<% dim userid,action 'action=FormatSQL(SafeRequest("action",0)) action=FormatSQL(Request.form("submit")) userid=SafeRequest("id",1) if userid="" then userid=request.form("userid") select case action case "确认提交" '"save" if session("rank")>1 then conn.close set conn = nothing response.Write "" response.End end if set rs=server.CreateObject("adodb.recordset") rs.Open "select * from [user] where userid="&userid,conn,1,3 'if trim(request.form("UserPassword"))<>"" then rs("UserPassword")=md5(trim(request.form("UserPassword"))) if trim(request.form("UserPassword"))<>"" then rs("UserPassword")=trim(request.form("UserPassword")) rs("realname")=trim(request.form("realname")) rs("identify")=trim(request.form("identify")) rs("UserMobile")=trim(request.form("UserMobile")) rs("userqq")=trim(request.form("userqq")) rs("useremail")=trim(request.form("useremail")) rs("UserQuestion")=trim(request.form("UserQuestion")) 'if trim(request.form("UserAnswer"))<>"" then rs("UserAnswer")=md5(trim(request.form("UserAnswer"))) if trim(request.form("UserAnswer"))<>"" then rs("UserAnswer")=trim(request.form("UserAnswer")) rs("carstype")=request.form("carstype") rs("UserSex")=request.form("userUserSex") rs("city")=trim(request.form("city")) rs("address")=trim(request.form("address")) rs("postcode")=trim(request.form("postcode")) rs("city2")=trim(request.form("city2")) rs("address2")=trim(request.form("address2")) rs("postcode2")=trim(request.form("postcode2")) rs("usertel")=trim(request.form("usertel")) rs("score")=trim(request.form("score")) rs("deposit")=trim(request.form("deposit")) rs("book")=trim(request.form("book")) rs("vip")=trim(request.form("entervip")) rs.Update rs.Close set rs=nothing response.Write "" response.Redirect "disuser.asp?id="&userid case "删除所选用户" '"del" if userid<>"" then if session("rank")>1 then conn.close set conn = nothing response.Write "" response.End end if conn.execute "delete from [user] where userid in ("&userid&") " conn.execute "delete from orders where userid in ("&userid&")" end if response.Redirect "adminuser.asp" case "停用" '"disable" if userid<>"" then if session("rank")>1 then conn.close set conn = nothing response.Write "" response.End end if conn.execute "update [user] set disable=1 where userid in ("&userid&") " 'conn.execute "delete from orders where userid in ("&userid&")" end if response.Redirect "adminuser.asp" case "启用" '"enable" if userid<>"" then if session("rank")>1 then conn.close set conn = nothing response.Write "" response.End end if conn.execute "update [user] set disable=0 where userid in ("&userid&") " 'conn.execute "delete from orders where userid in ("&userid&")" end if response.Redirect "adminuser.asp" end select %>