<%@ LANGUAGE = VBScript.Encode %> <% response.buffer=true response.expiresAbsolute=now()-1 response.AddHeader "Cache-Control","Private" if len(Request.ServerVariables("query_string"))>80 then Response.write "" response.end end if ''''''''################################ '''''''################################ '''''''以下控制脚本后所带的参数是否含有字符select和from if instr(lcase(Request.ServerVariables("query_string")),"select")>0 or instr(lcase(Request.ServerVariables("query_string")),"from")>0 then Response.write "" response.end end if ''''''######################################### ID_Num=Request.QueryString("T_Id") ID_Num=Lcase(ID_Num) ID_Num=replace(ID_Num,"!","") ID_Num=replace(ID_Num,"@","") ID_Num=replace(ID_Num,"#","") ID_Num=replace(ID_Num,"$","") ID_Num=replace(ID_Num,"%","") ID_Num=replace(ID_Num,"^","") ID_Num=replace(ID_Num,"&","") ID_Num=replace(ID_Num,"*","") ID_Num=replace(ID_Num,"(","") ID_Num=replace(ID_Num,")","") ID_Num=replace(ID_Num,"-","") ID_Num=replace(ID_Num,"_","") ID_Num=replace(ID_Num,"=","") ID_Num=replace(ID_Num,"+","") ID_Num=replace(ID_Num,"|","") ID_Num=replace(ID_Num,"\","") ID_Num=replace(ID_Num,"/","") ID_Num=replace(ID_Num,"?","") ID_Num=replace(ID_Num,"<","") ID_Num=replace(ID_Num,">","") ID_Num=replace(ID_Num,",","") ID_Num=replace(ID_Num,".","") ID_Num=replace(ID_Num,"~","") ID_Num=replace(ID_Num,"`","") ID_Num=replace(ID_Num,"'","") ID_Num=replace(ID_Num,":","") ID_Num=replace(ID_Num,";","") ID_Num=replace(ID_Num,"select","") ID_Num=replace(ID_Num,"update","") ID_Num=replace(ID_Num,"delete","") ID_Num=replace(ID_Num,"append","") ID_Num=replace(ID_Num,"insert","") ID_Num=replace(ID_Num,"and","") ID_Num=replace(ID_Num,"or","") ID_Num=replace(ID_Num,"chr","") ID_Num=replace(ID_Num,"char","") ID_Num=replace(ID_Num,"asc","") ID_Num=replace(ID_Num,"mid","") ID_Num=replace(ID_Num,"len","") ID_Num=replace(ID_Num,"left","") ID_Num=replace(ID_Num,"is","") ID_Num=replace(ID_Num,"not","") ID_Num=replace(ID_Num,"shell","") ID_Num=replace(ID_Num,"net","") ID_Num=replace(ID_Num,"user","") ID_Num=replace(ID_Num,"use","") ID_Num=replace(ID_Num,"sql","") ID_Num=replace(ID_Num,"master","") ID_Num=replace(ID_Num,"backup","") ID_Num=replace(ID_Num,"exec","") ID_Num=replace(ID_Num,"add","") ID_Num=replace(ID_Num,"drop","") ID_Num=replace(ID_Num,"top","") ID_Num=replace(ID_Num,"from","") ID_Num=replace(ID_Num,"where","") ID_Num=replace(ID_Num,"name","") ID_Num=replace(ID_Num,"get","") ID_Num=replace(ID_Num,"post","") ID_Num=replace(ID_Num,"in","") ''''''''################################ '''''''################################ '''''''以下控制脚本后所带的参数是否含有字符select和from 'if instr(lcase(Request.ServerVariables("query_string")),"select")>0 or instr(lcase(Request.ServerVariables("query_string")),"from")>0 then ' response.write "不受欢迎地使用" ' response.end 'end if ''''''######################################### %> 学科竞赛 <% ''''############################################################ dim my_conn set my_conn=server.createobject("adodb.connection") my_conn.Open "dsn=zhzxdsn;uid=;pwd=;" addr=Request.ServerVariables("REMOTE_ADDR") set rs = server.CreateObject("ADODB.RecordSet") on error resume next '''############################################################# if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索结果的显示 '''####################################### if request.form("mode")="search" then '''是提交搜索后的第一页 name=trim(request.form("name")) '''姓名 nian=trim(request.form("nian")) '''年份 course=request.form("course") '''学科 dengji=request.form("dengji") '''级别 dengji1=request.form("dengji1") '''等级 else '''是多页之间的跳转 