login.asp

多用户管理分权限发布、管理软件信息； 自由选择系统默认为静态HTML或动态ASP； 无限制添加下载服务器

<!--#include file="conn.asp"-->
<!--#include file="inc/const.asp"-->
<!--#include file="inc/NC_MD5Cls.Asp"-->
<%
Dim ErrMsg
Dim station
Dim heading
Dim FoundErr
Dim NC_Encode
Dim Rs
Dim SQL
Set NC_Encode = New MD5Encode
Set Rs = Server.CreateObject("adodb.recordset")
station = "用户登陆"
heading = "用户登陆"
FoundErr = False
Select Case Request("action")
	Case "login" '登陆
		Call chklogin
	Case Else
		Call main
End Select
If FoundErr = True Then
	Response.Write "<script>alert('" & ErrMsg & "');javascript:history.back(1)</script>"
	Response.End
End If
Set NC_Encode = Nothing

Private Sub main()
	Dim Rsg
	Dim GroupSet
	Dim GroupName
	Response.Write "<HTML><HEAD><TITLE>"
	Response.Write station
	Response.Write "</TITLE>" & vbCrLf
	Response.Write "<META http-equiv=Content-Type content=""text/html; chaRset=gb2312"">" & vbCrLf
	Response.Write "<STYLE>" & vbCrLf
	Response.Write "BODY {" & vbCrLf
	Response.Write "FONT-SIZE: 12px;" & vbCrLf
	Response.Write " COLOR: #ffffff;" & vbCrLf
	Response.Write " FONT-FAMILY: 宋体;" & vbCrLf
	Response.Write " background-color:#000000;" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "A {" & vbCrLf
	Response.Write " FONT-SIZE: 12px; COLOR: #ffffff; FONT-FAMILY: Verdana; TEXT-DECORATION: underline" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "TD {" & vbCrLf
	Response.Write " FONT-SIZE: 12px; COLOR: #ffffff; FONT-FAMILY: arial" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "A.Move:link {" & vbCrLf
	Response.Write " COLOR: #ffffff; TEXT-DECORATION: none" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "A.Move:visited {" & vbCrLf
	Response.Write " COLOR: #ffffff; TEXT-DECORATION: none" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "A.Move:active {" & vbCrLf
	Response.Write " COLOR: #ffffff; TEXT-DECORATION: none" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "A.Move:hover {" & vbCrLf
	Response.Write " RIGHT: 0px; COLOR: #336699; POSITION: relative; TOP: 1px; TEXT-DECORATION: none" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write ".inputbody {" & vbCrLf
	Response.Write " BORDER-RIGHT: #000000 1px solid; BORDER-TOP: #000000 1px solid; BORDER-LEFT: #000000 1px solid; COLOR: #000000; BORDER-BOTTOM: #000000 1px solid; BACKGROUND-COLOR: #000000" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "INPUT {" & vbCrLf
	Response.Write " FONT-FAMILY:宋体; TEXT-DECORATION: NONE; BORDER-TOP-WIDTH: 1PX; BORDER-LEFT-WIDTH: 1PX; FONT-SIZE: 12PX; BORDER-BOTTOM-WIDTH: 1PX; BORDER-RIGHT-WIDTH: 1PX" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "TEXTAREA {" & vbCrLf
	Response.Write " FONT-FAMILY:宋体; TEXT-DECORATION: NONE; BORDER-TOP-WIDTH: 1PX; BORDER-LEFT-WIDTH: 1PX; FONT-SIZE: 12PX; BORDER-BOTTOM-WIDTH: 1PX; BORDER-RIGHT-WIDTH: 1PX" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "SELECT {" & vbCrLf
	Response.Write " BORDER-TOP-WIDTH: 1PX; BORDER-LEFT-WIDTH: 1PX; FONT-SIZE: 12PX; BORDER-BOTTOM-WIDTH: 1PX; BORDER-RIGHT-WIDTH: 1PX" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "SPAN {" & vbCrLf
	Response.Write " FONT-SIZE: 12PX; POSITION: STATIC" & vbCrLf
	Response.Write "}" & vbCrLf
	Response.Write "</STYLE>" & vbCrLf
	Response.Write "<body leftMargin=0 topMargin=0 marginwidth=""0"" marginheight=""0"">" & vbCrLf
	If Newasp.memberName = Empty Then
		Response.Write "    <table border=""0"" align=center cellpadding=""5"" cellspacing=""1"" width=""100%"" bgcolor=""#000000"">" & vbCrLf
		Response.Write "     <form method=""post"" action=""login.asp?action=login"" target=""_top"">" & vbCrLf
		Response.Write "      <tr>" & vbCrLf
		Response.Write "	<td align=center width=""35%"" >用户名：</td><td width=""65%""><input name=""username"" maxlength=""10"" size=""13""></td>" & vbCrLf
		Response.Write "      </tr>" & vbCrLf
		Response.Write "      <tr>" & vbCrLf
		Response.Write "	<td align=center>密&nbsp;&nbsp;码：</td><td><input type=""Password"" name=""password"" maxlength=""30"" size=""13""></td>" & vbCrLf
		Response.Write "      </tr>" & vbCrLf
		Response.Write "      <td colspan=2 align=center>" & vbCrLf
		Response.Write "<A href=reg.asp target=_top><IMG height=20 width=58 src='skin/default/reg.gif' alt='用户注册' align=absMiddle border=0></a>&nbsp;&nbsp;&nbsp;&nbsp;" & vbCrLf
		Response.Write "    <input type=""image"" name=""Submit"" title='用户登陆' height=20 width=58 src='skin/default/login.gif' align=absMiddle>" & vbCrLf
		Response.Write "    </td></tr></form>" & vbCrLf
		Response.Write "    </table>" & vbCrLf
	Else
		Set Rsg = Server.CreateObject("ADODB.Recordset")
		Set Rs = Conn.Execute("select * from NC_User where userid=" & Newasp.memberid & " and username='" & Newasp.memberName & "'")
		Set Rsg = Conn.Execute("select * from NC_UserGroup where grades=" & Rs("Grade") & "")
		GroupSet = Split(Rsg("GroupSet"), ",")
		GroupName = Rsg("GroupName")
		Rsg.Close
		Response.Write " <table border=""0"" bgcolor=""#000000"" align=center cellpadding=""4"" cellspacing=""1"" width=""100%"">" & vbCrLf
		Response.Write " <tr>" & vbCrLf
		Response.Write " <td bgcolor=""#000000"">用户名：<font color=""#ffffff"">"
		Response.Write Newasp.memberName
		Response.Write "</font></td>" & vbCrLf
		Response.Write " </tr>" & vbCrLf
		Response.Write " <tr>" & vbCrLf
		Response.Write " <td bgcolor=""#000000"">身　份：<font color=""#ffffff"">"
		Response.Write GroupName
		Response.Write "</font></td>" & vbCrLf
		Response.Write " </tr>" & vbCrLf
		Response.Write " <tr>" & vbCrLf
		Response.Write " <td bgcolor=""#000000"">您的点数：<font color=""#ffffff"">"
		Response.Write Rs("money")
		Response.Write "</font></td>" & vbCrLf
		Response.Write " </tr>" & vbCrLf
		Response.Write " <tr>" & vbCrLf
		Response.Write " <td bgcolor=""#000000"" align=center><a href=updateinfo.asp target=_top>修改资料</a>　<a href=updatepass.asp target=_top>修改密码</a>　<a href=logout.asp target=_top>退 出</a></td>" & vbCrLf
		Response.Write " </tr>" & vbCrLf
		Response.Write " </table>" & vbCrLf
		Response.Write "</body>" & vbCrLf
		Rs.Close
		Set Rs = Nothing
	End If
End Sub


Private Sub chklogin()
	Dim username
	Dim password
	If InStr(Request("username"), "=") > 0 Or InStr(Request("username"), "%") > 0 Or InStr(Request("username"), Chr(32)) > 0 Or InStr(Request("username"), "?") > 0 Or InStr(Request("username"), "&") > 0 Or InStr(Request("username"), ";") > 0 Or InStr(Request("username"), ",") > 0 Or InStr(Request("username"), "'") > 0 Or InStr(Request("username"), ",") > 0 Or InStr(Request("username"), Chr(34)) > 0 Or InStr(Request("username"), Chr(9)) > 0 Or InStr(Request("username"), "