www.gusucode.com > 网域标准通用企业自助建站系统正式版 2009 > 网域标准通用企业自助建站系统正式版 2009.18/网域公司企业网站管理系统ACCESS和SQL正式版/网域公司企业网站管理系统SQL正式版/EnGetPassword.asp
<!--#include file="Inc/conn.asp"--> <!--#include file="Inc/function.asp"--> <!--#include file="Inc/md5.asp"--> <% dim Action,UserName,rsGetPassword,FoundErr,ErrMsg dim Answer,Password,PwdConfirm Action=trim(request("Action")) UserName=trim(request("UserName")) Answer=trim(request("Answer")) Password=trim(request("Password")) PwdConfirm=trim(request("PwdConfirm")) %> <html> <head> <title>Forget the password</title> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> </head> <body> <%if Action="" then%> <table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'> <tr > <td height='15' colspan='2' class='title'>Forget the password>> First step: input username</td> </tr> <tr> <td height='100' colspan='2' align="center" class='tdbg'><form name="form1" method="post" action=""> <strong> Input your username:</strong> <input name="UserName" type="text" id="UserName" size="20" maxlength="20"> <br> <br> <input name="Action" type="hidden" id="Action" value="step2"> <input name="Next" type="submit" id="Next" style="cursor:hand;" value="Next step"> <input name="Cancel" type="button" id="Cancel" style="cursor:hand;" onClick="window.close();" value="Cancel"> </form></td> </tr> </table> <% elseif Action="step2" then if UserName="" or strLength(UserName)>14 or strLength(UserName)<4 then founderr=true errmsg=errmsg & "<br><li>Input username (between 4 and 14 characters)</li>" else if Instr(UserName,"=")>0 or Instr(UserName,"%")>0 or Instr(UserName,chr(32))>0 or Instr(UserName,"?")>0 or Instr(UserName,"&")>0 or Instr(UserName,";")>0 or Instr(UserName,",")>0 or Instr(UserName,"'")>0 or Instr(UserName,",")>0 or Instr(UserName,chr(34))>0 or Instr(UserName,chr(9))>0 or Instr(UserName,"")>0 or Instr(UserName,"$")>0 then errmsg=errmsg+"<br><li>The illegal word in the username!</li>" founderr=true end if end if if FoundErr=true then call enWriteErrMsg() else set rsGetPassword=server.createobject("adodb.recordset") rsGetPassword.open "select UserName,Question,Answer,Password from [User] where UserName='" & UserName & "'",conn,1,1 if rsGetPassword.bof and rsGetPassword.eof then FoundErr=True ErrMsg=ErrMsg & "<br><li>The illegal word in the username!</li>" call enWriteErrMsg() else %> <table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'> <tr > <td height='15' colspan='2' class='title'>Forget the password >> Second step: answer question</td> </tr> <tr> <td height='100' colspan='2' align="center" class='tdbg'><form name="form1" method="post" action=""> <table width="100%" border="0" cellspacing="5" cellpadding="0"> <tr> <td width="44%" align="right"><strong>Password hints the question:</strong></td> <td width="56%"><%=rsGetPassword("Question")%></td> </tr> <tr> <td align="right"><strong>You answer:</strong></td> <td><input name="Answer" type="text" size="20" maxlength="20"></td> </tr> </table> <br> <input name="UserName" type="hidden" id="UserName" value="<%=rsGetPassword("UserName")%>"> <input name="Action" type="hidden" id="Action" value="step3"> <input name="PrevStep" type="button" id="PrevStep" value="Last step" style="cursor:hand;" onClick="history.go(-1)"> <input name="NextStep" type="submit" id="NextStep" style="cursor:hand;" value="Next Step"> <input name="Cancel" type="button" id="Cancel" style="cursor:hand;" onClick="window.close();" value="Cancel"> </form></td> </tr> </table> <% end if rsGetPassword.close set rsGetPassword=nothing end if elseif Action="step3" then if Answer="" then FoundErr=True ErrMsg=ErrMsg & "<br><li>Please input hints question of the answer!</li>" call enWriteErrMsg() else set rsGetPassword=server.createobject("adodb.recordset") rsGetPassword.open "select UserName,Question,Answer,Password from [User] where UserName='" & UserName & "'",conn,1,1 if rsGetPassword.bof and rsGetPassword.eof then FoundErr=True ErrMsg=ErrMsg & "<br><li>Customer nonexistent! Possibility has already delete by administer. </li>" call enWriteErrMsg() else if rsGetPassword("Answer")<>md5(Answer) then FoundErr=True ErrMsg=ErrMsg & "<br><li>You have wrong answer!