login.asp

AspMaker调用的自定义包

<!--##session login_script##-->
<!--##
SET TABLE = DB.Tables(PROJ.SecTbl)

' User Level Security
bHardCodeAdmin = (PROJ.SecType = "Both" Or PROJ.SecType = "Hard Code")
bUserTable = (PROJ.SecType = "Both" Or PROJ.SecType = "Use Table")
bStaticUserLevel = bUserTable And (Not DB.UseDynamicUserLevel And DB.SecUserLevelFld <> "" And TABLE.TblSecurity <> "")
bDynamicUserLevel = bUserTable And (DB.UseDynamicUserLevel And DB.UserLevelTbl <> "" And DB.SecUserLevelFld <> "")
bUserLevel = bStaticUserLevel Or bDynamicUserLevel
bUserID = bUserTable And (DB.SecuUserIDFld <> "")
##-->
<%
<!--## If PROJ.OptionExplicit Then ##-->
Dim bValidPwd, sUsername, sPassword
Dim sWhere, sGroupBy, sHaving, sOrderBy
Dim sLoginType, sFilter
<!--## End If ##-->

<!--## If bUserLevel Then ##-->
Call LoadUserLevel() ' Load user level
<!--## End If ##-->

If Request.Form("submit") <> "" Then

	bValidPwd = False

	' Setup variables
	susername = Request.Form("Username")
	spassword = Request.Form("Password")

	If ValidateUser(sUsername, sPassword) Then
		' Write cookies
		sLoginType = LCase(Request.Form("rememberme"))
		If sLoginType = "a" Then
			Response.Cookies(ewProjectName)("autologin") = "autologin"
			Response.Cookies(ewProjectName)("username") = sUsername
			Response.Cookies(ewProjectName)("password") = sPassword
			Response.Cookies(ewProjectName).Expires = DateAdd("d", 365, Date) ' Change the expiry date of the cookies here
		ElseIf sLoginType = "u" Then
			Response.Cookies(ewProjectName)("autologin") = "rememberUsername"
			Response.Cookies(ewProjectName)("username") = sUsername
			Response.Cookies(ewProjectName).Expires = DateAdd("d", 365, Date) ' Change the expiry date of the cookies here
		Else
			Response.Cookies(ewProjectName)("autologin") = ""
		End If
		Session(ewSessionStatus) = "login"
		Response.Redirect "<!--##=fn_default##-->"
	Else
		Session(ewSessionMessage) = "<!--##@InvalidUidPwd##-->"
	End If
Else

	If IsLoggedIn Then
		If Session(ewSessionMessage) = "" Then	Response.Redirect "<!--##=fn_default##-->"
	Else ' Check auto login
		If Request.Cookies(ewProjectName)("autologin") = "autologin" Then
			sUsername = Request.Cookies(ewProjectName)("username")
			sPassword = Request.Cookies(ewProjectName)("password")
			If ValidateUser(sUsername, sPassword) Then
				Response.Redirect "<!--##=fn_default##-->"
			End If
		End If
	End If

End If
%>
<!--##/session##-->
<!--##session login_htm##-->
<script type="text/javascript" src="ew.js"></script>
<script type="text/javascript">
<!--
function EW_checkMyForm(EW_this) {
	if (!EW_hasValue(EW_this.username, "TEXT" )) {
		if  (!EW_onError(EW_this, EW_this.username, "TEXT", "<!--##@EnterUid##-->"))
			return false;
	}
	if (!EW_hasValue(EW_this.password, "PASSWORD" )) {
		if (!EW_onError(EW_this, EW_this.password, "PASSWORD", "<!--##@EnterPwd##-->"))
			return false;
	}
	return true;
}
//-->
</script>

<p><span class="aspmaker"><!--##@LoginPage##--></span></p>

<%
If Session(ewSessionMessage) <> "" Then
%>
<p><span<!--##=ewCSSMsg##-->><%= Session(ewSessionMessage) %></span></p>
<%
	Session(ewSessionMessage) = "" ' Clear message
End If
%>

