admin_chkuser.asp

新闻发布系统

<!--#include file=conn.asp -->
<!--#include file=admin_EnPas.asp -->
<%
'=========================================================
'产品目录：风讯产品N系列
'软件名称：风讯站点管理系统
'当前版本：2004.I.0225
'最新更新：2004.2.10
'=========================================================
'Copyright (C) 2002-2004 cooin.com. All rights reserved.
'网站: http://www.cooin.com  Foosun.net
'程序制作：轻风云(QQ:655071)
'Email:skeen@cooin.com,skeen@Foosun.net
'论坛支持：风讯在线论坛(http://BBS.COOIN.COM)
'=========================================================
%>
<%
Copyright="\n\n Copyrights FooSun Computer System studios"

username=replace(trim(Request.Form("Name")),"'","''")
userpass=EnPas(replace(trim(Request.Form("Password")),"'","''"))
verifycode=replace(trim(Request("verifycode")),"'","")
if username="" or userpass="" then 
Response.write"<script>alert(""用户名和密码不能为空！ "&Copyright&" "");location.href=""admin_index.asp"";</script>"
Response.end
end if
if  verifycode<>CStr(session("CheckCode"))  then 
Response.write"<script>alert(""验证码不正确，请刷新后重新登陆 "&Copyright&" "");location.href=""admin_index.asp"";</script>"
Response.end
end if

set rs=server.CreateObject ("ADODB.RecordSet")
rs.Source="select * from admin where UserName='"&username&"' and  userpass='"&userpass&"'"
rs.Open rs.Source,conn,1,1

thesoft=Request.ServerVariables("HTTP_USER_AGENT")
if instr(thesoft,"Windows NT 5.0") then
	vOS="Win2000"
elseif instr(thesoft,"Windows NT 5.2") then
	vOs="Win2003"
elseif instr(thesoft,"Windows NT 5.1") then
	vOs="WinXP"
elseif instr(thesoft,"Windows NT") then
	vOs="WinNT"
elseif instr(thesoft,"Windows 9") then
	vOs="Win9x"
elseif instr(thesoft,"unix") or instr(thesoft,"linux") or instr(thesoft,"SunOS") or instr(thesoft,"BSD") then
	vOs="类Unix"
elseif instr(thesoft,"Mac") then
	vOs="Mac"
else
	vOs="Other"
end if

if not rs.EOF then 
   UserId = rs("userid")
   session("Name")=userName
   session("PassWord")=userPass
   session("Userid")=Userid
   set rs1=Server.Createobject("adodb.recordset")
   sql1="Select * from Log"
   rs1.open sql1,conn,3,3
   rs1.addnew
   rs1("User")=userName
   rs1("LoginIP")=request.ServerVariables("Remote_Addr")
   rs1("OS")=vOS
   rs1.update
   rs1.close
   set rs=nothing
   Response.Redirect("../main.asp") 
   Response.End
else
   set rs1=Server.Createobject("adodb.recordset")
   sql1="Select * from Log"
   rs1.open sql1,conn,3,3
   rs1.addnew
   rs1("User")=Request.Form("Name")
   rs1("LoginIP")=request.ServerVariables("Remote_Addr")
   rs1("OS")=vOS
   rs1("ErrorPas")=Request.Form("Password")
   rs1("Result")="Error"
   rs1.update
   rs1.close
   set rs=nothing
   Response.write"<script>alert(""非法登陆！请检查用户名和密码的正确性 "&Copyright&" "");location.href=""javascript:history.back()"";</script>"
   Response.end
end if
%>