www.gusucode.com > 6KBBS ASP版 V7.1 > 6KBBS ASP版 V7.1\code\bbs\Login.asp
<!--#include file="up.asp"-->
<%
dim action,comeurl,mark,graden
action=request.querystring("action")
select case action
case""
comeurl=Request.ServerVariables("HTTP_REFERER")
%>
<div class=login>
<div class=logintitle>
用户登陆
</div>
<div class=loginbody>
<table class=logintable width="100%" cellpadding="0" style="border-collapse: collapse">
<form action=login.asp?action=login method="POST">
<tr>
<td width="30%" height="28"><b> 请输入您的用户名:</b></td>
<td> <input type=text name=lgname size='20'> <a href=reg.asp>没有注册?</a></td>
</tr>
<tr>
<td height="28"><b> 请输入您的密码:</b></td>
<td> <input type=password name=lgpwd size='20'></td>
</tr>
<tr>
<td height="28"><b> 请输入登陆验证码:</b></td>
<td> <input type=text name=adminid size='20'> <%response.write"<img src=code.asp>"%></td>
</tr>
<tr>
<td height="40"><b> Cookie 选项:</b><br>
请选择你的 Cookie 保存时间</td>
<td> <select name=cook style="font-family: 宋体 (serif); font-size: 9pt">
<option value=0>不保存</option><option value=1>保存一天</option>
<option value=30>保存一月</option><option value=365>保存一年</option></select><input type="hidden" name="comeurl" size="20" value="<%=server.htmlencode(comeurl)%>"></td>
</tr>
<tr>
<td height="40"><b> 登陆方式:</b><br>
请选择你的登陆方式</td>
<td><input type=radio value=1 checked name=lgtype>正常登陆 <input type=radio value=2 name=lgtype>隐身登陆</td>
</tr>
<tr>
<td class=loginbutton colspan=2> <input type='submit' value=' 登 陆 ' name='B1' class=submit>
<input type='reset' value=' 重 置 ' name='B2' class=submit></td>
</tr></form>
</table>
</div>
</div>
<%case"login"
dim adminid,cook,login
lgname=Replace(Request.Form("lgname"),"'","''")
lgpwd=Replace(Request.Form("lgpwd"),"'","''")
adminid=Replace(Request.Form("adminid"),"'","''")
comeurl=Replace(Request.Form("comeurl"),"'","''")
lgtype=checknum(Request.Form("lgtype"))
cook=checknum(Request.Form("cook"))
%><!--#include file="inc/md5.asp"-->
<%
login=true
if session("adminid")<>adminid or not isnumeric(adminid) or adminid="" then
login=false
mes="·您输入的验证码错误,请输入正确的四位验证码!<br>"
else
function pname(str)
pname=true
if Instr(str,"=")>0 or Instr(str,"%")>0 or Instr(str,chr(32))>0 or Instr(str,"?")>0 or Instr(str,"&")>0 or Instr(str,";")>0 or Instr(str,",")>0 or Instr(str,"'")>0 or Instr(str,".")>0 or Instr(str,chr(34))>0 or Instr(str,chr(9))>0 or Instr(str,"")>0 or Instr(str,"$")>0 or Instr(str,chr(255))>0 or Instr(str,":") or instr(str,"|")>0 or instr(str,"#")>0 or instr(str,"`")>0 or instr(str,"\")>0 or instr(str,"(")>0 or instr(str,"[")>0 or instr(str,"-")>0 or instr(str,"~") then
pname=false
end if
end function
if pname(lgname)=false then
login=false
mes=mes&"·你的用户名或者密码错误,或者该用户已经被删除。<br>"
else
lgpwd=md5(lgpwd)
set rs=conn.execute("select top 1 userid,mark,grade,type,lasttime from [user] where name='"&lgname&"' and password='"&lgpwd&"' and not del")
if rs.eof then
login=false
mes=mes&"·你的用户名或者密码错误,或者该用户已经被删除。<br>"
elseif DateDiff("n",rs("lasttime"),now()+(timeset/24))<10 then
login=false
mes=mes&"·登陆间隔时间过短,论坛限制2次登陆间隔至少10分钟。"
else
login=true
