<%@ Language=VBScript %>
<%
' 增加系统管理员账号
If Request.Form ("submit") <> "" Then
strUserName = FormatSQL (Request.Form ("username"))
strPassword = FormatSQL (Request.Form ("password"))
strTrueName = FormatSQL (Request.Form ("truename"))
strPhone = FormatSQL (Request.Form ("phone"))
strEmail = FormatSQL (Request.Form ("email"))
Symbol = "abcdefghijklmnopqrstuvwxyz_1230456789"
NotSymbol = "~!@#$%^&*()_+|{}:<>?`=\[];,./~!·#¥%……—*()——+|}{“:?》《`=、[];‘,。/"
For n = 1 to len (strUserName)
every = Mid (strUserName,n,1)
IF Instr (1,NotSymbol,every) <> 0 Then
strError = "您输入的用户名不合法!"
End IF
IF Instr (1,Symbol,every) = 0 Then
strError = "您输入的用户名不合法!"
End IF
If Instr (1,"'",every) <> 0 Or Instr (1,"",every) <> 0 Then
strError = "您输入的用户名不合法!"
End IF
Next
If strError <> "" Then
Response.Write ""
Else
Call SetConn ()
Set objTemp = Conn.Execute ("Select SysID From tSysUser where tUserName = '" & strUserName & "'")
If not objTemp.Eof Then
Call ClearConn ()
Response.Write ""
End If
objTemp.close
Set objTemp = Nothing
sql = "Insert Into tSysUser (tUserName, tPassword, tTrueName, tPhone, tEmail) Values "
sql = sql & " ('" & strUserName & "', '" & strPassword & "', '" & strTrueName & "', '" & strPhone & "', '" & strEmail & "')"
Conn.Execute (sql)
If Err.number <> 0 Then
Call ClearConn
Response.Write ""
Else
Response.Write ""
Call ClearConn ()
Response.Redirect "ListSystem.asp"
End If
End If
End IF
%>