password.asp

用ASP实现基于数据库的网页加密

<%
Function checkpassword( ID, Pwd )
   Dim conn, SQLstr, rs

   Set conn = Server.CreateObject("ADODB.Connection")
   SQLstr = "driver={Microsoft Access Driver (*.mdb)};Pwd=ding"
   conn.Open SQLstr & ";dbq=" & Server.MapPath("users.mdb")

   sql = "Select * From users Where ID='" & ID & "' And Pwd = '" & Pwd & "'"
   Set rs = conn.Execute( sql )
   If rs.EOF Then
      checkpassword = False
   Else
      checkpassword = True
   End If
End Function
%>

<%
If IsEmpty(Session("Passed")) Then Session("Passed") = False
Head = "请输入您的认证资料"
ID = Request("ID")
Pwd = Request("Pwd")

If ID = "" Or Pwd = "" Then
   Head = "请输入您的认证资料"
ElseIf Not checkpassword( ID, Pwd ) Then
   Head = "用户名称或密码错误"
Else
   Session("Passed") = True
End If

If Not Session("Passed") Then 
%>

<HTML>
<BODY BGCOLOR="#FFFddd">
<H2 ALIGN=CENTER><%=Head%><HR WIDTH="100%"></H2>

<CENTER>
<FORM Action=<%=Request.ServerVariables("PATH_INFO")%> Method=POST>
<TABLE BORDER=1 CELLSPACING=0 >
<TR>
<TD ALIGN=RIGHT>用户名称:</TD>
<TD><Input Type=Text Name=ID Size=12 Value=<%=ID%>></TD>
</TR>

<TR><TD ALIGN=RIGHT>密码： </TD>
<TD><Input Type=Password Name=Pwd Size=12 Value=<%=Pwd%>></TD>
</TR>
</TABLE><P>
<Input Type=Submit Value=" 确定 ">
</FORM>
<HR WIDTH="100%">

</CENTER>
</BODY>
</HTML>

<% 
   Response.End
End If
%>