www.gusucode.com > 漂亮的地方旅游景点景观介绍网站源代码 > admin/check.asp
<!--#include file="../inc/const.asp" --> <!--#include file="inc/fun.asp" --> <!--#include file="../conn.asp" --> <% call zwtj() call openconn() dim action,admin_name,admin_psw,ip action=request("action") ip=userip() admin_name=Trim(Request.Form("name")) admin_psw=Trim(Request.Form("pass")) if action="" then call errs("非法操作!") else select case action case "login" set rs=conn.execute("select count(id) as tol from Jw_adminlog where year(ctim)="&year(now())&" and month(ctim)="&month(now())&" and day(ctim)="&day(now())&" and ip='"&userip()&"' and wxcz=1") if rs("tol")>5 then call errs("对不起!由于您登陆失败已经超过5次,系统已经禁止您登陆") end if call recordend(rs) if Trim(Request.Form("code"))<>Session("CheckCode") then '写入日志 conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip) values ('"&admin_name&"','验证码错误',now(),'"&ip&"')") call errs("验证码不正确") end if if admin_name<>"" and admin_psw<>"" then if issafestr(admin_name&admin_psw)=false then conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','信息中含有危险字符',now(),'"&ip&"',1)") call errs("信息中含有危险字符") end if dim rs call record(rs,"select * from Jw_admin where admin_name='"&admin_name&"'",2) if rs.eof then call recordend(rs) '写入日志 conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','帐号不存在',now(),'"&ip&"',1)") call errs("你输入的帐号不存在") end if if lcase(admin_psw)=lcase(rs("admin_psw")) then response.cookies("on")="y" response.cookies(fmid)("admin_id")=rs("id") response.cookies(fmid)("admin_name")=rs("admin_name") response.cookies(fmid)("admin_psw")=rs("admin_psw") response.cookies(fmid)("dgrees")=rs("dgrees") if rs("lastip")<>"" then response.cookies(fmid)("lastip")=rs("lastip") end if if rs("lasttime")<>"" then response.cookies(fmid)("lasttime")=rs("lasttime") end if '权限///////////////////////////////// response.cookies(fmid)("qx1")=rs("qx1") response.cookies(fmid)("qx2")=rs("qx2") response.cookies(fmid)("qx3")=rs("qx3") response.cookies(fmid)("qx4")=rs("qx4") response.cookies(fmid)("qx5")=rs("qx5") response.cookies(fmid)("qx6")=rs("qx6") response.cookies(fmid)("qx7")=rs("qx7") response.cookies(fmid)("qx8")=rs("qx8") response.cookies(fmid)("qx9")=rs("qx9") response.cookies(fmid)("qx10")=rs("qx10") response.cookies(fmid)("qx11")=rs("qx11") response.cookies(fmid)("qx12")=rs("qx12") response.cookies(fmid)("qx13")=rs("qx13") rs("dgrees")=rs("dgrees")+1 rs("lasttime")=now() rs("lastip")=ip rs.update() call recordend(rs) '写入日志 conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip) values ('"&admin_name&"','登陆成功',now(),'"&ip&"')") call errs(0) else call recordend(rs) '写入日志 conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','用户名或密码错误',now(),'"&ip&"',1)") call errs("用户名或密码错误") end if else '写入日志 conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','未知错误',now(),'"&ip&"',1)") call errs("未知错误") end if case "out" call connend() response.cookies("on")="" response.cookies(fmid)("admin_id")="" response.cookies(fmid)("admin_name")="" response.cookies(fmid)("admin_psw")="" response.cookies(fmid)("dgrees")="" response.cookies(fmid)("lastip")="" response.cookies(fmid)("lasttime")="" '权限///////////////////////////////// response.cookies(fmid)("qx1")="" response.cookies(fmid)("qx2")="" response.cookies(fmid)("qx3")="" response.cookies(fmid)("qx4")="" response.cookies(fmid)("qx5")="" response.cookies(fmid)("qx6")="" response.cookies(fmid)("qx7")="" response.cookies(fmid)("qx8")="" response.cookies(fmid)("qx9")="" response.cookies(fmid)("qx10")="" response.cookies(fmid)("qx11")="" response.cookies(fmid)("qx12")="" response.cookies(fmid)("qx13")="" Response.Write("<script language=""javascript"">location.href='../';</script>") end select end if %>