www.gusucode.com > 智睿学校网站管理系统 V2.20 > 智睿学校网站管理系统 V2.20\code\admin\Admin_Cklogin.asp
<!--#include file="../Include/conn.asp"--> <!--#include file="../Include/Fun_SqlIn.Asp"--> <!--#include file="../Include/md5.asp"--> <% dim LoginName,LoginPassword,AdminName,Password,AdminPurview,Working,UserName,rs,sql,mycode LoginName=trim(request.form("LoginName")) LoginPassword=Md5(request.form("LoginPassword")) mycode = trim(request.form("code")) set rs = server.createobject("adodb.recordset") sql="select * from zhi_rui_s_manage where AdminName='"&LoginName&"'" rs.open sql,conn,1,3 if rs.eof then response.write "<script language=javascript> alert('管理员名称不正确,请重新输入。');location.replace('Admin_Login.asp');</script>" response.end else AdminName=rs("AdminName") Password=rs("Password") AdminPurview=rs("AdminPurview") Working=rs("Working") UserName=rs("UserName") end if if LoginPassword<>Password then response.write "<script language=javascript> alert('管理员密码不正确,请重新输入。');location.replace('Admin_Login.asp');</script>" response.end end if if mycode<>Session("getcode") then response.write "<script language=javascript> alert('您输入验证码错误,请返回重新登录!');location.replace('Admin_Login.asp');</script>" response.end end if if Working=0 then response.write "<script language=javascript> alert('不能登录,此管理员帐号已被锁定。');location.replace('Admin_Login.asp');</script>" response.end end if if LoginName=AdminName and LoginPassword=Password then rs("LastLoginTime")=now() rs("LastLoginIP")=Request.ServerVariables("Remote_Addr") rs.update rs.close set rs=nothing session("ZhiRui_Admin")=AdminName session("ZhiRui_User")=UserName session("AdminPurview")=AdminPurview response.cookies("ZhiRui")("ZhiRuiAdmin")=AdminName response.cookies("ZhiRui")("ZhiRuiUser")=UserName response.cookies("ZhiRui")("AdminPurview")=AdminPurview Response.Cookies("ZhiRui")("Check")="ZhiRuiSystem" Response.Cookies("ZhiRui").Expires=DateAdd("n",60,now()) Session.Timeout = 60 '================================== dim LoginIP,LoginTime,LoginSoft LoginIP=Request.ServerVariables("Remote_Addr") LoginSoft=Request.ServerVariables("Http_USER_AGENT") LoginTime=now() '==================================== set rs = server.createobject("adodb.recordset") sql="select * from zhi_rui_s_manageLog" rs.open sql,conn,1,3 rs.addnew rs("AdminName")=AdminName rs("UserName")=UserName rs("LoginIP")=LoginIP rs("LoginSoft")=LoginSoft rs("LoginTime")=LoginTime rs.update rs.close set rs=nothing '======================================== response.redirect "admin_index.asp" response.end end if %> </BODY> </html>