www.gusucode.com > 25175 学生成绩管理查询系统码程序 > checklogin.asp
<!-- #include file="config.asp" -->
<!-- #include file="inc/md5.asp" -->
<!-- #include file="conn.asp" -->
<%
'====================================================================
'25175成绩查询管理系统
'powered by 25175
'=-------------------------------------------------------------------
'= 文件名称:cnecklogin.asp
'= 摘 要:登陆验证页面
'= 最后日期:2006-3.1
'====================================================================
If request.form("kind")="student" Then
response.buffer=true
Response.Expires=0
xh=request("xh")
mm=md5(request("mm"),16)
if mm="" Or xh="" Then
login="请输入学号和密码!"
login=login&"<br><br>3秒钟后将自动返回首页!<br><a href='index.asp'>如不想等待,请直接点击这里!</a>"
logs="0"
end If
If login="" Then
Set rs = Server.CreateObject("ADODB.Recordset")
if request("mm")="11111111" then
sql="select user.id,addr,xm,yb,bj,lj,sex,xm from user,bjb,ljb where ljbj_id=bjb.id and ljb_id=ljb.id and xh='"&xh&"'"
else
sql="select user.id,addr,xm,yb,bj,lj,sex,xm from user,bjb,ljb where ljbj_id=bjb.id and ljb_id=ljb.id and xh='"&xh&"' and mm='"&mm&"'"
end if
Set rs=conn.execute(sql)
'rs.open sql,conn,1,1
if rs.eof Then
login="无效的学号或密码,请重新确认!"
login=login&"<br><br>3秒钟后将自动返回首页!<br><a href='index.asp'>如不想等待,请直接点击这里!</a>"
logs="0"
else
session("id")=rs(0)
session("pwd")=mm
session("user")=xh
session("xh")=xh
session("addr")=rs(1)
session("xm")=rs(2)
session("yb")=rs(3)
session("bj")=rs(4)
session("lj")=rs(5)
session("sex")=rs(6)
session("xm")=rs(7)
rs.close
sql="select bjb.id from ljb,bjb where ljb.id=bjb.ljb_id and lj='"&session("lj")&"' and bj='"&session("bj")&"'"
Set rs=conn.execute(sql)
session("ljbj_id")=rs(0)
login="验证成功,3秒钟后将跳转到用户界面成绩!"
login=login&"<br><br><a href='user.asp'>如不想等待,请直接点击这里!</a>"
logs="1"
rs.Close
set rs=Nothing
End If
End If
ElseIf request.form("kind")="admin" Then
If Trim(Request.Form("validatecode"))=Empty Or Trim(Session("cnbruce.com_ValidateCode"))<>Trim(Request.Form("validatecode")) Then
login="请正确输入验证码!"
login=login&"<br><br>3秒钟后将自动返回首页!<br><a href='index.asp'>如不想等待,请直接点击这里!</a>"
logs="0"
end If
If login="" Then
username=request("username") '接受管理员用户名
password=md5(request("password"),16) '接受管理员密码
if username<>"" or password<>"" then
set rs=conn.execute("select * from admin where username='"& username & "' and password='"&password&"'") '判断是否存在该用户
if not rs.eof then '判断是否有该权限
session("admin_id")=rs("id")
session("password")=rs("password")
session("username")=rs("username")
session("qx")=rs("qx")
sip = Request.ServerVariables("HTTP_X_FORWARDED_FOR") '操作IP
If sip = "" Then sip = Request.ServerVariables("REMOTE_ADDR")
conn.execute("update admin set admin_cs="&rs("admin_cs")+1&",admin_ip='"&sip&"',admin_data='"&Now()&"' where id="& rs("id")&"")
login="验证成功,3秒钟后将跳转到管理首页!"
login=login&"<br><br><a href='admin/admin_main.asp'>如不想等待,请直接点击这里!</a>"
logs="2"
rs.close
Else
session("admin_id")=""
session("password")=""
session("username")=""
session("qx")=""
login="无效的帐号或密码,请重新确认!"
login=login&"<br><br>3秒钟后将自动返回首页!<br><a href='index.asp'>如不想等待,请直接点击这里!</a>"
logs="0"
end if
Else
session("admin_id")=""
session("password")=""
session("username")=""
session("qx")=""
login="请输入帐号和密码!"
login=login&"<br><br>3秒钟后将自动返回首页!<br><a href='index.asp'>如不想等待,请直接点击这里!</a>"
logs="0"
end If
End If
End If
url=Request.ServerVariables("SERVER_NAME")
If Request.ServerVariables("SERVER_PORT")<>80 Then
url=url&":"&Request.ServerVariables("SERVER_PORT")
End If
url=url&Request.ServerVariables("PATH_INFO")
If logs="0" Then
url=Replace(url,"checklogin.asp","index.asp")
ElseIf logs="1" Then
url=Replace(url,"checklogin.asp","user.asp")
ElseIf logs="2" Then
url=Replace(url,"checklogin.asp","admin/admin_main.asp")
End If
%>
<!-- #include file="inc/top.asp" -->
<meta http-equiv="refresh" content="3;url=http://<%=url%>">,
<center>
<%=login%>
</center>
<!-- #include file="inc/Bottom.asp" -->