check.asp 漂亮的地方旅游景点景观介绍网站源代码 - ASP源码程序

www.gusucode.com > 漂亮的地方旅游景点景观介绍网站源代码 > admin/check.asp
    <!--#include file="../inc/const.asp" -->
<!--#include file="inc/fun.asp" -->
<!--#include file="../conn.asp" -->
<% 
call zwtj()
call openconn()

dim action,admin_name,admin_psw,ip
action=request("action")
ip=userip()

admin_name=Trim(Request.Form("name"))
admin_psw=Trim(Request.Form("pass"))

if action="" then 
call errs("非法操作!")
else

select case action
case "login"

set rs=conn.execute("select count(id) as tol from Jw_adminlog where year(ctim)="&year(now())&" and month(ctim)="&month(now())&" and day(ctim)="&day(now())&" and ip='"&userip()&"' and wxcz=1")
if rs("tol")>5 then 
call errs("对不起！由于您登陆失败已经超过5次，系统已经禁止您登陆")
end if
call recordend(rs)

if Trim(Request.Form("code"))<>Session("CheckCode") then
'写入日志
conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip) values ('"&admin_name&"','验证码错误',now(),'"&ip&"')")
call errs("验证码不正确")
end if

if admin_name<>"" and admin_psw<>"" then
if issafestr(admin_name&admin_psw)=false then 
conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','信息中含有危险字符',now(),'"&ip&"',1)")
call errs("信息中含有危险字符")
end if 

dim rs
call record(rs,"select * from Jw_admin where admin_name='"&admin_name&"'",2)
if rs.eof then
call recordend(rs)
'写入日志
conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','帐号不存在',now(),'"&ip&"',1)")
call errs("你输入的帐号不存在")
end if

if lcase(admin_psw)=lcase(rs("admin_psw")) then 
response.cookies("on")="y"
response.cookies(fmid)("admin_id")=rs("id")
response.cookies(fmid)("admin_name")=rs("admin_name")
response.cookies(fmid)("admin_psw")=rs("admin_psw")
response.cookies(fmid)("dgrees")=rs("dgrees")
if rs("lastip")<>"" then 
response.cookies(fmid)("lastip")=rs("lastip")
end if
if rs("lasttime")<>"" then 
response.cookies(fmid)("lasttime")=rs("lasttime")
end if
'权限/////////////////////////////////
response.cookies(fmid)("qx1")=rs("qx1")
response.cookies(fmid)("qx2")=rs("qx2")
response.cookies(fmid)("qx3")=rs("qx3")
response.cookies(fmid)("qx4")=rs("qx4")
response.cookies(fmid)("qx5")=rs("qx5")
response.cookies(fmid)("qx6")=rs("qx6")
response.cookies(fmid)("qx7")=rs("qx7")
response.cookies(fmid)("qx8")=rs("qx8")
response.cookies(fmid)("qx9")=rs("qx9")
response.cookies(fmid)("qx10")=rs("qx10")
response.cookies(fmid)("qx11")=rs("qx11")
response.cookies(fmid)("qx12")=rs("qx12")
response.cookies(fmid)("qx13")=rs("qx13")

rs("dgrees")=rs("dgrees")+1
rs("lasttime")=now()
rs("lastip")=ip
rs.update()
call recordend(rs)
'写入日志
conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip) values ('"&admin_name&"','登陆成功',now(),'"&ip&"')")
call errs(0)
else
call recordend(rs)
'写入日志
conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','用户名或密码错误',now(),'"&ip&"',1)")
call errs("用户名或密码错误")
end if

else
'写入日志
conn.execute("insert into Jw_adminlog (uname,ms,ctim,ip,wxcz) values ('"&admin_name&"','未知错误',now(),'"&ip&"',1)")
call errs("未知错误")
end if

case "out"
call connend()

response.cookies("on")=""
response.cookies(fmid)("admin_id")=""
response.cookies(fmid)("admin_name")=""
response.cookies(fmid)("admin_psw")=""
response.cookies(fmid)("dgrees")=""
response.cookies(fmid)("lastip")=""
response.cookies(fmid)("lasttime")=""

'权限/////////////////////////////////
response.cookies(fmid)("qx1")=""
response.cookies(fmid)("qx2")=""
response.cookies(fmid)("qx3")=""
response.cookies(fmid)("qx4")=""
response.cookies(fmid)("qx5")=""
response.cookies(fmid)("qx6")=""
response.cookies(fmid)("qx7")=""
response.cookies(fmid)("qx8")=""
response.cookies(fmid)("qx9")=""
response.cookies(fmid)("qx10")=""
response.cookies(fmid)("qx11")=""
response.cookies(fmid)("qx12")=""
response.cookies(fmid)("qx13")=""
Response.Write("<script language=""javascript"">location.href='../';</script>")
end select
end if
%>