logindo.asp

个人备忘系统一个不错的备忘软件.专供刚学ASP的人学习. 代码简单易懂 mymanage

<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<%
dim user,pwd
user=trim(request.form("user"))
pwd=md5(request.form("pwd"))
userip = Request.ServerVariables("HTTP_X_FORWARDED_FOR") 
If userip = "" Then userip = Request.ServerVariables("REMOTE_ADDR") 
if user="" or pwd="" then
response.write("<script>alert('用户名和密码不能为空！');window.location.href('index.asp')</script>")
response.end
end if
if instr(user,"<")>0 then
response.write("<script>alert('用户名中含有非法字符！');window.location.href('index.asp')</script>")
response.end
end if
set rs=server.CreateObject("adodb.recordset")
set rs1=server.CreateObject("adodb.recordset")
cmd="select * from admin where user='"&user&"' and pwd='"&pwd&"'"
cmd1="select * from log"
rs.open cmd,conn,1,1
rs1.open cmd1,conn,1,3
if rs.eof then
rs1.addnew
rs1("log")="非法用户于"&now&"企图登陆,"&"自认为[用户名]为"&user&","&"[密码为]"&request.Form("pwd")&","&",登陆IP为:"&userip
rs1.update
rs1.close
set rs1=nothing
response.write("<script>alert('用户名和密码有误！');window.location.href('index.asp')</script>")
response.end
else
session("user")=rs("user")
session("group")=rs("group")
rs1.addnew
rs1("log")="授权用户"&user&"于"&now&"登陆成功，登陆IP为："&userip
rs1.update
response.write("<script>alert('用户成功登陆！');window.location.href('main.asp')</script>")
end if


%>