loginchk.asp

信息管理系统 管理页面:admin/index.asp 用户和密码都是admin

<!--#include file=conn.asp-->
<!--#include file=../md5.asp-->
<%
	dim sql
	dim rs
	dim username
	dim password
	'session("ijob_err")=0
	if session("ijob_err")="" then
	session("ijob_err")=0
	else
	if session("ijob_err")>=3 then '错误次数设置
	response.write " <b>系统保护状态，错误次数太多！"
	response.end
	end if
	end if
	if trim(request("username"))="" or trim(request("password"))="" then
	response.write " <b>帐号或密码为空！"
	response.end
	end if
	username=replace(trim(request("username")),"'","‘")
	password=request("password")
	set rs=server.createobject("adodb.recordset")
	sql="select * from [admin] where Password='"&Password&"' and UserName='"&UserName&"'"
	rs.open sql,conn,1,1
 	if not rs.bof and not rs.eof then
 		if password=rs("password") then
        Response.cookies("ershou")("administrator")=rs("username")
        Response.cookies("ershou")("ijob")=1
        session("admin_ijob")=now()
        Response.cookies("ershou")("domain")=Request.ServerVariables("SERVER_NAME")
		Response.Redirect "index.asp"
 		else
            response.write " <b>身份确认失败！请<a href=login.asp><b><font color=#Ff0000>重新登陆</font></b></a></b> "
            session("ijob_err")=session("ijob_err")+1
            response.end
 		end if
	else
            response.write " <b>身份确认失败！请<a href=login.asp><b><font color=#Ff0000>重新登陆</font></b></a></b> "
            session("ijob_err")=session("ijob_err")+1
            response.end
	end if
	rs.close
	set rs=nothing
	conn.close
	set conn=nothing
%>
 <LINK href="../1.css" rel=stylesheet></LINK>