chklogin.asp

sfsfds设定方式分上述事实是事实是事实是事实是事实上

<!--#include file="mdb.asp"-->
<%
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if mid(server_v1,8,len(server_v2))<>server_v2 then
Response.Write("<script language=javascript>alert('你提交的路径有误！');this.location.href='admin_login.asp';</script>") 
response.end
end if

dim login
dim action,mofei
dim powered,version,adminname
dim username,password

Call reg(chklogin)
action=request.form("action")
mofei=trim(request.form("mofei"))

if action="add_admin" then
if mofei="" then
	Response.Write("<script language=javascript>alert('请输入验证码');this.location.href='admin_login.asp';</script>")
	response.end
end if
if cstr(session("CheckCode"))<>cstr(mofei) then
	Response.Write("<script language=javascript>alert('你输入的验证码有误');this.location.href='admin_login.asp';</script>")
	response.end
end if
if Request.form("username")="" then
	Response.Write("<script language=javascript>alert('请输入用户名');this.location.href='admin_login.asp';</script>")
	Response.End
end if
if Request.form("password")="" then
	Response.Write("<script language=javascript>alert('请输入密码');this.location.href='admin_login.asp';</script>")
	Response.End
end if
sql="select Version from O3888_title"
set rs=conn.execute(sql)
Version=rs("Version")
rs.close
set rs=nothing
if cstr(Version)<>cstr("5.3.1") then
	Response.Write("<script language=javascript>alert('你使用的不是03888网址大全(生成html)v6.0.4版本数据库，请升级后再来');this.location.href='admin_login.asp';</script>")
	response.end
end if
username=ReplaceBadChar(Trim(request.form("username")))
password=ReplaceBadChar(Trim(request.form("password")))
password=md5(password)
set rs=server.createobject("adodb.recordset")
sql="select * from O3888_admin where username='"&username&"' and password='"&password&"'"
rs.open sql,conn,1,3
if rs.eof or rs.bof then
	rs.close
	set rs=nothing
	Response.Write("<script language=javascript>alert('请输入正确的用户名和密码');this.location.href='admin_login.asp';</script>")
	Response.End
else
	rs("Logincount")=rs("Logincount")+1
	rs("LoginTime")=now()
	rs("LoginIP")=Request.ServerVariables("REMOTE_ADDR")
	rs.Update
	Session("adminid")=rs("id")
	Session("username")=rs("username")
	Session("level")=rs("level")
	Session("adminlogin")=sessionvar
	Session.timeout=900
	rs.close
	set rs=nothing
	Response.Redirect("admin.asp")
	Response.End
end if
end if
%>