admin_login.asp

淘客网上商店网站程序 淘客网上商店网站程序 淘客网上商店网站程序

		document.Login.CheckCode.focus();
		return(false);
	}
}
//-->
</script>
<style type="text/css">
<!--
body {padding:0px;margin:0px;background-color:#0096CE;}
body,td,th {font-size: 12px;}
input{font-family : tahoma, verdana, 宋体, fantasy;font-size: 12px;}
.stylefont{font-size:12px;COLOR:white;font-weight: bold;}
-->
</style>
<script language="JavaScript" src="../inc/js/keyboard.js" type="text/javascript"></script>
<script language="JavaScript" type="text/javascript">
function newCheckCode(){var obj=document.getElementById("CheckCodeImg");if (obj){obj.src="Admin_GetCode.asp?"+Math.random();}obj=document.getElementById("LoginCheckCode");if (obj){obj.src="inc/SetCode.asp?id=CheckCode&type=Admin_Code&"+Math.random();}}
</script>
</head>
<body>
<table width="477" height="438" border="0" cellpadding="0" cellspacing="0" align="center">
<form action="admin_login.asp?action=chklogin" method="post" name="Login" target="_parent" id="Login" onsubmit="return CheckForm();">
	<tr>
		<td colspan="8" height="107"></td>
	</tr>
	<tr>
		<td><img src="images/Login1.jpg" width="68" height="158" alt="" /></td>
		<td><img src="images/Login2.jpg" width="48" height="158" alt="" /></td>
		<td><img src="images/Login3.jpg" width="86" height="158" alt="" /></td>
		<td><img src="images/Login4.jpg" width="74" height="158" alt="" /></td>
		<td><img src="images/Login5.jpg" width="71" height="158" alt="" /></td>
		<td><img src="images/Login6.jpg" width="21" height="158" alt="" /></td>
		<td colspan="2"><img src="images/Login7.jpg" width="109" height="158" alt="" /></td>
	</tr>
	<tr>
		<td rowspan="3"><img src="images/Login8.jpg" width="68" height="105" alt="" /></td>
		<td rowspan="3"><img src="images/Login9.jpg" width="48" height="105" alt="" /></td>
		<td colspan="4" rowspan="3" background="images/Login9.jpg" width="252" height="105" valign="top">
		<table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
			<tr>
			  <td width="80" align="right" height="25"><span class="stylefont">登录名称：</span></td>
			  <td width="199" align="left"><input name="UserName" type="text" id="UserName" size="20" maxlength="20" style="width:160px" /></td></tr>
			<tr>
			  <td width="80" align="right" height="25"><span class="stylefont">管理密码：</span></td>
			  <td width="199" align="left"><input name="Password"  type="password" size="16" maxlength="20" style="width:108px;" />&nbsp;&nbsp;<input onclick="showkeyboard('Login.Password')" type="button" value="键盘" title="用软键盘输入密码，防止黑客软件记录键盘的录入信息" /></td></tr>
			<tr>
			  <td width="80" align="right" height="25"><span class="stylefont">验&nbsp;证&nbsp;码：</span></td>
			  <td width="199" align="left"><input name="CheckCode" size="8" maxlength="4" style="width:108px;" onFocus="this.select();" />&nbsp;&nbsp;<img id="CheckCodeImg" src="Admin_GetCode.asp" alt="看不清,我要换一个" onclick="this.src='Admin_GetCode.asp?'+Math.random();" style="cursor:hand;"/></td></tr>
		</table>		</td>
		<td colspan="2"><img src="images/Login10.jpg" width="109" height="20" alt="" /></td>
	</tr>
	<tr>
		<td><input type="image" name="Submit" src="images/Login11.jpg" /></td>
		<td rowspan="2"><img src="images/Login12.jpg" width="33" height="85" alt="" /></td>
	</tr>
	<tr>
		<td><img src="images/Login13.jpg" width="76" height="28" alt="" /></td>
	</tr>
	<tr>
		<td colspan="8"><img src="images/Login14.jpg" width="477" height="68" alt="" /></td>
	</tr>
</form>
</table>
</body>
</html>
<%
End Sub

Sub chklogin()
	Dim Sql,Rs
	Dim UserName,Password
	Dim AdminName,AdminPassword
	if session("Admin_Code")="" then
		Call ShowErr("<br /><li>你登录时间过长，请重新返回登录页面刷新后再进行登录。</li>")
	end if
	if CStr(Request("CheckCode"))<>CStr(session("Admin_Code")) then
		Session("Admin_Code")=Empty
		Call ShowErr("<br /><li>您输入的确认码和系统产生的不一致，请返回重新输入！</li>")
	end if
	Session("Admin_Code")=Empty
	if Not Cl.ChkUserLogin Then
		Dim RsLogin,sMewMsgN,MsgInfo,sValidDays,sUserInfo,i
		UserName = Cl.CheckStr(Trim(request("UserName")))
		Password = Cl.CheckStr(md5(Trim(Request("Password")),16))
		If UserName="" Or Password="" then
			Call ShowErr("<br /><li>用户名或密码不能为空，请返回重新输入！</li>")
		end if
		SQL="Select " & Db.UserID & "," & Db.UserName & "," & Db.UserPassWord & "," & Db.UserEmail & "," & Db.UserSex & "," & Db.UserJoinDate & "," & Db.UserLastLogin & "," & Db.UserLogins & "," & Db.UserLastIP & "," & Db.DataCount & "," & Db.UserGroupID & "," & Db.UserPoint & "," & Db.UserMoney & "," & Db.ChargeType & "," & Db.BeginDate & "," & Db.ValidNum & "," & Db.UserMsg & "," & Db.UserLock & " From " & Db.UserTable & " where " & Db.UserName & "='" & UserName & "'"
		Set RsLogin=Cl.Execute_U(SQL)
		if RsLogin.bof and RsLogin.eof then
			RsLogin.close : set RsLogin=Nothing
			Call ShowErr(Cl.Language.selectSingleNode("//UserNoFind").text)
		End if
		if Password<>RsLogin(2) then
			RsLogin.close : set RsLogin=Nothing
			Call ShowErr(Cl.Language.selectSingleNode("//Login/PassErr").text)
		End if
		if RsLogin(10)<>1 then
			RsLogin.close : set RsLogin=Nothing
			Response.Redirect Cl.WebDir & "Showerr.asp?action=OtherErr&ErrCodes=<li>您不是系统管理员！"
		End if
		if RsLogin(17)<>0 then
			RsLogin.close : set RsLogin=Nothing
			Response.Redirect Cl.WebDir & "Showerr.asp?action=OtherErr&ErrCodes=" & Cl.Language.selectSingleNode("//UserIsLock").text
		end if
		sMewMsgN = Cl.newincept(UserName)
		If sMewMsgN>0 Then
			MsgInfo =sMewMsgN & "||" & Cl.inceptid(1,UserName) & "||" & Cl.inceptid(2,UserName)
		Else
			MsgInfo = "0||0||null"
		End If
		Cl.Execute_U("Update " & Db.UserTable & " Set " & Db.UserMsg & "='"&Cl.CheckStr(MsgInfo)&"' Where " & Db.UserID & "="&Clng(RsLogin(0))&"")
		if DateDiff("D",RsLogin(6),Now)>0 then
			'添加积分
			Cl.Execute_U("Update " & Db.UserTable & " Set " & Db.UserLastIP & "='" & Cl.UserTrueIP & "'," & Db.UserLastLogin & "='" & Now & "'," & Db.UserLogins & "=" & Db.UserLogins & "+1," & Db.UserPoint & "=" & Db.UserPoint & "+"&CLng(Application(Cl.CacheName & "_usergrouplist").DocumentElement.SelectSingleNode("usergroup[@id="&RsLogin(10)&"]/@loginpoint").text)&" Where "&Db.UserID&"=" & RsLogin(0) & "")
		else
			Cl.Execute_U("Update " & Db.UserTable & " Set " & Db.UserLastIP & "='" & Cl.UserTrueIP & "'," & Db.UserLastLogin & "='" & Now & "'," & Db.UserLogins & "=" & Db.UserLogins & "+1 Where "&Db.UserID&"=" & RsLogin(0) & "")
		end If
		Cl.UserID = RsLogin(0)
		Cl.MemberName  = RsLogin(1)
		Cl.UserGroupID = RsLogin(10)
		'Response.Cookies(Web_Cookies).DoMain		= "aspoo.com"
		'Response.Cookies(Web_Cookies).path			= InstallDir
		Response.Cookies(Web_Cookies)("UserID")		= RsLogin(0)
		Response.Cookies(Web_Cookies)("UserName")	= RsLogin(1)
		Response.Cookies(Web_Cookies)("Password")	= PassWord
		'Response.Cookies(Web_Cookies)("TruePassWord")= TruePassWord
		Response.Cookies(Web_Cookies)("UserGroupID")= RsLogin(10)
		sValidDays=RsLogin(15)-DateDiff("D",RsLogin(14),now())
		if sValidDays<0 then sValidDays=0
		sUserInfo	= "ClCMS@@@"& Now() & "@@@" & Now() & "@@@" & Cl.ScriptName
		For i=0 to 17
		sUserInfo	= sUserInfo & "@@@" & RsLogin(i)
		Next
		sUserInfo	= sUserInfo & "@@@" & sValidDays & "@@@ClCMS"
		Cl.User_Info=Split(sUserInfo,"@@@")
		Session(Cl.CacheName & "UserID") = Cl.User_Info
		RsLogin.Close : Set RsLogin = Nothing
	ElseIf Clng(Cl.UserGroupID)<>1 then
		Response.Redirect Cl.WebDir & "Showerr.asp?action=OtherErr&ErrCodes=<li>您不是系统管理员！"
	End If
	AdminName	= Cl.CheckStr(Trim(request("AdminName")))
	AdminPassword= Cl.CheckStr(md5(Trim(Request("AdminPassword")),16))
	if AdminName="" or AdminPassword="" then
		Call ShowErr("<br /><li>管理员或密码不能为空，请返回重新输入！</li>")
	end if
	Sql="select ID,UserName,PassWord,Purview,Purview_Other,arrClassMaster,arrClassCheck,arrClassInput From Cl_Admin where username='" & AdminName & "' and adduser='" & Cl.MemberName & "'"
	Set Rs=Cl.Execute(Sql)
	if Rs.bof and Rs.eof then
		Rs.close:set Rs=Nothing
		Cl.Execute_L("insert into [Cl_AdminLog] (UserID,UserName,UserGroupID,UserIP,ScriptName,LogContent,LogTime) values ('"&Cl.UserID&"','"&Cl.MemberName&"','"&Cl.UserGroupID&"','"&Cl.UserTrueIP&"','"&Cl.ScriptName&"','登录后台失败，用户名错误("&Cl.MemberName&")！','"&Now&"')")
		Call ShowErr("<br /><li>用户名或密码错误或者您不是后台管理员(1)("&AdminName&","&Cl.MemberName&")！</li>")
	else
		if AdminPassword<>Rs(2) then
			Rs.close:set Rs=Nothing
			Cl.Execute_L("insert into [Cl_AdminLog] (UserID,UserName,UserGroupID,UserIP,ScriptName,LogContent,LogTime) values ('"&Cl.UserID&"','"&Cl.MemberName&"','"&Cl.UserGroupID&"','"&Cl.UserTrueIP&"','"&Cl.ScriptName&"','登录后台失败，用户密码错误("&Cl.MemberName&")！','"&Now&"')")
			Call ShowErr("<br /><li>用户名或密码错误，请返回重新输入(2)！</li>")
		else
			Cl.Execute("update Cl_Admin set LastLoginIP='"&Cl.UserTrueIP&"',LastLoginTime="&SqlNowString&",LoginTimes=LoginTimes+1 Where UserName='"&AdminName&"'")
			Session.Timeout=Cl.GetClng(Cl.Web_Setting(15))
			Session("AdminName")=rs(1)
			Session("AdminPass")=rs(2)
			Rs.close:set Rs=Nothing
			Cl.Execute_L("insert into [Cl_AdminLog] (UserID,UserName,UserGroupID,UserIP,ScriptName,LogContent,LogTime) values ('"&Cl.UserID&"','"&Cl.MemberName&"','"&Cl.UserGroupID&"','"&Cl.UserTrueIP&"','"&Cl.ScriptName&"','登录后台成功("&Cl.MemberName&")！','"&Now&"')")
			Response.Redirect "Admin_Index.asp"
		end if
	end if
End Sub

'****************************************************
'过程名：ShowErr
'作  用：显示错误提示信息
'参  数：无
'****************************************************
Sub ShowErr(ErrMsg)
	dim strErr
	strErr=strErr & "<html><head><title>错误信息</title><meta http-equiv='Content-Type' content='text/html; charset=gb2312' />" & vbcrlf
	strErr=strErr & "<link href='../Skins/Css/Admin.Css' rel='stylesheet' type='text/css' /></head><body>" & vbcrlf
	strErr=strErr & "<table cellpadding='2' cellspacing='1' border='0' width='400' class='border' align='center'>" & vbcrlf
	strErr=strErr & "  <tr align='center'><td height='22' class='title'><strong>错误信息</strong></td></tr>" & vbcrlf
	strErr=strErr & "  <tr><td height='100' class='tdbg' valign='top'><b>产生错误的可能原因：</b><br />" & ErrMsg &"</td></tr>" & vbcrlf
	strErr=strErr & "  <tr align='center'><td class='tdbg'><a href='Admin_Login.asp'>&lt;&lt; 返回登录页面</a></td></tr>" & vbcrlf
	strErr=strErr & "</table>" & vbcrlf
	strErr=strErr & "</body></html>" & vbcrlf
	CloseAllObj
	response.write strErr
	Response.end
end sub
%>