|
#2
xiongjl95552010-02-22 23:42
|
程序代码:<%@LANGUAGE="VBSCRIPT"%>
<% If Session("jb")<>1 Then %>
<script>
alert("权限不够!")
window.location.href="index.asp"
</script>
<% End If %>
<!--#include file="Connections/conn.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers=""
MM_authFailedURL="errro3.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)
End If
%>
<%
Dim MM_editAction
MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME"))
If (Request.QueryString <> "") Then
MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString)
End If
' boolean to abort record edit
Dim MM_abortEdit
MM_abortEdit = false
%>
<%
' IIf implementation
Function MM_IIf(condition, ifTrue, ifFalse)
If condition = "" Then
MM_IIf = ifFalse
Else
MM_IIf = ifTrue
End If
End Function
%>
<%
If (CStr(Request("MM_insert")) = "form1") Then
If (Not MM_abortEdit) Then
' execute the insert
Dim MM_editCmd
Set MM_editCmd = Server.CreateObject ("")
MM_editCmd.ActiveConnection = MM_conn_STRING
MM_ = "INSERT INTO dbo.g_glbiao (gname, gpass, gjb, xm, dm, jh, tel) VALUES (?, ?, ?, ?, ?, ?, ?)"
MM_editCmd.Prepared = true
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param1", 202, 1, 50, Request.Form("gname")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param2", 202, 1, 50, Request.Form("gpass")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param3", 5, 1, -1, MM_IIF(Request.Form("gjb"), Request.Form("gjb"), null)) ' adDouble
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param4", 202, 1, 50, Request.Form("xm")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param5", 202, 1, 50, Request.Form("dm")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param6", 202, 1, 50, Request.Form("jh")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param7", 202, 1, 50, Request.Form("tel")) ' adVarWChar
MM_editCmd.Execute
MM_editCmd.ActiveConnection.Close
' append the query string to the redirect URL
Dim MM_editRedirectUrl
MM_editRedirectUrl = "htgl.asp"
If (Request.QueryString <> "") Then
If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0) Then
MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
Else
MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
End If
End If
Response.Redirect(MM_editRedirectUrl)
End If
End If
%>
<%
Dim u
Dim u_cmd
Dim u_numRows
Set u_cmd = Server.CreateObject ("")
u_cmd.ActiveConnection = MM_conn_STRING
u_ = "SELECT * FROM dbo.g_glbiao ORDER BY t DESC"
u_cmd.Prepared = true
Set u = u_cmd.Execute
u_numRows = 0
%>
<%
Dim Repeat1__numRows
Dim Repeat1__index
Repeat1__numRows = -1
Repeat1__index = 0
u_numRows = u_numRows + Repeat1__numRows
%>
<%
' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables
Dim u_total
Dim u_first
Dim u_last
' set the record count
u_total = u.RecordCount
' set the number of rows displayed on this page
If (u_numRows < 0) Then
u_numRows = u_total
Elseif (u_numRows = 0) Then
u_numRows = 1
End If
' set the first and last displayed record
u_first = 1
u_last = u_first + u_numRows - 1
' if we have the correct record count, check the other stats
If (u_total <> -1) Then
If (u_first > u_total) Then
u_first = u_total
End If
If (u_last > u_total) Then
u_last = u_total
End If
If (u_numRows > u_total) Then
u_numRows = u_total
End If
End If
%>
<%
' *** Recordset Stats: if we don't know the record count, manually count them
If (u_total = -1) Then
' count the total records by iterating through the recordset
u_total=0
While (Not u.EOF)
u_total = u_total + 1
u.MoveNext
Wend
' reset the cursor to the beginning
If (u.CursorType > 0) Then
u.MoveFirst
Else
u.Requery
End If
' set the number of rows displayed on this page
If (u_numRows < 0 Or u_numRows > u_total) Then
u_numRows = u_total
End If
' set the first and last displayed record
u_first = 1
u_last = u_first + u_numRows - 1
If (u_first > u_total) Then
u_first = u_total
End If
If (u_last > u_total) Then
u_last = u_total
End If
End If
%>
<%
Dim MM_paramName
%>
<%
' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
Dim MM_keepNone
Dim MM_keepURL
Dim MM_keepForm
Dim MM_keepBoth
Dim MM_removeList
Dim MM_item
Dim MM_nextItem
' create the list of parameters which should not be maintained
MM_removeList = "&index="
If (MM_paramName <> "") Then
MM_removeList = MM_removeList & "&" & MM_paramName & "="
End If
MM_keepURL=""
MM_keepForm=""
MM_keepBoth=""
MM_keepNone=""
' add the URL parameters to the MM_keepURL string