</li>" call enWriteErrMsg() else %> <table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'> <tr > <td height='15' colspan='2' class='title'>Forget the password>> Third step: setup new password</td> </tr> <tr> <td height='100' colspan='2' align="center" class='tdbg'><form name="form1" method="post" action=""> <table width="100%" border="0" cellspacing="5" cellpadding="0"> <tr> <td width="44%" align="right"><strong>Password hints the question:</strong></td> <td width="56%"><%=rsGetPassword("Question")%></td> </tr> <tr> <td align="right"><strong>You answer:</strong></td> <td><%=Answer%> <input name="Answer" type="hidden" id="Answer" value="<%=rsGetPassword("Answer")%>"></td> </tr> <tr> <td align="right"><strong>New password:</strong></td> <td><input name="Password" type="password" id="Password" size="20" maxlength="20"></td> </tr> <tr> <td align="right"><strong>Confirm new password:</strong></td> <td><input name="PwdConfirm" type="password" id="PwdConfirm" size="20" maxlength="20"></td> </tr> </table> <br> <input name="UserName" type="hidden" id="UserName" value="<%=rsGetPassword("UserName")%>"> <input name="Action" type="hidden" id="Action" value="step4"> <input name="PrevStep" type="button" id="PrevStep" value="Last step" style="cursor:hand;" onClick="history.go(-1)"> <input name="Next" type="submit" id="Next" style="cursor:hand;" value="Next Step"> <input name="Cancel" type="button" id="Cancel" style="cursor:hand;" onClick="window.close();" value="Cancel"> </form></td> </tr> </table> <% end if end if rsGetPassword.close set rsGetPassword=nothing end if elseif Action="step4" then if Password="" or strLength(Password)>12 or strLength(Password)<6 then founderr=true errmsg=errmsg & "<br><li>Input confirm password(between 6 and 12 characters)</li>" else if Instr(Password,"=")>0 or Instr(Password,"%")>0 or Instr(Password,chr(32))>0 or Instr(Password,"?")>0 or Instr(Password,"&")>0 or Instr(Password,";")>0 or Instr(Password,",")>0 or Instr(Password,"'")>0 or Instr(Password,",")>0 or Instr(Password,chr(34))>0 or Instr(Password,chr(9))>0 or Instr(Password,"")>0 or Instr(Password,"$")>0 then errmsg=errmsg+"<br><li>The illegal words in password</li>" founderr=true end if end if if PwdConfirm="" then founderr=true errmsg=errmsg & "<br><li>Input username (between 4 and 14 characters)</li>" else if Password<>PwdConfirm then founderr=true errmsg=errmsg & "<br><li>Password and confirm password inconformity</li>" end if end if if FoundErr=True then call enWriteErrMsg() else set rsGetPassword=server.createobject("adodb.recordset") rsGetPassword.open "select UserName,Question,Answer,Password from [User] where UserName='" & UserName & "'",conn,1,3 if rsGetPassword.bof and rsGetPassword.eof then FoundErr=True ErrMsg=ErrMsg & "<br><li>Customer nonexistent! Possibility has already delete by administer. </li>" call enWriteErrMsg() else if rsGetPassword("Answer")<>Answer then FoundErr=True ErrMsg=ErrMsg & "<br><li>You have wrong answer!</li>" call enWriteErrMsg() else rsGetPassword("Password")=md5(Password) rsGetPassword.update %> <table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'> <tr > <td height='15' colspan='2' class='title'>Forget the password>> Fourth step: success to setup new password</td> </tr> <tr> <td height='100' colspan='2' align="center" class='tdbg'> <table width="90%" border="0" cellspacing="5" cellpadding="0"> <tr> <td width="98" align="right"><strong>User name:</strong></td> <td width="330"><%=UserName%></td> </tr> <tr> <td width="98" align="right"><strong>New password:</strong></td> <td><strong><%=Password%></strong></td> </tr> </table> <br> <font color="#FF0000">Please remember your new password and use the new password<a href="index.asp">Login</a>!</font><br> <br> <a href="index.asp">【Back】</a><a href="javascript:window.close();">【Close】</a></td> </tr> </table> <% end if end if rsGetPassword.close set rsGetPassword=nothing end if end if %> </body> </html> <% call CloseConn() %>