changelevel.asp

asp+sql的学生信息管理系统

<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<HTML>
<HEAD>
<TITLE>更改用户的权限级别</TITLE>
<STYLE>
P, TABLE, INPUT{FONT-SIZE: 9pt}
</STYLE>  
</HEAD>
<%
Response.Buffer = True  
Response.ExpiresAbsolute = Now() - 1  
Response.Expires = 0  
Response.CacheControl = "no-cache"  
Response.AddHeader "Pragma", "No-Cache" 
%>
<BODY>
<div align="center">
  <%
Dim cnn, rts, sSQL, UserName, Level
If Session("UserName") = "" Or Session("Level") <> 3 Then
  Response.Write "<P>你没有访问本页面的权限！</P>"
  Response.End
End If
UserName = Trim(Request.Form("txtUserName"))
Level = Request.Form("optLevel")
Set cnn = Server.CreateObject("ADODB.Connection")
Set rst = Server.CreateObject("ADODB.Recordset")
cnn.ConnectionString = "PROVIDER=microsoft.jet.oledb.4.0;DATA SOURCE=" & server.mappath("Date\date.mdb")
cnn.Open
sSQL = "SELECT * FROM users WHERE user_name='" & UserName & "'"
Set rst = cnn.Execute(sSQL, ,adCmdText)
%>
  <img src="image/logo.gif" width="500" height="200">
</div>
<P align="center"><A HREF = "index.asp">返回首页</A></P>
<DIV ALIGN = "center">
<P><B>更改用户的权限级别</B></P>
<HR NOSHADE SIZE = "1" COLOR = "red">
<FORM METHOD = "POST" ACTION = "changeLevel.asp">
<TABLE
WIDTH = "524" border="0" CELLPADDING = "2" CELLSPACING = "1" bordercolor="#FFFFFF" BGCOLOR = "#FFFFFF">
<TR bgcolor="#003399">
<TH COLSPAN = "2">
<FONT COLOR = "#FFFFFF">更改用户的权限级别</FONT></TH>
</TR>
<TR bgcolor="#CCCCCC">
<TD width="147">&nbsp;</TD>
<TD width="366">&nbsp;</TD>
</TR>
<TR bgcolor="#CCCCCC">
<TD ALIGN = "right">用户名：</TD>
<TD><INPUT TYPE = "text" NAME = "txtUserName" SIZE="20"
VALUE = <% = UserName %>></TD>
</TR>
<TR bgcolor="#CCCCCC">
<TD ALIGN = "right">要设置的权限级别：</TD>
<TD>
<INPUT TYPE = "radio" CHECKED NAME = "optLevel" VALUE = "1">学生
<INPUT TYPE="radio" NAME="optLevel" VALUE="2">教师
<INPUT TYPE="radio" NAME="optLevel" VALUE="3">管理员
</TD>
</TR>
<TR bgcolor="#CCCCCC">
<TD>&nbsp;</TD>
<TD>&nbsp;</TD>
</TR>
<TR ALIGN = "center" bgcolor="#CCCCCC">
<TD><INPUT TYPE = "submit" VALUE = "提交" NAME = "btnSubmit"></TD>
<TD><INPUT TYPE = "reset" VALUE = "全部重写" NAME = "btnReset"></TD>
</TR>
</TABLE>
</FORM>
<%
If UserName <> "" And rst.EOF Then
  Response.Write "<FONT COLOR = red>用户“" & UserName & "”不存在！</FONT>"
End If
If UserName <> "" And Not rst.EOF Then
  sSQL = "UPDATE users SET purview_level=" & Level & " WHERE user_name='" & UserName & "'"
  cnn.Execute sSQL, , adCmdText
  Response.Write "用户“"  & UserName & "”的权限级别已被更改为" & Level & "级！"
End If
%>
</DIV>
</BODY>
</HTML>