asp完整登陆代码
asp完整登陆代码
<%
option explicit
强制浏览器重新访问服务器下载页面,而不是从缓存读取页面
Response.Buffer = True
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
主要是使随机出现的图片数字随机
%>
<!--#include file="inc/config.asp"-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE><%=rs_config("c_incname")%>-管理员登录</TITLE>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<LINK href="inc/login.css" rel=stylesheet type=text/css>
<base target="main">
<style type="text/css">
<!--
.style2 {font-size: 12pt}
-->
</style>
<SCRIPT language=JavaScript>
<!--
function frmSubmit() {
if (theForm.name.value == "") {
alert("请输入用户名");
theForm.name.focus();
return false;
}
if (theForm.pass.value == "") {
alert("请输入密码");
theForm.pass.focus();
return false;
}
if (theForm.safecode.value == "") {
alert("请输入校验码");
theForm.safecode.focus();
return false;
}
return true;
}
//-->
</SCRIPT>
<link rel="icon" href="/favicon.ico" type="image/x-icon" />
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<LINK
href="images/WEI.css" type=text/css rel=stylesheet>
<META content="Microsoft FrontPage 4.0" name=GENERATOR>
</HEAD>
<BODY bgColor=#ffffff>
<BR>
<br>
<br>
<br>
<br>
<BR>
<TABLE align="center" cellSpacing=0 cellPadding=0 width=555 border=0 style="border-collapse: collapse" bordercolor="#111111">
<TBODY>
<TR>
<TD width="588">
<TABLE align="center" cellSpacing=0 cellPadding=0 width=558 border=0 style="border-collapse: collapse" bordercolor="#111111">
<TBODY>
<TR>
<TD vAlign=top width="360" height="104">
<FORM action=logincheck.asp method=POST target="_top">
<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td colspan="2"><img src="images/Admin_Login1.gif" width="600" height="126"></td>
</tr>
<tr>
<td width="508" valign="top" background="Images/Admin_Login2.gif"><table width="508" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="37" colspan="6"> </td>
</tr>
<tr>
<td width="75" rowspan="2"> </td>
<td width="126"><font color="#043BC9">用户名称:</font></td>
<td width="39" rowspan="2"> </td>
<td width="131"><font color="#043BC9">用户密码:</font></td>
<td width="34"> </td>
<td width="103"><font color="#043BC9">验证码:<b><font color=#ff0000><IMG
src="inc/Code.asp" width="40" height="10" align="absmiddle"></font></b></font></td>
</tr>
<tr>
<td><input name=name id="name" size=15></td>
<td><input name=pass type=password id="pass" size=12></td>
<td> </td>
<td><INPUT name="safecode" type=text id="safecode" size=12></td>
</tr>
</table></td>
<td>
<input type="image" name="Submit" src="Images/Admin_Login3.gif" style="width:92px; HEIGHT: 126px;"></td>
</tr>
</table>
</FORM>
</TD>
</TR>
</TBODY>
</TABLE>
</TD>
</TR>
</TBODY>
</TABLE>
</BODY>
</HTML>
下面是asp处理文件
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<%
function ChkPost()
dim server_v1,server_v2
chkpost=false
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
chkpost=false
else
chkpost=true
End if
End function
session.Timeout=20
if ChkPost=false then
'emsg="请不要从其它站点提交表"
response.Redirect("login.asp?emsg=请不要从其它站点提交表")
Response.End()
End if
dim aname,apass,FoundErr,ErrMsg
FoundErr=False
aname=replace(trim(request("name")),"'","")
apass=replace(trim(request("pass")),"'","")
safecode=replace(trim(Request("safecode")),"'","")
if len(aname)>20 or len(aname)<3 then
FoundErr=True
ErrMsg=ErrMsg&"用户名不对!nn"
End if
if len(apass)>20 or len(apass)<6 then
FoundErr=True
ErrMsg=ErrMsg&"用户密码不对!nn"
End if
if Safecode="" then
FoundErr=True
ErrMsg=ErrMsg & "验证码不能为空!nn"
end if
if Session("Admin_GetCode")="" then
FoundErr=True
ErrMsg=ErrMsg & "你登录时间过长,请重新返回登录页面进行登录。nn"
end if
if Safecode<>CStr(Session("Admin_GetCode")) then
FoundErr=True
ErrMsg=ErrMsg & "您输入的确认码和系统产生的不一致,请重新输入。nn"
end if
if FoundErr=True then
Call LoginError(ErrMsg)
Conn.close
Set Conn=Nothing
else
apass=md5(apass)
dim sql,rs
sql="select a_name,a_pass,a_flag from admin where a_name='"&aname&"' and a_pass='"&apass&"'"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,1
if rs.BOF and rs.EOF then
ErrMsg="用户名或是密码错误!"
Call LoginError(ErrMsg)
rs.close
set rs=Nothing
conn.close
set conn=Nothing
response.End
elseif Not(rs.BOF or rs.EOF) then
session("aname")=rs("a_name")
session("admin_flag")="into"
session("admin_sys")=rs("a_flag")
response.Redirect("useradmin.asp")
rs.close
set rs=Nothing
conn.close
set conn=Nothing
response.End
End if
end if
Sub LoginError(EMsg)
response.write "<script language='javascript'>" & chr(13)
response.write "alert('"&EMsg&"');" & Chr(13)
response.write "window.document.location.href='login.asp';"&Chr(13)
response.write "</script>" & Chr(13)
Response.End
End Sub
%>