admin_chkpass.asp

博客模块：Blog是继Email、BBS、ICQ后的第四种网络交流方式

<%
dim AdminName,adminpassword
dim rsGetAdmin,sqlGetAdmin
dim ComeUrl,cUrl
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER")))
if ComeUrl="" then
	response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许直接输入地址访问本系统的后台管理页面。</font></p>"
	response.end
else
	cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME"))
	if mid(ComeUrl,len(cUrl)+1,1)=":" then
		cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT")
	end if
	cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME"))
	if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then
		response.write "<br><p align=center><font color='red'>对不起，为了系统安全，不允许从外部链接地址访问本系统的后台管理页面。</font></p>"
		response.end
	end if
end if

AdminName=replace(session("AdminName"),"'","")
adminpassword=session("adminpassword")
if AdminName="" then
	call CloseConn()
	response.redirect "Admin_login.asp"
end if
sqlGetAdmin="select id from Admin where UserName='" & AdminName & "' and password='"&adminpassword&"'"
set rsGetAdmin=server.CreateObject("adodb.recordset")
rsGetAdmin.open sqlGetAdmin,conn,1,1
if rsGetAdmin.bof and rsGetAdmin.eof then
	rsGetAdmin.close
	set rsGetAdmin=nothing
	call CloseConn()
	response.redirect "Admin_login.asp"
end if
rsGetAdmin.close
set rsGetAdmin=nothing

sub copyright()
	response.Write "<div align='center'>Blog １２３,Copyright&copy; 2004  All Rights Reserved.<BR><BR></div>"
end sub
%>