name=request.querystring("name") nian=request.querystring("nian") dengji=request.querystring("dengji") dengji1=request.querystring("dengji1") course=request.querystring("course") end if '''####################################### ''''##################################################################### '''不允许全部显示 If name="" and nian="" and course="0" and dengji="0" and dengji1="0" then ' 无搜索内容 strsql="SELECT * FROM student " ' my_conn.Close ' set my_conn = nothing ' response.end end if ''################################################################# strsql="SELECT * FROM student " '''全部 title=" 满足指定搜索条件的 市级" Name=Lcase(Name) Name=replace(Name,"!","") Name=replace(Name,"@","") Name=replace(Name,"#","") Name=replace(Name,"$","") Name=replace(Name,"%","") Name=replace(Name,"^","") Name=replace(Name,"&","") Name=replace(Name,"*","") Name=replace(Name,"(","") Name=replace(Name,")","") Name=replace(Name,"-","") Name=replace(Name,"_","") Name=replace(Name,"=","") Name=replace(Name,"+","") Name=replace(Name,"|","") Name=replace(Name,"\","") Name=replace(Name,"/","") Name=replace(Name,"?","") Name=replace(Name,"<","") Name=replace(Name,">","") Name=replace(Name,",","") Name=replace(Name,".","") Name=replace(Name,"~","") Name=replace(Name,"`","") Name=replace(Name,"'","") Name=replace(Name,":","") Name=replace(Name,";","") Name=replace(Name,"select","") Name=replace(Name,"update","") Name=replace(Name,"delete","") Name=replace(Name,"append","") Name=replace(Name,"insert","") Name=replace(Name,"and","") Name=replace(Name,"or","") Name=replace(Name,"chr","") Name=replace(Name,"char","") Name=replace(Name,"asc","") Name=replace(Name,"mid","") Name=replace(Name,"len","") Name=replace(Name,"left","") Name=replace(Name,"is","") Name=replace(Name,"not","") Name=replace(Name,"shell","") Name=replace(Name,"net","") Name=replace(Name,"user","") Name=replace(Name,"use","") Name=replace(Name,"sql","") Name=replace(Name,"master","") Name=replace(Name,"backup","") Name=replace(Name,"exec","") Name=replace(Name,"add","") Name=replace(Name,"drop","") Name=replace(Name,"top","") Name=replace(Name,"from","") Name=replace(Name,"where","") Name=replace(Name,"name","") Name=replace(Name,"get","") Name=replace(Name,"post","") Name=replace(Name,"in","") Nian=Lcase(Nian) Nian=replace(Nian,"!","") Nian=replace(Nian,"@","") Nian=replace(Nian,"#","") Nian=replace(Nian,"$","") Nian=replace(Nian,"%","") Nian=replace(Nian,"^","") Nian=replace(Nian,"&","") Nian=replace(Nian,"*","") Nian=replace(Nian,"(","") Nian=replace(Nian,")","") Nian=replace(Nian,"-","") Nian=replace(Nian,"_","") Nian=replace(Nian,"=","") Nian=replace(Nian,"+","") Nian=replace(Nian,"|","") Nian=replace(Nian,"\","") Nian=replace(Nian,"/","") Nian=replace(Nian,"?","") Nian=replace(Nian,"<","") Nian=replace(Nian,">","") Nian=replace(Nian,",","") Nian=replace(Nian,".","") Nian=replace(Nian,"~","") Nian=replace(Nian,"`","") Nian=replace(Nian,"'","") Nian=replace(Nian,":","") Nian=replace(Nian,";","") Nian=replace(Nian,"select","") Nian=replace(Nian,"update","") Nian=replace(Nian,"delete","") Nian=replace(Nian,"append","") Nian=replace(Nian,"insert","") Nian=replace(Nian,"and","") Nian=replace(Nian,"or","") Nian=replace(Nian,"chr","") Nian=replace(Nian,"char","") Nian=replace(Nian,"asc","") Nian=replace(Nian,"mid","") Nian=replace(Nian,"len","") Nian=replace(Nian,"left","") Nian=replace(Nian,"is","") Nian=replace(Nian,"not","") Nian=replace(Nian,"shell","") Nian=replace(Nian,"net","") Nian=replace(Nian,"user","") Nian=replace(Nian,"use","") Nian=replace(Nian,"sql","") Nian=replace(Nian,"master","") Nian=replace(Nian,"backup","") Nian=replace(Nian,"exec","") Nian=replace(Nian,"add","") Nian=replace(Nian,"drop","") Nian=replace(Nian,"top","") Nian=replace(Nian,"from","") Nian=replace(Nian,"where","") Nian=replace(Nian,"Nian","") Nian=replace(Nian,"get","") Nian=replace(Nian,"post","") Nian=replace(Nian,"in","") Course