admin_admin.asp

二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台二手商品交易平台

<!--#include file="include/conn.asp"-->
<!--#include file="include/function.asp"-->
<!--#include file="include/access.asp"-->
<%
subname0        = request("subname0")
action          = request("action")
if request("AdminID") <> "" then
AdminID         = cint(request("AdminID"))
end if
if request("NAdminID") <> "" then
NAdminID        = cint(request("NAdminID"))
end if
AdminName       = trim(request("AdminName"))
AdminPwd        = trim(request("AdminPwd"))
if action       = "add" and subname0 <> ""then
	if AdminName = "" or AdminPwd = "" then
	response.write "<script>alert('请检查管理员和密码是否为空！');history.go(-1);</script>"
	response.End()
	end if
	'检测用户是否存在
	sql         = "select * from [Admin] where AdminName = '"&AdminName&"'"
	set rs0     = conn.execute(sql)
	if not rs0.eof and not rs0.bof then
		response.write "<script>alert('"&UserName&"管理员已经存在，请重新输入');history.go(-1);</script>"
		response.end
	end if
	action      = "add"
	AdminPwd    = md5(AdminPwd)
	sql         = "insert into Admin (AdminName,AdminPwd) values ('"&AdminName&"','"&AdminPwd&"')"
	set rs =server.CreateObject("adodb.recordset")
    rs.open sql,conn,1,3
	response.write "<script>alert('添加管理员成功');</script>"
end if
if request("action")      = "add" then
	action      = "add"
	submittext  = "添加"
else 
	action      = "add"
	submittext  = "添加"
end if
if request("action") = "delete" then
	action      = "add"
	submittext  = "添加"
	sql         = "select * from Admin where AdminID = "&AdminID&""
	set rs =server.CreateObject("adodb.recordset")
    rs.open sql,conn,1,3
	if rs.eof or rs.bof then
	response.write "<script>alert('该管理员不存在');</script>"
	else
	sql         = "delete * from Admin where AdminID = "&AdminID&""
	conn.execute(sql)
	response.write "<script>alert('删除成功');</script>"
	end if
end if 
if request("action") = "edit" and subname0 <> "" then
	sql         = "select * from Admin where AdminID = "&NAdminID&""
	set rs =server.CreateObject("adodb.recordset")
    rs.open sql,conn,1,3
	if rs.eof then
	response.write "<script>alert('该管理员不存在');</script>"
	else
		if AdminPwd = "******" then 
		sql         = "update Admin set AdminName = '"&AdminName&"' where AdminID = "&NAdminID&""
		set rs =server.CreateObject("adodb.recordset")
    	rs.open sql,conn,1,3
		else
		AdminPwd    = md5(AdminPwd)
		sql         = "update Admin set AdminName = '"&AdminName&"',AdminPwd = '"&AdminPwd&"' where AdminID = "&NAdminID&""
		set rs =server.CreateObject("adodb.recordset")
    	rs.open sql,conn,1,3
		end if
	response.write "<script>alert('编辑成功');</script>"
	end if
end if

if request("action") = "edit" then
	action     = "edit"
	submittext = "编辑"
	
else 
	sql        = "select max(AdminID)+1 from Admin"
	set rs     = conn.execute(sql)
	OAdminID   = rs(0)
	action     = "add"
	submittext = "添加"
end if
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>后台管理</TITLE>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META http-equiv=MSThemeCompatible content=Yes>
<LINK href="images/css.css" type=text/css rel=stylesheet>

<META content="MSHTML 6.00.3790.0" name=GENERATOR>
</HEAD>
<BODY leftMargin=0 topMargin=0>

<BR>
<TABLE cellSpacing=0 cellPadding=0 width=650 align=center border=0>
  <TBODY> 
  <TR>
    <TD>
      <TABLE cellSpacing=1 cellPadding=4 width="100%" border=0>
        <TBODY> 
            <TR class=m_title> 
              <TD align=center>管理员编号</TD>
              <TD align=center>管理员名</TD>
              <TD align=center>管理员密码</TD>
          
          <TD align=center>操作</TD>
        </TR>
<%
sql      = "select * from Admin order by AdminID asc"
set rs =server.CreateObject("adodb.recordset")
rs.open sql,conn,1,3
do while not rs.eof and not rs.bof
	if action = "edit" then
		if AdminID  = rs("AdminID") then
		   OAdminID = rs("AdminID")
		   OAdminName    = rs("AdminName")
		  
		end if
	end if
%>
	  <TR class=line_1 align="center">
         <TD noWrap><a href=?action=edit&AdminID=<%=rs("AdminID")%>><%=rs("AdminID")%></a></TD>
	        <TD noWrap><%=rs("AdminName")%></TD>
	         <TD noWrap>******</TD>
			 
	         <TD noWrap><a href=?action=edit&AdminID=<%=rs("AdminID")%>>编辑</a> <a href='?'>添加</a> <a href='?action=delete&AdminID=<%=rs("AdminID")%>' onclick='return confirm("确认删除?")'>删除</a></TD>
	       </TR>
<%
rs.movenext
loop

%>
        <TR class=line_1> 
	 <form method="post" action="?action=<%=action%>">
          <TD align=center><input type="text" name="AdminID" size="10" value="<%=OAdminID%>" disabled style="text-align:center"><input type="hidden" name="NAdminID" size="10" value="<%=OAdminID%>"></TD>
          <TD align=center><input type="text" name="AdminName" size="10" value="<%=OAdminName%>"></TD>
		 <TD align=center>
		 <input type="password" name="AdminPwd" size="10" value="******">

		 </TD>
           
          <TD align=center><input type="submit" name="subname0" value="<%=submittext%>"></TD>
      </form>
        </TR>
        </TBODY> 
      </TABLE>
    </TD>
  </TR>
  </TBODY>
</TABLE>

<BR><BR>

<BR>
</BODY>
</HTML>