songhuo.asp
来自「易和阳光购物商城 v1.3 | 功能简介 增加了防注入文件」· ASP 代码 · 共 133 行
ASP
133 行
<!--#include file="conn.asp"-->
<html><head><title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<link href="../images/css.css" rel="stylesheet" type="text/css">
</head>
<body>
<%dim action,songid
songid=request.QueryString("id")
if songid<>"" then
if not isnumeric(songid) then
response.write"<script>alert(""非法访问!"");location.href=""../index.asp"";</script>"
response.end
end if
end if
action=request.QueryString("action")
set rs=server.CreateObject("adodb.recordset")
select case action
'/////修改送货方式
case "songhuosave"
rs.open "select * from Iheeo_Delivery where songid="&songid,conn,1,3
rs("SongName")=trim(request("subject"))
rs("SongList")=request("songidorder")
rs("SongFei")=request("SongFei")
rs("SongKey")=request("key")
rs.update
rs.close
response.write "<script>alert('成功修改了送货方式!');location.href=""songhuo.asp"";</script>"
response.End
'/////添加送货方式
case "songhuoadd"
rs.open "select * from Iheeo_Delivery",conn,1,3
rs.addnew
rs("SongName")=trim(request("subject"))
rs("SongList")=request("songidorder")
rs("SongFei")=request("SongFei")
rs("SongKey")=request("key")
rs.update
rs.close
response.write "<script>alert('成功添加了送货方式!');location.href=""songhuo.asp"";</script>"
response.End
'/////删除送货方式
case "songhuodel"
conn.execute "delete from Iheeo_Delivery where songid="&songid
response.redirect "songhuo.asp"
end select
set rs=nothing
%>
<table class="tableBorder" width="90%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#6a7f9a">
<tr>
<td align="center" background="../images/admin_bg_1.gif"><b><font color="#ffffff">修改送货方式</font></b></td>
</tr>
<tr>
<td><table width="700" border="0" align="center" cellpadding="2" cellspacing="1" >
<tr >
<td width="30%" align="center" background="../images/admin_bg_1.gif"><font color="#ffffff">送货方式</font></td>
<td width="10%" align="center" background="../images/admin_bg_1.gif"><font color="#ffffff">排 序</font></td>
<td width="15%" align="center" background="../images/admin_bg_1.gif">
<font color="#FFFFFF">费 用</font></td>
<td width="10%" align="center" background="../images/admin_bg_1.gif">
<font color="#FFFFFF">KEY</font></td>
<td width="35%" align="center" background="../images/admin_bg_1.gif"><font color="#ffffff">操 作</font></td>
</tr>
<%dim i,j
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from Iheeo_Delivery order by SongID",conn,1,1
i=rs.recordcount
do while not rs.eof%>
<tr>
<form name="form1" method="post" action="SongHuo.asp?action=songhuosave&id=<%=rs("SongID")%>">
<td align="center">
<input name="subject" type="text" id="subject" size="20" value=<%=trim(rs("SongName"))%>>
</td>
<td align="center">
<input name="songidorder" type="text" id="songidorder" size="6" value=<%=rs("SongList")%> onKeyPress = "return regInput(this, /^[0-9]*$/, String.fromCharCode(event.keyCode))"
onpaste = "return regInput(this, /^[0-9]*$/, window.clipboardData.getData('Text'))"
ondrop = "return regInput(this, /^[0-9]*$/, event.dataTransfer.getData('Text'))">
</td>
<td align="center"><input name="SongFei" type="text" id="SongFei" size="6" value=<%=rs("SongFei")%>> 元</td>
<td align="center">
<input name="key" type="text" id="key" size="6" value=<%=rs("SongKey")%>></td>
<td STYLE='PADDING-LEFT: 20px'>
<input type="submit" name="Submit" value="修 改">
<a href="songhuo.asp?action=songhuodel&id=<%=rs("songid")%>" onClick="return confirm('您确定进行删除操作吗?')"><font color="#FF0000">删除</font></a>
</td>
</form>
</tr>
<%rs.movenext
loop
rs.close
set rs=nothing%>
<tr>
<td align="center" colspan="5" background="../images/admin_bg_1.gif"><font color="#ffffff">添加送货方式</font></td>
</tr>
<tr>
<form name="form2" method="post" action="songhuo.asp?action=songhuoadd">
<td align="center">
<input name="subject" type="text" id="subject" size="20">
</td>
<td align="center">
<input name="songidorder" type="text" id="songidorder" value=<%=i+1%> size="6" onKeyPress = "return regInput(this, /^[0-9]*$/, String.fromCharCode(event.keyCode))"
onpaste = "return regInput(this, /^[0-9]*$/, window.clipboardData.getData('Text'))"
ondrop = "return regInput(this, /^[0-9]*$/, event.dataTransfer.getData('Text'))">
</td>
<td align="center"><input name="SongFei" type="text" id="SongFei" size="6"> 元</td>
<td align="center">
<input name="key" type="text" id="key" size="6"></td>
<td STYLE='PADDING-LEFT: 20px'>
<input type="submit" name="Submit3" value="添 加">
</td>
</form>
</tr>
</table></td>
</tr>
<tr>
<td bgcolor="#DFE2D9">
<p align="center">备注</td>
</tr>
</table>
</body>
</html>
<script>
function regInput(obj, reg, inputStr)
{
var docSel = document.selection.createRange()
if (docSel.parentElement().tagName != "INPUT") return false
oSel = docSel.duplicate()
oSel.text = ""
var srcRange = obj.createTextRange()
oSel.setEndPoint("StartToStart", srcRange)
var str = oSel.text + inputStr + srcRange.text.substr(oSel.text.length)
return reg.test(str)
}
</script>⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?