lguserid=rs("userid")
session(prefix&"usertype2")=rs("type")
mark=rs("mark")+1
graden=mark\200
grade=rs("grade")
session(prefix&"usergrade")=grade
end if
set rs=nothing
end if
end if
if login=false then
tl=" 登 陆 失 败"
response.write"<img src=code.asp style='display:none' width=0 height=0>"
mes=mes&"·<a href='javascript:history.go(-1)'><img border=0 src="&styleid&"/re.gif align=absmiddle>返回重新填写</a>"
else
Response.Cookies(prefix)("lgname")=lgname
session(prefix&"lgname")=lgname
Response.Cookies(prefix)("lgpwd")=lgpwd
Response.Cookies(prefix)("lgtype")=lgtype
Response.Cookies(prefix)("lgcook")=cook
if cook>0 then
Response.Cookies(prefix).Expires=date+cook
end if
session(prefix&"lguserid")=lguserid
lguserid=session(prefix&"lguserid")
conn.execute("update [user] set mark=mark+1,lasttime=now()+"×et&"/24 where userid="&lguserid&"")
'usertype 0游客 1会员 2vip 3斑竹 4超级 5管理员
adminbd="0"
usertype=1
if grade=13 then usertype=2
if grade=14 then
usertype=3
set getadminbd=conn.execute("select bd from admin where name='"&lgname&"' and password='"&lgpwd&"'")
do while not getadminbd.eof
adminbd=adminbd&"|"&getadminbd("bd")&"|"
getadminbd.movenext
loop
set getadminbd=nothing
end if
if grade=15 then usertype=4
if grade=16 then usertype=5
if usertype<2 then
if graden>13 then graden=13
conn.execute("update [user] set grade="&graden&" where userid="&lguserid&"")
end if
session(prefix&"usertype")=usertype
session(prefix&"adminbd")=adminbd
dim sql
conn.execute("delete*from online where ip='"&ip&"' or userid="&lguserid&"")
if lgtype=1 then
sql="insert into online values("&lguserid&",'"&lgname&"','"&ip&"',now(),"&usertype&",true,0,'')"
else
sql="insert into online values("&lguserid&",'"&lgname&"','"&ip&"',now(),"&usertype&",false,0,'')"
end if
conn.execute(sql)
if instr(comeurl,"reg.asp")>0 or instr(comeurl,"login.asp")>0 or comeurl="" then
comeurl=""
else
comeurl="·<br>·<a href="&comeurl&">"&server.htmlencode(comeurl)&"</a>"
if instr(Lcase(comeurl),"left.asp")>0 then comeurl=""
end if
tl=" 登 陆 成 功"
mes="·<span id=sdown>3</span> 秒钟后将自动返回首页<br>·<a href='index.asp' target='_top'>进入论坛首页</a>"&comeurl
end if
call sendinfo(tl,mes)
if login=true then%>
<script type="text/javascript">
setTimeout("loginto()",3000);
function loginto(){
parent.window.top.location="index.asp";
}
function countDown(secs){
document.getElementById("sdown").innerHTML=secs;
if(--secs>0)
setTimeout("countDown("+secs+")",1000);
}
countDown(3);
</script><%end if
case"exit"
Response.Cookies(prefix)("lgname")=""
Response.Cookies(prefix)("lgpwd")=""
Response.Cookies(prefix)("lgtype")=""
Response.Cookies(prefix)("lgcook")=""
if isnull(lguserid) or lguserid="" then lguserid=0
conn.execute("delete*from [online] where userid="&lguserid&"")
session(prefix&"lgname")=""
session(prefix&"lguserid")=""
session(prefix&"usertype")=""
session(prefix&"adminbd")=""
session(prefix&"usertype2")=""
tl=" 退 出 成 功"
mes="·已经成功的退出论坛<br>·<a href=login.asp>重新登陆论坛</a><br>·<a target='_top' href='index.asp'>进入论坛首页</a><br>"
call sendinfo(tl,mes)
%><%
end select
call down%>