www.gusucode.com > 6KBBS ASP版 V7.1 > 6KBBS ASP版 V7.1\code\bbs\Login.asp
<!--#include file="up.asp"--> <% dim action,comeurl,mark,graden action=request.querystring("action") select case action case"" comeurl=Request.ServerVariables("HTTP_REFERER") %> <div class=login> <div class=logintitle> 用户登陆 </div> <div class=loginbody> <table class=logintable width="100%" cellpadding="0" style="border-collapse: collapse"> <form action=login.asp?action=login method="POST"> <tr> <td width="30%" height="28"><b> 请输入您的用户名:</b></td> <td> <input type=text name=lgname size='20'> <a href=reg.asp>没有注册?</a></td> </tr> <tr> <td height="28"><b> 请输入您的密码:</b></td> <td> <input type=password name=lgpwd size='20'></td> </tr> <tr> <td height="28"><b> 请输入登陆验证码:</b></td> <td> <input type=text name=adminid size='20'> <%response.write"<img src=code.asp>"%></td> </tr> <tr> <td height="40"><b> Cookie 选项:</b><br> 请选择你的 Cookie 保存时间</td> <td> <select name=cook style="font-family: 宋体 (serif); font-size: 9pt"> <option value=0>不保存</option><option value=1>保存一天</option> <option value=30>保存一月</option><option value=365>保存一年</option></select><input type="hidden" name="comeurl" size="20" value="<%=server.htmlencode(comeurl)%>"></td> </tr> <tr> <td height="40"><b> 登陆方式:</b><br> 请选择你的登陆方式</td> <td><input type=radio value=1 checked name=lgtype>正常登陆 <input type=radio value=2 name=lgtype>隐身登陆</td> </tr> <tr> <td class=loginbutton colspan=2> <input type='submit' value=' 登 陆 ' name='B1' class=submit> <input type='reset' value=' 重 置 ' name='B2' class=submit></td> </tr></form> </table> </div> </div> <%case"login" dim adminid,cook,login lgname=Replace(Request.Form("lgname"),"'","''") lgpwd=Replace(Request.Form("lgpwd"),"'","''") adminid=Replace(Request.Form("adminid"),"'","''") comeurl=Replace(Request.Form("comeurl"),"'","''") lgtype=checknum(Request.Form("lgtype")) cook=checknum(Request.Form("cook")) %><!--#include file="inc/md5.asp"--> <% login=true if session("adminid")<>adminid or not isnumeric(adminid) or adminid="" then login=false mes="·您输入的验证码错误,请输入正确的四位验证码!<br>" else function pname(str) pname=true if Instr(str,"=")>0 or Instr(str,"%")>0 or Instr(str,chr(32))>0 or Instr(str,"?")>0 or Instr(str,"&")>0 or Instr(str,";")>0 or Instr(str,",")>0 or Instr(str,"'")>0 or Instr(str,".")>0 or Instr(str,chr(34))>0 or Instr(str,chr(9))>0 or Instr(str,"")>0 or Instr(str,"$")>0 or Instr(str,chr(255))>0 or Instr(str,":") or instr(str,"|")>0 or instr(str,"#")>0 or instr(str,"`")>0 or instr(str,"\")>0 or instr(str,"(")>0 or instr(str,"[")>0 or instr(str,"-")>0 or instr(str,"~") then pname=false end if end function if pname(lgname)=false then login=false mes=mes&"·你的用户名或者密码错误,或者该用户已经被删除。<br>" else lgpwd=md5(lgpwd) set rs=conn.execute("select top 1 userid,mark,grade,type,lasttime from [user] where name='"&lgname&"' and password='"&lgpwd&"' and not del") if rs.eof then login=false mes=mes&"·你的用户名或者密码错误,或者该用户已经被删除。