member_checkapi.asp

大概说明: 一:登陆后台前请先smszzun_admin,找到IP_report.asp这个文件,把里面的IP地址更换成你的本机IP 如果IP不符合则不能打开后台页面,这是为了数据安全

<!--#include file="Mb_API_Md5.asp" -->
<!--#include file="conn.asp" -->
<%
dim number,pwd,ip,backurl,PIN
number = trim(Request("Number"))
pwd = trim(Request("pwd"))
ip = trim(Request("ip"))
backurl = trim(Request("backurl"))
unionid = trim(Request("unionid"))
set rs=server.createobject("adodb.recordset")
sql="select * from [mobile] where Usernumber='"&number&"' and password='"&pwd&"'"
rs.open sql,conn,1,3
if rs.bof and rs.eof then
pinma = md5("NO" & number & ip & CStr(Date()), 16)
%>
<form action="<%=backurl%>" method="POST" name="post" id="n">
<input type="hidden" name="Number" value="<%=number%>">
<input type="hidden" name="pwd" value="<%=pwd%>">
<input type="hidden" name="ip" value="<%=ip%>">
<input type="hidden" name="backurl" value="<%=backurl%>">
<input type="hidden" name="PIN" value="<%=pinma%>">
<input type="hidden" name="unionid" value="<%=unionid%>">
</form>
<script>
setTimeout('n.submit()',1) 
</script>
<%
else
if rs("Msg")="TD126" then
pinma = md5("NO" & number & ip & CStr(Date()), 16)
else
pinma = md5("OK" & number & ip & CStr(Date()), 16)
end if
%>
<form action="<%=backurl%>" method="POST" name="post" id="n">
<input type="hidden" name="Number" value="<%=number%>">
<input type="hidden" name="pwd" value="<%=pwd%>">
<input type="hidden" name="ip" value="<%=ip%>">
<input type="hidden" name="backurl" value="<%=backurl%>">
<input type="hidden" name="PIN" value="<%=pinma%>">
<input type="hidden" name="unionid" value="<%=unionid%>">
</form>
<script>
setTimeout('n.submit()',1) 
</script>
<%
end if
rs.close
set rs=nothing
conn.close
set conn=nothing
%>