login.asp

本程序是一款比较完善的图书租赁系统

<!--#include file="CONN.ASP"-->
<!--#include file="md5.asp"-->
<!--#include file="ChkSQL.asp"-->
<!--#include file="ChkErr.asp"-->
<%
Dim strSQL,objRS
Set objRS=Server.CreateObject("ADODB.RecordSet")

'取得用户文件名、密码
Dim UserName,UserPassword
UserName=ChkSQL(Request("UserName")) '过滤SQL字符，防止SQL漏洞注入
UserPassword=md5(Request("UserPassword"))

'在数据库中查找用户
strSQL="SELECT * FROM [UserInfo] WHERE UI_Name_S='"&UserName&"'"
objRS.Open strSQL,objConn,1,3

'判断用户是否存在
'若出错则通过GetErr()函数提交并显示错误代码
If objRS.BOF Or objrs.EOF Then
	objRS.Close 
	Set objRS=Nothing
	Response.Write GetErr(3)
	Response.End
Else
	'若用户存在，则检测用户密码的正误
	If objRS("UI_Password_S")<>UserPassword Then
		objRS.Close
		Set objRS=Nothing
		Response.Write GetErr(4)
		Response.End
	End IF
	
	'判断用户是否被锁定
	If objRS("UI_IsLocked_B")=True Then
		objRS.Close
		Set objRS=Nothing
		Response.Write GetErr(5)
		Response.End
	End If
	
	'建立用户私有变量
	Session.Timeout =30
	Session("UserID")=objRS("UI_ID_N")
	objRS.Close
	
	'每当有用户登录则刷新数据库，判断是否有影片的预订超时或超期未还
	'有超时的预订则删除
	strSQL="SELECT TAC_ReserveTime_D,TAC_StartTime_D FROM [Tenancy] WHERE TAC_StartTime_D IS NULL"
	objRS.Open strSQL,objConn,1,3
	For i=1 To objRS.RecordCount
		If IsNull(objRS("TAC_StartTime_D"))=True And DateDiff("h",objRS("TAC_ReserveTime_D"),Now())>12 Then
			objRS.Delete
		End If
		objRS.MoveNext
	Next
	objRS.Close
	'有超期的则标注
	strSQL="SELECT * FROM [Tenancy] WHERE TAC_StartTime_D IS NOT NULL AND TAC_EndTime_D IS NULL"
	objRS.Open strSQL,objConn,1,3
	Dim MsgUser
	For i=1 To objRS.RecordCount
		If DateDiff("d",DateAdd("d",objRS("TAC_Lease_N"),objRS("TAC_StartTime_D")),Now())=>objRS("TAC_Lease_N") Then
			strSQL="UPDATE [Tenancy] SET TAC_TimeOut_B=True,TAC_MsgUser_B=True WHERE TAC_ID_N="&objRS("TAC_ID_N")
			objConn.Execute(strSQL)
		End If
		objRS.MoveNext
	Next
	objRS.Close
	'跳转回主页
	Response.Redirect "index.asp"
End If
%>