checklogin.asp

前台完全分离了HTML与ASP

<%
'***********************************************
'* CHECK LOGIN FUNCTION
'* 你可以对以下内容进行任何修改，但请保留版权，谢谢。
'* 零点设计在线  Power by marquee 2005年5月
'***********************************************

Function MemberLogin(backURL)
  Dim g_user,g_pass,limitDayFlag
  IF Request.Cookies(ZD_CookieName)("errLogin")="" Then
    Response.Cookies(ZD_CookieName)("errlogin")="0"
  End IF
  IF Cint(Request.Cookies(ZD_CookieName)("errlogin"))<3 Then
   g_user=CheckBadWord(Request.form("user"))
   g_pass=Md5(CheckBadWord(Request.form("pass")))
   set Rs=Server.Createobject("Adodb.Recordset")
   sql="select * from ZD_member where memberID= '"&g_user&"'"
   rs.open sql,conn,1,1
   IF rs.eof or bof Then
     errMessage="错误!无此用户请查证后再输入。"
     Response.Cookies(ZD_CookieName)("errLogin")=Cint(Request.Cookies(ZD_CookieName)("errlogin"))+1
   Else
     RsPass=rs("memberPass")
     IF rs("isLimit") = False or (Rs("leftDays")-date())>0 Then
       limitDayFlag=True
     End IF
    IF g_pass=rsPass and rs("locked")=False and limitDayFlag=True Then
      Response.Cookies(ZD_CookieName)("MemberID")=Rs("memberID")
      Response.Cookies(ZD_CookieName)("Password")=Rs("memberPass")
      Response.Cookies(ZD_CookieName)("MemberType")=Rs("memberType")
      Response.Cookies(ZD_CookieName)("loginTimes")=Rs("logintimes")
      Response.Cookies(ZD_CookieName)("lastLoginIP")=Rs("lastLoginIP")
	  IF rs("isLimit")=false Then 
	    Response.Cookies(ZD_CookieName)("leftDays")="终身"
	  Else 
	    Response.Cookies(ZD_CookieName)("leftDays")=Cstr(Rs("leftDays")-date()) & "天"
	  End IF
      conn.execute("update ZD_member set logintimes=logintimes+1")
      Response.Cookies(ZD_CookieName)("errLogin")=""
      IF rs("ZAdmin")=True Then
        Response.Cookies(ZD_CookieName)("MemberType") = "超级管理员"
      End IF
        Response.Redirect backURL
    Else
     errMessage="密码错误,或者您的用户已被管理员锁定,或者会员到期,请查证后再试。"
     Response.Cookies(ZD_CookieName)("errLogin")=Cint(Request.Cookies(ZD_CookieName)("errlogin"))+1
    End IF
   End If
  Else
    errMessage="登录次数过多,稍后再试。"
  End IF
End Function


Function CheckAdminLogin()
   set loginRs=Server.CreateObject("Adodb.Recordset")
   sql="select memberID,memberLevel,memberPass,ZAdmin from ZD_member where memberID='"&Session("member")&"'"
   loginRs.open sql,conn,1,1
   IF loginRs.eof Then
    call SaveLog(Session("member"),"过久未活动导致自动退出",now(),"管理员退出",getIP(),false)
    response.redirect "login.asp"
    response.End
   End IF 
   IF Session("password")=loginRs("memberPass") and loginRs("ZAdmin")=True Then
    loginRs.close	
    set loginRs=nothing
    Exit Function
   Else
    call SaveLog(Session("member"),"由于保存在服务器上的SESSION被更改或其它异常,导致该管理员退出。",now(),"管理员退出",getIP(),false)
    set loginRs=nothing
    Exit Function
    response.redirect "login.asp"
    response.End
   End IF     

End Function

Function CheckMemberLogin()
   set loginRs=Server.CreateObject("Adodb.Recordset")
   sql="select memberID,memberLevel,memberPass,ZAdmin from ZD_member where memberID='"&Request.Cookies(ZD_CookieName)("MemberID")&"'"
   loginRs.open sql,conn,1,1
   IF loginRs.eof Then
    Response.redirect "login.asp"
    Exit Function
    response.End
   End IF 
   IF Request.Cookies(ZD_CookieName)("password")=loginRs("memberPass") Then
    loginRs.close
    set loginRs = nothing
    Exit Function
   Else
    response.redirect "login.asp"
    loginRs.close
    set loginRs=nothing
    Response.End
   End IF     
End Function

Function adminLoginout() 
   call CheckAdminLogin()
   call SaveLog(Session("member"),"安全退出",now(),"管理员退出",getIP(),true)
   Session("Member")=""
   Session("ZD_Admin")=""
   Session("password")=""
   Session("level")=""
   Session("errlogin")=""
   response.redirect "login.asp"
End Function

Function MemberLoginout() 
   call CheckMemberLogin()
   lastIP=getIP()
   conn.execute("update ZD_member set lastloginip='"&lastIP&"' where memberID='"&Session("member")&"'")   
   conn.execute("update ZD_member set lastlogintime='"&now()&"' where memberID='"&Session("member")&"'") 
   Response.Cookies(ZD_CookieName)("MemberID")=""
   Response.Cookies(ZD_CookieName)("MemberType")=""
   Response.Cookies(ZD_CookieName)("Password")=""
   Response.Cookies(ZD_CookieName)("errlogin")=""
   Response.Redirect Request.ServerVariables("HTTP_REFERER")
End Function

Function CheckBadWord(g_word)
  g_word=Replace(g_word,"'","")
  g_word=Replace(g_word," ","")
  g_word=Replace(g_word,"&","")
  g_word=Replace(g_word,"(","")
  g_word=Trim(Replace(g_word,")",""))  
  CheckBadWord=g_word
End Function
%>