📄 admin_login.asp
字号:
}
if (document.Login.CheckCode.value==""){
alert ("请输入您的验证码!");
document.Login.CheckCode.focus();
return(false);
}
}
//-->
</script>
<style type="text/css">
<!--
body {padding:0px;margin:0px;background-color:#0096CE;}
body,td,th {font-size: 12px;}
input{font-family : tahoma, verdana, 宋体, fantasy;font-size: 12px;}
.stylefont{font-size:12px;COLOR:white;font-weight: bold;}
-->
</style>
<script language="JavaScript" src="../inc/js/keyboard.js" type="text/javascript"></script>
<script language="JavaScript" type="text/javascript">
function newCheckCode(){var obj=document.getElementById("CheckCodeImg");if (obj){obj.src="Admin_GetCode.asp?"+Math.random();}obj=document.getElementById("LoginCheckCode");if (obj){obj.src="../inc/Cl_SetCode.asp?id=CheckCode&type=Admin_Code&"+Math.random();}}
</script>
</head>
<body>
<table width="477" height="438" border="0" cellpadding="0" cellspacing="0" align="center">
<form action="admin_login.asp?action=chklogin" method="post" name="Login" target="_parent" id="Login" onsubmit="return CheckForm();">
<tr>
<td colspan="8" height="107"></td>
</tr>
<tr>
<td><img src="images/Login1.jpg" width="68" height="158" alt="" /></td>
<td><img src="images/Login2.jpg" width="48" height="158" alt="" /></td>
<td><img src="images/Login3.jpg" width="86" height="158" alt="" /></td>
<td><img src="images/Login4.jpg" width="74" height="158" alt="" /></td>
<td><img src="images/Login5.jpg" width="71" height="158" alt="" /></td>
<td><img src="images/Login6.jpg" width="21" height="158" alt="" /></td>
<td colspan="2"><img src="images/Login7.jpg" width="109" height="158" alt="" /></td>
</tr>
<tr>
<td rowspan="3"><img src="images/Login8.jpg" width="68" height="105" alt="" /></td>
<td rowspan="3"><img src="images/Login9.jpg" width="48" height="105" alt="" /></td>
<td colspan="4" rowspan="3" background="images/Login9.jpg" width="252" height="105" valign="top">
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td width="80" align="right" height="25"><span class="stylefont">登录名称:</span></td>
<td width="199" align="left"><input name="UserName" type="text" id="UserName" size="20" maxlength="20" style="width:160px" /></td></tr>
<tr>
<td width="80" align="right" height="25"><span class="stylefont">管理密码:</span></td>
<td width="199" align="left"><input name="Password" type="password" size="16" maxlength="20" style="width:108px;" /> <input onclick="showkeyboard('Login.Password')" type="button" value="键盘" title="用软键盘输入密码,防止黑客软件记录键盘的录入信息" /></td></tr>
<tr>
<td width="80" align="right" height="25"><span class="stylefont">验 证 码:</span></td>
<td width="199" align="left"><input name="CheckCode" size="8" maxlength="4" style="width:108px;" onFocus="this.select();" /> <img id="CheckCodeImg" src="Admin_GetCode.asp" alt="看不清,我要换一个" onclick="this.src='Admin_GetCode.asp?'+Math.random();" style="cursor:hand;"/></td></tr>
</table> </td>
<td colspan="2"><img src="images/Login10.jpg" width="109" height="20" alt="" /></td>
</tr>
<tr>
<td><input type="image" name="Submit" src="images/Login11.jpg" /></td>
<td rowspan="2"><img src="images/Login12.jpg" width="33" height="85" alt="" /></td>
</tr>
<tr>
<td><img src="images/Login13.jpg" width="76" height="28" alt="" /></td>
</tr>
<tr>
<td colspan="8"><img src="images/Login14.jpg" width="477" height="68" alt="" /></td>
</tr>
</form>
</table>
</body>
</html>
<%
End Sub
Sub chklogin()
Dim Sql,Rs
Dim UserName,Password
Dim AdminName,AdminPassword
if session("Admin_Code")="" then
Call ShowErr("<br /><li>你登录时间过长,请重新返回登录页面刷新后再进行登录。</li>")
end if
