login.asp

ASP+Accesss数据库设备WEB报修

<!--#include file =conn.asp-->
<!--#include file="md5.asp"-->
<!--#include file="admin/ChkURL.asp"-->
<%
dim rs_user
dim sql
dim user_name,password
session.Timeout=120
   user_name=request("username")
   cs=request("cs")
   password=md5(trim(request("password")))
   verifycode=cstr(trim(request.form("verifycode")))
if cstr(session("verifycode"))<>verifycode then
	session("verifycode")=""
	response.write "<script language=jscript>alert('对不起，您输入的验证码有误，请重新输入，谢谢！');window.location.href='index.asp';</script>"
	response.end
else
    session("verifycode")=""
    Set rs_user = Server.CreateObject("ADODB.Recordset")
    sql="select * from user_reg where user_name ='" & user_name & "'and password ='" & password & "'" 
    rs_user.open sql,conn,1,3
    if rs_user.eof then
       response.write "<script language=jscript>alert('对不起，您输入的用户名或密码有误，请重新输入，谢谢！');window.location.href='index.asp';</script>"
       response.end
	   session.Abandon()
	else  
       session("baoxiuuser_id")=rs_user("user_id")
       session("baoxiuuser_name")=rs_user("user_name")
	   session("flag")="登录"
       password=md5(trim(request("password")))
	   rs_user("cs")=rs_user("cs")+1
	   rs_user.update
       rs_user.close
       set rs_user=nothing
       set conn=nothing
       response.redirect "index.asp"
       response.end
	   session.Abandon()
    end if
end if	
%>