login.asp ASP 在线订购程序 - ASP源码程序

www.gusucode.com > ASP 在线订购程序 > ASP 在线订购程序\code\admin\login.asp
    <!--#include file="../conn.asp"-->
<!--#include file="login_admin.asp"-->
<%
dim rs
dim thesql
dim username
dim password
dim verifyid
verifyid=request.form("verifyid")



select case request("action")
case "login"
username=request.form("username")
password=request.form("password")
response.write username
if session("join_verifyid")<>verifyid or not isnumeric(verifyid) then
conn.close
set conn=nothing
response.write "<Script>window.alert('验证码错误！"&verifyid&"');history.go(-1);</Script>"
response.end
end if
if username=""  then 
conn.close
set conn=nothing
response.write "<Script>window.alert('用户名不能空');history.go(-1);</Script>"
else
if password="" then
conn.close
set conn=nothing
response.write "<Script>window.alert('密码不能空');history.go(-1);</Script>"
else



set rs=server.createobject("adodb.recordset")
thesql = "select * from admin where username='"&username&"'"
rs.open thesql,conn,1,3
if rs.eof then
rs.close
set rs=nothing
conn.close
set conn=nothing
response.write "<Script>window.alert('管理帐号错误！');javascript:history.back(1);</Script>"
response.end
else
if rs("password")<>password then
rs.close
set rs=nothing
conn.close
set conn=nothing
response.write "<Script>window.alert('管理密码错误！');javascript:history.back(1);</Script>"
response.end
else
session("admin1")=rs("username")
session("rank")=rs("rank")
response.redirect "mainmain.asp"
end if
end if
end if
end if
rs.close
set rs=nothing
conn.close
set conn=nothing

case "loginout"
session("admin")=""
response.redirect "index.asp"
end select
%>