chkadmin.asp 云枫工作室企业网站源码 1 - ASP源码程序

www.gusucode.com > 云枫工作室企业网站源码 1 > 云枫工作室企业网站源码 1.0/云枫工作室企业网站源码(asp无限制版)1.0/web/admin/chkadmin.asp
    <!--#include file="conn.asp"-->
<!--#include file="md5.asp"-->
<%
Function FormatSQL(strChar)
if strChar="" then
FormatSQL=""
else
FormatSQL=replace(replace(replace(replace(replace(replace(replace(replace(strChar,"'","’"),"*","×"),"?","？"),"(","（"),")","）"),"<","〈"),".","。"),";","；")
end if
End Function 

Function SafeRequest(ParaName,ParaType)
       Dim ParaValue
       ParaValue=Request(ParaName)
       If ParaType=1 then
              If not isNumeric(ParaValue) then
                     Response.write "<center>参数" & ParaName & "必须为数字型！</center>"
                     Response.end
              End if
       Else
              ParaValue=replace(ParaValue,"'","''")
       End if
       SafeRequest=ParaValue
End function
dim admin,UserPassword,passcode
admin=FormatSQL(replace(trim(request.form("admin")),"'",""))
UserPassword=md5(FormatSQL(replace(trim(request.Form("UserPassword")),"'","")))
if not isnumeric(request.form("passcode")) then
response.Write "<script LANGUAGE='javascript'>alert('[ 系统提示 ]\n\n登录失败！验证码必须是数字，请正确填写！');parent.navigate('index.asp');</script>"
conn.Close
set conn=nothing
response.end
end if
passcode=Cint(request.form("passcode"))
set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from [Manage_admin] where UserPassword='"&UserPassword&"' and admin='"&admin&"' " ,conn,1,1
if rs.bof and rs.eof then
response.write "<script language=javascript>window.alert('[系统提示]\n\n登陆失败！用户名或密码不正确！');parent.navigate('index.asp')</script>"
rs.Close
set rs=nothing
conn.Close
set conn=nothing
response.end
else
if passcode<>Session("GetCode") then
response.Write "<script LANGUAGE='javascript'>alert('[ 系统提示 ]\n\n登录失败！验证码错误');parent.navigate('index.asp');</script>"
rs.Close
set rs=nothing
conn.Close
set conn=nothing
response.end
end if
if UserPassword=rs("UserPassword") and admin=rs("admin") then
session("admin")=trim(rs("admin"))
session("rank")=int(rs("rank"))
session.Timeout=120
rs.Close
set rs=nothing
conn.Close
set conn=nothing
response.Redirect "Index_admin.asp"
else
response.write "<script LANGUAGE='javascript'>alert('[ 系统提示 ]\n\n登录失败！密码错误');parent.navigate('index.asp');</script>"
rs.Close
set rs=nothing
conn.Close
set conn=nothing
end if
end if
%>