checklogin.asp

Art2008 CMS是一款具有强大的功能的基于ASP语言的网站管理软件

<!--#include file="User_conn.asp"-->
<!--#include file="../admin/MD5.asp"-->
<% 
	Select Case Request("Action")
			Case "LoginCheck"
				Call LoginCheck()
			Case "LoginOut"
				Call LoginOut()
	End Select
	Sub LoginCheck()
		if UserSetting(0) = 1   Then
			Call Alert("会员系统已经关闭!","")		
			Response.End
		End IF
		Dim A_PWD,PassWord,UserName,artYzm,SqlStr,RS,act,CheckMode
		if  UserSetting(3) = 0 Then
			 artYzm = Request.Form("artYzm")
			If CStr(artYzm) <>CStr(Session("artYzm")) then
				Response.Write("<script>alert('验证码有误，重新输入！');history.back();</script>")
				Response.End
			End If
		End If 
		A_PWD = MD5(Request.Form("PassWord"))
		UserName = RSQL(Request.Form("UserName"))
		act = Request("act")
			 Set RS = Server.CreateObject("ADODB.RecordSet")
			SqlStr=SqlStr&"select UserID,UserName,LoginTime,LoginIP,LoginNumber,PassWord,GroupID,Locked,Score from Art_User where username='"&UserName&"'"
			 RS.Open SqlStr,Conn,1,3
		 	IF Rs.eof And Rs.bof Then
				Response.Write("<script>alert('登录失败:\n\n您输入了错误的用户名，请再次输入！');history.back();</script>")
				Response.End
			Else
				IF Rs("PassWord") = A_PWD Then
					IF Rs("Locked") = 1 Then
						Response.Write("<script>alert('登录失败:\n\n您的账号未通过审核,或者账号被管理员锁定，请与您的系统管理员联系！');history.back();</script>")
						Response.End
					Else
								RS("LoginTime") = Now
								RS("LoginIP") = GetIP()
								RS("LoginNumber") = Rs("LoginNumber")+1
								RS("Score")=RS("Score")+Split(config("usersetting"),"^@$@^")(5)
								rs.update
						    If RSQL(Request.Form("CookieDate"))<>"" Then Response.Cookies(Art2008).Expires = Date + 365
							Response.Cookies(Art2008)("UserName") = UserName
							Response.Cookies(Art2008)("PassWord") = A_PWD
							Response.Cookies(Art2008)("GroupID") = Rs("GroupID")
							Response.Cookies(Art2008)("upload") = "user"
					End IF
				Else
				      	Call Alert("登录失败:\n\n您输入了错误的口令，请再次输入！","")	
				End If
						Rs.Close:Set Rs = Nothing
						If act="cool" Then 
						Response.Write "<script>top.location.href ='Index.asp' ;</script>"
						Else
						Response.Redirect("UserLogin.asp")
						End If 
			End IF
	End Sub
	Sub LoginOut()
		Response.Cookies(Art2008)("UserName") = ""
		Response.Cookies(Art2008)("Password") = ""
		Response.Cookies(Art2008)("GroupID") = ""
		if Request.Cookies(Art2008)("upload")="user" then
		Response.Cookies(Art2008)("upload")  = ""
		end if
		Response.Write "<script>top.location.href ='../' ;</script>"
	End Sub



 %>
<% call CloseConn() %>