<%action=request("action")%> <%if action="" then%>

<%else%><%end if%> <%if action="manage" then Set rs = conn.Execute("select *from admin order by id")%>

用户名:<%=rs("username")%>[当前密码:<%=rs("password")%>][等级:<%=rs("flag")%>][操作]-----&id=<%=rs("id")%>" style="text-decoration: none">修改------&id=<%=rs("id")%>" style="text-decoration: none">删除

<%end if%> <%if action="modify" then%> <%username=request("username")%> <% Set rs = conn.Execute("select * from admin where username='"&username&"'") %>

修改和删除已有的管理员

添加一个管理员

<% rs.close conn.close %> <%end if%> <%if action="del" then%> <%username=request("username")%> <% Dim StrSQL StrSQL="delete from admin where username='"&username&"'" conn.Execute StrSQL Response.Redirect"gb_user.asp" %> <%end if%>

<%if action="adduserpost" then%> <% Set rs=Server.CreateObject("ADODB.Recordset") sql="SELECT * FROM admin" rs.Open sql,conn,1,3 rs.Addnew rs("username")=Server.Htmlencode(Request("username")) rs("password")=MD5(Server.Htmlencode(Request("password"))) rs("flag")=Server.Htmlencode(Request("flag")) rs.Update rs.Close Set rs=Nothing Response.Redirect"gb_user.asp" end if%> <%if action="modifypost" then username1=request("username1") Set rs=Server.CreateObject("ADODB.Recordset") sql="select * from admin where username='"&username1&"'" rs.open sql,conn,3,3 rs("username")=Server.Htmlencode(Request("username")) rs("flag")=Server.Htmlencode(Request("flag")) if request("password")=rs("password") then '不修改 else rs("password")=MD5(Server.Htmlencode(Request("password"))) end if rs.update rs.close set rs=nothing Response.Redirect"gb_user.asp" end if%>