if CStr(Request("CheckCode"))<>CStr(session("Admin_Code")) then
Session("Admin_Code")=Empty
Call ShowErr("<br /><li>您输入的确认码和系统产生的不一致,请返回重新输入!</li>")
end if
Session("Admin_Code")=Empty
if Not Cl.ChkUserLogin Then
Dim RsLogin,sMewMsgN,MsgInfo,sValidDays,sUserInfo,i
UserName = Cl.CheckStr(Trim(request("UserName")))
Password = Cl.CheckStr(md5(Trim(Request("Password")),16))
If UserName="" Or Password="" then
Call ShowErr("<br /><li>用户名或密码不能为空,请返回重新输入!</li>")
end if
SQL="Select " & Db.UserID & "," & Db.UserName & "," & Db.UserPassWord & "," & Db.UserEmail & "," & Db.UserSex & "," & Db.UserJoinDate & "," & Db.UserLastLogin & "," & Db.UserLogins & "," & Db.UserLastIP & "," & Db.DataCount & "," & Db.UserGroupID & "," & Db.UserPoint & "," & Db.UserMoney & "," & Db.ChargeType & "," & Db.BeginDate & "," & Db.ValidNum & "," & Db.UserMsg & "," & Db.UserLock & " From " & Db.UserTable & " where " & Db.UserName & "='" & UserName & "'"
Set RsLogin=Cl.Execute_U(SQL)
if RsLogin.bof and RsLogin.eof then
RsLogin.close : set RsLogin=Nothing
Call ShowErr(Cl.Language.selectSingleNode("//UserNoFind").text)
End if
if Password<>RsLogin(2) then
RsLogin.close : set RsLogin=Nothing
Call ShowErr(Cl.Language.selectSingleNode("//Login/PassErr").text)
End if
if RsLogin(10)<>1 then
RsLogin.close : set RsLogin=Nothing
Response.Redirect Cl.WebDir & "Showerr.asp?action=OtherErr&ErrCodes=<li>您不是系统管理员!"
End if
if RsLogin(17)<>0 then
RsLogin.close : set RsLogin=Nothing
Response.Redirect Cl.WebDir & "Showerr.asp?action=OtherErr&ErrCodes=" & Cl.Language.selectSingleNode("//UserIsLock").text
end if
sMewMsgN = Cl.newincept(UserName)
If sMewMsgN>0 Then
MsgInfo =sMewMsgN & "||" & Cl.inceptid(1,UserName) & "||" & Cl.inceptid(2,UserName)
Else
MsgInfo = "0||0||null"
End If
Cl.Execute_U("Update " & Db.UserTable & " Set " & Db.UserMsg & "='"&Cl.CheckStr(MsgInfo)&"' Where " & Db.UserID & "="&Clng(RsLogin(0))&"")
if DateDiff("D",RsLogin(6),Now)>0 then
'添加积分
Cl.Execute_U("Update " & Db.UserTable & " Set " & Db.UserLastIP & "='" & Cl.UserTrueIP & "'," & Db.UserLastLogin & "='" & Now & "'," & Db.UserLogins & "=" & Db.UserLogins & "+1," & Db.UserPoint & "=" & Db.UserPoint & "+"&CLng(Application(Cl.CacheName & "_usergrouplist").DocumentElement.SelectSingleNode("usergroup[@id="&RsLogin(10)&"]/@loginpoint").text)&" Where "&Db.UserID&"=" & RsLogin(0) & "")
else
Cl.Execute_U("Update " & Db.UserTable & " Set " & Db.UserLastIP & "='" & Cl.UserTrueIP & "'," & Db.UserLastLogin & "='" & Now & "'," & Db.UserLogins & "=" & Db.UserLogins & "+1 Where "&Db.UserID&"=" & RsLogin(0) & "")
end If
Cl.UserID = RsLogin(0)
Cl.MemberName = RsLogin(1)
Cl.UserGroupID = RsLogin(10)
'Response.Cookies(Web_Cookies).DoMain = "aspoo.com"
'Response.Cookies(Web_Cookies).path = InstallDir
Response.Cookies(Web_Cookies)("UserID") = RsLogin(0)
Response.Cookies(Web_Cookies)("UserName") = RsLogin(1)
Response.Cookies(Web_Cookies)("Password") = PassWord
'Response.Cookies(Web_Cookies)("TruePassWord")= TruePassWord
Response.Cookies(Web_Cookies)("UserGroupID")= RsLogin(10)
sValidDays=RsLogin(15)-DateDiff("D",RsLogin(14),now())
if sValidDays<0 then sValidDays=0
sUserInfo = "ClCMS@@@"& Now() & "@@@" & Now() & "@@@" & Cl.ScriptName
For i=0 to 17
sUserInfo = sUserInfo & "@@@" & RsLogin(i)
Next
sUserInfo = sUserInfo & "@@@" & sValidDays & "@@@ClCMS"
Cl.User_Info=Split(sUserInfo,"@@@")
Session(Cl.CacheName & "UserID") = Cl.User_Info
RsLogin.Close : Set RsLogin = Nothing
ElseIf Clng(Cl.UserGroupID)<>1 then
Response.Redirect Cl.WebDir & "Showerr.asp?action=OtherErr&ErrCodes=<li>您不是系统管理员!"
