check_login.asp

这是去年开发的中移鼎讯手机进销存系统 大家

<!--#include file ="inc/function.asp"-->
<!--#include file="inc/md5.asp"-->
<%
Dim UserName,Password,CheckCode,RealName
UserName	=ChkInputStr(Request.Form("UserName"))
Password	=ChkInputStr(Request.Form("Password"))
'RealName	=ChkInputStr(Request.Form("RealName"))
CheckCode	=Request.Form("CheckCode")
If UserName="" Then
	Call Msg("用户名不能为空", 5,"login.asp")
End If
If Password="" Then
	Call Msg("密码不能为空", 5,"login.asp")
End If
If CheckCode="" Then
	Call Msg("验证码不能为空", 5,"login.asp")
End If
If CheckCode<>Session("CheckCode") Then
	Call Msg("您输入的确认码和系统产生的不一致，请重新输入！", 5,"login.asp")
End If
ConnectionDatabase
Sql="SELECT UserID,UserName,UserPassword,UserTrueName,UserEmail,UserTEL,UserSign,UserGID,UserUnit,UserPower,UserIsCheck From T_User WHERE UserName = '"& UserName &"' and UserIsCheck=1;"
Call sql_open(Rs,Sql,Conn,1,1)
If Rs.Eof Then
	Call Msg("用户名有误或此用户已被禁止使用", 5,"login.asp")
Else
	If md5(Password)<>Rs("UserPassword") Then
		Call Msg("用户名或密码错误", 5,"login.asp")
	Else
		Session("UserID")		=Rs("UserID")
		Session("UserName")		=Rs("UserName")
		Session("Password")		=Rs("UserPassword")
		Session("UserTrueName")	=Rs("UserTrueName")
		Session("UserEmail")	=Rs("UserEmail")
		Session("UserTEL")		=Rs("UserTEL")
		Session("UserSign")		=Rs("UserSign")
		Session("UserGID")		=Rs("UserGID")
		Session("UserUnit")		=Rs("UserUnit")
		Session("UserPower")	=Rs("UserPower")
		Session("UserIsCheck")	=Rs("UserIsCheck")
		'更新最后登陆时间
		Conn.execute("update T_User set UserLoginTimes=UserLoginTimes+1,LastLoginTime='"&Now()&"',UserLastIP='"&Request.ServerVariables("remote_addr")&"' where UserID='" & session("UserID") & "'")
		'记录日志
		Sql = "INSERT INTO T_User_Log(UserID,VisitIP,VisitTime) values('"& Session("UserID") &"','" & Request.ServerVariables("remote_addr") & "','"&Now()&"')"
		Conn.Execute(Sql)
		Call CONN_End(Conn)
		Response.Redirect "mobile.asp"
	End If
End If
%>