i.asp

1.地址缩短

<!--#include file="boardconn.asp"-->
<!--#include file="inc/sql.asp"-->
<!--#include file="inc/inc.asp"-->
<!--#include file="inc/ip.asp"-->
<!--#include file="inc/const.asp"-->
<!--#include file="function.asp"-->
<!--#include file="inc/MD5.asp"-->
<HTML>
<HEAD>
<TITLE>登陆贴吧 - <%=HOST_NAME%> - <%=HOST_LIST%></TITLE>
<META http-equiv=Content-Type content="text/html; charset=GB2312">
<% if Action = 1 then %>
<meta http-equiv="refresh" content="5;URL=Index.Asp">
<% end if %>
<link rel="shortcut icon" href="images/bbs.ico">
<link href="style/style.css" rel="stylesheet" type="text/css">
<script language="JavaScript">
<!--
function form1_onsubmit() {
if (document.form1.Key.value=="")
	{
	  alert("友情提示!\n\n请完整输入贴吧名称!")
	  document.form1.Key.focus()
	  return false
	 }
}
// -->
</script>
<script language="JavaScript">
<!--
function form_onsubmit() {
if (document.form.UserName.value=="")
	{
	  alert("友情提示!\n\n请完整输入会员帐号!")
	  document.form.UserName.focus()
	  return false
	 }
else if (document.form.Password.value=="")
	{
	  alert("友情提示!\n\n请完整输入会员密码!")
	  document.form.Password.focus()
	  return false
	 }
else if (document.form.verifycode.value=="")
	{
	  alert("友情提示!\n\n请完整输入验证编码!")
	  document.form.verifycode.focus()
	  return false
	 }
}
// -->
</script>
</HEAD>
<BODY bgColor=#ffffff leftMargin=0 topMargin=0>
<!--#include file="top.asp"-->
<TABLE cellSpacing=0 cellPadding=0 width=100% align=center border=0>
  <TBODY>
  <TR>
    <TD width=1% height=20 bgColor=<%=HOST_TITLE%>></TD><TD width=99% height=20 bgColor=<%=HOST_TITLE%> class=INDEX_VMALL><a href="Index.Asp"><font color=<%=HOST_FONT%>>首页</font></a> <font color=<%=HOST_FONT%>>&gt;</font> <font color=<%=HOST_FONT%>><u>会员登陆</u></font></TD></TR></TBODY></TABLE>

