admin_login.asp

来自「eayanQuery思燕大学成绩查询系统 版本 V1.6」· ASP 代码 · 共 249 行

<%option explicit%>
<!--#include file="../Conn.asp"-->
<!--#include file="../include/PublicFunction.asp"-->
<!--#include file="../include/ReplaceHtml.asp"-->
<!--#include file="../include/md5.asp"-->
<%
'强制浏览器重新访问服务器下载页面
Response.Buffer = True
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"
Dim KSCMS,SoftKeyBoardTF,Action
Action=request.QueryString("Action")
Select Case  Action
 Case "LoginCheck"
  Call CheckLogin()
 Case "LoginOut"
  Call LoginOut()
 Case Else
  Call Main()
End Select

Sub Main()
%>
<HTML>
<HEAD>
<TITLE>思燕成绩查询系统SQL版本v1.0---网站后台管理</TITLE>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<script language="JavaScript" type="text/JavaScript" src="../Include/SoftKeyBoard.js"></script>
<link href="images/Admin_Style.CSS" rel="stylesheet" type="text/css">
            <SCRIPT language=JavaScript type=text/JavaScript>
				nereidFadeObjects = new Object();
				nereidFadeTimers = new Object();
				function nereidFade(object, destOp, rate, delta){
				if (!document.all)
				return
					if (object != "[object]"){ 
						setTimeout("nereidFade("+object+","+destOp+","+rate+","+delta+")",0);
						return;
					}
					clearTimeout(nereidFadeTimers[object.sourceIndex]);
					diff = destOp-object.filters.alpha.opacity;
					direction = 1;
					if (object.filters.alpha.opacity > destOp){
						direction = -1;
					}
					delta=Math.min(direction*diff,delta);
					object.filters.alpha.opacity+=direction*delta;
					if (object.filters.alpha.opacity != destOp){
						nereidFadeObjects[object.sourceIndex]=object;
						nereidFadeTimers[object.sourceIndex]=setTimeout("nereidFade(nereidFadeObjects["+object.sourceIndex+"],"+destOp+","+rate+","+delta+")",rate);
					}
				}
				</SCRIPT>
<STYLE>
body {font-family: "宋体";font-size: 12px;text-decoration: none;}
td {font-size: 12px;color: #666666;text-decoration: none;line-height: 18px;font-family: "宋体";}
.S1{
font-family: "宋体"; 
font-weight: bold; 
color: #ffffff; 
font-size:16px;
text-decoration: none}
</STYLE>
</head>
<body bgcolor="#FFFFFF" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<br>
<br>
<br>
<table width="646" height="425" border="0" align="center" cellpadding="0" cellspacing="0" id="__01">
	<tr>
		<td colspan="3">
			<img src="images/login_01.gif" width="646" height="114" alt=""></td>
	</tr>
	<tr>
		<td>
			<img src="images/login_02.gif" width="88" height="311" alt=""></td>
	  <td width="476" height="311" valign="top" background="images/login_03.gif"><br>
		         <FORM ACTION="Admin_Login.asp?Action=LoginCheck" METHOD="post" name="LoginForm" onSubmit="return(CheckForm(this))">
		      <table width="80%" border="0" align="center" cellpadding="0" cellspacing="0">
          <tr>
            <td width="87" height="30" align="right">登录名：</td>
            <td valign="middle"><input type="text" name="UserName" value="" tabindex="1" size="21" class="textbox"></td>
          </tr>
          <tr>
            <td height="30" align="right">密　码：</td>
            <td><!--input onKeyDown="Calc.password.value=this.value;" tabindex="2" onFocus="this.select();" onClick="password1=this;showkeyboard();this.readOnly=1;Calc.password.value=''"  readOnly type="password" onChange="Calc.password.value=this.value;"  name="PWD" class="textbox" size="23"-->
			 <INPUT name="PWD"  type="password" class="textbox" tabindex="2" size="23">
          </td>
          </tr>
          <tr>
            <td height="30" align="right">验证码：</td>
            <td height="30"><input type=text name="Verifycode" maxLength=6 size="6" tabindex="3" class="textbox">
              <font color=red><-请在验证码框输入</font> <IMG style="cursor:hand;" src="../include/verifycode_zh.asp" onClick="this.src=this.src;" align="absmiddle">&nbsp;</td>
          </tr>
         <tr>
           <td height="30" align="right">认证码：</td>
           <td height="30"><input name="AdminLoginCode" type="password" class="textbox" id="AdminLoginCode" tabindex="4" size="5">
			<font color=red><-请在认证码框输入您的认证码.</font></td>
          </tr>
         <tr>
            <td height="50" colspan="2" align="center"><input onMouseOver=nereidFade(this,100,10,5)  style="FILTER:alpha(opacity=50)" onMouseOut=nereidFade(this,50,10,5) src="images/dl.gif"  type="image" tabindex="5" name="enter"  border="0">
              &nbsp;&nbsp;<img onMouseOver=nereidFade(this,100,10,5)  style="cursor:hand;FILTER:alpha(opacity=50)" onMouseOut=nereidFade(this,50,10,5) src="images/fh.gif" onClick="javascript:location.href='../index.asp';" type="button" tabindex="5" name="enter2"  border="0"></td>
            </tr>
          <tr>
            <td colspan="2"></td>
          </tr>
        </table>
		</form><hr size=1 color='#efefef' width='80%' align='left'>Copyright &copy; 2006-2008  <a href="http://www.iconfident.Cn" target="_blank">www.iconfident.Cn</a>,Powered By Seagreen</td>
		<td>
			<img src="images/login_04.gif" width="82" height="311" alt=""></td>
	</tr>
</table>
<script language=javascript>
<!--
function document.onreadystatechange()
{  var app=navigator.appName;
  var verstr=navigator.appVersion;
  if(app.indexOf('Netscape') != -1) {
    alert('友情提示：\n    您使用的是Netscape浏览器，可能会导致无法使用后台的部分功能。建议您使用 IE6.0 或以上版本。');
  } else if(app.indexOf('Microsoft') != -1) {
    if (verstr.indexOf('MSIE 3.0')!=-1 || verstr.indexOf('MSIE 4.0') != -1 || verstr.indexOf('MSIE 5.0') != -1 || verstr.indexOf('MSIE 5.1') != -1)
      alert('友情提示：\n    您的浏览器版本太低，可能会导致无法使用后台的部分功能。建议您使用 IE6.0 或以上版本。');
  }
  document.LoginForm.UserName.focus();
}
function CheckForm(ObjForm) {
  if(ObjForm.UserName.value == '') {
    alert('请输入管理账号！');
    ObjForm.UserName.focus();
    return false;
  }
  if(ObjForm.PWD.value == '') {
    alert('请输入授权密码！');
    ObjForm.PWD.focus();
    return false;
  }
  if (ObjForm.PWD.value.length<6)
  {
    alert('授权密码不能少于六位！');
    ObjForm.PWD.focus();
    return false;
  }
  if (ObjForm.Verifycode.value == '') {
    alert ('请输入验证码！');
    ObjForm.Verifycode.focus();
    return false;
  }
 
  if (ObjForm.AdminLoginCode.value == '') {
    alert ('请输入后台管理认证码！');
    ObjForm.AdminLoginCode.focus();
    return false;
  }

}
//-->
</script>
</html>

<%End Sub%>

<%
'***************************************
Sub CheckLogin()
  call CheckOuterUrl() 
  Dim PWD,UserName,LoginRS,SqlStr,RndPassword
  Dim CommePath
 	   Pwd =MD5(HTMLEncode(Request.form("pwd")))
       UserName = HtmlEncode(trim(Request.form("UserName")))
   CommePath=ReplaceBadChar(Trim(Request.ServerVariables("HTTP_REFERER")))
  IF HTMLEncode(Request.Form("Verifycode"))<>Trim(Session("psn")) then 
     Call Alert("登录失败:\n\n验证码有误，请重新输入！","Admin_Login.asp")
    exit Sub
   end if
   If request.Form("AdminLoginCode") <> SiteManageCode  Then
    Call Alert("登录失败:\n\n您输入的后台管理认证码不对，请重新输入！","Admin_Login.asp")
     Call InsertLog(UserName,0,CommePath,"输入了错误的后台管理认证码!")
    exit Sub
   End If
 Set LoginRS = Server.CreateObject("ADODB.RecordSet")
  SqlStr = "select * from Admin where admin_name='" & UserName & "'"
  LoginRS.Open SqlStr,Initialize_Conn,1,3
  If LoginRS.EOF AND LoginRS.BOF Then
	   Call InsertLog(UserName,0,CommePath,"输入了错误的帐号!")
       Call AlertHistory("登录失败:\n\n您输入了错误的帐号，请再次输入！",-1)
	  'response.Write UserName&"用户名&nbsp;"&LoginRS("admin_pass")
	  LoginRS.close:set LoginRS=nothing
	  exit sub
  Else
  
     IF LoginRS("admin_pass")=pwd THEN
      
	     IF LoginRS("Locked")=true Then
          Call Alert("登录失败:\n\n您的账号已被管理员锁定，请与您的系统管理员联系！","Admin_Login.asp")	
		  LoginRS.close:set LoginRS=nothing
	       exit sub
	     Else
		  	 '登录成功，并更新数据
			  Dim UserRS:Set UserRS=Server.CreateObject("Adodb.Recordset")
			  UserRS.Open "Select * from admin Where admin_name='" & UserName & "'",Initialize_Conn,1,3
			   LoginRS("LastLoginTime")=Now
	           LoginRS("LastLoginIP")=Request.ServerVariables("Remote_Addr")
	           LoginRS("LoginTimes")=LoginRS("LoginTimes")+1
	           LoginRS.UpDate
 			   		 Response.Cookies("UserName") = HtmlEncode(UserRS("admin_Name"))
			         Response.Cookies("Password") = UserRS("admin_pass")
					 Response.Cookies("AdminLoginCode") = SiteManageCode
					 Response.Cookies("AdminName") =  UserName
					 Response.Cookies("AdminPass")= pwd
					 Response.Cookies("admin_rank")     = LoginRS("admin_rank")
  			   UserRS.Close:Set UserRS=Nothing	 
	           Call InsertLog(UserName,1,commePath,"成功登录后台系统!")
			   'response.Write LoginRS("admin_pass")&"&nbsp;database&nbsp;锁定"&LoginRS("Locked")
	           Response.Redirect("Admin_Index.asp")
	     End IF
  ELse
    Response.Cookies("AdminName")=""
	Response.Cookies("AdminPass")=""
	Response.Cookies("SuperTF")=""
	Response.Cookies("PowerList")=""
	Response.Cookies("ModelPower")=""
	Call InsertLog(UserName,0,CommePath,"输入了错误的口令:" & Request.form("pwd"))
    Call Alert("登录失败:\n\n您输入了错误的口令，请再次输入！","Admin_Login.asp")	
   	 LoginRS.close:set LoginRS=nothing
  END IF
 End If
END Sub
'***************************************
Sub LoginOut()
			Dim AdminDir,RSObj
			Set RSObj=Server.CreateObject("Adodb.RecordSet")
	RSObj.Open "Select LastLogoutTime From Admin where admin_Name='"&Request.Cookies("AdminName") & "'",Initialize_Conn,1,3
			 IF Not RSObj.Eof Then
			  RSObj(0)=Now
			  RSObj.Update
			 End IF
			 RSObj.Close
			 Set RSObj=Nothing
			AdminDir="admin"
			Response.Cookies("AdminName")=""
			Response.Cookies("AdminPass")=""
			Response.Cookies("admin_rank")=""
 			session.Abandon()
			Response.Write ("<script> top.location.href='Admin_Login.asp';</script>")
End Sub
'***************************************
%>