loginok.asp

中国库存信息网 完整版 [已通过安全检测]Symantec AntiVirus 企业版 10.0.0.0.359 ║ ║ [病毒定义文件版本] 2006-5-5 rev.24 ║ ║ [已通

<!--#include file="dbconn.asp"-->
<%
response.buffer=true
adminer=request("adminer")
pwder=request("pwder")
if adminer="" or pwder="" then
response.write "<script language=JavaScript>" & "alert('您的用户名或密码没有输入，请重新输入！');" & "history.back()" & "</script>"
response.end
end if
if instr(adminer,"&")>0 or instr(adminer," ")>0 or instr(adminer,"'")>0 or instr(adminer,"=")>0 or instr(adminer,"%")>0 or instr(adminer,"<")>0 or instr(adminer,">")>0 then
response.write "<script language=JavaScript>" & "alert('您的用户名有非法字符，请重新输入！');" & "history.back()" & "</script>"
response.end
end if
sql="select * from admin where adminer='"&adminer&"' and pwder='"&pwder&"'"
set rs=conn.execute (sql)
if rs.eof and rs.bof then
response.write "<script language=JavaScript>" & "alert('您的密码不符，请重新输入！');" & "history.back()" & "</script>"
response.end
else
session("logined")="true"
session("power")=rs("power")
sql="update admin set dl=dl+1 where adminer='"&adminer&"'"
conn.execute (sql)
conn.close
set conn=nothing
response.redirect ("gqxxdel.asp")
response.end
end if
%>