<% set my_conn= Server.CreateObject("ADODB.Connection") my_Conn.Open ConnString Function ChkString(str) if str = "" then str = "<无内容>" Else str=replace(str,"'","''",1,-1,1) end if ChkString = str End Function if Request.QueryString("admin_login")<>"yes" then strsql="select sfadmin_subject, sfadmin_message from sfadmin" set rs = my_conn.Execute (strsql) %> border="0" width=500 cellspacing="1" cellpadding="3" class="sft">
align="center" class="sfh">公告:<%=rs("sfadmin_subject")%>
>
<%=rs("sfadmin_message")%>

管理公告

<% else '管理员登录 if Request.Form("user")<>"" then set my_conn= Server.CreateObject("ADODB.Connection") my_Conn.Open ConnString strsql = "select SFAdmin_Name, SFAdmin_Password from SFAdmin" set rs = my_conn.Execute (strSQL) if Request.Form("user")=rs("SFAdmin_Name") and Request.Form("pass")=rs("SFAdmin_password") then strsql = "update sfadmin set sfadmin_subject = '" &trim(chkString(server.htmlencode(Request.Form("subject")))) & "', sfadmin_message = '" & trim(chkString(server.htmlencode(Request.Form("message")))) &"

*管理员" & rs("SFAdmin_Name") &"发布于" & now() &"'" my_conn.Execute (strsql) Response.Write "


已经更新了论坛的公告信息!
" else Response.Write "

管理员名称或密码错误! 请正确输入!

" Response.Write "退回

" end if else %>
"> border="0" width=450 cellspacing="1" cellpadding="3" class="sft">
管理公告
管理员名称 " class="box">
管理员密码 " class="box">
align="right">公告标题: >
vAlign="top" align="right">公告内容: >
<%end if end if my_conn.Close set my_Conn = nothing set rs = nothing %>