inc-common.asp

简介：一个程序小巧而功能强大

<%
start_time = timer

'Check Site is enabled and redirect if not
if Site_Enabled = "0" and instr(1, request.servervariables("URL"), "login.asp", 1) = 0 then
	response.redirect(Site_Forum_URL & "/disabled.asp")
end if

'Check that the user is not logged and that they have not come from somewhere else on the forums
if session("UserID") = "" and request.cookies(Site_Name)("id") <> "" then
	
	'set variables
	strID = request.cookies(Site_Name)("id")
	strCode = request.cookies(Site_Name)("code")
	
	'If the userID is not empty grabuser details
	if strID <> ""  then
		set rsLogin = server.createobject("adodb.recordset")
		sqlLogin = "SELECT * FROM Forum_Users WHERE User_ID = "& strID &" AND User_Activation = "& strCode &""
		rsLogin.CursorType = 2
		rsLogin.LockType = 2
		rsLogin.open sqlLogin, adoConn
		if rsLogin.eof or rsLogin.bof then
			'User not found the cookie is corrupt, delete it.
			response.cookies(Site_Name).expires = now() - 1
		else
			'Details correct check that the account is not banned and is active
			if rsLogin("User_Status") = 2 then
				'User has been banned delete cookies
				response.cookies(Site_Name).expires = now() - 1
			end if
			if rsLogin("User_Status") = 0 then
				'users account not active, delete cookies
				response.cookies(Site_Name).expires = now() - 1
			end if
			
			'If the cookie still exists log the user in.
			if request.cookies(Site_Name)("id") <> "" then
				'Set session variables
				session("UserID") = rsLogin("User_ID")
				session("UserName") = rsLogin("User_Name")
				if request.cookies(Site_Name)("laston") <> "" then
					session("Laston") = request.cookies(Site_Name)("laston")
				else
					session("Laston") = rsLogin("User_Laston_Date")
				end if
				
				'Update userdetails
				rsLogin("User_Laston_Date") = db_time()
				if request.servervariables("HTTP_X_FORWARDED_FOR") = "" then
					rsLogin("User_IP") = request.servervariables("REMOTE_ADDR")
				else
					rsLogin("User_IP") = request.servervariables("HTTP_X_FORWARDED_FOR")
				end If
				rsLogin.update
				
				'Update laston cookie
				response.cookies(Site_Name)("laston") = db_time()
				response.cookies(Site_Name).expires = DateAdd("yyyy", 1, Now())
				
				'Admin check
				set rsAdmin = server.createobject("adodb.recordset")
				sqlAdmin = "SELECT * FROM Forum_Admin WHERE Admin_User_ID = "& session("userid") &""
				rsAdmin.open sqlAdmin, adoConn
				if not (rsAdmin.eof or rsAdmin.bof) then
					'Set Admin session
					session("Admin") = true
				end if
				rsAdmin.close
				set rsAdmin = nothing
			end if		
		end if
		rsLogin.close
		set rsLogin = nothing
	end if
end if

'Check for banned users
set rsBanned = server.createobject("adodb.recordset")
if request.servervariables("HTTP_X_FORWARDED_FOR") = "" then
	sqlBanned = "SELECT * FROM Forum_BadIP WHERE Bad_IP = '"& request.servervariables("REMOTE_ADDR") &"';"
else
	sqlBanned = "SELECT * FROM Forum_BadIP WHERE Bad_IP = '"& request.servervariables("HTTP_X_FORWARDED_FOR") & "';"
end If
rsBanned.open sqlBanned, adoConn, CMDText
if not(rsBanned.eof or rsBanned.bof) then
	session.abandon()
	response.redirect(Site_Forum_URL & "/banned.asp")
end if
rsBanned.close
set rsBanned = nothing

if session("userid") <> "" then
	'Check banned user
	set rsBanned = server.createobject("adodb.recordset")
	sqlBanned = "SELECT User_Status FROM Forum_Users WHERE User_Status = 2 AND User_ID = "& session("userid") &";"
	rsBanned.open sqlBanned, adoConn, CMDText
	if not(rsBanned.eof or rsBanned.bof) then
		session.abandon()
		response.redirect(Site_Forum_URL & "/banned.asp")
	end if
	rsBanned.close
	set rsBanned = nothing
end if

if session("UserID") <> "" then
	'If the lastondate cookie is more than five minutes old update it.
	if request.cookies(site_name)("lastondate") <> "" then
		if Site_Time - int(request.cookies(site_name)("lastondate")) > 500 then
			response.cookies(site_name)("lastondate") = site_time
		end if
	end if

	'Generate the current URL for inserting to the database
	User_URL = request.servervariables("URL") & "?" & request.servervariables("QUERY_STRING")
	if instr(1, User_URL, "&goto=lastpost", 1) > 0 then
		User_URL = replace(User_URL, "&goto=lastpost", "")
	end if
	
	'Update user details
	set rsUserUpdate = server.createobject("adodb.recordset")
	sqlUserUpdate = "SELECT User_Laston_Date, User_LastURL FROM Forum_Users WHERE User_ID = "& session("UserID") &";"
	rsUserUpdate.cursortype = 2
	rsUserUpdate.locktype = 3
	rsUserUpdate.open sqlUserUpdate, adoConn, CMDText
	rsUserUpdate("User_Laston_Date") = Site_Time
	rsUserUpdate("User_LastURL") = User_URL
	rsUserUpdate.update
	rsUserUpdate.close
	set rsUserUpdate = nothing
end if
%>