/webadmin/guanli.asp
ASP | 312 lines | 299 code | 7 blank | 6 comment | 40 complexity | d102105fd39e77a62562a84e00e51e7d MD5 | raw file
- <!-- #include file="ding.asp" -->
- <!-- #include file="mymin.asp" -->
- <!-- #include file="md5.asp" -->
- <%Call Head2()
-
- Dim act,idd
- act = Request("action")
- idd = Request("id")
- if idd<>"" and IsNumeric(idd) Then
- idd=int(idd)
- Else
- idd=1
- end if
-
- '?????ID???1??????????????
- Function ifEditable()
- If idd<>1 and keyid=1 Then ifEditable=True:Exit Function
- ifEditable=False
- End Function
-
- '???? keyid??????ID?idd??????ID????1
- ' 0???????
- ' 1????????
- ' 2?????????????
- ' 3???????????????
- Dim user_level
- if KEYid<>1 then
- user_level=1'???
- else
- user_level=0
- end if
- if KEYid<>idd then user_level=user_level+2'?????
-
-
- IF act="view" Then
- if user_level=3 then
- Call Error2("<title>??!</title></head><body><div class='main320'>?????")
- end if
- call view
- elseiF act="del" Then
- if user_level<>2 then'????????????
- Call Error2("<title>??!</title></head><body><div class='main320'>?????")
- end if
- call del
- elseiF act="edit" Then
- if user_level=3 then
- Call Error2("<title>??!</title></head><body><div class='main320'>?????")
- end if
- call edit
- elseiF act="add" Then
- if user_level<>0 then'?????????ID
- Call Error2("<title>??!</title></head><body><div class='main320'>?????")
- end if
- call add
- elseiF act="save" Then
- if user_level=3 then
- Call Error2("<title>??!</title></head><body><div class='main320'>?????")
- end if
- call save
- else
- call index
- end if
-
- Function index()
- if keyid<>1 Then response.redirect "guanli.asp?sid="&sid&"&action=view&id="&keyid%>
- <title>?????</title></head><body><div class='main400'>
- ?????:<br/>
- <%
- Dim rs,sql,pagesize,count,page,i,keyname
- Set Rs = Server.CreateObject("Adodb.Recordset")
- Sql = "SELECT * FROM 74hu_admin order by id asc"
- Rs.Open Sql,conn,1,1
- If Not rs.eof Then
- PageSize=10
- Count=rs.recordcount
- page=getN("page",1)
- if page<1 then page=1
- pagecount=(count+pagesize-1)\pagesize
- if page>pagecount then page=pagecount
- rs.move(pagesize*(page-1))
- For i=1 To PageSize
- If rs.eof Then Exit For
- keyname=" <br/>????:??"
- if rs("classids")<>"" then keyname=" <br/>????:"&rs("classids")
- if rs("key")=2 then keyname="?????"&keyname
- if rs("key")=0 then keyname="?????"
- if rs("id")=1 then keyname="??"
- %><%=i+(page-1)*PageSize%>.<a href='guanli.asp?sid=<%=sid%>&action=view&id=<%=rs("id")%>'><%=nowml(rs("username"))%></a><br/>????:<%=keyname%><br/>
- ????:<%=nowml(fordate(rs("dltime")))%><br/>--------<br/>
- <%
- rs.moveNext
- Next
- w showsPage("guanli.asp", "", page, pageCount)&"<br/>"
- Else
- %>
- (????)
- <%end if
- Rs.close
- set rs=nothing
- %><br/>??????<br/>
- 1??????????????????????????????<br/>
- 2?????????????????????????????<br/>
- 3????????????????????????????ID?<br/>
- 4??????????????????????????????<br/>
- 5????????????????????<a href="http://74hu.cn">??? 74hu.cn</a>???<br/><%
- Response.Write("<br/><a href='guanli.asp?sid="&sid&"&action=add'>[????]</a><br/>")
- end Function
- Function add()%>
- <title>????</title></head><body><div class='main400'>
- <form method="post" action="guanli.asp?sid=<%=sid%>&action=save&edit=add">
- ??:<br/><input name="username" maxlength="16" /><br/>
- ??:<br/><input name="password" /><br/>
- ??:<br/><input name="password2" /><br/>
- ??:<br/><select name="keyvar">
- <option value="0">?????</option>
- <option value="2">?????</option>
- </select><br/>
- ????:<br/><input name="classids" /><br/>
- <input type="submit" value="??"/>
- </form>
- ??????<br/>
- 1?????????????????????????????????????????????<br/>
- 2???????????????????1,2,4??1?2?4???????ID???????????????????<br/><br/>
- <a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%
- end Function
- Function edit()
- id=idd
- Set Rs = Server.CreateObject("Adodb.Recordset")
- Sql = "SELECT * FROM 74hu_admin where id="&id
- Rs.Open Sql,conn,1,1
- if not (rs.bof and rs.eof) then %>
- <title>????</title></head><body><div class='main400'>
- <form method="post" action="guanli.asp?sid=<%=sid%>&action=save&edit=edit">
- ???:
- <%If user_level=0 Then%>
- <br/><input name="username"/>
- <%Else
- Response.Write rs("username")
- End If%><br/>
- ??:<br/><input name="password" value="" /><br/>
- ????:<br/><input name="password2" value="" /><br/>
- <%if user_level=2 then%>
- ????:<br/><select name="keyvar">
- <option value="0">?????</option>
- <option value="2" <% if rs("key")=2 then w "selected"%>>?????</option>
- </select><br/>
- ????:<br/><input name="classids" value="<%=Trim(rs("classids"))%>"/>
- <%end if%>
- <br/>
- <input type="submit" value="??"/>
- <input type="hidden" name="id" value="<%=id%>"/>
- </form>
- <%if user_level=2 then%>
- ??????<br/>
- 1?????????????????????????????????????????????<br/>
- 2???????????????????1,2,4??1?2?4???????ID???????????????????<br/><br/>
- <%else%>
- ??????????????????????<br/>
- <%end if%>
- <a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%else%>
- <title>???</title></head><body><div class='main400'>
- ?????!<br/>
- <%end if
- Rs.close
- set rs=nothing
- end Function
- Function view()
- id=idd
- if id="" then%>
- <title>???</title></head><body><div class='main400'>
- ID??.<br/>
- <%else%>
- <title>????</title></head><body><div class='main400'>
- <p>
- <%
- Set Rs = Server.CreateObject("Adodb.Recordset")
- Sql = "SELECT username,dltime,lastip FROM 74hu_admin where id="&id
- Rs.Open Sql,conn,1,1
- if not (rs.bof and rs.eof) then %>
- ???:<%=rs("username")%><br/>
- ????:<%=fordate(rs("dltime"))%><br/>
- ???IP:<%=rs("lastip")%><br/>
- <a href='guanli.asp?sid=<%=sid%>&action=edit&id=<%=id%>'>[??]</a>
- <%if user_level=2 then%>
- <a href='guanli.asp?sid=<%=sid%>&action=del&id=<%=id%>'>[??]</a>
- <%end if%>
- <br/><a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%else%>
- ????!<br/>
- <%end if
- Rs.close
- set rs=nothing
- end if
- end Function
- Function del()
- id=idd
- if id="" then%>
- <title>???</title></head><body><div class='main400'>
- ID??.<br/>
- <%else
- if Request("del")="true" then
- set rs=server.CreateObject("adodb.recordset")
- Sql = "SELECT * FROM 74hu_admin where id="&id
- rs.open sql,conn,1,3
- if not (rs.bof and rs.eof) then
- if id=1 then
- Call Error2("<card title='?????'><p>???????")
