<!--#include file="conn.asp"-->
<%
username=Request.form("user")
password=Request.form("pws")
set rs=server.createobject("adodb.recordset")
if request("data")="b" then
sql="SELECT user,pass from wawy_babyzl where user = '" & userName & "' and pass = '" & password &"'"
else
sql="SELECT user,pass from admin where user = '" & userName & "' and pass = '" & password &"'"
end if
rs.open sql,conn,2,3
if not rs.BOF then
rs("user")=request("newuser")
rs("pass")=md5(request("newpass"))
rs.update
response.write "<script language=JavaScript>" & chr(13) & "alert('修改成功!');" & "history.back()" & "</script>"
else
response.write "<script language=JavaScript>" & chr(13) & "alert('旧用户名或密码错误!');" & "history.back()" & "</script>"
End if
rs.close
set rs=nothing
%>