login-end.asp

西亚电子购物系统

<!--#include file="../conn/conn.asp" -->
<!--#include file="../conn/nosql.asp" -->
<!--#include file="md5.asp" -->
<%
	dim sql,rs,adminname,adminpassword,yz,ok,userip,userip2
	adminname=nosql(request("name"))
	adminpassword=md5(nosql(Request("pass")))
	yz=clng(request("yz"))
        ok=clng(session("ok"))
	usersia_log = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
	userip2 = Request.ServerVariables("REMOTE_ADDR")
	
	if not yz=ok then
	  Response.Write "<script language=JavaScript>{window.alert('填入的验证码错误，请重新输入!');window.history.go(-1);}</script>"
	  response.end
    end if

	set rs=server.createobject("adodb.recordset")
	sql="select * from sia_admin where adminpassword='"&adminpassword&"' and adminname='"&adminname&"'"
	rs.open sql,conn,1,1
 	if not(rs.bof and rs.eof) then
 		if adminname=rs("adminname") and adminpassword=rs("adminpassword") then
		    Set rs2 = Server.CreateObject("ADODB.Recordset")
             sql2="select * from sia_log"
             rs2.open sql2,conn,1,3
             rs2.addnew
			 rs2("name")=rs("adminname")
			 if usersia_log = ""  then
		     rs2("ip")=userip2
	         else
		     rs2("ip")=userip
	         end if
			 rs2("browser")=Request.ServerVariables("HTTP_USER_AGENT")
             rs2.update
             rs2.close

			session("www.xiya.cn")=rs("power")
			Response.Redirect "../admin/admin.asp"
 		else
			call Error
 		end if
	else
		call Error()
	end if

	sub Error()
    	response.write "<script>alert(""用户名或密码错误，请检查！"");history.back();</script>"
	end sub
	rs.close
	conn.close
	set rs=nothing
	set conn=nothing

%>