<%@ LANGUAGE = VBScript.Encode %> <% response.buffer=true response.expiresAbsolute=now()-1 response.AddHeader "Cache-Control","Private" if len(Request.ServerVariables("query_string"))>60 then Response.write "" response.end end if ''''''''################################ '''''''################################ '''''''以下控制脚本后所带的参数是否含有字符select和from if instr(lcase(Request.ServerVariables("query_string")),"select")>0 or instr(lcase(Request.ServerVariables("query_string")),"from")>0 then Response.write "" response.end end if ''''''######################################### ID_Num=Request.QueryString("T_Id") ID_Num=Lcase(ID_Num) ID_Num=replace(ID_Num,"!","") ID_Num=replace(ID_Num,"@","") ID_Num=replace(ID_Num,"#","") ID_Num=replace(ID_Num,"$","") ID_Num=replace(ID_Num,"%","") ID_Num=replace(ID_Num,"^","") ID_Num=replace(ID_Num,"&","") ID_Num=replace(ID_Num,"*","") ID_Num=replace(ID_Num,"(","") ID_Num=replace(ID_Num,")","") ID_Num=replace(ID_Num,"-","") ID_Num=replace(ID_Num,"_","") ID_Num=replace(ID_Num,"=","") ID_Num=replace(ID_Num,"+","") ID_Num=replace(ID_Num,"|","") ID_Num=replace(ID_Num,"\","") ID_Num=replace(ID_Num,"/","") ID_Num=replace(ID_Num,"?","") ID_Num=replace(ID_Num,"<","") ID_Num=replace(ID_Num,">","") ID_Num=replace(ID_Num,",","") ID_Num=replace(ID_Num,".","") ID_Num=replace(ID_Num,"~","") ID_Num=replace(ID_Num,"`","") ID_Num=replace(ID_Num,"'","") ID_Num=replace(ID_Num,":","") ID_Num=replace(ID_Num,";","") ID_Num=replace(ID_Num,"select","") ID_Num=replace(ID_Num,"update","") ID_Num=replace(ID_Num,"delete","") ID_Num=replace(ID_Num,"append","") ID_Num=replace(ID_Num,"insert","") ID_Num=replace(ID_Num,"and","") ID_Num=replace(ID_Num,"or","") ID_Num=replace(ID_Num,"chr","") ID_Num=replace(ID_Num,"char","") ID_Num=replace(ID_Num,"asc","") ID_Num=replace(ID_Num,"mid","") ID_Num=replace(ID_Num,"len","") ID_Num=replace(ID_Num,"left","") ID_Num=replace(ID_Num,"is","") ID_Num=replace(ID_Num,"not","") ID_Num=replace(ID_Num,"shell","") ID_Num=replace(ID_Num,"net","") ID_Num=replace(ID_Num,"user","") ID_Num=replace(ID_Num,"use","") ID_Num=replace(ID_Num,"sql","") ID_Num=replace(ID_Num,"master","") ID_Num=replace(ID_Num,"backup","") ID_Num=replace(ID_Num,"exec","") ID_Num=replace(ID_Num,"add","") ID_Num=replace(ID_Num,"drop","") ID_Num=replace(ID_Num,"top","") ID_Num=replace(ID_Num,"from","") ID_Num=replace(ID_Num,"where","") ID_Num=replace(ID_Num,"name","") ID_Num=replace(ID_Num,"get","") ID_Num=replace(ID_Num,"post","") ID_Num=replace(ID_Num,"in","") %> 教师获奖 <% dim my_conn set my_conn=server.createobject("adodb.connection") my_conn.Open "dsn=zhzxdsn;uid=;pwd=;" ''''############################################################ on error resume next set rs = server.CreateObject("ADODB.RecordSet") '''############################################################# if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索结果的显示 '''####################################### if request.form("mode")="search" then '''是提交搜索后的第一页 xingming=trim(request.form("xingming")) '''姓名 nian=trim(request.form("nian")) '''年份 jibie=request.form("jibie") '''等级 rongyu=trim(request.form("rongyu")) '''称号关键词 else '''是多页之间的跳转 xingming=request.querystring("xingming") nian=request.querystring("nian") jibie=request.querystring("jibie") rongyu=request.querystring("rongyu") end if '''####################################### ''''##################################################################### '''允许全部显示 ' If xingming="" and (jibie="" or jibie="0") and nian="" and rongyu="" then ' 无搜索内容 ' Response.Write "