- end if
- rs.delete
- end if
- Rs.close
- set rs=nothing%>
- <title>?????</title></head><body><div class='main400'>
- ?????????!<br/>
- <a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%else%>
- <title>?????</title></head><body><div class='main400'>
- ??????????<br/>
- <a href='guanli.asp?sid=<%=sid%>&action=del&del=true&id=<%=id%>'>[????]</a><br/>
- <a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%end if
- end if
- end Function
- Function save()
- username=Trim(Request("username"))
- password=Trim(Request("password"))
- password2=Trim(Request("password2"))
- keyvar=Trim(Request("keyvar"))
- ids=Trim(Request("classids"))
- id=idd
- if user_level=2 then
- if keyvar="" or isnumeric(keyvar) =false then Call Error2("<title>??!</title></head><body><div class='main320'>?????")
- if ids<>"" and Not IsNumeric(replace(ids,",","")) then Call Error2("<title>??!</title></head><body><div class='main320'>???????")
- end if
- if user_level=0 and username="" then errmsg=errmsg&"????????<br/>":flag=0
- if password="" then errmsg=errmsg&"????????<br/>":flag=0
- if password2="" then errmsg=errmsg&"??????????<br/>":flag=0
- if Request("edit")="edit" then
- if id="" then errmsg=errmsg&"ID??<br/>":flag=0
- if user_level=0 then
- set rs=Server.CreateObject("ADODB.Recordset")
- rs.open"select ID from 74hu_admin where username='"&username&"' and id<>"&id,conn,1,1
- if not rs.eof then
- errmsg=errmsg&"??????????<br/>":flag=0
- end if
- rs.close
- set rs=nothing
- end if
- if flag<>"0" then
- set rs=server.CreateObject("adodb.recordset")
- sql="select * from 74hu_admin where id="&id
- rs.open sql,conn,1,3
- if rs.eof then
- errmsg=errmsg&"ID??<br/>":flag=0
- end if
- if user_level=0 then rs("username")=username
- rs("password")=md5(md5(password,16),32)
- rs("HU_admin")=md5(md5(password2,16),32)
- if user_level=2 then
- rs("key")=keyvar
- If ids<>"" Then rs("classids")=ids
- end if
- rs("sid")=onlysid()
- rs.update()
- rs.close
- set rs=nothing%>
- <meta http-equiv='refresh' content='1;url=guanli.asp?sid=<%=sid%>'>
- <title>????</title></head><body><div class='main400'>
- ??????<br/><br/>
- <a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%else
- Response.Write("<title>??????</title></head><body><div class='main320'>"&errmsg&"<br/>")
- end if
- else
- if keyid<>1 then errmsg=errmsg&"?????????<br/>":flag=0
- set rs=Server.CreateObject("ADODB.Recordset")
- rs.open"select ID from 74hu_admin where username='"&username&"' and id<>"&id,conn,1,1
- if not rs.eof then
- errmsg=errmsg&"??????????<br/>":flag=0
- end if
- rs.close
- set rs=nothing
- if flag<>"0" then
- set rs=server.CreateObject("adodb.recordset")
- sql="select * from 74hu_admin"
- rs.open sql,conn,1,3
- rs.addnew()
- rs("username")=username
- rs("password")=md5(md5(password,16),32)
- rs("HU_admin")=md5(md5(password2,16),32)
- rs("sid")=onlysid()
- rs("key")=keyvar
- rs("classids")=ids
- rs.update()
- Rs.close
- set rs=nothing%>
- <meta http-equiv='refresh' content='1;url=guanli.asp?sid=<%=sid%>'>
- <title>????</title></head><body><div class='main400'>
- ??????<br/><br/>
- <a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>
- <%else
- Response.Write("<title>??????</title></head><body><div class='main320'>"&errmsg&"<br/>")
- end if
- END IF
- end Function
-
- call CloseConn
- %>
- <a href="index.asp?sid=<%=sid%>">[????]</a>
- </div></body></html>