admin_logincheck.asp

大榕树网络文章管理系统

<!--#include file="../inc/md5.asp" -->
<!--#include file="../inc/function.asp" -->
<!--#include file="conn.asp" -->
<%
dim manager
manager=trim(request.form("manager"))
if manager="login" then
dim adminname,adminpass
adminname=trim(request.form("adminname"))
adminpass=trim(request.form("adminpass"))
if adminname="" or strLength(adminname)>20 or strLength(adminname)<6 then
   founderr=true
   errmsg=errmsg & "<br><li>请输入用户名,用户名不对！</li>"
   else
   if instr(adminname,"=")>0 or instr(adminname,"%")>0 or instr(adminname,"'")>0 or instr(adminname,"?")>0 or instr(adminname,"&")>0 or instr(adminname,";")>0 or instr(adminname,",")>0 or instr(adminname," ")>0 or instr(adminname,"$")>0 or instr(adminname,chr(34))>0 or instr(adminname,chr(32))>0 or instr(adminname,chr(9))>0 then
   founderr=true
   errmsg=errmsg + "<br><li>用户名中含有非法字符！</li>"
   end if
end if
if adminpass="" or strLength(adminpass)<6 or strlength(adminpass)>50 then
    founderr=true
    errmsg=errmsg + "<br><li>请输入密码，密码输入有误！</li>"
    else
    if instr(adminpass,"=")>0 or instr(adminpass,"%")>0 or instr(adminpass,"'")>0 or instr(adminpass,"?")>0 or instr(adminpass,"&")>0 or instr(adminpass,";")>0 or instr(adminpass,",")>0 or instr(adminpass," ")>0 or instr(adminpass,"$")>0 or instr(adminpass,chr(34))>0 or instr(adminpass,chr(32))>0 or instr(adminpass,chr(9))>0 then
       founderr=true
       errmsg=errmsg + "<br><li>密码中含有非法字符！</li>"
    end if
end if
if founderr=false then
adminpass=md5(adminpass)
dim rs
set rs=server.createobject("ADODB.Recordset")
rs.open"select * from admin where adminname='"&adminname&"' and adminpass='"&adminpass&"'",conn,1,1
if rs.bof or rs.eof then
founderr=true
errmsg=errmsg + "<br><li>用户名或密码错误！</li>"
else 
dim mydate,mytime,servernums
mydate=Date()
mytime=Time()
servernums=year(mydate)&month(mydate)&day(mydate)
servernums=cstr(servernums & Hour(mytime)&Minute(mytime)&second(mytime))

servernums=servernums&cstr(fix((1000000*Rnd())))
session("adminname")=rs("adminname")
session("adminpurview")=rs("adminpurview")
session("servernums")=servernums
end if
rs.close
set rs=nothing
call closeconn()
end if
end if
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
<link href="Style.css" rel="stylesheet" type="text/css">
</head>

<body>
<%
if founderr=true then
call writeerrmsg()
else
call regsuccess()
end if
%>
</body>
</html>
<%
sub regsuccess()
 response.redirect("admin_index.asp")
end sub

sub writeerrmsg()
response.write"<table align='center' width='300' border='0' cellpadding='2' cellspacing='0'>"
response.write"<tr class='txt04'><td align='center'>可能是以下的原因，导致注册失败！</td></tr>"
response.write"<tr class='txt05'><td >"&errmsg&"</td></tr>"
response.write"<tr class='txt05'><td align='center'><br>【<a href='javascript:onclick=history.go(-1)'>返回</a>】</td></tr>"
response.end()
end sub
%>