对不起,你必须输入一定的搜索内容
" ' Response.Write "

返回

" ' my_conn.Close ' set my_conn = nothing ' response.end ' end if ''################################################################# strsql="SELECT * FROM teacher " '''全部 title="指定搜索条件的" Xingming=Lcase(Xingming) Xingming=replace(Xingming,"!","") Xingming=replace(Xingming,"@","") Xingming=replace(Xingming,"#","") Xingming=replace(Xingming,"$","") Xingming=replace(Xingming,"%","") Xingming=replace(Xingming,"^","") Xingming=replace(Xingming,"&","") Xingming=replace(Xingming,"*","") Xingming=replace(Xingming,"(","") Xingming=replace(Xingming,")","") Xingming=replace(Xingming,"-","") Xingming=replace(Xingming,"_","") Xingming=replace(Xingming,"=","") Xingming=replace(Xingming,"+","") Xingming=replace(Xingming,"|","") Xingming=replace(Xingming,"\","") Xingming=replace(Xingming,"/","") Xingming=replace(Xingming,"?","") Xingming=replace(Xingming,"<","") Xingming=replace(Xingming,">","") Xingming=replace(Xingming,",","") Xingming=replace(Xingming,".","") Xingming=replace(Xingming,"~","") Xingming=replace(Xingming,"`","") Xingming=replace(Xingming,"","") Xingming=replace(Xingming,"'","") Nian=Lcase(Nian) Nian=replace(Nian,"!","") Nian=replace(Nian,"@","") Nian=replace(Nian,"#","") Nian=replace(Nian,"$","") Nian=replace(Nian,"%","") Nian=replace(Nian,"^","") Nian=replace(Nian,"&","") Nian=replace(Nian,"*","") Nian=replace(Nian,"(","") Nian=replace(Nian,")","") Nian=replace(Nian,"-","") Nian=replace(Nian,"_","") Nian=replace(Nian,"=","") Nian=replace(Nian,"+","") Nian=replace(Nian,"|","") Nian=replace(Nian,"\","") Nian=replace(Nian,"/","") Nian=replace(Nian,"?","") Nian=replace(Nian,"<","") Nian=replace(Nian,">","") Nian=replace(Nian,",","") Nian=replace(Nian,".","") Nian=replace(Nian,"~","") Nian=replace(Nian,"`","") Nian=replace(Nian,"","") Nian=replace(Nian,"'","") Rongyu=Lcase(Rongyu) Rongyu=replace(Rongyu,"!","") Rongyu=replace(Rongyu,"@","") Rongyu=replace(Rongyu,"#","") Rongyu=replace(Rongyu,"$","") Rongyu=replace(Rongyu,"%","") Rongyu=replace(Rongyu,"^","") Rongyu=replace(Rongyu,"&","") Rongyu=replace(Rongyu,"*","") Rongyu=replace(Rongyu,"(","") Rongyu=replace(Rongyu,")","") Rongyu=replace(Rongyu,"-","") Rongyu=replace(Rongyu,"_","") Rongyu=replace(Rongyu,"=","") Rongyu=replace(Rongyu,"+","") Rongyu=replace(Rongyu,"|","") Rongyu=replace(Rongyu,"\","") Rongyu=replace(Rongyu,"/","") Rongyu=replace(Rongyu,"?","") Rongyu=replace(Rongyu,"<","") Rongyu=replace(Rongyu,">","") Rongyu=replace(Rongyu,",","") Rongyu=replace(Rongyu,".","") Rongyu=replace(Rongyu,"~","") Rongyu=replace(Rongyu,"`","") Rongyu=replace(Rongyu,"","") Rongyu=replace(Rongyu,"'","") Jibie=Lcase(Jibie) Jibie=replace(Jibie,"!","") Jibie=replace(Jibie,"@","") Jibie=replace(Jibie,"#","") Jibie=replace(Jibie,"$","") Jibie=replace(Jibie,"%","") Jibie=replace(Jibie,"^","") Jibie=replace(Jibie,"&","") Jibie=replace(Jibie,"*","") Jibie=replace(Jibie,"(","") Jibie=replace(Jibie,")","") Jibie=replace(Jibie,"-","") Jibie=replace(Jibie,"_","") Jibie=replace(Jibie,"=","") Jibie=replace(Jibie,"+","") Jibie=replace(Jibie,"|","") Jibie=replace(Jibie,"\","") Jibie=replace(Jibie,"/","") Jibie=replace(Jibie,"?","") Jibie=replace(Jibie,"<","") Jibie=replace(Jibie,">","") Jibie=replace(Jibie,",","") Jibie=replace(Jibie,".","") Jibie=replace(Jibie,"~","") Jibie=replace(Jibie,"`","") Jibie=replace(Jibie,"","") Jibie=replace(Jibie,"'","") first=0 '''表示还没有条件 if jibie<>"" and jibie<>"0" then '''选择了获奖级别 StrSQl = StrSql & " where T_dengji=" & cint(jibie) first=1 '''表示已经有条件 end if if rongyu<>"" and rongyu<>"输入关键字" then '''选择了荣誉称号 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_subject Like '%" & rongyu & "%'" else ''''是第一个条件 StrSql =StrSql & " where T_subject Like '%" & rongyu & "%'" end if first=1 end if if nian<>"" then '''选择了获奖年份 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_year Like '%" & nian & "%'" else ''''是第一个条件 StrSql =StrSql & " where T_year Like '%" & nian & "%'" end if first=1 end if if xingming<>"" then '''选择了获奖者姓名 if first=1 then '''前面已经有另外的条件 StrSql =StrSql & " and T_name Like '%" & xingming & "%'" else ''''是第一个条件 StrSql =StrSql & " where T_name Like '%" & xingming & "%'" end if first=1 end if '''以上完成指定搜索条件的记录选择 '''############################## else '''############################################################# '''以下是全部显示 strsql="SELECT * FROM teacher " title="历年来" end if '''################################################################## strsql=strsql & " order by T_ID desc,T_Year desc , T_dengji" 'strsql=strsql & " order by T_year desc,T_dengji,T_name asc" 原先是以年份中等级优先的(20080911修改) ''''''################################################################ rs.open strsql,My_conn,3 '##只读打开 if rs.eof or rs.bof then '###没有信息 set rs=nothing my_conn.close set my_conn=nothing Response.write "" response.end end if '每页长度 const pagelenth=20 dim pagenum '''####################################################0404040404 if Request.form("page")<>"" then '''选择了页号列表直接选择页2004.11.29——1 ***************************************** pagenum=request.form("page") else if request.querystring("pager")="" then pagenum=1 else pagenum=request.querystring("pager") end if end if pagenum=clng(pagenum) '''########################1111111111111########################### rs.pagesize=pagelenth '###防止页数超过总长 if pagenum>rs.pagecount then pagenum=rs.pagecount rs.movefirst rs.AbsolutePage = pagenum %> <%'下面为搜索部分内容%>
 姓名  获奖年份  获奖等级  荣誉称号
<%'2004.11.29--222-----%> <% if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索条件的显示%> <%end if%>
教师荣誉--><%=title%> 获市(地)级以上荣誉榜 当前:<%=pagenum%>/<%=rs.pagecount%> 转到:
<%'--222-%> <% dim i for i=1 to pagelenth '##开始显示当前页 Response.Write "" '##以下显示序号 Response.Write "" '获奖年份 Response.Write "" '##姓名 Response.Write "" '##荣誉称号 response.write if trim(rs("T_Message"))<>"" or trim(rs("T_photo"))<>"" then Response.Write "" else '###没有详细内容 Response.Write "" end if '授奖单位 Response.Write "" Response.Write "" rs.MoveNext if rs.eof then exit for end if next %>
序号 获奖年份 姓 名 荣誉称号 授奖单位
" response.write (pagenum-1)*pagelenth+i & "" & rs("T_year") & "" & "" ' if trim(rs("T_Message"))<>"" or trim(rs("T_photo"))<>"" then '###有文字说明或图片 response.write "" & rs("T_name") & "" ' else '###没有详细内容 ' Response.Write rs("T_name") ' end if response.write "" & rs("T_subject") & "" & "" & rs("T_subject") & "" & rs("T_danwei") & "
<%'''20041129_33333%> <% if request.form("mode")="search" or request.querystring("mode")="search" then '''是搜索条件的显示%> <%end if%>
满足指定条件的教师荣誉总数:<%=rs.recordcount%> 页次:<%=pagenum%>/<%=rs.pagecount%>  <% if pagenum>1 then '当前页>1,显示上一页 response.write " " response.write "〈上一页" else response.write "〈上一页" end if if pagenum" response.write " 下一页〉" else response.write " 下一页〉" end if %>   跳转到:

<% rs.Close set rs= nothing my_conn.Close set my_conn = nothing %>