chklogin.asp

一个不错的音乐网站

<%@ LANGUAGE="VBSCRIPT" %>
<%response.buffer=true%>
<!--#include file="conn.asp"-->
<!--#include file="functionuser.asp"-->
<!--#include file="md5.asp"-->
<LINK href="../images/index.css" rel="stylesheet">
<%
dim cookiepath
cookiepath="vip.asp"
founderr=false
UserIP=Request.ServerVariables("REMOTE_ADDR")

username=Checkin(trim(Request.form("username")))
password = md5(Trim(Replace(Request("password"), "'", "")))
VerifyCode = Replace(Trim(Request("VerifyCode")),"'","")

if UserName = "" or  PassWord = "" then
	Response.Write("<script>alert(""错误：\n请填写完整用户名和密码--"&Copyright&""");location.href=""Index.asp"";</script>")
	Response.End
end if

if  VerifyCode <> CStr(Session("GetCode"))  then 
	Response.Write("<script>alert(""错误：\n验证码错误--"&Copyright&""");location.href=""Index.asp"";</script>")
	Response.End
end if
if request("VerifyCode") = "" then
	Response.Write("<script>alert(""错误：\n请填写验证码--"&Copyright&""");location.href=""Index.asp"";</script>")
	Response.End
elseif Session("GetCode") = "9999" then
	Session("GetCode")=""
elseif Session("GetCode") = "" then
	Response.Write("<script>alert(""错误：\n请不要重复提交，如需重新登录请返回登录页面。\n返回后请刷新登录页面后重新输入正确的信息--"&Copyright&""");location.href=""Index.asp"";</script>")
	Response.End
elseif cstr(Session("GetCode"))<>cstr(Trim(Request("VerifyCode"))) then
	Response.Write("<script>alert(""错误：\n您输入的确认码和系统产生的不一致，请重新输入。\n返回后请刷新登录页面后重新输入正确的信息--"&Copyright&""");location.href=""Index.asp"";</script>")
	Response.End
end if

set rs=server.createobject("adodb.recordset")
sql="select username,password,loginIP,vipdate,Adddate,loginDate,lockuser,id from [user] where username='"&username&"' and lockuser=false"
rs.open sql,conn,1,3
	
if rs.bof and rs.eof then
	errmsg=errmsg+""+"用户名不存在或VIP资格尚未审核通过。<br><br>"
	founderr=true
	
else
	if rs("password")<>password then
		errmsg=errmsg+""+"您输入的密码不正确。"
		founderr=true
else
dim isvip,usercookies
	isvip=cint(rs("vipdate")-datediff("d",rs("Adddate"),now()))
	if isvip<=0 then
	errmsg=errmsg+""+"你的VIP资格已经到期，请续费！<br><br>"
	rs("vipdate")=0
	rs("lockuser")=1
	rs("loginDate")=NOW()
        rs("loginIP")=Request.ServerVariables("REMOTE_ADDR")
	rs.update
	founderr=true
else
                rs("loginDate")=NOW()
                rs("loginIP")=Request.ServerVariables("REMOTE_ADDR")
		rs.update
		 userid=rs("id")
usercookies=request("CookieDate")
if isnull(usercookies) or usercookies="" then usercookies="0"
select case usercookies
case "0"
	Response.Cookies("bzmtvmusic")("usercookies") = usercookies
case 1
   	Response.Cookies("bzmtvmusic").Expires=Date+1
	Response.Cookies("bzmtvmusic")("usercookies") = usercookies
case 2
	Response.Cookies("bzmtvmusic").Expires=Date+31
	Response.Cookies("bzmtvmusic")("usercookies") = usercookies
case 3
	Response.Cookies("bzmtvmusic").Expires=Date+365
	Response.Cookies("bzmtvmusic")("usercookies") = usercookies
end select
	end if
Response.Cookies("bzmtvmusic")("username") = username
Response.Cookies("bzmtvmusic")("userid") = UserID
Response.Cookies("bzmtvmusic")("password") = PassWord

end if
end if

if founderr=true then
        Response.Cookies("bzmtvmusic").path=cookiepath
	Response.Cookies("bzmtvmusic")("username")=""
	Response.Cookies("bzmtvmusic")("password")=""
	Response.Cookies("bzmtvmusic")("userid")=""
	Response.Cookies("bzmtvmusic")("usercookies")=""
	call error()
else
	response.redirect("index.asp")
end if
%>