admin_login.asp

强大的后台文章编辑器的功能

<!--#include file = admin_conn.asp -->
<!--#include file = md5.asp -->
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>网站后台登录</title>
</head>

<body>
<%
function chkhtm(stra)
  stra=replace(stra,"<","&lt;")
  stra=replace(stra,">","&gt;")
  stra=replace(stra,"'","")
  stra=replace(stra,"(","（")
  stra=replace(stra,")","）")
  stra=replace(stra,";","；")
  stra=replace(stra,",","，")
  stra=replace(stra,"%","％")
  stra=replace(stra,"+","＋")
  chkhtm=stra
end function
yzm=int(trim(request("yzm")))
if yzm<>Session("VerifyCode") then
  conn.close
  set conn=nothing
  Response.Redirect "login.asp?id=3"
end if
Session("VerifyCode")=""
if request("user")="" or request("pass")="" or request("yzm")="" then

  conn.close
  set conn=nothing
  Response.Redirect "login.asp?id=0"
  
  else
  
  user=LCase(chkhtm(request("user")))
  pass=md5(chkhtm(trim(request("pass"))))
  yzm=request("yzm")
  
  sql = "select * from admin where user='"&user&"' and pass='"&pass&"'"
  Set rs = Server.CreateObject("ADODB.RecordSet")
  rs.Open sql,conn,1,1
  
  if rs.recordcount=0 then
    conn.close
    set conn=nothing
    Response.Redirect "login.asp?id=1"
  end if
  
  session("admin__user")=rs("user")
  session("admin__pass")=trim(request("pass"))
  session("dj")=rs("dj")
  Response.Redirect "admin_index.asp"
  
end if
%>
</body>

</html>
<%
conn.close
set conn=nothing
%>