<%if session("password")<>"" then%>
<HTML>
<HEAD>
<title>25175</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">

<link href="css.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style2 {color: #000000}
-->
</style>
</HEAD>
<BODY>
<!--#include file="conn.asp" --> 
<table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
  <tr>
    <td height="25"><a href="index.asp">首頁</a>　<a href="add.asp">添加試題</a>　<a href="delete_all.asp">刪除試題</a>　<a href="SEARCH.ASP">列出試題答案</a>　<a href="change_password.asp">修改密碼</a>　<a href="login.asp">登入</a>　<a href="20050130_logout.asp">退出</a> &nbsp;<a href="http://www.25175.com">powered by 25175</a></td>
  </tr>
</table>
<%
if request.QueryString("gn")="pass" then
   user=Replace(Trim(Request.Form("user")),"'","''")
   pass=Replace(Trim(Request.Form("pass")),"'","''")
   new_pass=Replace(Trim(Request.Form("new_pass")),"'","''")
   set rs2=server.CreateObject("adodb.recordset")
   sql2="select * from administrator where password='"& pass &"'"
   rs2.open sql2,conn,1,3
   if rs2.bof then
  	   Response.Write("<script language=javascript>alert('原密碼輸入錯誤?。?！');history.back();</script>")
	else
	rs2("password")=new_pass
	rs2("username")=user
	rs2.update  
	Response.Write("<script language=javascript>alert('用戶名密碼更改成功?。?！');location.replace('change_password.asp')</script>")
	end if 
end if
%>
<SCRIPT language="javascript">
<!--
function del_space(s)
{
	for(i=0;i<s.length;++i)
	{
	 if(s.charAt(i)!=" ")
		break;
	}

	for(j=s.length-1;j>=0;--j)
	{
	 if(s.charAt(j)!=" ")
		break;
	}

	return s.substring(i,++j);
}

function VerifySubmit()
{
	user = del_space(document.all("user").value);
     if (user.length == 0)
     {
        alert("您忘了填寫管理員名稱!");
	return false;
     }
	 
	 pass = del_space(document.all("pass").value);
     if (pass.length == 0)
     {
        alert("管理員密碼不能為空！");
	return false;
     }
	 
	 new_pass = del_space(document.all("new_pass").value);
     if (new_pass.length == 0)
     {
        alert("新管理員密碼不能為空！");
	return false;
     }

	new_pass = del_space(document.all("new_pass").value);
     if (new_pass.length < 5)
     {
        alert("新管理員密碼不能小于5位字符！");
	return false;
     }

	new_pass2 = del_space(document.all("new_pass2").value);
     if (new_pass2!=new_pass)
     {
        alert("兩次輸入的口令不相同,請重新填寫!");
		return false;
     }
	 
	return true;
}
//-->
</SCRIPT>


<%
sql3="select * from administrator"
set rs3=conn.execute(sql3)
%>
<FORM action="change_password.asp?gn=pass" method="post" name="regform" onSubmit="return VerifySubmit()">
  <table width="760" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr>
      <td><table width="100%" border="0" cellspacing="0" cellpadding="5">
          <tr> 
            <td width="95" height="25">新管理員名稱：</td>
            <td colspan="2"><input name="user" type="text" id="user" value="<% =rs3("username") %>">
            </td>
          </tr>
          <tr> 
            <td height="25">原管理員密碼：</td>
            <td colspan="2"><input name="pass" type="password" id="pass"></td>
          </tr>
          <tr> 
            <td height="25">新管理員密碼：</td>
            <td colspan="2"><input name="new_pass" type="password" id="new_pass"></td>
          </tr>
          <tr> 
            <td height="25">重復輸入密碼：</td>
            <td colspan="2"><input name="new_pass2" type="password" id="new_pass2"></td>
          </tr>
          <tr> 
            <td height="25"><div align="right"> </div></td>
            <td width="120">
      <input type="reset" name="Submit2" value="重置">
			&nbsp;&nbsp;
            <input type="reset" name="Submit2" value="重置"></td>
            <td>&nbsp;            </td>
          </tr>
        </table></td>
    </tr>
  </table>
</form>




</BODY>
</HTML>
<%
else
Response.Redirect "20050130_loginagine.asp"
end if
%>