www.gusucode.com > 超文本多用户论坛程序 1.1 > bbs/admin/hs.asp

    <!--#include file="conn.asp"-->
<%
ltbh=request.cookies("ltbh")
username=session("username")
userpass=session("userpass")
sql="select cnuser,cnpass from zwuser where cnuser='"&username&"'and cnpass='"&userpass&"' and ltbh='"&ltbh&"'"
set rsht=conn.execute(sql)
if rsht.eof then
rsht.close
set rsht=nothing
%>
<script language= vbscript>
<!--
window.alert"*用户名密码错误!"
window.location="../index.asp?ltbh=<%=ltbh%>"
-->
</script>
<%
response.end
end if
%>

<%
'过滤字符
function ReplaceBadChar(strChar)
	if strChar="" then
		ReplaceBadChar=""
	else
		ReplaceBadChar=replace(replace(replace(replace(replace(replace(replace(strChar,"'",""),"*",""),"?",""),"(",""),")",""),"<",""),".","")
	end if
end function


function scriptgl(strChar)
	if strChar="" then
		scriptgl=""
	else
		scriptgl=replace(replace(replace(replace(strChar,"<script>",""),"<script language=","") ,"</script>",""),"'","")
	end if
end function
%>

<%
sub dbclose
conn.close
set conn=nothing
end sub
%>

<!--webbot bot="PurpleText" PREVIEW="外部数据提交防止" -->
<%
sub wbfz
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if  mid(server_v1,8,len(server_v2))<>server_v2  then
%>
<script language=vbscript>
<!--
window.alert"禁止从外部提交数据!请登陆"
window.location="http://www.textbbs.com"
-->
</script>
<%
end if
end sub
%>