login.asp

Build 1025更新： 美化了后台,简化了后台操作

<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<!--#include file="Function.asp"-->
<%
Dim user,pass,yz
if Request.QueryString("act")="login" then
   user=nohtml(Replace(Request.Form("username")," ","+++ close"))
   pass=nohtml(Replace(Request.Form("password")," ","+++ close"))
   If user<>"" and pass<>"" Then
      If not IsNumeric(Request.Form("yz")) Then
         Response.Write "<script>alert('你输入的验证码为非数字！');window.location.href('login.asp');</script>"
         Response.End
      End If
      If (int(Session("SafeCode"))=int(Request.Form("yz"))) Then   
         Set rs=Server.CreateObject("Adodb.RecordSet")
         sql="Select * from XH_Config where username='"&user&"' and password='"&md5(pass)&"'"
         rs.open sql,conn,1,1
         If not(rs.bof and rs.eof) Then
            If md5(pass)=rs("password") and user=rs("username") Then
               Session("admin")=rs("username")
               rs.close
               Set rs=nothing
               Response.Redirect "admin_index.asp"
            Else
               Response.Write "<script>alert('登陆失败，用户名或密码错误！');window.location.href('login.asp');</script>"
            End If
            Call EndConnection()
         Else
            Response.Write "<script>alert( '登陆失败！用户名或密码不存在！');window.location.href('login.asp');</script>"
         End If
         Call EndConnection()
      Else
         Response.Write "<script>alert('登陆失败！验证码输入错误！');window.location.href('login.asp');</script>"
      End If            
   Else
      Response.Write "<script>alert('登陆失败！用户名和密码不能为空！');window.location.href('login.asp');</script>"
   End If
End If		
%>
<html>

<head>
<meta http-equiv="Content-Language" content="zh-cn">
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>管理登陆</title>
<link rel="stylesheet" type="text/css" href="css.css">
</head>
<%
If Request.QueryString("XHType")="" or Request.QueryString("XHType")="login" Then
	Call login()
ElseIf Request.QueryString("XHType")="logout" Then
	Call logout()
End If		
%>
<script language="javascript">
function check(){
	if(form1.username.value==""){
		alert("用户名不能为空!");
		form1.username.focus();
		return false;}
	if(form1.password.value==""){
		alert("密码不能为空!");
		form1.password.focus();
		return false;}
	if(form1.yz.value==""){
		alert("验证码不能为空！");
		form1.yz.focus();
		return false;}	
	return true;
}			
</script>
<body>
<%
Sub logout()
	Session("admin")=""
	Call login()
End Sub
%>
<%Sub login()%>
<div align="center">
　<p>　</p>
	<table border="0" width="100%" id="table1" cellpadding="0" height="200" style="border-collapse: collapse">
		<tr>
			<td>
			<div align="center">
				<table border="0" width="50%" id="table2" cellspacing="1" cellpadding="3" style="border-collapse: collapse" bgcolor="#FFFFFF">
					<form action=?act=login method=post name=form1 onsubmit="return check()">
					<tr>
						<th colspan="2" bgcolor="#FFCC99">管理登陆</th>
					</tr>
					<tr>
						<td width="40%" align="right"><b>用户名：</b></td>
						<td><input type="text" name="username"></td>
					</tr>
					<tr>
						<td width="40%" align="right"><b>密&nbsp; 码：</b></td>
						<td><input type="password" name="password" size="21"></td>
					</tr>
					<tr>
						<td align="right"><b>验证码：</b></td>
						<td><input type="text" name="yz" size="8"> <%Call GetSafeCode()%></td>
					</tr>
					<tr>
						<td colspan="2" align="center" bgcolor="#FFFFCC"><input type=submit name=submit value=登陆> <input type="reset" name="reset" value="取消"></td>
					</tr>
					</form>
				</table>
			</div>
			</td>
		</tr>
	</table>
</div>
<%End Sub%>
<%
function nohtml(byval str)
	if isnull(str) or trim(str)="" then
		nohtml=""
		exit function
	end if
    dim re
    Set re=new RegExp
    re.IgnoreCase =true
    re.Global=True
    re.Pattern="(\<.[^\<]*\>)"
    str=re.replace(str," ")
    re.Pattern="(\<\/[^\<]*\>)"
    str=re.replace(str," ")
    set re=nothing
	str=replace(str,chr(34),"")
	str=replace(str,"'","")
    nohtml=str
end function
%>
</body>

</html>