check.aspx

是个不错的同学录 注意这个可是手机使用的同学录哦！

<% @ Page language="C#" ContentType="text/html" ResponseEncoding="UTF-8" %>
<% @ Import Namespace="System.Data"%>
<% @ Import Namespace="System.Data.SqlClient"%>
<% @ Import Namespace="System.Configuration"%>
<%
   String Sql; 
   SqlConnection myConnection = new SqlConnection();
   myConnection.ConnectionString = "server=192.168.1.202;database=student;user id=sa;password=;Trusted_Connection=yes";
   
%>
<%
String username;
String password;
String phoneid;
username=request("username").ToString().Trim() ;
password=request.form("password").ToString().Trim() ;
phoneid=request.servervariables("HTTP_X_UP_CALLING_LINE_ID").ToString();




if (username=="" or password=="") 
{
session("error")=4; //非法登录
response.redirect("error.aspx");
}
%>
<% 
   Sql="select ec.studentid,ec.password,ec.sname,ec.lastedtime,ec.usertype,ec.logintimes from ec";
   SqlCommand myCommand = new SqlCommand(Sql,myConnection);
   myConnection.Open();
   SqlDataReader myReader = myCommand.ExecuteReader();
   //校对帐号密码！
   if(myReader.Read())
    {
       if (myReader["studentid"].GetString()=username and myReader["password"].GetString()=password)
       {
        session("name")=myReader["sname"].GetString();
		session("studentid")=myReader["studentid"].GetString();
		sql2="update ec set logintimes=logintimes+1,lastedtime='"+ now() +"' where studentid='"+ username +"'";
		SqlCommand myCommand1 = new SqlCommand(sql2,myConnection);
        myConnection.Open();
        myCommand1.ExecuteNonQuery();
        myConnection.Close();
        
        sql3="update online set sname='"+ myReader["studentid"].GetString() +"' where ip='"+ Session("user_ip") +"'";
        SqlCommand myCommand2 = new SqlCommand(sql3,myConnection);
        myConnection.Open();
        myCommand2.ExecuteNonQuery();
        myConnection.Close();
		response.redirect("main.asp");
       }
       else
       {
         myReader.movenext;
       }
    }
	//关闭连接和阅读器
	myReader.Close();
%>