End If
AdminName = Cl.CheckStr(Trim(request("AdminName")))
AdminPassword= Cl.CheckStr(md5(Trim(Request("AdminPassword")),16))
if AdminName="" or AdminPassword="" then
Call ShowErr("<br /><li>管理员或密码不能为空,请返回重新输入!</li>")
end if
Sql="select ID,UserName,PassWord,Purview,Purview_Other,arrClassMaster,arrClassCheck,arrClassInput From Cl_Admin where username='" & AdminName & "' and adduser='" & Cl.MemberName & "'"
Set Rs=Cl.Execute(Sql)
if Rs.bof and Rs.eof then
Rs.close:set Rs=Nothing
Cl.Execute_L("insert into [Cl_AdminLog] (UserID,UserName,UserGroupID,UserIP,ScriptName,LogContent,LogTime) values ('"&Cl.UserID&"','"&Cl.MemberName&"','"&Cl.UserGroupID&"','"&Cl.UserTrueIP&"','"&Cl.ScriptName&"','登录后台失败,用户名错误("&Cl.MemberName&")!','"&Now&"')")
Call ShowErr("<br /><li>用户名或密码错误或者您不是后台管理员(1)("&AdminName&","&Cl.MemberName&")!</li>")
else
if AdminPassword<>Rs(2) then
Rs.close:set Rs=Nothing
Cl.Execute_L("insert into [Cl_AdminLog] (UserID,UserName,UserGroupID,UserIP,ScriptName,LogContent,LogTime) values ('"&Cl.UserID&"','"&Cl.MemberName&"','"&Cl.UserGroupID&"','"&Cl.UserTrueIP&"','"&Cl.ScriptName&"','登录后台失败,用户密码错误("&Cl.MemberName&")!','"&Now&"')")
Call ShowErr("<br /><li>用户名或密码错误,请返回重新输入(2)!</li>")
else
Cl.Execute("update Cl_Admin set LastLoginIP='"&Cl.UserTrueIP&"',LastLoginTime="&SqlNowString&",LoginTimes=LoginTimes+1 Where UserName='"&AdminName&"'")
Session.Timeout=Cl.GetClng(Cl.Web_Setting(15))
Session("AdminName")=rs(1)
Session("AdminPass")=rs(2)
Rs.close:set Rs=Nothing
Cl.Execute_L("insert into [Cl_AdminLog] (UserID,UserName,UserGroupID,UserIP,ScriptName,LogContent,LogTime) values ('"&Cl.UserID&"','"&Cl.MemberName&"','"&Cl.UserGroupID&"','"&Cl.UserTrueIP&"','"&Cl.ScriptName&"','登录后台成功("&Cl.MemberName&")!','"&Now&"')")
Response.Redirect "Admin_Index.asp"
end if
end if
End Sub
'****************************************************
'过程名:ShowErr
'作 用:显示错误提示信息
'参 数:无
'****************************************************
Sub ShowErr(ErrMsg)
dim strErr
strErr=strErr & "<html><head><title>错误信息</title><meta http-equiv='Content-Type' content='text/html; charset=gb2312' />" & vbcrlf
strErr=strErr & "<link href='../Skins/Css/Admin.Css' rel='stylesheet' type='text/css' /></head><body>" & vbcrlf
strErr=strErr & "<table cellpadding='2' cellspacing='1' border='0' width='400' class='border' align='center'>" & vbcrlf
strErr=strErr & " <tr align='center'><td height='22' class='title'><strong>错误信息</strong></td></tr>" & vbcrlf
strErr=strErr & " <tr><td height='100' class='tdbg' valign='top'><b>产生错误的可能原因:</b><br />" & ErrMsg &"</td></tr>" & vbcrlf
strErr=strErr & " <tr align='center'><td class='tdbg'><a href='Admin_Login.asp'><< 返回登录页面</a></td></tr>" & vbcrlf
strErr=strErr & "</table>" & vbcrlf
strErr=strErr & "</body></html>" & vbcrlf
CloseAllObj
response.write strErr
Response.end
end sub
%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -