📄 checkin.asp
字号:
<!-- #include file="conn.asp" -->
<!--#include file="../include/md5.asp"-->
<%
function ChkPost()
dim server_v1,server_v2
chkpost=false
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
chkpost=false
else
chkpost=true
end if
end function
%>
<% if chkpost=false then
response.Write("请不要从站处提交。")
conn.Execute "INSERT INTO log(username,action,ip,sj) VALUES('站外提交','从站外提交','"&Request.ServerVariables("Remote_Addr") &"','"&now()&"' )"
else
%>
<%
name=request.form("name")
pass=md5(md5(request.form("pass")))
if instr(pass,"'")>0 or instr(name,"'")>0 then
conn.Execute "INSERT INTO log(username,action,ip,sj) VALUES('Guest_login','有危险字符"&trim(request.QueryString("name"))&"-"&trim(request.QueryString("pass"))&"','"&Request.ServerVariables("Remote_Addr") &"','"&now()&"' )"
response.redirect "/error/error.asp?T=1"
else
set rs=server.createobject("adodb.recordset")
sql="select * from admin where name='"&name&"' and pass='"&pass&"'"
rs.open sql,conn,3,3
if not rs.eof and not rs.bof then
session("admin")=rs("name")
session("adminid")=rs("id")
Session("webedituser")=rs("name")
Session("webeditbase") =rs("sbase")
Session("webeditrun")=rs("srun")
rs("lastip")=Request.serverVariables("REMOTE_ADDR")
rs("lastsj")=now
rs("n")=rs("n")+1
rs.update
response.redirect "index.asp"
else
conn.Execute "INSERT INTO log(username,action,ip,sj) VALUES('"&name&"','密码有错为"&request.form("pass")&"','"&Request.ServerVariables("Remote_Addr") &"','"&now()&"' )"
response.redirect "/error/error.asp?T=1"
end if
rs.close
set rs=nothing
conn.close
set conn=nothing
end if
%>
<%end if%>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -