login.asp

电子商务网络购物系统

<% Option Explicit %>
<!-- #include file="includes/header.asp" -->
<!--#include file="functions/hash.asp" -->
<%
Response.Buffer = True

Dim strUsername
Dim strPassword	
Dim blnAutoLogin
Dim lngUserID	
Dim strUserCode
Dim intForumID	

blnAutoLogin = False
intForumID = Request.QueryString("fid")

strUsername = Trim(Mid(Request.Form("name"), 1, 15))
strPassword = LCase(Trim(Mid(Request.Form("password"), 1, 15)))
blnAutoLogin = CBool(Request.Form("AutoLogin"))

strUsername = Replace(strUsername, "password", "", 1, -1, 1)
strUsername = Replace(strUsername, "salt", "", 1, -1, 1)
strUsername = Replace(strUsername, "author", "", 1, -1, 1)
strUsername = Replace(strUsername, "code", "", 1, -1, 1)
strUsername = Replace(strUsername, "username", "", 1, -1, 1)
strUsername = formatSQLInput(strUsername)
If NOT strUsername = "" Then
		Call checkSessionID(Request.Form("sessionID"))
	strSQL = "SELECT timesuser.Password, timesuser.Salt, timesuser.userid, timesuser.usercode "
	strSQL = strSQL & "FROM timesuser "
	strSQL = strSQL & "WHERE timesuser.Username = '" & strUsername & "';"
	rsConn.Open strSQL, adoCon
	If NOT rsConn.EOF Then
		strPassword = strPassword & rsConn("Salt")
		strPassword = HashEncode(strPassword)
		If strPassword = rsConn("Password") Then
			lngUserID = CLng(rsConn("userid"))
			strUserCode = rsConn("usercode")
			Response.Cookies("Forum")("UID") = strUserCode
			If CBool(Request.Form("ActiveUsers")) = False Then
				Response.Cookies("Forum")("Hide") = True
			Else
				Response.Cookies("Forum")("Hide") = False
			End If
			If blnAutoLogin = True Then
				Response.Cookies("Forum").Expires = DateAdd("yyyy", 1, Now())
			End If
			rsConn.Close
			Set rsConn = Nothing
			adoCon.Close
			Set adoCon = Nothing
			If Request.QueryString("M") = "Unsubscribe" Then
				Response.Redirect("enotify.asp?tid=" & Request.QueryString("tid") & "&fid=" & intForumID & "&M=Unsubscribe")

			Else
				Response.Redirect("index.asp")
			End If
		End If
	End If
	rsConn.Close
End If
strUsername = Replace(strUsername, "''", "'")
%>
<script  language="JavaScript">
function CheckForm () {

	var errorMsg = "";
	if (document.frmLogin.name.value==""){
		errorMsg += "\n\t用户名 \t- 输入你论坛用户名";
	}
	if (document.frmLogin.password.value==""){
		errorMsg += "\n\t密码 \t- 输入你论坛密码";
	}
	if (errorMsg != ""){
		msg = "_______________________________________________________________\n\n";
		msg += "表单不完整，请填写完全\n";
		msg += "请修正后再发表\n";
		msg += "_______________________________________________________________\n\n";
		msg += "以下区域需要修改: \n";

		errorMsg += alert(msg + errorMsg + "\n\n");
		return false;
	}

	return true;
}
function openWin(theURL,winName,features) {
  	window.open(theURL,winName,features);
}

// -->
</script>
<title>用户登录</title>
  <table width="96%" border="0" cellspacing="0" cellpadding="3" align="center">
 <tr>
  <td align="left" width="71%" class="bold"><img src="images/open.gif" border="0" align="absmiddle">&nbsp;<a href="index.asp" target="_self" class="boldLink"><% = strMainForumName %></a><% = strNavSpacer %><a href="login.asp">用户登录</a><br /></td>
  </tr>
</table><%
Set rsConn = Nothing
adoCon.Close
Set adoCon = Nothing
If strUsername <> "" Then
%>
<table width="96%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td align="center" class="bold"><br />对不起，你的用户名或者密码不正确<br />请重试<br /></td>
  </tr>
</table>
<%
End If
%>
<form method="post" name="frmLogin" action="login.asp?fid=<% = intForumID %><% If Request.QueryString("M") = "Unsubscribe" Then Response.Write("&tid=" & Request.QueryString("tid") & "&M=Unsubscribe") %>" onSubmit="return CheckForm();" onReset="return confirm('你确认要重新填写此表单?');">
    <table width="350" border="0" cellspacing="1" cellpadding="1" align="center" bgcolor="<% = strTableBgColour %>" height="28">
    	 <tr>
           <td align="center" class="smtext" height="25" colspan="2" background="<% = strTablePostsTitleBgImage %>">登录论坛</td>
          </tr>
                <tr> <td bgcolor="#FFFFFF"><table><tr>
                  <td width="31%" align="right"><span class="text">用户名: </span></td>
                  <td><input type="text" name="name" size="15" maxlength="15" value="<% = strUsername %>" /> 
                    <a href="reg.asp" target="_self">没有注册</a></td>
                </tr>
                <tr> 
                  <td align="right" width="31%"><span class="text">密码: </span></td>
                  <td width="69%"> <input type="password" name="password" size="15" maxlength="15" /> 
                    <a href="JavaScript:openWin('forgetpass.asp','forgot_pass','toolbar=0,location=0,status=0,menubar=0,scrollbars=0,resizable=1,width=570,height=350')">忘记密码</a> </td>
                </tr>
                <tr> 
                  <td></td>
                  <td width="69%" class="text"><span class="text"> 
                    <input type="checkbox" name="AutoLogin" value="True" checked />自动登录
                    <input type="checkbox" name="ActiveUsers" value="True" checked />正常登录 
                    </span></td>
                </tr>
                <tr> 
                  <td></td>
                  <td width="69%"> <input type="hidden" name="sessionID" value="<% = Session.SessionID %>" /> 
                    <input type="submit" name="Submit" value="登录" /> 
                    <input type="reset" name="Submit2" value="清除 " /></td>
					</tr></table></td>
                </tr>
              </table>
</form>
<br/><br/><br/>
<!-- #include file="includes/footer.asp" -->