guanli.asp | searchcode

/webadmin/guanli.asp

http://asp-wap-cms.googlecode.com/
ASP | 312 lines | 299 code | 7 blank | 6 comment | 40 complexity | d102105fd39e77a62562a84e00e51e7d MD5 | raw file

<!-- #include file="ding.asp" -->

<!-- #include file="mymin.asp" -->

<!-- #include file="md5.asp" -->

<%Call Head2()



Dim act,idd

act = Request("action")

idd = Request("id")

if idd<>"" and IsNumeric(idd) Then

	idd=int(idd)

Else

	idd=1

end if



'?????ID???1??????????????

Function ifEditable()

	If idd<>1 and keyid=1 Then ifEditable=True:Exit Function

	ifEditable=False

End Function



'????	keyid??????ID?idd??????ID????1

'	0???????

'	1????????

'	2?????????????

'	3???????????????

Dim user_level

if KEYid<>1 then

	user_level=1'???

else

	user_level=0

end if

if KEYid<>idd then user_level=user_level+2'?????





IF  act="view" Then

	if user_level=3 then

		Call Error2("<title>??!</title></head><body><div class='main320'>?????")

	end if

	call view

elseiF  act="del" Then

	if user_level<>2 then'????????????

		Call Error2("<title>??!</title></head><body><div class='main320'>?????")

	end if

	call del

elseiF  act="edit" Then

	if user_level=3 then

		Call Error2("<title>??!</title></head><body><div class='main320'>?????")

	end if

	call edit

elseiF  act="add" Then

	if user_level<>0 then'?????????ID

		Call Error2("<title>??!</title></head><body><div class='main320'>?????")

	end if

	call add

elseiF  act="save" Then

	if user_level=3 then

		Call Error2("<title>??!</title></head><body><div class='main320'>?????")

	end if

	call save

else

	call index

end if



Function index()

	if keyid<>1 Then response.redirect "guanli.asp?sid="&sid&"&action=view&id="&keyid%>

	<title>?????</title></head><body><div class='main400'>

	?????:<br/>

	<%

	Dim rs,sql,pagesize,count,page,i,keyname

	Set Rs = Server.CreateObject("Adodb.Recordset")

	Sql = "SELECT * FROM 74hu_admin order by id asc"

	Rs.Open Sql,conn,1,1

	If Not rs.eof Then

	PageSize=10

	Count=rs.recordcount

	page=getN("page",1)

	if page<1 then page=1

	pagecount=(count+pagesize-1)\pagesize

	if page>pagecount then page=pagecount

	rs.move(pagesize*(page-1))

	For i=1 To PageSize

	If rs.eof Then Exit For

	keyname=" <br/>????:??"

	if rs("classids")<>"" then keyname=" <br/>????:"&rs("classids")

	if rs("key")=2 then keyname="?????"&keyname

	if rs("key")=0 then keyname="?????"

	if rs("id")=1 then keyname="??"

	%><%=i+(page-1)*PageSize%>.<a href='guanli.asp?sid=<%=sid%>&amp;action=view&amp;id=<%=rs("id")%>'><%=nowml(rs("username"))%></a><br/>????:<%=keyname%><br/>

	????:<%=nowml(fordate(rs("dltime")))%><br/>--------<br/>

	<%

	rs.moveNext

	Next

	w showsPage("guanli.asp", "", page, pageCount)&"<br/>"

	Else

	%>

	(????)