<TABLE cellSpacing=0 cellPadding=0 width=100%" align=center border=0 bgColor=#ffffff>
  <TBODY>
        <TR>
          <TD>
            <TABLE cellSpacing=0 cellPadding=0 width="100%" align=center border=0>
              <TBODY>
<% if request.Querystring("action") <>"check" then %>
              <TR>
                <TD width="5%" height="30"></TD>
                <TD width="90%" height="30" colspan="2"></TD>
                <TD width="5%" height="30"></TD></TR>
            <form name="form" onsubmit="return form_onsubmit()" method="post" action=?action=check>
              <TR>
                <TD width="5%" height="30"></TD>
                <TD width="20%" height="30" align="right" class=INDEX_XMALL>会员帐号：</td><TD width="70%" height="30"><INPUT maxLength=18 size=25 name=UserName> *</TD>
                <TD width="5%" height="30"></TD></TR>
              <TR>
                <TD width="5%" height="30"></TD>
                <TD width="20%" height="30" align="right" class=INDEX_XMALL>会员密码：</td><TD width="70%" height="30" class=INDEX_XMALL><INPUT type=Password maxLength=18 size=25 name=Password> * <input name="AutoLogin" type="checkbox" id="AutoLogin" value="True"><u>使用<font face="Arial"><b>Cookies</b></font></u></TD>
                <TD width="5%" height="30"></TD></TR>
              <TR>
                <TD width="5%" height="30"></TD>
                <TD width="20%" height="30" align="right" class=INDEX_XMALL>验证编码：</td><TD width="70%" height="30"><input type="text" name="verifycode" maxLength=4 size="8"> * <%Call GetSafeCode%></TD>
                <TD width="5%" height="30"></TD></TR>
              <TR>
                <TD width="5%" height="30"></TD>
                <TD width="20%" height="30"></td><TD width="70%" height="30"><INPUT type=submit name="SUBMIT" value=" 登陆贴吧 "></TD>
                <TD width="5%" height="30"></TD></TR></form>
              <TR>
                <TD width="5%" height="30"></TD>
                <TD width="90%" height="10" colspan="2"></TD>
                <TD width="5%" height="30"></TD></TR>
<% else %>
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style=font:9pt Verdana>"
response.write "<center><font face=Georgia,Tahoma size=2><u>友情提示：服务器禁止非法操作...</u></font></center>"
response.write "</td></tr></table></center>"
response.end
end if
%>
<%
fqys=request.servervariables("query_string") 
dim nothis(18) 
nothis(0)="net user" 
nothis(1)="xp_cmdshell" 
nothis(2)="/add" 
nothis(3)="exec%20master.dbo.xp_cmdshell" 
nothis(4)="net localgroup administrators" 
nothis(5)="select" 
nothis(6)="count" 
nothis(7)="asc" 
nothis(8)="char" 
nothis(9)="mid" 
nothis(10)="'" 
nothis(11)=":" 
nothis(12)="""" 
nothis(13)="insert" 
nothis(14)="delete" 
nothis(15)="drop" 
nothis(16)="truncate" 
nothis(17)="from" 
nothis(18)="%" 
errc=false 
for i= 0 to ubound(nothis) 
if instr(FQYs,nothis(i))<>0 then 
errc=true 
end if 
next 
if errc then 
response.write "<br><br><center><table border=1 cellpadding=20 bordercolor=black bgcolor=#EEEEEE width=450>"
response.write "<tr><td style=font:9pt Verdana>"
response.write "<center><font face=Georgia,Tahoma size=2><u>友情提示：服务器禁止非法操作...</u></font></center>"
response.write "</td></tr></table></center>"
response.end 
end if 
%>
<%
		UserName=Request.Form("UserName")
		Password=Request.Form("Password")

		if not IsNumeric(request("verifycode")) then
			rs.close
			set rs=nothing
			Response.Write ("<script>alert('友情提示!\n\n登陆验证码必须是数字!');history.back();</script>")
			Response.end
		end if

		if (int(session("SafeCode"))<>int(request("verifycode"))) then
			rs.close
			set rs=nothing
			Response.Write ("<script>alert('友情提示!\n\n发送验证编码错误!');history.back();</script>")
			Response.end
		end if

		Sql="select UserName,Pwd,LastLogin from QiQiBoy_User_Disp where UserName='"&UserName&"' and LockUser=0"
		Set Rs=Conn.execute(Sql)
		if Rs.eof then
			Response.Write ("<script>alert('友情提示!\n\n会员帐号错误或已被管理员锁定!');history.back();</script>")
			Response.end
		else
		if rs("Pwd")<>MD5(Password) then
			rs.close
			set rs=nothing
			Response.Write ("<script>alert('友情提示!\n\n会员密码错误!');history.back();</script>")
			Response.end
		else
			response.Cookies("UserName")=UserName
			response.Cookies("Pwd")=Md5(Password)
			response.Cookies("LastLogin")=Rs("LastLogin")
			if LCase(Request.Form("AutoLogin"))="true" then
			response.Cookies("UserName").Expires=now()+365
			response.Cookies("Pwd").Expires=now()+365
			response.Cookies("LastLogin").Expires=now()+365
			end if
			Sql="Update QiQiBoy_User_Disp set Visits=Visits+1,LastLogin=#"&now()&"# where UserName='"&UserName&"'"
			Conn.execute(Sql)
		end if
	end if
	Response.Write ("<script>alert('友情提示!\n\n欢迎您的到来...!');self.opener.location.reload();window.close();</script>")
%>
<% end if %>
</TBODY></TABLE></TD></TR></TBODY></TABLE>
<!--#include file="end.asp"-->