⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 edit_userfox.asp

📁 统管理:初始设置
💻 ASP
字号:
🔍 
<!--#include file="../conn/boardconn.asp"-->
<!--#include file="../style/sql.asp" -->
<!--#include file="../CHAR.INC"-->
<!--#include file="../function.asp"-->
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style=font:9pt Verdana>"
response.write "<center><font face=Georgia,Tahoma size=2><u>友好提示:服务器禁止非法操作...</u></font></center>"
response.write "</td></tr></table></center>"
response.end
end if
%>
<%
fqys=request.servervariables("query_string") 
dim nothis(18) 
nothis(0)="net user" 
nothis(1)="xp_cmdshell" 
nothis(2)="/add" 
nothis(3)="exec%20master.dbo.xp_cmdshell" 
nothis(4)="net localgroup administrators" 
nothis(5)="select" 
nothis(6)="count" 
nothis(7)="asc" 
nothis(8)="char" 
nothis(9)="mid" 
nothis(10)="'" 
nothis(11)=":" 
nothis(12)="""" 
nothis(13)="insert" 
nothis(14)="delete" 
nothis(15)="drop" 
nothis(16)="truncate" 
nothis(17)="from" 
nothis(18)="%" 
errc=false 
for i= 0 to ubound(nothis) 
if instr(FQYs,nothis(i))<>0 then 
errc=true 
end if 
next 
if errc then 
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style=font:9pt Verdana>"
response.write "<center><font face=Georgia,Tahoma size=2><u>友好提示:服务器禁止非法操作...</u></font></center>"
response.write "</td></tr></table></center>"
response.end 
end if 
%>
<%CheckAdmin1%>
<%
Dim UserID
UserID=request.QueryString("NumID")
If UserID="" or not IsNumeric(UserID) Then
	response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
	response.write "<tr><td style=font:9pt Verdana>"
	response.write "<center><font face=Georgia,Tahoma size=2>友好提示:服务器禁止非法操作...</font></center>"
	response.write "</td></tr></table></center>"
	Response.End
End If
%>
<%
  if Request.QueryString("Action")="Edit_User" Then
  username=Request.Form("username")
  sex=Request.Form("sex")
  email=Request.Form("email")
  oicq=Request.Form("oicq")
  question=Request.Form("question")
  answer=Request.Form("answer")
  usergroupid=Request.Form("usergroupid")
  Lockuser=Request.Form("Lockuser")
  set rs=server.createobject("adodb.recordset")
  sql="select * from Aymi_User_Disp where UserID="&Cint(UserID)
  rs.open sql,conn,1,3
  rs("UserName")=username
  rs("Sex")=sex
  rs("Email")=email
  rs("Oicq")=oicq
  rs("Question")=question
  rs("Answer")=answer
  rs("UserGroupID")=usergroupid
  rs("LockUser")=Lockuser
  rs.Update
  rs.close
  conn.close
  Set rs=Nothing
  Set conn=Nothing
  response.redirect "all_user.asp"
  end if
%>

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -