<%@LANGUAGE="VBSCRIPT" CODEPAGE="950"%> <% ' *** Logout the current user. MM_Logout = CStr(Request.ServerVariables("URL")) & "?MM_Logoutnow=1" If (CStr(Request("MM_Logoutnow")) = "1") Then Session.Contents.Remove("MM_Username") Session.Contents.Remove("MM_UserAuthorization") MM_logoutRedirectPage = "index.asp" ' redirect with URL parameters (remove the "MM_Logoutnow" query param). if (MM_logoutRedirectPage = "") Then MM_logoutRedirectPage = CStr(Request.ServerVariables("URL")) If (InStr(1, UC_redirectPage, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then MM_newQS = "?" For Each Item In Request.QueryString If (Item <> "MM_Logoutnow") Then If (Len(MM_newQS) > 1) Then MM_newQS = MM_newQS & "&" MM_newQS = MM_newQS & Item & "=" & Server.URLencode(Request.QueryString(Item)) End If Next if (Len(MM_newQS) > 1) Then MM_logoutRedirectPage = MM_logoutRedirectPage & MM_newQS End If Response.Redirect(MM_logoutRedirectPage) End If %> <% Dim book Dim book_numRows Set book = Server.CreateObject("ADODB.Recordset") book.ActiveConnection = MM_xianzubbs_STRING book.Source = "SELECT * FROM book ORDER BY 排序 ASC" book.CursorType = 0 book.CursorLocation = 2 book.LockType = 1 book.Open() book_numRows = 0 %> <% Dim useradmin__MMColParam useradmin__MMColParam = "1" If (Session("MM_Username") <> "") Then useradmin__MMColParam = Session("MM_Username") End If %> <% Dim useradmin Dim useradmin_numRows Set useradmin = Server.CreateObject("ADODB.Recordset") useradmin.ActiveConnection = MM_xianzubbs_STRING useradmin.Source = "SELECT * FROM admin WHERE 帳號 = '" + Replace(useradmin__MMColParam, "'", "''") + "'" useradmin.CursorType = 0 useradmin.CursorLocation = 2 useradmin.LockType = 1 useradmin.Open() useradmin_numRows = 0 %> <% Dim admin Dim admin_numRows Set admin = Server.CreateObject("ADODB.Recordset") admin.ActiveConnection = MM_xianzubbs_STRING admin.Source = "SELECT * FROM admin" admin.CursorType = 0 admin.CursorLocation = 2 admin.LockType = 1 admin.Open() admin_numRows = 0 %> <% Dim news Dim news_numRows Set news = Server.CreateObject("ADODB.Recordset") news.ActiveConnection = MM_xianzubbs_STRING news.Source = "SELECT * FROM news" news.CursorType = 0 news.CursorLocation = 2 news.LockType = 1 news.Open() news_numRows = 0 %> <% Dim images Dim images_numRows Set images = Server.CreateObject("ADODB.Recordset") images.ActiveConnection = MM_xianzubbs_STRING images.Source = "SELECT * FROM images" images.CursorType = 0 images.CursorLocation = 2 images.LockType = 1 images.Open() images_numRows = 0 %> <% Dim Repeat1__numRows Dim Repeat1__index Repeat1__numRows = -1 Repeat1__index = 0 book_numRows = book_numRows + Repeat1__numRows %> <% ' *** Validate request to log in to this site. MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString MM_valUsername=CStr(Request.Form("帳號")) If MM_valUsername <> "" Then MM_fldUserAuthorization="層級" MM_redirectLoginSuccess="index.asp" MM_redirectLoginFailed="index.asp" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_xianzubbs_STRING MM_rsUser.Source = "SELECT 帳號, 密碼" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM admin WHERE 帳號='" & Replace(MM_valUsername,"'","''") &"' AND 密碼='" & Replace(Request.Form("密碼"),"'","''") & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And false Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If %> <% set conobject = server.CreateObject("adodb.connection") DBPath = Server.MapPath ("xianzubbs.mdb") conobject.open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" &DBPath set rs = server.CreateObject("adodb.recordset") set rs2 = server.CreateObject("adodb.recordset") rs2.open "select * from system",conobject,1,3 %> <%=rs2("x_name")%>

 

   
<% book.Close() Set book = Nothing %> <% useradmin.Close() Set useradmin = Nothing %> <% admin.Close() Set admin = Nothing %> <% news.Close() Set news = Nothing %> <% images.Close() Set images = Nothing %>