www.gusucode.com > 中网景企业网站管理系统 2008源码程序 > common/access.asp
<!--#include file="../opendb.asp" --> <!--#include file="md5.asp" --> <% Call DisableOutSite() Dim yuyan,plippwd,iun,ipwd,stopus yuyan=cint(Request.Form("yuyan")) if yuyan=0 then plippwd="请输入用户名或密码!" iun="用户名错误!" ipwd="密码错误" stopus="对不起,您的用户名已被暂停或未通过审核!" else plippwd="Please input username or password" iun="invalid username" ipwd="invalid password" stopus="sorry, you have not be passed or stoped service" end if Dim LoginUserName,Loginpassword,usercookies,userip,GetUserID LoginUserName=left(trim(Request.Form("UserName")),20) Loginpassword=left(trim(Request.Form("password")),20) usercookies=Request.Form("usercookies") LoginUserName=sqlchkchar(LoginUserName) Loginpassword=sqlchkchar(Loginpassword) Loginpassword=MD5(Loginpassword) If LoginUserName="" or Loginpassword="" Then alertmsg(plippwd) End If if usercookies="" then usercookies="0" rs.open "select UserID,UserName,UserPassword,IsLocked,isPassed,weblevel from cnk_users where UserName='"&LoginUserName&"'",conn,1,3 If rs.recordcount=0 Then Call alertmsg(iun) rs.close Else If rs("UserPassword")<>Loginpassword Then Call alertmsg(ipwd) rs.close Else If rs("IsLocked")=1 or rs("isPassed")=0 Then Call alertmsg(stopus) rs.close response.End Else'登录成功 Select Case usercookies Case "0" Response.Cookies(cookies_name)("UserID")=rs("UserID") Response.Cookies(cookies_name)("UserName")=LoginUserName Response.Cookies(cookies_name)("UserPwd")=Loginpassword Response.Cookies(cookies_name)("weblevel")=rs("weblevel") Case "1" Response.Cookies(cookies_name).Expires=Date+1 Response.Cookies(cookies_name)("UserID")=rs("UserID") Response.Cookies(cookies_name)("UserName")=LoginUserName Response.Cookies(cookies_name)("UserPwd")=Loginpassword Response.Cookies(cookies_name)("weblevel")=rs("weblevel") Case "2" Response.Cookies(cookies_name).Expires=Date+30 Response.Cookies(cookies_name)("UserID")=rs("UserID") Response.Cookies(cookies_name)("UserName")=LoginUserName Response.Cookies(cookies_name)("UserPwd")=Loginpassword Response.Cookies(cookies_name)("weblevel")=rs("weblevel") Case "3" Response.Cookies(cookies_name).Expires=Date+365 Response.Cookies(cookies_name)("UserID")=rs("UserID") Response.Cookies(cookies_name)("UserName")=LoginUserName Response.Cookies(cookies_name)("UserPwd")=Loginpassword Response.Cookies(cookies_name)("weblevel")=rs("weblevel") End Select userip=GetRealIP() conn.execute("update cnk_users set Jifen=Jifen+2,LastLoginIP='"&userip&"',LastLoginTime='"&now()&"',LoginTimes=LoginTimes+1 where UserID="&rs("UserID")) '登录加分 If isBBS=1 Then Call userjibie(LoginUserName) Dim rsjb,gc,gr set rsjb=conn.execute("select UserLevel,Jibie from cnk_users where UserName='"&LoginUserName&"'") set gc=conn.execute("select GroupRight from Cnk_Jibie where LevelName='"&rsjb(1)&"'") gr=gc(0) Response.Cookies(cookies_name)("UserGroupRight")=gr If rsjb(0)>0 Then session.timeout=60 session("GroupRight")=gr End If End If Response.Redirect(Request.ServerVariables("HTTP_REFERER")) rs.close End If End If End If call closedb %>