28,391
社区成员
发帖
与我相关
我的任务
分享
<%
http_ary=split(Request.ServerVariables("SCRIPT_NAME"),"/")
http_url=http_ary(ubound(http_ary))
http_memu=Replace(Request.ServerVariables("PATH_INFO"),http_url,"")
function uan(str)
str=trim(str)
if IsNull(str) then exit function
str=replace(str,"%20","")
str=replace(str," ","")
str=replace(str,"?","")
str=replace(str," ","")
str=replace(str,"execute","")
str=replace(str,"and","")
str=replace(str,"=","")
str=replace(str,"select","")
str=replace(str,"where","")
str=replace(str,"union","")
str=replace(str,"from","")
str=replace(str,"*","")
str=replace(str,",","")
str=replace(str,"'","")
str=replace(str,"[","")
str=replace(str,"(","")
str=replace(str,")","")
str=replace(str,"^","")
str=replace(str,"]","")
str=replace(str,chr(255),"")
str=replace(str,Chr(13),"")
uan=str
end function
dim sb
sid=uan(request("sid"))
if sid="" then response.Redirect"ebotx_login.asp"
if sid<>"" then
set rs06=Server.CreateObject("ADODB.Recordset")
sql06="select mysb,fyid,id,gljb,fyname from ["&lx_sql&"_admin] where [mysb]='"&sid&"'"
rs06.open sql06,conn,1,2
if rs06.eof then
response.Redirect lx_admin&"ebotx_login.asp"
else
myid=rs06("fyid")
admin_id=rs06("id")
admin_jb=rs06("gljb")
fyname=rs06("fyname")
if admin_jb="0" then jbtxt="超级管理员"
if admin_jb="1" then jbtxt="网站管理员"
if admin_jb="2" then jbtxt="资源更新员"
end if
rs06.close
set rs06=nothing
end if
%>