<% response.charset="gb2312" Chk_Admin_Login() Action=zhcx.CheckRequest(request("Action")) Select Case lcase(Action) Case "del" Call AdminDel() Case "save" Call AdminSave() Case else zhcx.ErrAlert("非法操作") end select Sub AdminSave() Dim UserName,Do_Name,Password,Id,sql,rs UserName=zhcx.checkstr(request("UserName")) Password=zhcx.checkstr(request("Password")) Id=zhcx.checknumeric(request("Id")) if UserName="" then zhcx.ErrAlert("用户名不能为空") end if if Id>0 then '修改 Sql="Select Admin_Name,Admin_pwd From Z_admin where Id<>"&Id&" and Admin_Name='"&UserName&"'" Set rs=zhcx.conn(Sql) if not rs.eof then zhcx.ErrAlert("此用户名己存在") end if rs.close set rs=nothing Sql="Select Admin_Name,Admin_pwd From Z_admin where Id="&Id Set rs=zhcx.conn(Sql) if not rs.eof then Do_Name=rs(0) rs(0)=UserName if Password<>"" then rs(1)=md5(Password) end if rs.update else zhcx.ErrAlert("非法操作") end if rs.close set rs=nothing if Do_Name=Session("Admin_Name") then Session("Admin_Name")=UserName if Password<>"" then Session("Admin_Pwd")=md5(Password) end if end if zhcx.SuccHref "管理员帐号修改成功","Dir.asp","self" else '检测密码 if Password="" then zhcx.ErrAlert("密码不能为空") end if '添加 Sql="Select Admin_Name,Admin_pwd From Z_admin where Admin_Name='"&UserName&"'" Set rs=zhcx.conn(Sql) if not rs.eof then zhcx.ErrAlert("此用户名己存在") else rs.addnew rs(0)=UserName rs(1)=md5(Password) rs.update end if rs.close set rs=nothing zhcx.SuccHref "管理员添加成功","Dir.asp","self" end if end Sub Sub AdminDel() Dim Id,sql,rs Id=zhcx.checknumeric(request("Id")) if Id<1 then zhcx.ErrAlert("非法操作") end if Sql="Select Id From Z_Admin where Id="&Id&" and Admin_Pwd='"&Session("Admin_pwd")&"'" set rs=zhcx.conn(Sql) if not rs.eof then zhcx.ErrAlert("不能删除您正在登陆的帐号") end if rs.close set rs=nothing zhcx.execute("Delete From Z_Admin where Id="&Id) zhcx.SuccHref "删除成功","Dir.asp","self" End Sub %>