<!-- #include file="../inc/conn1.asp"-->

<!-- #include file="../inc/md5.asp"-->

<%

if cstr(request("code"))<>cstr(session("getcode")) then

response.write"<SCRIPT language=JavaScript>alert('对不起，你填写的验证码错误！');"

response.write":history.go(-1)</SCRIPT>"

response.end

end if

dim userid,password

username=request("username")

password=md5(request("password"))

set rs=server.CreateObject("adodb.recordset")

sql="select username,vip,jifen1,lastlogin,thislogin,logins from tgy where username='"&username&"'and password='"&password&"'"

rs.open sql,conn,3,3

if rs.eof then

response.Write "<script>alert('用户登录出错，用户名或者密码错误');history.go(-1);</Script>"

else

session("username")=rs("username")

if day(rs("lastlogin"))<>day(date()) then

if rs("jifen1")="" or isnull(rs("jifen1")) then

rs("jifen1")=5

else

rs("jifen1")=rs("jifen1")+5

end if

end if

rs("lastlogin")=rs("thislogin")

rs("thislogin")=now()

rs("logins")=rs("logins")+1

rs.update

session.timeout=20

response.Write "<script>location.href='index.asp';</Script>"

end if

rs.close

set rs=nothing

conn.close

set conn=nothing

%>