login_checkdl.asp

来自「是一个电子商务网站系统,提供前后台交易源码.」· ASP 代码 · 共 49 行

<!--#include file="inc/chr.asp"-->
<!--#include file="inc/conn.asp"-->
<%
dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
	response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许直接输入地址访问本系统的后台管理页面。</font></p>"
	response.end
else
	cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
	if mid(ComeUrl,len(cUrl)+1,1)=":" then
		cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
	end if
	cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
	if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
		response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许从外部链接地址访问本系统的后台管理页面。</font></p>"
		response.end
	end if
end if
'/验证系统用户账户及管理密码/
Dim rdsMember    	'/创建会员账号访问对象/
Dim sqlMember       '/创建SQL语句/
Dim strMember   	'/会员账号/
Dim strPassWord  	'/管理密码/
Dim sqlUpdateMember
strMember =changechr(Request.Form("userName"))
strPassWord =changechr(Request.Form("pswd"))
set rdsMember = Server.CreateObject("ADODB.Recordset")
sqlMember = "Select * From dl Where user = '"& strMember &"'"
rdsMember.Open sqlMember,Conn
if not rdsMember.EOF then
	if strPassWord = rdsMember("pass") then
		if rdsMember("sh") =1 then
			Session("dluser") = strMember
			Session("dlid") = rdsMember("id")	
			Session("dq") = rdsMember("capitalCN")	
			Response.Redirect "dl/Admin_Main.asp"
		else
			Response.Write "<script>alert(""\对不起！您的会员帐号已被禁止登录，请与管理员联系！"");window.location='Javascript:history.back()';</script>"
		end if
	else
		Response.Write "<script>alert(""\您输入的密码不正确，请重新输入！"");window.location='Javascript:history.back()';</script>"
	end if
else
	Response.Write "<script>alert(""\您输入的会员帐号不存在，请重新输入！"");window.location='Javascript:history.back()';</script>"
end if
rdsMember.Close
set rdsMember = nothing
%>