<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="Conn/conn1.asp" -->
<!--#include file="md5.asp" -->
<% If Session("MM_Username")="" Then
Response.Redirect("/")
 End If %>
<%

MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME"))
If (Request.QueryString <> "") Then
  MM_editAction = MM_editAction & "?" & Server.HTMLEncode(Request.QueryString)
End If

' boolean to abort record edit

MM_abortEdit = false
%>
<%
' IIf implementation
Function MM_IIf(condition, ifTrue, ifFalse)
  If condition = "" Then
    MM_IIf = ifFalse
  Else
    MM_IIf = ifTrue
  End If
End Function
%>
<%
If (CStr(Request("MM_update")) = "form3") Then
  If (Not MM_abortEdit) Then
    ' execute the update


    Set MM_editCmd = Server.CreateObject (")
    MM_editCmd.ActiveConnection = MM_conn1_STRING
    MM_ = "UPDATE admin_w SET username = ?, password = ? WHERE id = ?"
    MM_editCmd.Prepared = true
    MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param1", 202, 1, 50, Request.Form("usernme")) ' adVarWChar
    MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param2", 202, 1, 50, MD5(Request.Form("password")))' adVarWChar
    MM_editCmd.Parameters.Append MM_editCmd.CreateParameter("param3", 5, 1, -1, MM_IIF(Request.Form("MM_recordId"), Request.Form("MM_recordId"), null)) ' adDouble
    MM_editCmd.Execute
    MM_editCmd.ActiveConnection.Close

    ' append the query string to the redirect URL

   
    If (Request.QueryString <> "") Then
      If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0) Then
        MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
      Else
        MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
      End If
    End If
    response.Write("<script language=javascript>alert('修改成功!');window.location.href='index.asp?ok';</script>")
    response.end
  End If
End If
%>
<%
Dim R3__MMColParam
R3__MMColParam = "1"
If (Request.QueryString("id") <> "") Then
  R3__MMColParam = Request.QueryString("id")
End If
%>
<%
Dim R3
Dim R3_cmd
Dim R3_numRows

Set R3_cmd = Server.CreateObject (")
R3_cmd.ActiveConnection = MM_conn1_STRING
R3_ = "SELECT * FROM admin_w WHERE id = ?"
R3_cmd.Prepared = true
R3_cmd.Parameters.Append R3_cmd.CreateParameter("param1", 5, 1, -1, R3__MMColParam) ' adDouble

Set R3 = R3_cmd.Execute
R3_numRows = 0
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.
<html xmlns="http://www.
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>ASP留言板</title>
<style type="text/css">
<!--
body,td,th {
    font-size: 12px;
    color: #666666;
}
a:link {
    color: #0000FF;
    text-decoration: none;
}
a:visited {
    text-decoration: none;
    color: #0000FF;
}
a:hover {
    text-decoration: none;
    color: #0000FF;
}
a:active {
    text-decoration: none;
    color: #0000FF;
}
-->
</style>
<script language="Javascript"><!--
function VF_form3(){ //v2.0
<!--start_of_saved_settings-->
<!--type,password,name,password,required,true,errMsg,请输入要修改的密码！-->
<!--end_of_saved_settings-->
    var theForm = document.form3;
    var errMsg = "";
    var setfocus = "";

    if (theForm['password'].value == ""){
        errMsg = "请输入要修改的密码！";
        setfocus = "['password']";
    }
    if (errMsg != ""){
        alert(errMsg);
        eval("theForm" + setfocus + ".focus()");
    }
    else theForm.submit();
}//-->
</script>
<img src="Images/logo.jpg" width="980" height="453" />
<table width="980" height="197" border="0" align="center" cellpadding="30" cellspacing="1" bgcolor="#CCCCCC">
  <tr>
    <td align="center" bgcolor="#FFFFFF"><table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td align="right"><a href="/">首页</a> <a href="index.asp?liuyan=login">留言管理</a>
            <% If Session("MM_Username")<>"" Then %>
          <a href="index.asp?exit=yes">退出管理</a> <a href="pass.asp">修改密码</a>
          <% End If %>
          <a href="index.asp?liuyan=ok">填写留言！</a></td>
      </tr>
    </table>
      <form action="<%=MM_editAction%>" method="POST" name="form3" id="form3" onsubmit="VF_form3();return false;">
      <table width="52%" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <td height="38" align="right">用户名：
            <label></label></td>
          <td align="left"><input name="usernme" type="text" id="usernme" value="<%=(R3.Fields.Item("username").Value)%>" /></td>
        </tr>
        <tr>
          <td height="38" align="right"><label>密码：</label></td>
          <td align="left"><input name="password" type="password" id="password" /></td>
        </tr>
        <tr>
          <td height="38" align="right">&nbsp;</td>
          <td align="left"><input type="submit" name="button" id="button" value="修改密码" />
            &nbsp;</td>
        </tr>
      </table>
      <input type="hidden" name="MM_update" value="form3">
      <input type="hidden" name="MM_recordId" value="<%= R3.Fields.Item("id").Value %>">
    </form>
  </tr>
</table>
<%
R3.Close()
Set R3 = Nothing
%>

根据id查出表MM_recordId所有列信息，对参数R3_numRows赋值0，但是该参数到底怎么用的一直没有用到，在下认为是代码没有贴全的缘故，然后代码的意思是根据id修改密码，并且对密码进行MD5加密。在修改密码的过程中用到的方法CreateParameter(.....)在asp中没有见过，不过有点像中的，作用是传递上述sql的参数以及参数类型。不知道是不是自己定义的方法，在下学识浅薄，愿受赐...