www.gusucode.com > 网域标准通用企业自助建站系统正式版 2009 > 网域标准通用企业自助建站系统正式版 2009.18/网域公司企业网站管理系统ACCESS和SQL正式版/网域公司企业网站管理系统SQL正式版/EnGetPassword.asp
<!--#include file="Inc/conn.asp"-->
<!--#include file="Inc/function.asp"-->
<!--#include file="Inc/md5.asp"-->
<%
dim Action,UserName,rsGetPassword,FoundErr,ErrMsg
dim Answer,Password,PwdConfirm
Action=trim(request("Action"))
UserName=trim(request("UserName"))
Answer=trim(request("Answer"))
Password=trim(request("Password"))
PwdConfirm=trim(request("PwdConfirm"))
%>
<html>
<head>
<title>Forget the password</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body>
<%if Action="" then%>
<table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'>
<tr >
<td height='15' colspan='2' class='title'>Forget the password>> First
step: input username</td>
</tr>
<tr>
<td height='100' colspan='2' align="center" class='tdbg'><form name="form1" method="post" action="">
<strong> Input your username:</strong>
<input name="UserName" type="text" id="UserName" size="20" maxlength="20">
<br>
<br>
<input name="Action" type="hidden" id="Action" value="step2">
<input name="Next" type="submit" id="Next" style="cursor:hand;" value="Next step">
<input name="Cancel" type="button" id="Cancel" style="cursor:hand;" onClick="window.close();" value="Cancel">
</form></td>
</tr>
</table>
<%
elseif Action="step2" then
if UserName="" or strLength(UserName)>14 or strLength(UserName)<4 then
founderr=true
errmsg=errmsg & "<br><li>Input username (between 4 and 14 characters)</li>"
else
if Instr(UserName,"=")>0 or Instr(UserName,"%")>0 or Instr(UserName,chr(32))>0 or Instr(UserName,"?")>0 or Instr(UserName,"&")>0 or Instr(UserName,";")>0 or Instr(UserName,",")>0 or Instr(UserName,"'")>0 or Instr(UserName,",")>0 or Instr(UserName,chr(34))>0 or Instr(UserName,chr(9))>0 or Instr(UserName,"")>0 or Instr(UserName,"$")>0 then
errmsg=errmsg+"<br><li>The illegal word in the username!</li>"
founderr=true
end if
end if
if FoundErr=true then
call enWriteErrMsg()
else
set rsGetPassword=server.createobject("adodb.recordset")
rsGetPassword.open "select UserName,Question,Answer,Password from [User] where UserName='" & UserName & "'",conn,1,1
if rsGetPassword.bof and rsGetPassword.eof then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>The illegal word in the username!</li>"
call enWriteErrMsg()
else
%>
<table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'>
<tr >
<td height='15' colspan='2' class='title'>Forget the password >> Second step: answer question</td>
</tr>
<tr>
<td height='100' colspan='2' align="center" class='tdbg'><form name="form1" method="post" action="">
<table width="100%" border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="44%" align="right"><strong>Password hints the question:</strong></td>
<td width="56%"><%=rsGetPassword("Question")%></td>
</tr>
<tr>
<td align="right"><strong>You answer:</strong></td>
<td><input name="Answer" type="text" size="20" maxlength="20"></td>
</tr>
</table>
<br>
<input name="UserName" type="hidden" id="UserName" value="<%=rsGetPassword("UserName")%>">
<input name="Action" type="hidden" id="Action" value="step3">
<input name="PrevStep" type="button" id="PrevStep" value="Last step" style="cursor:hand;" onClick="history.go(-1)">
<input name="NextStep" type="submit" id="NextStep" style="cursor:hand;" value="Next Step">
<input name="Cancel" type="button" id="Cancel" style="cursor:hand;" onClick="window.close();" value="Cancel">
</form></td>
</tr>
</table>
<%
end if
rsGetPassword.close
set rsGetPassword=nothing
end if
elseif Action="step3" then
if Answer="" then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>Please input hints question of the answer!</li>"
call enWriteErrMsg()
else
set rsGetPassword=server.createobject("adodb.recordset")
rsGetPassword.open "select UserName,Question,Answer,Password from [User] where UserName='" & UserName & "'",conn,1,1
if rsGetPassword.bof and rsGetPassword.eof then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>Customer nonexistent! Possibility has already delete by administer. </li>"
call enWriteErrMsg()
else