	<%end if

	Rs.close

	set rs=nothing

	%><br/>??????<br/>

	1??????????????????????????????<br/>

	2?????????????????????????????<br/>

	3????????????????????????????ID?<br/>

	4??????????????????????????????<br/>

	5????????????????????<a href="http://74hu.cn">??? 74hu.cn</a>???<br/><%

	Response.Write("<br/><a href='guanli.asp?sid="&sid&"&amp;action=add'>[????]</a><br/>")

end Function

Function add()%>

	<title>????</title></head><body><div class='main400'>

	<form method="post" action="guanli.asp?sid=<%=sid%>&amp;action=save&amp;edit=add">

	??:<br/><input name="username" maxlength="16" /><br/>

	??:<br/><input name="password" /><br/>

	??:<br/><input name="password2" /><br/>

	??:<br/><select name="keyvar">

	<option value="0">?????</option>

	<option value="2">?????</option>

	</select><br/>

	????:<br/><input name="classids" /><br/>

	<input type="submit" value="??"/>

	</form>

	??????<br/>

	1?????????????????????????????????????????????<br/>

	2???????????????????1,2,4??1?2?4???????ID???????????????????<br/><br/>

	<a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

	<%

end Function

Function edit()

	id=idd

	Set Rs = Server.CreateObject("Adodb.Recordset")

	Sql = "SELECT * FROM 74hu_admin where id="&id

	Rs.Open Sql,conn,1,1

	if not (rs.bof and rs.eof)  then %>

	<title>????</title></head><body><div class='main400'>

	<form method="post" action="guanli.asp?sid=<%=sid%>&amp;action=save&amp;edit=edit">

	???:

	<%If user_level=0 Then%>

	<br/><input name="username"/>

	<%Else

	Response.Write rs("username")

	End If%><br/>

	??:<br/><input name="password" value="" /><br/>

	????:<br/><input name="password2" value="" /><br/>

	<%if user_level=2 then%>

	????:<br/><select name="keyvar">

	<option value="0">?????</option>

	<option value="2" <% if rs("key")=2 then w "selected"%>>?????</option>

	</select><br/>

	????:<br/><input name="classids" value="<%=Trim(rs("classids"))%>"/>

	<%end if%>

	<br/>

	<input type="submit" value="??"/>

	<input type="hidden" name="id" value="<%=id%>"/>

	</form>

	<%if user_level=2 then%>

	??????<br/>

	1?????????????????????????????????????????????<br/>

	2???????????????????1,2,4??1?2?4???????ID???????????????????<br/><br/>

	<%else%>

	??????????????????????<br/>

	<%end if%>

	<a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

	<%else%>

	<title>???</title></head><body><div class='main400'>

	?????!<br/>

	<%end if

	Rs.close

	set rs=nothing

end Function

Function view()

	id=idd

	if id=""  then%>

	<title>???</title></head><body><div class='main400'>

	ID??.<br/>

	<%else%>

	<title>????</title></head><body><div class='main400'>

	<p>

	<%

	Set Rs = Server.CreateObject("Adodb.Recordset")

	Sql = "SELECT username,dltime,lastip FROM 74hu_admin where id="&id

	Rs.Open Sql,conn,1,1

	if not (rs.bof and rs.eof)  then %>

	???:<%=rs("username")%><br/>

	????:<%=fordate(rs("dltime"))%><br/>

	???IP:<%=rs("lastip")%><br/>

	<a href='guanli.asp?sid=<%=sid%>&amp;action=edit&amp;id=<%=id%>'>[??]</a>

	<%if user_level=2 then%>

	<a href='guanli.asp?sid=<%=sid%>&amp;action=del&amp;id=<%=id%>'>[??]</a>

	<%end if%>

	<br/><a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

	<%else%>

	????!<br/>

	<%end if

	Rs.close

	set rs=nothing

	end if

end Function

Function del()

	id=idd

	if id=""  then%>

	<title>???</title></head><body><div class='main400'>

	ID??.<br/>

	<%else

	if Request("del")="true" then

	set rs=server.CreateObject("adodb.recordset")

	Sql = "SELECT * FROM 74hu_admin where id="&id

	rs.open sql,conn,1,3

	if not (rs.bof and rs.eof)  then

	if id=1 then

	Call Error2("<card title='?????'><p>???????")