<form action="<!--##=fn_login##-->" method="post" onSubmit="return EW_checkMyForm(this);">
<table border="0" cellspacing="0" cellpadding="4">
	<tr>
		<td><span class="aspmaker"><!--##@Username##--></span></td>
		<td><span class="aspmaker"><input type="text" name="username" size="20" value="<%= Request.Cookies(ewProjectName)("username") %>"></span></td>
	</tr>
	<tr>
		<td><span class="aspmaker"><!--##@Password##--></span></td>
		<td><span class="aspmaker"><input type="password" name="password" size="20"></span></td>
	</tr>
	<tr>
		<td>&nbsp;</td>
		<td><span class="aspmaker">
		<% If Request.Cookies(ewProjectName)("autologin") = "autologin" Then %>
		<input type="radio" name="rememberme" value="a" checked><!--##@AutoLogin##--><br><input type="radio" name="rememberme" value="u"><!--##@SaveUserName##--><br><input type="radio" name="rememberme" value="n"><!--##@AlwaysAsk##-->
		<% ElseIf Request.Cookies(ewProjectName)("autologin") = "rememberUsername" Then %>
		<input type="radio" name="rememberme" value="a"><!--##@AutoLogin##--><br><input type="radio" name="rememberme" value="u" checked><!--##@SaveUserName##--><br><input type="radio" name="rememberme" value="n"><!--##@AlwaysAsk##-->
		<% Else %>
		<input type="radio" name="rememberme" value="a"><!--##@AutoLogin##--><br><input type="radio" name="rememberme" value="u"><!--##@SaveUserName##--><br><input type="radio" name="rememberme" value="n" checked><!--##@AlwaysAsk##-->
		<% End If%>
		</span></td>
	</tr>
	</tr>
	<tr>
		<td colspan="2" align="center"><span class="aspmaker"><input type="submit" name="submit" value="<!--##@Login##-->"></span></td>
	</tr>
</table>
</form>
<br>

<p><span class="aspmaker">
<!--## If PROJ.SecForgetPwdPage Then ##-->
<a href="<!--##=fn_forgetpwd##-->"><!--##@ForgetPwd##--></a>&nbsp;&nbsp;&nbsp;&nbsp;
<!--## End If ##-->
<!--## If PROJ.SecRegisterPage Then ##-->
<a href="<!--##=fn_register##-->"><!--##@Register##--></a>&nbsp;&nbsp;&nbsp;&nbsp;
<!--## End If ##-->
</span></p>

<%
' Function to validate user
Function ValidateUser(Username, Password)

	ValidateUser = False
	Dim CaseSensitive, AdminUsername, AdminPassword
	CaseSensitive = False ' Modify case sensitivity here

<!--## If bHardCodeAdmin Then ##-->	
	AdminUsername = "<!--##=PROJ.SecLoginID##-->"
	AdminPassword = "<!--##=PROJ.SecPasswd##-->"
	' Check hard coded admin first
	If CaseSensitive Then
		ValidateUser = (AdminUsername = Username And AdminPassword = Password)
	Else
		ValidateUser = (LCase(AdminUsername) = LCase(Username) And LCase(AdminPassword) = LCase(Password))
	End If
	If ValidateUser Then
		Session(ewSessionStatus) = "login"
		Session(ewSessionSysAdmin) = 1 ' System Administrator
	<!--## If bUserID Then ##-->	
		Session(ewSessionUserID) = -1 ' System Administrator
	<!--## End If ##-->
	<!--## If bUserLevel Then ##-->	
		Session(ewSessionUserLevel) = -1 ' System Administrator
		Call SetUpUserLevel()
	<!--## End If ##-->
	End If
<!--## End If ##-->

<!--## If bUserTable Then ##-->	
	' Check other users
	If Not ValidateUser Then

	<!--##
	Set FIELD = TABLE.Fields(PROJ.SecLoginIDFld)
	sFldName = ewFieldName
	sFldQuoteS = FIELD.FldQuoteS
	sFldQuoteE = FIELD.FldQuoteE
	bUserNameIsNumeric = (ewGetFieldType(FIELD.FldType) = 1)
	If bUserNameIsNumeric Then 'Numeric
	##-->
		If IsNumeric(Username) Then
	<!--##
	End If
	##-->