if rsGetPassword("Answer")<>md5(Answer) then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>You have wrong answer!</li>"
call enWriteErrMsg()
else
%>
<table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'>
<tr >
<td height='15' colspan='2' class='title'>Forget the password>> Third
step: setup new password</td>
</tr>
<tr>
<td height='100' colspan='2' align="center" class='tdbg'><form name="form1" method="post" action="">
<table width="100%" border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="44%" align="right"><strong>Password hints the question:</strong></td>
<td width="56%"><%=rsGetPassword("Question")%></td>
</tr>
<tr>
<td align="right"><strong>You answer:</strong></td>
<td><%=Answer%> <input name="Answer" type="hidden" id="Answer" value="<%=rsGetPassword("Answer")%>"></td>
</tr>
<tr>
<td align="right"><strong>New password:</strong></td>
<td><input name="Password" type="password" id="Password" size="20" maxlength="20"></td>
</tr>
<tr>
<td align="right"><strong>Confirm new password:</strong></td>
<td><input name="PwdConfirm" type="password" id="PwdConfirm" size="20" maxlength="20"></td>
</tr>
</table>
<br>
<input name="UserName" type="hidden" id="UserName" value="<%=rsGetPassword("UserName")%>">
<input name="Action" type="hidden" id="Action" value="step4">
<input name="PrevStep" type="button" id="PrevStep" value="Last step" style="cursor:hand;" onClick="history.go(-1)">
<input name="Next" type="submit" id="Next" style="cursor:hand;" value="Next Step">
<input name="Cancel" type="button" id="Cancel" style="cursor:hand;" onClick="window.close();" value="Cancel">
</form></td>
</tr>
</table>
<%
end if
end if
rsGetPassword.close
set rsGetPassword=nothing
end if
elseif Action="step4" then
if Password="" or strLength(Password)>12 or strLength(Password)<6 then
founderr=true
errmsg=errmsg & "<br><li>Input confirm password(between 6 and 12 characters)</li>"
else
if Instr(Password,"=")>0 or Instr(Password,"%")>0 or Instr(Password,chr(32))>0 or Instr(Password,"?")>0 or Instr(Password,"&")>0 or Instr(Password,";")>0 or Instr(Password,",")>0 or Instr(Password,"'")>0 or Instr(Password,",")>0 or Instr(Password,chr(34))>0 or Instr(Password,chr(9))>0 or Instr(Password,"")>0 or Instr(Password,"$")>0 then
errmsg=errmsg+"<br><li>The illegal words in password</li>"
founderr=true
end if
end if
if PwdConfirm="" then
founderr=true
errmsg=errmsg & "<br><li>Input username (between 4 and 14 characters)</li>"
else
if Password<>PwdConfirm then
founderr=true
errmsg=errmsg & "<br><li>Password and confirm password inconformity</li>"
end if
end if
if FoundErr=True then
call enWriteErrMsg()
else
set rsGetPassword=server.createobject("adodb.recordset")
rsGetPassword.open "select UserName,Question,Answer,Password from [User] where UserName='" & UserName & "'",conn,1,3
if rsGetPassword.bof and rsGetPassword.eof then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>Customer nonexistent! Possibility has already delete by administer. </li>"
call enWriteErrMsg()
else
if rsGetPassword("Answer")<>Answer then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>You have wrong answer!</li>"
call enWriteErrMsg()
else
rsGetPassword("Password")=md5(Password)
rsGetPassword.update
%>
<table align='center' width='500' border='0' cellpadding='4' cellspacing='0' class='border'>
<tr >
<td height='15' colspan='2' class='title'>Forget the password>> Fourth
step: success to setup new password</td>
</tr>
<tr>
<td height='100' colspan='2' align="center" class='tdbg'> <table width="90%" border="0" cellspacing="5" cellpadding="0">
<tr>
<td width="98" align="right"><strong>User name:</strong></td>
<td width="330"><%=UserName%></td>
</tr>
<tr>
<td width="98" align="right"><strong>New password:</strong></td>
<td><strong><%=Password%></strong></td>
</tr>
</table>
<br>
<font color="#FF0000">Please remember your new password and use the new
password<a href="index.asp">Login</a>!</font><br> <br>
<a href="index.asp">【Back】</a><a href="javascript:window.close();">【Close】</a></td>
</tr>
</table>
<%
end if
end if
rsGetPassword.close
set rsGetPassword=nothing
end if
end if
%>
</body>
</html>
<%
call CloseConn()
%>