For Each MM_item In Request.QueryString
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item))
End If
Next
' add the Form variables to the MM_keepForm string
For Each MM_item In Request.Form
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepForm = MM_keepForm & MM_nextItem & Server.URLencode(Request.Form(MM_item))
End If
Next
' create the Form + URL string and remove the intial '&' from each of the strings
MM_keepBoth = MM_keepURL & MM_keepForm
If (MM_keepBoth <> "") Then
MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
End If
If (MM_keepURL <> "") Then
MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1)
End If
If (MM_keepForm <> "") Then
MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
End If
' a utility function used for adding additional parameters to these strings
Function MM_joinChar(firstItem)
If (firstItem <> "") Then
MM_joinChar = "&"
Else
MM_joinChar = ""
End If
End Function
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.>
<html xmlns="http://www.>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title></title>
<link href="css.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.STYLE4 { color: #FFFFFF;
font-weight: bold;
}
-->
</style>
</head>
<body>
<!--#include file="top.asp" -->
<table width="800" border="0" align="center" cellpadding="6" cellspacing="0">
<tr valign="top">
<td bordercolor="#FFFFFF" bgcolor="#003399" id="objFiles"><span class="STYLE4">添加新的管理员</span></td>
</tr>
<tr valign="top">
<td bordercolor="#FFFFFF" bgcolor="#FFCC99" id="objFiles3"><form action="<%=MM_editAction%>" method="post" name="form1" id="form1">
<table align="center">
<tr valign="baseline">
<td align="right" nowrap="nowrap">用户名</td>
<td><input type="text" name="gname" value="" size="32" />
<div id="gname1"></div> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">密码</td>
<td><input type="text" name="gpass" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">管理级别</td>
<td><select name="gjb" id="gjb">
<option value="3">普通用户</option>
<option value="2">高级用户</option>
<option value="1">系统管理员</option>
</select> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">姓名</td>
<td><input type="text" name="xm" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">代码</td>
<td><input type="text" name="dm" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">联系电话</td>
<td><input type="text" name="tel" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">备注</td>
<td><input type="text" name="jh" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap"> </td>
<td><input type="submit" value="添加新的管理员" /></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1" />
</form>
</td>
</tr>
</table>
<!--#include file="down.asp" -->
</body>
</html>
<%
u.Close()
Set u = Nothing
%>
<% If Session("jb")<>1 Then %>
<script>
alert("权限不够!")
window.location.href="index.asp"
</script>
<% End If %>
<!--#include file="Connections/conn.asp" -->
<%
' *** Restrict Access To Page: Grant or deny access to this page
MM_authorizedUsers=""
MM_authFailedURL="errro3.asp"
MM_grantAccess=false
If Session("MM_Username") <> "" Then
If (true Or CStr(Session("MM_UserAuthorization"))="") Or _
(InStr(1,MM_authorizedUsers,Session("MM_UserAuthorization"))>=1) Then
MM_grantAccess = true
End If
End If
If Not MM_grantAccess Then
MM_qsChar = "?"
If (InStr(1,MM_authFailedURL,"?") >= 1) Then MM_qsChar = "&"
MM_referrer = Request.ServerVariables("URL")
if (Len(Request.QueryString()) > 0) Then MM_referrer = MM_referrer & "?" & Request.QueryString()
MM_authFailedURL = MM_authFailedURL & MM_qsChar & "accessdenied=" & Server.URLEncode(MM_referrer)
Response.Redirect(MM_authFailedURL)
End If
%>
<%
Dim MM_editAction
MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME"))
If (Request.QueryString <> "") Then
MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString)
End If
' boolean to abort record edit
Dim MM_abortEdit
MM_abortEdit = false
%>
<%
' IIf implementation
Function MM_IIf(condition, ifTrue, ifFalse)
If condition = "" Then
MM_IIf = ifFalse
Else
MM_IIf = ifTrue
End If
End Function
%>
<%
If (CStr(Request("MM_insert")) = "form1") Then
If (Not MM_abortEdit) Then
' execute the insert
Dim MM_editCmd
Set MM_editCmd = Server.CreateObject ("")
MM_editCmd.ActiveConnection = MM_conn_STRING
MM_ = "INSERT INTO dbo.g_glbiao (gname, gpass, gjb, xm, dm, jh, tel) VALUES (?, ?, ?, ?, ?, ?, ?)"
