📄 changepwd.asp
字号:
<%Response.Buffer=true%>
<html>
<head>
<title>密码找回自己更改密码</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link rel="stylesheet" href="Setup.css">
</head>
<BODY oncontextmenu=self.event.returnValue=false text=#000000 class=p150>
<%
if Session("wangbadan99163")="" then Response.Redirect "error.asp?id=150"
if Session("danbawang36199")<>"heiheinihuai" then Response.Redirect "error.asp?id=150"
Set conn=Server.CreateObject("ADODB.CONNECTION")
Set rs=Server.CreateObject("ADODB.RecordSet")
connstr=Application("hg_connstr")
conn.open connstr
user=Request.Form("user")
pass=Request.Form("pass")
if user<>"" and pass<>"" then
user=Request.Form("user")
if InStr(user,"=")<>0 or user="网佳" or InStr(user,"`")<>0 or InStr(user,"'")<>0 or InStr(user," ")<>0 or InStr(user," ")<>0 or InStr(user,"'")<>0 or InStr(user,chr(34))<>0 or InStr(user,"\")<>0 or InStr(user,",")<>0 or InStr(user,"<")<>0 or InStr(user,">")<>0 then Response.Redirect "../readonly/bomb.htm"
pass=Request.Form("pass")
if InStr(pass,"=")<>0 or InStr(pass,"`")<>0 or InStr(pass,"'")<>0 or InStr(pass," ")<>0 or InStr(pass," ")<>0 or InStr(pass,"'")<>0 or InStr(pass,chr(34))<>0 or InStr(pass,"\")<>0 or InStr(pass,",")<>0 or InStr(pass,"<")<>0 or InStr(pass,">")<>0 then Response.Redirect "../error.asp?id=470"
pass=CStr(Replace(pass,chr(13)&chr(10),""))
sql="select * from 用户 where 姓名='"&user&"'"
set rs=conn.Execute(sql)
if rs.EOF or rs.BOF then
Response.Write "<p align=center>找不到此用户</p>"
Response.Write "<p align=center>[ <a href=changepwd.asp>返回</a> ]</p>"
Response.End
else
temppass=StrReverse(left(pass&"zxcvbnm,./",10))
templen=len(pass)
mmpassword=""
for j=1 to 10
mmpassword=mmpassword+chr(asc(mid(temppass,j,1))-templen+int(j*1.1))
next
psw=replace(mmpassword,"'","B")
sql="update 用户 set 密码='"&psw&"' where 姓名='"&user&"'"
set rs=conn.Execute(sql)
conn.Close
set conn=nothing
Response.Write "<p align=center>"&user&"的密码己成功修改,请您用新的密码登陆本系统即可! <a href=javascript:window.close()>关闭本页</a> </p>"
Response.End
Session("danbawang36199")="0"
Session.Abandon
end if
else
if user="" then
%>
<table width="345" border="1" cellspacing="0" cellpadding="10" align="center" bordercolorlight="#FFFFFF" bordercolordark="#000000">
<td width="321">
<br>
<br>
<tr align="center">
<form method="post" action="changepwd.asp">
<td width="321">
用户名: <%=Session("wangbadan99163")%><input type="hidden" name="user" size="10" maxlength="10" value="<%=Session("wangbadan99163")%>">
<input type="submit" name="Submit" value="搜索">
</form>*请先按搜索按钮
</tr>
</table>
<%
else
if InStr(user,"=")<>0 or InStr(user,"`")<>0 or InStr(user,"'")<>0 or InStr(user," ")<>0 or InStr(user," ")<>0 or InStr(user,"'")<>0 or InStr(user,chr(34))<>0 or InStr(user,"\")<>0 or InStr(user,",")<>0 or InStr(user,"<")<>0 or InStr(user,">")<>0 then Response.Redirect "../error.asp?id=470"
sql="select * from 用户 where 姓名='"&user&"'"
set rs=conn.Execute(sql)
if rs.EOF or rs.BOF then
Response.Write "<p align=center>找不到此用户 <a href=changepwd.asp>返回</a></p>"
Response.End
end if
%>
<table width="347" border="1" cellspacing="0" cellpadding="10" align="center" bordercolorlight="#000000" bordercolordark="#FFFFFF">
<td width="323">
<br>
<br>
<tr align="center">
<form method="post" action="changepwd.asp" id=form1 name=form1>
<td width="323">
用户名: <%=user%><input type="hidden" name="user" size="10" maxlength="10" style="text-align:center;" value='<%=user%>' readonly>
我要将密码更改为:
<input name="pass" size="10" maxlength="10" type="password">
<input type="submit" name="Submit" value="更改"> <br>
<br>
<a href=javascript:window.close()>关闭本页</a>
</form>
</tr>
</table>
<%
end if
end if
%>
</body>
</html>
<%
Function SqlStr(data)
SqlStr="'" & Replace(data,"'","''") & "'"
End Function
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -