admin_login.asp

实现一个投票系统

<html>
<head>
<title>登录</title>
<link href="css.css" rel="stylesheet" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body>
<!-- #include file="conn.asp"-->
<%
dim us,pas,rs
us=trim(request.form("us"))
pas=trim(request.form("pas"))
if instr(us,"'") or instr(us,"<") or instr(us,"(") or instr(us,"*") or instr(us,"?") or instr(us,"&") or instr(us,"%") or instr(us,"=") or instr(us,"-") then
response.write "<script>alert('用户名密码中含有非法字符，请重新输入');history.back();</script>"
response.end
end if
if us<>"" then
set rs=server.createobject("adodb.recordset")
rs.open "select us,pas from V_login where us='"&us&"'",conn,1,1
if not rs.eof then
	if pas=rs("pas") then
	session("us")=us
	response.redirect "admin_index.asp"
	else
	response.write "<script>alert('用户密码不正确，请返回重新输入');history.back();</script>"
	end if
else
response.write "<script>alert('用户名不正确，请返回重新输入');history.back();</script>"
end if
end if
%>
<div align="center">
<form method="post" action="<% request.servervariables("script_name")%>">
<table border="1" width="45%" cellpadding="2" cellspacing="0" bordercolordark="#f7f7f7" bordercolorlight="#cccccc" class="css">
<tr>
<td bgcolor="#f7f7f7" height="30" colspan="2">管理员登录</td>
</tr>
<tr>
<td>用户名</td>
<td><input type="text" name="us" size="30" maxlength="50" class="inputt"></td>
</tr>
<tr>
<td>密码</td>
<td><input type="password" name="pas" size="34" maxlength="50" class="inputt"></td>
</tr>
<tr>
<td bgcolor="#f7f7f7" height="30" colspan="2" align="center"><input type="submit" name="submit" value="登录" class="inputt"></td>
</tr>
</table>
</form>
</div>
</body>
</html>