www.gusucode.com > 学校共青团组织网站源代码 > 学校共青团组织网站源代码/626/Edit/admin_chk.asp
<% function chkh(stra) stra=replace(stra,"<","<") stra=replace(stra,">",">") stra=replace(stra,"'","") stra=replace(stra,"(","(") stra=replace(stra,")",")") stra=replace(stra,";",";") stra=replace(stra,",",",") stra=replace(stra,"%","%") stra=replace(stra,"+","+") chkh=stra end function session("admin__user")=chkh(Request.Cookies("adminuser")) session("admin__pass")=chkh(Request.Cookies("adminpass")) session("dJ")=chkh(Request.Cookies("admindj")) adminuser=chkh(Request.Cookies("adminuser")) adminpass=chkh(Request.Cookies("adminpass")) admindj=chkh(Request.Cookies("admindj")) if adminuser="" or adminpass="" then Response.Redirect "../login.asp?id=8" end if %><!--#include file = admin_conn.asp --> <% user=chkh(trim(session("admin__user"))) pass=adminpass sql = "select * from admin where [user]='"&adminuser&"' and [pass]='"&adminpass&"'" Set rs = Server.CreateObject("ADODB.RecordSet") rs.Open sql,conn,1,1 if rs.recordcount=0 then Response.Cookies ("adminuser")="" Response.Cookies ("adminpass")="" Response.Cookies ("admindj")="" Response.Redirect "../login.asp?id=8" else Response.Cookies ("admindj")=rs("dj") session("dJ")=rs("dj") end if rs.close set rs=nothing conn.close set conn=nothing %>