<br>" elseif DateDiff("n",rs("lasttime"),now()+(timeset/24))<10 then login=false mes=mes&"·登陆间隔时间过短,论坛限制2次登陆间隔至少10分钟。" else login=true lguserid=rs("userid") session(prefix&"usertype2")=rs("type") mark=rs("mark")+1 graden=mark\200 grade=rs("grade") session(prefix&"usergrade")=grade end if set rs=nothing end if end if if login=false then tl=" 登 陆 失 败" response.write"<img src=code.asp style='display:none' width=0 height=0>" mes=mes&"·<a href='javascript:history.go(-1)'><img border=0 src="&styleid&"/re.gif align=absmiddle>返回重新填写</a>" else Response.Cookies(prefix)("lgname")=lgname session(prefix&"lgname")=lgname Response.Cookies(prefix)("lgpwd")=lgpwd Response.Cookies(prefix)("lgtype")=lgtype Response.Cookies(prefix)("lgcook")=cook if cook>0 then Response.Cookies(prefix).Expires=date+cook end if session(prefix&"lguserid")=lguserid lguserid=session(prefix&"lguserid") conn.execute("update [user] set mark=mark+1,lasttime=now()+"×et&"/24 where userid="&lguserid&"") 'usertype 0游客 1会员 2vip 3斑竹 4超级 5管理员 adminbd="0" usertype=1 if grade=13 then usertype=2 if grade=14 then usertype=3 set getadminbd=conn.execute("select bd from admin where name='"&lgname&"' and password='"&lgpwd&"'") do while not getadminbd.eof adminbd=adminbd&"|"&getadminbd("bd")&"|" getadminbd.movenext loop set getadminbd=nothing end if if grade=15 then usertype=4 if grade=16 then usertype=5 if usertype<2 then if graden>13 then graden=13 conn.execute("update [user] set grade="&graden&" where userid="&lguserid&"") end if session(prefix&"usertype")=usertype session(prefix&"adminbd")=adminbd dim sql conn.execute("delete*from online where ip='"&ip&"' or userid="&lguserid&"") if lgtype=1 then sql="insert into online values("&lguserid&",'"&lgname&"','"&ip&"',now(),"&usertype&",true,0,'')" else sql="insert into online values("&lguserid&",'"&lgname&"','"&ip&"',now(),"&usertype&",false,0,'')" end if conn.execute(sql) if instr(comeurl,"reg.asp")>0 or instr(comeurl,"login.asp")>0 or comeurl="" then comeurl="" else comeurl="·<br>·<a href="&comeurl&">"&server.htmlencode(comeurl)&"</a>" if instr(Lcase(comeurl),"left.asp")>0 then comeurl="" end if tl=" 登 陆 成 功" mes="·<span id=sdown>3</span> 秒钟后将自动返回首页<br>·<a href='index.asp' target='_top'>进入论坛首页</a>"&comeurl end if call sendinfo(tl,mes) if login=true then%> <script type="text/javascript"> setTimeout("loginto()",3000); function loginto(){ parent.window.top.location="index.asp"; } function countDown(secs){ document.getElementById("sdown").innerHTML=secs; if(--secs>0) setTimeout("countDown("+secs+")",1000); } countDown(3); </script><%end if case"exit" Response.Cookies(prefix)("lgname")="" Response.Cookies(prefix)("lgpwd")="" Response.Cookies(prefix)("lgtype")="" Response.Cookies(prefix)("lgcook")="" if isnull(lguserid) or lguserid="" then lguserid=0 conn.execute("delete*from [online] where userid="&lguserid&"") session(prefix&"lgname")="" session(prefix&"lguserid")="" session(prefix&"usertype")="" session(prefix&"adminbd")="" session(prefix&"usertype2")="" tl=" 退 出 成 功" mes="·已经成功的退出论坛<br>·<a href=login.asp>重新登陆论坛</a><br>·<a target='_top' href='index.asp'>进入论坛首页</a><br>" call sendinfo(tl,mes) %><% end select call down%>