Course=Lcase(Course) Course=replace(Course,"!","") Course=replace(Course,"@","") Course=replace(Course,"#","") Course=replace(Course,"$","") Course=replace(Course,"%","") Course=replace(Course,"^","") Course=replace(Course,"&","") Course=replace(Course,"*","") Course=replace(Course,"(","") Course=replace(Course,")","") Course=replace(Course,"-","") Course=replace(Course,"_","") Course=replace(Course,"=","") Course=replace(Course,"+","") Course=replace(Course,"|","") Course=replace(Course,"\","") Course=replace(Course,"/","") Course=replace(Course,"?","") Course=replace(Course,"<","") Course=replace(Course,">","") Course=replace(Course,",","") Course=replace(Course,".","") Course=replace(Course,"~","") Course=replace(Course,"`","") Course=replace(Course,"'","") Course=replace(Course,":","") Course=replace(Course,";","") Course=replace(Course,"select","") Course=replace(Course,"update","") Course=replace(Course,"delete","") Course=replace(Course,"append","") Course=replace(Course,"insert","") Course=replace(Course,"and","") Course=replace(Course,"or","") Course=replace(Course,"chr","") Course=replace(Course,"char","") Course=replace(Course,"asc","") Course=replace(Course,"mid","") Course=replace(Course,"len","") Course=replace(Course,"left","") Course=replace(Course,"is","") Course=replace(Course,"not","") Course=replace(Course,"shell","") Course=replace(Course,"net","") Course=replace(Course,"user","") Course=replace(Course,"use","") Course=replace(Course,"sql","") Course=replace(Course,"master","") Course=replace(Course,"backup","") Course=replace(Course,"exec","") Course=replace(Course,"add","") Course=replace(Course,"drop","") Course=replace(Course,"top","") Course=replace(Course,"from","") Course=replace(Course,"where","") Course=replace(Course,"Course","") Course=replace(Course,"get","") Course=replace(Course,"post","") Course=replace(Course,"in","") Dengji=Lcase(Dengji) Dengji=replace(Dengji,"!","") Dengji=replace(Dengji,"@","") Dengji=replace(Dengji,"#","") Dengji=replace(Dengji,"$","") Dengji=replace(Dengji,"%","") Dengji=replace(Dengji,"^","") Dengji=replace(Dengji,"&","") Dengji=replace(Dengji,"*","") Dengji=replace(Dengji,"(","") Dengji=replace(Dengji,")","") Dengji=replace(Dengji,"-","") Dengji=replace(Dengji,"_","") Dengji=replace(Dengji,"=","") Dengji=replace(Dengji,"+","") Dengji=replace(Dengji,"|","") Dengji=replace(Dengji,"\","") Dengji=replace(Dengji,"/","") Dengji=replace(Dengji,"?","") Dengji=replace(Dengji,"<","") Dengji=replace(Dengji,">","") Dengji=replace(Dengji,",","") Dengji=replace(Dengji,".","") Dengji=replace(Dengji,"~","") Dengji=replace(Dengji,"`","") Dengji=replace(Dengji,"'","") Dengji=replace(Dengji,":","") Dengji=replace(Dengji,";","") Dengji=replace(Dengji,"select","") Dengji=replace(Dengji,"update","") Dengji=replace(Dengji,"delete","") Dengji=replace(Dengji,"append","") Dengji=replace(Dengji,"insert","") Dengji=replace(Dengji,"and","") Dengji=replace(Dengji,"or","") Dengji=replace(Dengji,"chr","") Dengji=replace(Dengji,"char","") Dengji=replace(Dengji,"asc","") Dengji=replace(Dengji,"mid","") Dengji=replace(Dengji,"len","") Dengji=replace(Dengji,"left","") Dengji=replace(Dengji,"is","") Dengji=replace(Dengji,"not","") Dengji=replace(Dengji,"shell","") Dengji=replace(Dengji,"net","") Dengji=replace(Dengji,"user","") Dengji=replace(Dengji,"use","") Dengji=replace(Dengji,"sql","") Dengji=replace(Dengji,"master","") Dengji=replace(Dengji,"backup","") Dengji=replace(Dengji,"exec","") Dengji=replace(Dengji,"add","") Dengji=replace(Dengji,"drop","") Dengji=replace(Dengji,"top","") Dengji=replace(Dengji,"from","") Dengji=replace(Dengji,"where","") Dengji=replace(Dengji,"Dengji","") Dengji=replace(Dengji,"get","") Dengji=replace(Dengji,"post","") Dengji=replace(Dengji,"in","") Dengji1=Lcase(Dengji1) Dengji1=replace(Dengji1,"!","") Dengji1=replace(Dengji1,"@","") Dengji1=replace(Dengji1,"#","") Dengji1=replace(Dengji1,"$","") Dengji1=replace(Dengji1,"%","") Dengji1=replace(Dengji1,"^","") Dengji1=replace(Dengji1,"&","") Dengji1=replace(Dengji1,"*","") Dengji1=replace(Dengji1,"(","") Dengji1=replace(Dengji1,")","") Dengji1=replace(Dengji1,"-","") Dengji1=replace(Dengji1,"_","") Dengji1=replace(Dengji1,"=","") Dengji1=replace(Dengji1,"+","") Dengji1=replace(Dengji1,"|","") Dengji1=replace(Dengji1,"\","") Dengji1=replace(Dengji1,"/","") Dengji1=replace(Dengji1,"?","") Dengji1=replace(Dengji1,"<","") Dengji1=replace(Dengji1,">","") Dengji1=replace(Dengji1,",","") Dengji1=replace(Dengji1,".","") Dengji1=replace(Dengji1,"~","") Dengji1=replace(Dengji1,"`","") Dengji1=replace(Dengji1,"'","") Dengji1=replace(Dengji1,":","") Dengji1=replace(Dengji1,";","") Dengji1=replace(Dengji1,"select","") Dengji1=replace(Dengji1,"update","") Dengji1=replace(Dengji1,"delete","") Dengji1=replace(Dengji1,"append","") Dengji1=replace(Dengji1,"insert","") Dengji1=replace(Dengji1,"and","") Dengji1=replace(Dengji1,"or","") Dengji1=replace(Dengji1,"chr","") Dengji1=replace(Dengji1,"char","") Dengji1=replace(Dengji1,"asc","") Dengji1=replace(Dengji1,"mid","") Dengji1=replace(Dengji1,"len","") Dengji1=replace(Dengji1,"left","") Dengji1=replace(Dengji1,"is","") Dengji1=replace(Dengji1,"not","") Dengji1=replace(Dengji1,"shell","") Dengji1=replace(Dengji1,"net","") Dengji1=replace(Dengji1,"user","") Dengji1=replace(Dengji1,"use","") Dengji1=replace(Dengji1,"sql","") Dengji1=replace(Dengji1,"master","") Dengji1=replace(Dengji1,"backup","") Dengji1=replace(Dengji1,"exec","") Dengji1=replace(Dengji1,"add","") Dengji1=replace(Dengji1,"drop","") Dengji1=replace(Dengji1,"top","") Dengji1=replace(Dengji1,"from","") Dengji1=replace(Dengji1,"where","") Dengji1=replace(Dengji1,"Dengji1","") Dengji1=replace(Dengji1,"get","") Dengji1=replace(Dengji1,"post","") Dengji1=replace(Dengji1,"in","") first=0 '''表示还没有条件 if dengji<>"" and dengji<>"0" then '''选择了获奖级别 StrSQl = StrSql & " where T_dengji='" & dengji & "'" first=1 '''表示已经有条件 end if if dengji1<>"" and dengji1<>"0" then '''选择了获奖等级 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_dengji1='" & dengji1 & "'" else ''''是第一个条件 StrSql =StrSql & " where T_dengji1='" & dengji1 & "'" end if first=1 end if if course<>"" and course<>"0" then '''选择了获奖学科 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_course='" & course & "'" else ''''是第一个条件 StrSql =StrSql & " where T_course='" & course & "'" end if first=1 end if if nian<>"" then '''选择了获奖年份 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_year='" & nian & "'" else ''''是第一个条件 StrSql =StrSql & " where T_year='" & nian & "'" end if first=1 end if if name<>"" then '''选择了获奖者姓名 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_name Like '%" & name & "%'" else ''''是第一个条件 StrSql =StrSql & " where T_name Like '%" & name & "%'" end if first=1 end if '''以上完成指定搜索条件的记录选择 '''############################## else '''############################################################# '''默认显示国家级以上( 调整为:默认全部显示) 2005.04.20 ''''strsql="SELECT * FROM student where mid(T_sort,2,1)<='2'" strsql="SELECT * FROM student " '''默认全部显示 title="历年来 市一等奖 " end if '''################################################################## strsql=strsql & " order by t_year desc,T_id desc" ''''''################################################################ 'response.write strsql 'response.end rs.open strsql,My_conn,3 '##只读打开 if rs.eof or rs.bof then '###没有信息 set rs=nothing my_conn.close set my_conn=nothing Response.write "" ' response.write "

您需要的学科竞赛获奖资料尚未收集" ' Response.Write "

返回

" response.end end if '每页长度 const pagelenth=20 dim pagenum '''####################################################0404040404 if Request.form("page")<>"" then '''选择了页号列表直接选择页2004.11.29——1 ***************************************** pagenum=request.form("page") else if request.querystring("pager")="" then pagenum=1 else pagenum=request.querystring("pager") end if end if Pager=Lcase(Pager) Pager=replace(Pager,"!","") Pager=replace(Pager,"@","") Pager=replace(Pager,"#","") Pager=replace(Pager,"$","") Pager=replace(Pager,"%","") Pager=replace(Pager,"^","") Pager=replace(Pager,"&","") Pager=replace(Pager,"*","") Pager=replace(Pager,"(","") Pager=replace(Pager,")","") Pager=replace(Pager,"-","") Pager=replace(Pager,"_","") Pager=replace(Pager,"=","") Pager=replace(Pager,"+","") Pager=replace(Pager,"|","") Pager=replace(Pager,"\","") Pager=replace(Pager,"/","") Pager=replace(Pager,"?","") Pager=replace(Pager,"<","") Pager=replace(Pager,">","") Pager=replace(Pager,",","") Pager=replace(Pager,".","") Pager=replace(Pager,"~","") Pager=replace(Pager,"`","") Pager=replace(Pager,"","") Pager=replace(Pager,"'","") pagenum=clng(pagenum) '''########################1111111111111########################### rs.pagesize=pagelenth '###防止页数超过总长 if pagenum>rs.pagecount then pagenum=rs.pagecount rs.movefirst rs.AbsolutePage = pagenum %> <%''''下面为搜索部分内容%>
年份  姓名  学科  级别  等级  
<%'''搜索部分内容结束%> <%'2004.11.29--222-----%> <% if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索条件的显示%> <%end if%>
镇海中学学生<%=title%>以上学科竞赛获奖荣誉榜 当前:<%=pagenum%>/<%=rs.pagecount%> 转到:
<%#@~^BwAAAA==v O+y RAEAAA==^#~@%> <% dim i for i=1 to pagelenth '## 开始显示当前页 Response.Write "" '##以下显示序号 Response.Write "" '获奖年份 Response.Write "" '##姓名 Response.Write "" '##竞赛名称 if trim(rs("T_Message"))<>"" or trim(rs("T_photo"))<>"" then '###有文字说明或图片 'response.write " & rs("T_ID") & "' target='_blank' title='点击查看详细信息'>" Response.Write "" else Response.Write "" end if '学科 Response.Write "" '获奖级别 Response.Write "" '获奖等级 Response.Write "" Response.Write "" rs.MoveNext if rs.eof then exit for end if next %>
序号 获奖年份 姓名 竞赛名称 获奖学科 获奖级别 获奖等级
" response.write (pagenum-1)*pagelenth+i & "" & rs("T_Year") & "" '##竞赛名称 Response.write "" & rs("T_name") & " " & rs("T_subject") & "" & rs("T_subject") & "" & rs("T_course") & "" & rs("T_dengji") & "" & rs("T_dengji1") & "
<%'''20041129_33333%> <% if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索条件的显示%> <%end if%>
满足指定条件的学科竞赛总数:<%=rs.recordcount%> 页次:<%=pagenum%>/<%=rs.pagecount%>  <% if pagenum>1 then '当前页>1,显示上一页 if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索结果的显示 response.write " " else response.write " " end if response.write "<上一页" else response.write "<上一页" end if if pagenum" else response.write " " end if response.write " 下一页>" else response.write " 下一页>" end if %>   跳转到:

<% rs.Close set rs= nothing my_conn.Close set my_conn = nothing %>