login_save.asp

shopxp网上购物系统v6.6已经调试,百分百可用

<!--#include file="config.asp" -->
<!--#include file="conn.asp" -->
<!--#include file="md5.asp" -->
<%
Dim RsLoginObj,RsLogObj
Dim UserName,UserPass,VerifyCode,System,SqlLog,SqlLogin,Url
Url = "index.asp"	
UserName = Replace(Trim(Request.Form("username")),"'","''")
UserPass = Left(md5(replace(trim(Request("password")),"'","")),16)

if UserName = "" or  UserPass = "" then
	Response.Write("<script>alert(""错误：\n请填写完整登陆信息"");location.href=""Login.asp"";</script>")
	Response.End
end if

Set RsLoginObj = server.CreateObject ("ADODB.RecordSet")
SqlLogin = "select * from kheu_nUser where user_email='"&UserName&"' and  user_password='"&UserPass&"'"
RsLoginObj.Open SqlLogin,Conn,1,1
if Not RsLoginObj.EOF then
	Session("user_email") = RsLoginObj("user_email")
	Session("user_id") = RsLoginObj("user_id")
	Session("nPower") =  RsLoginObj("user_power")
	Session("Up_flag") = RsLoginObj("Up_flag")
	conn.execute("update kheu_nUser set user_enter_count=user_enter_count+1 where user_email='"&UserName&"'")
	conn.execute("update kheu_nUser set user_last_time='"&now()&"' where user_email='"&UserName&"'")
	Set RsLogObj = Server.Createobject("adodb.recordset")
   	Response.Redirect "mUser.asp" 
	Response.End
else
	Response.Write("<script>alert(""错误:\n请检查用户名和密码的正确性\n"");location.href=""Login.asp"";</script>")
	Response.End
end if

RsLoginObj.close
Set RsLoginObj = Nothing
call connclose()
%>