<%
id = Request.QueryString("id")
Page = Request.QueryString("Page")
Keys=Server.UrlEnCode(Request.QueryString("Keys"))
Ord=Server.UrlEnCode(Request.QueryString("Ord"))
hrefstr = "?keys="&Keys&"&Ord="&Ord&"&Page="&Page
employee_id=Session("employee_id")
act=Request.QueryString("act")
If act="save" Then
em_tel=TextEncode(Request.Form("em_tel"))
em_email=TextEncode(Request.Form("em_email"))
em_password=MD5(Request.Form("em_password"))
pwd=MD5(Request.Form("pwd"))
pwdre=MD5(Request.Form("pwdre"))
editpwd=false
If Not IsNumeric(employee_id) Then employee_id=0
If pwd<>"8f00b204e9800998" and pwdre<>"8f00b204e9800998" Then
editpwd=true
If pwd<>pwdre Then
conn.close
set conn=Nothing
Response.write ""
Response.end
End if
End if
Set Rs = Server.CreateObject("ADODB.RecordSet")
Rs.Open "select * from employee where id="&employee_id,conn,1,3
If Not Rs.bof and Not Rs.eof Then
Rs("em_email")=em_email
Rs("em_tel")=em_tel
changeSuccess=1
If editpwd Then
If em_password=Rs("em_password") Then
Rs("em_password")=pwd
changeSuccess=2
Else
changeSuccess=3
End IF
End IF
End IF
Rs.update
Rs.Close
Set Rs=Nothing
conn.close
set conn=Nothing
If Cint(changeSuccess)=1 Then
Response.write ""
ElseIf Cint(changeSuccess)=2 Then
Response.write ""
Else
Response.write ""
End If
Response.End
End If'End act
Set Rs = Server.CreateObject("ADODB.RecordSet")
Rs.Open "select em_email,em_tel from employee where id="&Session("employee_id"),conn,1,1
em_tel=Rs("em_tel")
em_email=Rs("em_email")
Rs.Close
Set Rs = Nothing
%>