<%dim action,username action=FormatSQL(SafeRequest("action",0)) username=request.Cookies("timesshop")("username") select case action '//收货人信息 case "receiveaddr" set rs=server.CreateObject("adodb.recordset") rs.Open "select * from [user] where username='"&username&"' ",conn,1,3 rs("receipt")=trim(request.form("receipt")) rs("city")=trim(request.form("city")) rs("address")=trim(request.form("address")) rs("postcode")=cstr(request.form("postcode")) rs("city2")=trim(request.form("city2")) rs("address2")=trim(request.form("address2")) rs("postcode2")=cstr(request.form("postcode2")) rs("usertel")=trim(request.form("usertel")) rs("deliverymethord")=int(request.form("deliverymethord")) rs("paymethord")=int(request.form("paymethord")) rs("UserSex")=int(request.form("UserSex")) rs.Update rs.Close set rs=nothing conn.close set conn=nothing response.Write "" response.End '//用户资料 case "customerinfo" set rs=server.CreateObject("adodb.recordset") rs.open "select useremail,realname,UserQuestion,UserAnswer from [user] where username='"&username&"'",conn,1,3 rs("useremail")=trim(request.form("useremail")) rs("realname")=trim(request.form("realname")) rs("UserQuestion")=trim(request.form("UserQuestion")) if trim(request.form("UserAnswer"))<>""then rs("UserAnswer")=md5(trim(request.form("UserAnswer"))) end if rs.update rs.close set rs=nothing conn.close set conn=nothing response.Write "" case "changepass" set rs=server.CreateObject("adodb.recordset") rs.open "select UserPassword from [user] where username='"&username&"'",conn,1,3 if trim(request.form("UserPassword"))<>trim(rs("UserPassword")) then rs.close set rs=nothing conn.close set conn=nothing response.Write "" response.End else rs("UserPassword")=trim(request.form("UserPassword1")) rs.update rs.close set rs=nothing conn.close set conn=nothing response.Write "" response.End end if '//取回密码 case "repass" set rs=server.CreateObject("adodb.recordset") rs.open "select UserPassword from [user] where username='"&trim(request.form("username2"))&"'",conn,1,3 rs("UserPassword")=trim(request.form("UserPassword1")) rs.update rs.close set rs=nothing conn.close set conn=nothing response.Write "" end select %>