MM_editCmd.Prepared = true
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param1", 202, 1, 50, Request.Form("gname")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param2", 202, 1, 50, Request.Form("gpass")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param3", 5, 1, -1, MM_IIF(Request.Form("gjb"), Request.Form("gjb"), null)) ' adDouble
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param4", 202, 1, 50, Request.Form("xm")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param5", 202, 1, 50, Request.Form("dm")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param6", 202, 1, 50, Request.Form("jh")) ' adVarWChar
MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param7", 202, 1, 50, Request.Form("tel")) ' adVarWChar
MM_editCmd.Execute
MM_editCmd.ActiveConnection.Close
' append the query string to the redirect URL
Dim MM_editRedirectUrl
MM_editRedirectUrl = "htgl.asp"
If (Request.QueryString <> "") Then
If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0) Then
MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
Else
MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
End If
End If
Response.Redirect(MM_editRedirectUrl)
End If
End If
%>
<%
Dim u
Dim u_cmd
Dim u_numRows
Set u_cmd = Server.CreateObject ("")
u_cmd.ActiveConnection = MM_conn_STRING
u_ = "SELECT * FROM dbo.g_glbiao ORDER BY t DESC"
u_cmd.Prepared = true
Set u = u_cmd.Execute
u_numRows = 0
%>
<%
Dim Repeat1__numRows
Dim Repeat1__index
Repeat1__numRows = -1
Repeat1__index = 0
u_numRows = u_numRows + Repeat1__numRows
%>
<%
' *** Recordset Stats, Move To Record, and Go To Record: declare stats variables
Dim u_total
Dim u_first
Dim u_last
' set the record count
u_total = u.RecordCount
' set the number of rows displayed on this page
If (u_numRows < 0) Then
u_numRows = u_total
Elseif (u_numRows = 0) Then
u_numRows = 1
End If
' set the first and last displayed record
u_first = 1
u_last = u_first + u_numRows - 1
' if we have the correct record count, check the other stats
If (u_total <> -1) Then
If (u_first > u_total) Then
u_first = u_total
End If
If (u_last > u_total) Then
u_last = u_total
End If
If (u_numRows > u_total) Then
u_numRows = u_total
End If
End If
%>
<%
' *** Recordset Stats: if we don't know the record count, manually count them
If (u_total = -1) Then
' count the total records by iterating through the recordset
u_total=0
While (Not u.EOF)
u_total = u_total + 1
u.MoveNext
Wend
' reset the cursor to the beginning
If (u.CursorType > 0) Then
u.MoveFirst
Else
u.Requery
End If
' set the number of rows displayed on this page
If (u_numRows < 0 Or u_numRows > u_total) Then
u_numRows = u_total
End If
' set the first and last displayed record
u_first = 1
u_last = u_first + u_numRows - 1
If (u_first > u_total) Then
u_first = u_total
End If
If (u_last > u_total) Then
u_last = u_total
End If
End If
%>
<%
Dim MM_paramName
%>
<%
' *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
Dim MM_keepNone
Dim MM_keepURL
Dim MM_keepForm
Dim MM_keepBoth
Dim MM_removeList
Dim MM_item
Dim MM_nextItem
' create the list of parameters which should not be maintained
MM_removeList = "&index="
If (MM_paramName <> "") Then
MM_removeList = MM_removeList & "&" & MM_paramName & "="
End If
MM_keepURL=""
MM_keepForm=""
MM_keepBoth=""
MM_keepNone=""
' add the URL parameters to the MM_keepURL string
For Each MM_item In Request.QueryString
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepURL = MM_keepURL & MM_nextItem & Server.URLencode(Request.QueryString(MM_item))
End If
Next
' add the Form variables to the MM_keepForm string
For Each MM_item In Request.Form
MM_nextItem = "&" & MM_item & "="
If (InStr(1,MM_removeList,MM_nextItem,1) = 0) Then
MM_keepForm = MM_keepForm & MM_nextItem & Server.URLencode(Request.Form(MM_item))
End If
Next
' create the Form + URL string and remove the intial '&' from each of the strings
MM_keepBoth = MM_keepURL & MM_keepForm
If (MM_keepBoth <> "") Then
MM_keepBoth = Right(MM_keepBoth, Len(MM_keepBoth) - 1)
End If
If (MM_keepURL <> "") Then
MM_keepURL = Right(MM_keepURL, Len(MM_keepURL) - 1)
End If
If (MM_keepForm <> "") Then
MM_keepForm = Right(MM_keepForm, Len(MM_keepForm) - 1)
End If
' a utility function used for adding additional parameters to these strings
Function MM_joinChar(firstItem)
If (firstItem <> "") Then
MM_joinChar = "&"
Else
MM_joinChar = ""
End If
End Function
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.>
<html xmlns="http://www.>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title></title>
<link href="css.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.STYLE4 { color: #FFFFFF;
font-weight: bold;
}
-->
</style>
</head>
<body>
<!--#include file="top.asp" -->
<table width="800" border="0" align="center" cellpadding="6" cellspacing="0">
<tr valign="top">
<td bordercolor="#FFFFFF" bgcolor="#003399" id="objFiles"><span class="STYLE4">添加新的管理员</span></td>
</tr>
<tr valign="top">
<td bordercolor="#FFFFFF" bgcolor="#FFCC99" id="objFiles3"><form action="<%=MM_editAction%>" method="post" name="form1" id="form1">
<table align="center">
<tr valign="baseline">
<td align="right" nowrap="nowrap">用户名</td>
<td><input type="text" name="gname" value="" size="32" />
<div id="gname1"></div> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">密码</td>
<td><input type="text" name="gpass" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">管理级别</td>
<td><select name="gjb" id="gjb">
<option value="3">普通用户</option>
<option value="2">高级用户</option>
<option value="1">系统管理员</option>
</select> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">姓名</td>
<td><input type="text" name="xm" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">代码</td>
<td><input type="text" name="dm" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">联系电话</td>
<td><input type="text" name="tel" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap">备注</td>
<td><input type="text" name="jh" value="" size="32" /> </td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap"> </td>
<td><input type="submit" value="添加新的管理员" /></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1" />
</form>
</td>
</tr>
</table>
<!--#include file="down.asp" -->
</body>
</html>
<%
u.Close()
Set u = Nothing
%>
方法很多,楼上的是一种