			Set conn = Server.CreateObject("ADODB.Connection")
			conn.open xDb_Conn_Str

			sFilter = "(<!--##=Quote(sFldName)##--> = <!--##=sFldQuoteS##-->" & AdjustSql(Username) & "<!--##=sFldQuoteE##-->)"

			sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, sFilter, "")

			Set rs = conn.Execute(sSql)
			If Not rs.Eof Then
				If CaseSensitive Then
					ValidateUser = (rs("<!--##=PROJ.SecPasswdFld##-->") = Password)
				Else
					ValidateUser = (LCase(rs("<!--##=PROJ.SecPasswdFld##-->")) = LCase(Password))
				End If
				
				If ValidateUser Then
					Session(ewSessionStatus) = "login"
	<!--##
	Set FIELD = TABLE.Fields(PROJ.SecLoginIDFld)
	If FIELD.FldType = 18 Or FIELD.FldType = 19 Then
		sPrefixCode = "ewConv(": sSuffixCode = ", " & FIELD.FldType & ")"
	Else
		sPrefixCode = "": sSuffixCode = ""
	End If
	##-->
					Session(ewSessionUserName) = <!--##=sPrefixCode##-->rs("<!--##=PROJ.SecLoginIDFld##-->")<!--##=sSuffixCode##--> ' Load user name
					Session(ewSessionSysAdmin) = 0 ' Non System Administrator
	<!--##
	If bUserID Then
		Set FIELD = TABLE.Fields(DB.SecuUserIDFld)
		If FIELD.FldType = 18 Or FIELD.FldType = 19 Then
			sPrefixCode = "ewConv(": sSuffixCode = ", " & FIELD.FldType & ")"
		Else
			sPrefixCode = "": sSuffixCode = ""
		End If
	##-->
					Session(ewSessionUserID) = <!--##=sPrefixCode##-->rs("<!--##=DB.SecuUserIDFld##-->")<!--##=sSuffixCode##--> ' Load user id
	<!--##
	End If
	If DB.SecuParentUserIDFld <> "" Then ' Parent User ID
		Set FIELD = TABLE.Fields(DB.SecuParentUserIDFld)
		If FIELD.FldType = 18 Or FIELD.FldType = 19 Then
			sPrefixCode = "ewConv(": sSuffixCode = ", " & FIELD.FldType & ")"
		Else
			sPrefixCode = "": sSuffixCode = ""
		End If
	##-->
					Session(ewSessionParentUserID) = <!--##=sPrefixCode##-->rs("<!--##=DB.SecuParentUserIDFld##-->")<!--##=sSuffixCode##--> ' Load parent user id
	<!--##
	End If
	If bUserLevel Then ' User Level
		Set FIELD = TABLE.Fields(DB.SecUserLevelFld)
		If FIELD.FldType = 18 Or FIELD.FldType = 19 Then
			sPrefixCode = "ewConv(": sSuffixCode = ", " & FIELD.FldType & ")"
		Else
			sPrefixCode = "": sSuffixCode = ""
		End If
	##-->
					Session(ewSessionUserLevel) = <!--##=sPrefixCode##-->rs("<!--##=DB.SecUserLevelFld##-->")<!--##=sSuffixCode##--> ' Load user level
		<!--## If bUserID Then ##-->
					If Session(ewSessionUserLevel) = -1 Then ' Administrator
						Session(ewSessionUserID) = -1
					End If
		<!--## End If ##-->
					Call SetUpUserLevel()
	<!--##
	End If
	##-->
				End If
			End If
			rs.Close
			Set rs = Nothing
			conn.Close
			Set conn = Nothing
	<!--## If bUserNameIsNumeric Then ##-->
		End If
	<!--## End If ##-->
	End If
<!--##End If##-->
End Function
%>
<!--##/session##-->