admin_login.asp

一套完整的在线购物系统

<!-- #include file="inc/config.asp" -->
<!-- #include file="inc/md5.asp" -->
<!-- #include file="inc/conn.asp" -->
<HTML>
<HEAD>
<TITLE>后台管理</TITLE>
<META NAME="Generator" CONTENT="EditPlus">
<META NAME="Author" CONTENT="">
<META NAME="Keywords" CONTENT="">
<META NAME="Description" CONTENT="">
<link rel=stylesheet href='css/tx.css' type=text/css>

</HEAD>

<BODY bgcolor="#cad7f7">
<%
dim action,username,password,keyword
action=request.querystring("action")
username=trim(replace(request("username"),"'",""))
password=md5(trim(replace(request("password"),"'","")),16)
keyword=trim(request.form("keyword"))


if action="chk" then
   call chklogin()
else 
   call login()
end if

sub login()
%>

<p>&nbsp;</p>
<p>&nbsp;</p>
<FORM METHOD=POST ACTION="?action=chk">
<table cellpadding="1" cellspacing="0" border="0" align=center style="border: outset 3px;width:0;">
<tr><td>
  <table width=500 cellpadding="0" cellspacing="0" border="0" align=center>
  <tr><td height=25 background='pic/admin/admin_bg_1.gif' align=center>
  <FONT COLOR="#ffffff"><B>后台管理登录</B></FONT>
  </td></tr>
  <tr><td height=75><img src='pic/admin/admin_login.jpg' width=500 height=75></td></tr>
  </table>

  <table width=500 cellpadding="0" cellspacing="0" border="0" align=center bgcolor=#E1E8FB>
  <tr bgcolor=#f0f0f0><td height=30 width='30%' align=right>用户名：
  <td width='70%'><INPUT TYPE="text" NAME="username" size=14></td></tr>
  <tr bgcolor=#f0f0f0><td height=30 width='30%' align=right>密&nbsp;&nbsp;&nbsp;码：
  <td width='70%'><INPUT TYPE="password" NAME="password" size=14></td></tr>
  <tr bgcolor=#f0f0f0><td height=30 width='30%' align=right>附加码：
  <td width='70%'><INPUT TYPE="text" NAME="keyword" size=14>&nbsp;请在附加码框输入
  <img src='getcode.asp'>
  </td></tr>
  <tr><td height=30 colspan=2 align=center><INPUT TYPE="submit" value='登 陆'></td></tr>
  </table>
</td></tr>
</table>
</form>
<%
end sub
sub chklogin()
  dim rs
  if username="" or password="" then
    Response.Redirect "showerr.asp?stype=othererr&ErrCodes=<li>请输入您的用户名或密码。<b>返回后请刷新登录页面后重新输入正确的信息。</b>"
    Exit Sub
  end if
  if keyword="" then
    Response.Redirect "showerr.asp?stype=othererr&ErrCodes=<li>请返回输入确认码。<b>返回后请刷新登录页面后重新输入正确的信息。</b>"
	Exit Sub
  elseif Session("GetCode") then
    session("getcode")=""
  elseif session("getcode")="" then
    Response.Redirect "showerr.asp?stype=othererr&ErrCodes=<li>请不要重复提交，如需重新登录请返回登录页面。<b>返回后请刷新登录页面后重新输入正确的信息。</b>"
	Exit Sub
  end if
 session("getcode")=""
 set rs=conn.execute("select * from admin where username='"&username&"'")
 if rs.eof and rs.bof then
    rs.close
	set rs=nothing
	Response.Redirect "showerr.asp?stype=othererr&ErrCodes=<li>您输入的用户名和密码不正确或者您不是系统管理员。<b>返回后请刷新登录页面后重新输入正确的信息。</b>"
	Exit Sub
 else
    if trim(rs("password"))<>password then
	  Response.Redirect "showerr.asp?stype=othererr&ErrCodes=<li>您输入的用户名和密码不正确或者您不是系统管理员。<b>返回后请刷新登录页面后重新输入正确的信息。</b>"
	  Exit Sub
	else
	  session("adminname")=username
	  
	  rs.close
	  set rs=nothing
	  response.redirect "admin_index.asp"
	end if
 end if
end sub
%>
</BODY>
</HTML>