www.gusucode.com > 翼动留言板 2.1源码程序 > Manage_Process.asp
<%
Option Explicit
'************************************************************************************
'开发组 翼动工作室
'姓名 郑景德
'网名 旭日
'QQ 3178920
'个人网站 http://www.wingroom.com
'本页:
'留言本系统管理信息处理
'
'************************************************************************************
%>
<!--#include file="inc/config.asp"-->
<!--#include file="inc/Function.asp"-->
<!--#include file="inc/DBControl.asp"-->
<!--#include file="inc/Manage.asp"-->
<!--#include file="inc/Md5.asp"-->
<%
Dim Cfg,Db,Flib,Dm
Set Cfg = New Config
Set Db = New DBControl
Set Flib = New FunctionLib
Set Dm = New Manage
Dim UserName,PassWord,Pwd,Power
Dim Rs,Sql
Dim ID,Title,Content,Re_Content
Dim Action
Action = Request.QueryString("action")
'管理员登录
If Action="Login" Then
UserName = Trim(Flib.SaftSql("UserName",2))
Pwd = Trim(Flib.SaftSql("PassWord",2))
PassWord = Md5("@$@$@$" & MD5(Pwd))
If UserName = "" Then
Flib.Alert "请输入用户名!","BACK",1
Response.End
End If
If Pwd = "" Then
Flib.Alert "请输入密码!","BACK",1
Response.End
End If
Dm.Check_Power UserName,PassWord
End If
'管理员登出
If Action = "Logout" Then
Session("Power") = ""
Session("UserName") = ""
Session("Flag") = ""
Response.Redirect("Default.asp")
End If
'修改密码
If Action = "MdfyPwd" Then
Dim oldPassword,newPassword
oldPassword = Trim(Flib.SaftSql("oldPassword",2))
newPassword = Trim(Flib.SaftSql("newPassword",2))
oldPassword = Md5("@$@$@$" & MD5(oldPassword))
newPassword = Md5("@$@$@$" & MD5(newPassword))
If Session("Flag") <> "Logined" Then
Flib.Alert "登录超时退出,请重新登录!","Manage_Login",1
Response.End
End If
If oldPassword = "" Then
Flib.Alert "旧密码不能放空!","BACK",0
Response.End
End If
If newPassword = "" Then
Flib.Alert "新密码不能放空!","BACK",0
Response.End
End If
Db.Open()
Sql = "select top 1 ID from wr_Power where Power='"& Session("Power") &"' and Pwd='"& oldPassword &"'"
Set Rs = Db.ExeCute(Sql)
If Rs.Eof And Rs.Bof Then
RS.Close
Set Rs = Nothing
Db.Close
Flib.Alert "旧密码输入不正确,请重新输入!","BACK",0
Response.End
Else
ID = Rs("ID")
End If
Rs.Close
Sql = "update wr_Power set Pwd='"& newPassword &"' where ID="& Cstr(ID)
Db.ExeCute(Sql)
Db.Close
Flib.Alert "提交成功","Book_Manage.asp?Keyword=MdfyPwd",1
End If
'添加管理员
If Action = "AddManager" Then
UserName = Trim(Flib.SaftSql("UserName",2))
Password = Trim(Flib.SaftSql("Password",2))
Pwd = Md5("@$@$@$" & MD5(Password))
If Session("Flag") <> "Logined" Then
Flib.Alert "登录超时退出,请重新登录!","Manage_Login",1
Response.End
End If
If UserName = "" Then
Flib.Alert "用户名不能放空!","BACK",0
Response.End
End If
If Password = "" Then
Flib.Alert "密码不能放空!","BACK",0
Response.End
End If
Db.Open()
Sql = "select ID from wr_Power where Power='"& UserName &"'"
Set Rs = Db.ExeCute(Sql)
If Not Rs.Eof and Not Rs.Bof Then
Rs.Close
Set Rs = Nothing
Db.Close
Flib.Alert "该用户名已存在!","BACK",0
Response.End
End If
Rs.Close
Set Rs = Nothing
Sql = "INSERT INTO wr_Power (Power,Pwd) values('"& UserName &"','"& Pwd &"')"
Db.ExeCute(Sql)
Flib.Alert "添加成功!","Book_Manage.asp?Keyword=ManagerList",1
Db.Close
End If
'删除管理员
If Action = "DelPower" Then
ID = Flib.SaftSql("ID",1)
If Not IsNumeric(ID) or ID="" Then
Flib.Alert "系统出错!","BACK",1
Response.End
End If
Db.Open()
Sql = "delete * from wr_Power where id="& Cstr(ID)
Db.ExeCute(Sql)
Db.Close
Response.Redirect "Book_Manage.asp?Keyword=ManagerList"
End If
'删除留言记录
If Action = "DelMsg" Then
ID = Flib.SaftSql("ID",1)
If Not IsNumeric(ID) or ID="" Then
Flib.Alert "系统出错!","BACK",1
Response.End
End If
Db.Open()
Sql = "delete * from wr_BookList where id="& Cstr(ID)
Db.ExeCute(Sql)
Db.Close
Response.Redirect "Book_Manage.asp"
End If
'留言回复处理
If Action = "ReplyMsg" Then
ID = Flib.SaftSql("ID",1)
Re_Content = Flib.FilterStr(Request.Form("Re_Content"))
If Not IsNumeric(ID) or ID="" Then
Flib.Alert "系统出错!","BACK",1
Response.End
End If
If Trim(Re_Content)="" Then
Flib.Alert "请填写内容后再提交!","BACK",0
Response.End
End If
Sql = "update wr_BookList set Re_Content='"& Re_Content &"' where ID="& Cstr(ID)
Db.Open()
Db.ExeCute2(Sql)
Db.Close
Flib.Alert "执行完毕!","Book_Manage.asp",1
Response.End
End If
'公告管理处理 -开始-
If Action = "RollMdfy" Then
Content = Request.Form("Content")
Db.Open()
Sql = "update wr_Roll set Content='"& Content &"',AddDate=#"& Now() &"#"
Db.ExeCute2(Sql)
Db.Close()
Flib.Alert "执行完毕!","Book_Manage.asp?Keyword=RollMdfy",0
Response.End
End If
'公告管理处理 -结束-
%>
<%
Set Cfg = Nothing
Set Db = Nothing
Set Flib = Nothing
Set Dm = Nothing
%>