.Write("<script language=javascript>alert('请输入正确的认证码！');history.go(-1);</script>") 
Response.End 
end if 
Session("code")=""
if user_mode=0 then
Response.Write("<script>alert('管理员已经封闭了登陆！');history.go(-1);</script>")
Response.End
end if
if user="" then
Response.Write("<script>alert('请输入用户名！');history.go(-1);</script>")
Response.End
end if
if password="" then
Response.Write("<script>alert('请输入密码！');history.go(-1);</script>")
Response.End
end if
Set rs=Server.CreateObject("ADODB.Recordset")
sql="select * from YC_user where user_name='"&user&"'"
rs.open sql,conn,1,3
if rs.eof and rs.bof then
Response.Write("<script>alert('没有此用户！');history.go(-1);</script>")
Response.End
end if
if password<>rs("user_pass") then
Response.Write("<script>alert('您的密码不正确！');history.go(-1);</script>")
Response.End
end if
if rs("pass")=false then
Response.Write("<script>alert('您的帐号正在审核过程中，请耐心等候……');history.go(-1);</script>")
Response.End
end if
session("userid")=trim(rs("id"))
session("username")=trim(rs("user_name"))
session("useradmin")=trim(rs("user_admin"))
session("userlogin")=sys
rs("user_last_login_ip")=Request.ServerVariables("REMOTE_ADDR")
rs("user_last_login_time")=date()
rs("user_login_time")=rs("user_login_time")+1
rs("user_money")=rs("user_money")+1
rs.update
Response.write "<script>this.location.href='index.asp';</script>"
rs.close
set rs=nothing
end sub
'●●●●●●●●●●●●●●●●●●●●
'●过程名：loginout()                  ●
'●功  能：用户登陆 。                 ●
'●●●●●●●●●●●●●●●●●●●●
sub loginout()
session("userid")=""
session("username")=""
session("useradmin")=""
session("userlogin")=""
Response.write "<script>this.location.href='index.asp';</script>"
end sub
'●●●●●●●●●●●●●●●●●●●●
'●过程名：check_user()                ●
'●功  能：用户名检测 。               ●
'●●●●●●●●●●●●●●●●●●●●
sub check_user()
yecao_info=split(replace_reg,"|")
If Request.Form<>"" Then
For Each yecao_post In Request.Form
For yecao_get=0 To Ubound(yecao_info)
If Instr(LCase(Request.Form(yecao_post)),yecao_info(yecao_get))<>0 Then
Response.Write "<Script>alert('对不起，您提交的内容中包含系统禁止字符！');</Script>"
Response.End
End If
Next
Next
End If
UserName=trim(request("user"))
if UserName="" or strLength(UserName)>14 or strLength(UserName)<4 then
Response.Write("<script>alert('请输入用户名不能大于10小于2！');javascript:history.back();</script>")
Response.End
else
if Instr(UserName,"=")>0 or Instr(UserName,"%")>0 or Instr(UserName,chr(32))>0 or Instr(UserName,"?")>0 or Instr(UserName,"&")>0 or Instr(UserName,";")>0 or Instr(UserName,",")>0 or Instr(UserName,"'")>0 or Instr(UserName,",")>0 or Instr(UserName,chr(34))>0 or Instr(UserName,chr(9))>0 or Instr(UserName,"