go.asp

电子商务系统Easy_Buy是一个在线销售系统

<!--#include file="../../conn/conn.asp" -->
<!--#include file="md5.asp" -->
<%
	dim sql,rs,adminname,adminpass,yz,ok,userip,userip2
	adminname=replace(trim(request("name")),"'","")
	adminpass=replace(md5(trim(Request("pass"))),"'","")
	yz=replace(trim(request("yz")),"'","‘")
    ok=replace(trim(session("ok")),"'","‘")
	userip = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
	userip2 = Request.ServerVariables("REMOTE_ADDR")
	
	if not yz=ok then
	  Response.Write "<script language=JavaScript>{window.alert('填入的验证码错误，请重新输入!');window.history.go(-1);}</script>"
	  response.end
    end if

	set rs=server.createobject("adodb.recordset")
	sql="select * from admin where adminpass='"&adminpass&"' and adminname='"&adminname&"'"
	rs.open sql,conn,1,1
 	if not(rs.bof and rs.eof) then
 		if adminname=rs("adminname") and adminpass=rs("adminpass") then
		    Set rs2 = Server.CreateObject("ADODB.Recordset")
             sql2="select * from ip "
             rs2.open sql2,conn,1,3
             rs2.addnew
			 rs2("name")=rs("adminname")
			 if userip = ""  then
		     rs2("ip")=userip2
	         else
		     rs2("ip")=userip
	         end if
			 rs2("win")=Request.ServerVariables("HTTP_USER_AGENT")
             rs2.update
             rs2.close

			session("www.code43.com")=rs("adminname")
			Response.Redirect "../admin.asp"
 		else
			call Error
 		end if
	else
		call Error()
	end if

	sub Error()
    	response.write "<script>alert(""用户名或密码错误，请检查！"");history.back();</script>"
	end sub
	rs.close
	conn.close
	set rs=nothing
	set conn=nothing

%>