login.asp

熟悉和掌握数据库的基本原理 2. 利用Micorsoft Sql Server工具建立C/S模式的论文数据库,并能提供论文的在线上传下载功能

<!--#include file="Conn.asp"-->
<!--#include file="md5.asp"-->
<!--#include file=inc.asp-->
<%If Request.Form("action")="login" then
If ChkPost=false Then
Response.Write("<script language=JavaScript>alert('请不要重外部提交信息！');document.location.href='index.asp';</script>")
Response.End
End If
Dim Userid,UserPwd,Sql,Rs,IP
Userid=Trim(Request.Form("Userid"))
UserPwd=Trim(Request.Form("UserPwd"))
If Userid="" or UserPwd="" Then
Response.Write("<script language=JavaScript>alert('请输入您的用户ID和密码！');document.location.href='javascript:window.history.go(-1);';</script>")
Response.End
End If
If isInteger(Userid)=False Then
Response.Write("<script language=JavaScript>alert('用户ID必须是数字！');document.location.href='javascript:window.history.go(-1);';</script>")
Response.End
End If
Userid=Replace(Userid,"'","")
UserPwd=Replace(UserPwd,"'","")
Sql="Select * From Users Where Userid='"&Userid&"'"
Set Rs=server.CreateObject("adodb.recordset")
If Not IsObject(Conn) Then ConnectionDatabase()
Rs.open Sql,Conn,1,3
If Rs.Bof Or Rs.Eof Then
Rs.close
Set Rs=Nothing
CloseDatabase()
Response.Write("<script language=JavaScript>alert('您的用户ID不存在！');document.location.href='javascript:window.history.go(-1);';</script>")
Response.End
Else
If Rs("UserPwd")<>Md5(UserPwd,32) Then
Rs.close
Set Rs=Nothing
CloseDatabase()
Response.Write("<script language=JavaScript>alert('您的密码错误！');document.location.href='javascript:window.history.go(-1);';</script>")
Response.End
Else
If Request.ServerVariables("HTTP_X_FORWARDED_FOR")<>"" then 
IP=Request.ServerVariables("HTTP_X_FORWARDED_FOR") 
Else
IP=Request.ServerVariables("REMOTE_ADDR")
End If
Rs("UserLogins")=Rs("UserLogins")+1
Rs("UserLastTime")=Now()
Rs("UserLastIp")=IP
Session("UserName")=Rs("UserName")
Session("UserID")=Rs("UserId")
Session("UserLogins")=Rs("UserLogins")
Session("UserAdmin")=Rs("UserType")
Session("UserMaxUp")=Rs("UserMaxUp")
Rs.UpDate
Rs.close
Set Rs=Nothing
CloseDatabase()
Response.Write("<script language=JavaScript>document.location.href='Index.asp';</script>")
End If
End If
ElseIf Request("action")="logout" Then
Session.Abandon()
Response.Redirect("Index.asp")
Else
Response.Redirect("Index.asp")
End if
%>