	end if

	rs.delete

	end if

	Rs.close

	set rs=nothing%>

	<title>?????</title></head><body><div class='main400'>

	?????????!<br/>

	<a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

	<%else%>

	<title>?????</title></head><body><div class='main400'>

	??????????<br/>

	<a href='guanli.asp?sid=<%=sid%>&amp;action=del&amp;del=true&amp;id=<%=id%>'>[????]</a><br/>

	<a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

	<%end if

	end if

end Function

Function save()

	username=Trim(Request("username"))

	password=Trim(Request("password"))

	password2=Trim(Request("password2"))

	keyvar=Trim(Request("keyvar"))

	ids=Trim(Request("classids"))

	id=idd

	if user_level=2 then

		if keyvar="" or isnumeric(keyvar) =false then Call Error2("<title>??!</title></head><body><div class='main320'>?????")

		if ids<>"" and Not IsNumeric(replace(ids,",","")) then Call Error2("<title>??!</title></head><body><div class='main320'>???????")

	end if

	if user_level=0 and username=""  then errmsg=errmsg&"????????<br/>":flag=0

	if password=""  then errmsg=errmsg&"????????<br/>":flag=0

	if password2=""  then errmsg=errmsg&"??????????<br/>":flag=0

	if Request("edit")="edit" then

		if id=""  then errmsg=errmsg&"ID??<br/>":flag=0

		if user_level=0 then

			set rs=Server.CreateObject("ADODB.Recordset")

			rs.open"select ID from 74hu_admin where username='"&username&"' and id<>"&id,conn,1,1

			if not rs.eof then

				errmsg=errmsg&"??????????<br/>":flag=0

			end if

			rs.close

			set rs=nothing

		end if

		if flag<>"0" then

			set rs=server.CreateObject("adodb.recordset")

			sql="select * from 74hu_admin where id="&id

			rs.open sql,conn,1,3

			if rs.eof then

				errmsg=errmsg&"ID??<br/>":flag=0

			end if

			if user_level=0 then rs("username")=username

			rs("password")=md5(md5(password,16),32)

			rs("HU_admin")=md5(md5(password2,16),32)

			if user_level=2 then

				rs("key")=keyvar

				If ids<>"" Then rs("classids")=ids

			end if

			rs("sid")=onlysid()

			rs.update()

			rs.close

			set rs=nothing%>

			<meta http-equiv='refresh' content='1;url=guanli.asp?sid=<%=sid%>'>

			<title>????</title></head><body><div class='main400'>

			??????<br/><br/>

			<a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

		<%else

			Response.Write("<title>??????</title></head><body><div class='main320'>"&errmsg&"<br/>")

		end if

	else

		if keyid<>1 then errmsg=errmsg&"?????????<br/>":flag=0

		set rs=Server.CreateObject("ADODB.Recordset")

		rs.open"select ID from 74hu_admin where username='"&username&"' and id<>"&id,conn,1,1

		if not rs.eof then

			errmsg=errmsg&"??????????<br/>":flag=0

		end if

		rs.close

		set rs=nothing

		if flag<>"0" then

			set rs=server.CreateObject("adodb.recordset")

			sql="select * from 74hu_admin"

			rs.open sql,conn,1,3

			rs.addnew()

			rs("username")=username

			rs("password")=md5(md5(password,16),32)

			rs("HU_admin")=md5(md5(password2,16),32)

			rs("sid")=onlysid()

			rs("key")=keyvar

			rs("classids")=ids

			rs.update()

			Rs.close

			set rs=nothing%>

			<meta http-equiv='refresh' content='1;url=guanli.asp?sid=<%=sid%>'>

			<title>????</title></head><body><div class='main400'>

			??????<br/><br/>

			<a href="guanli.asp?sid=<%=sid%>">[????]</a><br/>

		<%else

			Response.Write("<title>??????</title></head><body><div class='main320'>"&errmsg&"<br/>")

		end if

	END IF

end Function



call CloseConn

%>

<a href="index.asp?sid=<%=sid%>">[????]</a>

</div></body></html>