www.gusucode.com > 全球营销软件站整站源码4月最新数据 4.0源码程序 > 801wyxqf\adminadmin\inc\check.asp
<% Dim AdminName, AdminPass, AdminID, AdminRandomCode Call AdminCookiesToSession() AdminName = NewAsp.CheckBadstr(Session(AdminSessionName & "_AdminName")) '管理员名称 AdminPass = NewAsp.CheckBadstr(Session(AdminSessionName & "_AdminPass")) '管理员密码 AdminID = NewAsp.ChkNumeric(Session(AdminSessionName & "_AdminID")) '管理员ID AdminRandomCode = Trim(Session(AdminSessionName & "_AdminRandomCode")) '--打开后台定时功能 If AdminTimer = 2 Then If timesetting(Hour(Now))="1" Then Call AdminReadonly() End If End If If AdminName = "" Or AdminID = 0 Then Session.Abandon Response.Cookies(AdminCookiesName) = "" ErrMsg = ErrMsg + "<li>您没有进入本页面的权限!本次操作已被记录!<li>可能您还没有登陆或者不具有使用当前功能的权限!请联系管理员.<li>本页面为[<font color=red>管理员</font>]专用,请先<a href=admin_login.asp class=showmeun target=_top>登陆</a>后进入。" Response.redirect (AdminPath & "showerr.asp?action=error&Message=" & Server.URLEncode(ErrMsg) & "") Response.End End If If IsAdminValidate Then If AdminValidateCode <> Session(AdminSessionName & "_validate") Or Len(Session(AdminSessionName & "_validate")) = 0 Then ErrMsg = ErrMsg + "<li>非法登陆!您的IP我们已经记录在案。<li>" Session.Abandon Response.Cookies(AdminCookiesName) = "" Response.redirect (AdminPath & "showerr.asp?action=error&Message=" & Server.URLEncode(ErrMsg) & "") Response.End End If Else If Len(Session("validate")) > 0 Then ErrMsg = ErrMsg + "<li>非法登陆!您的IP我们已经记录在案。<li>" Session.Abandon Response.Cookies(AdminCookiesName) = "" Response.redirect (AdminPath & "showerr.asp?action=error&Message=" & Server.URLEncode(ErrMsg) & "") Response.End End If End If Call CheckAdminLogin() Sub CheckAdminLogin() Dim AdminSQL, AdminRs AdminSQL ="SELECT isLock,RandomCode,isAloneLogin FROM NC_Admin WHERE username='" & AdminName & "' And password='" & AdminPass & "' And id="& AdminID Set AdminRs = NewAsp.Execute(AdminSQL) If AdminRs.BOF And AdminRs.EOF Then Session.Abandon Response.Cookies(AdminCookiesName) = "" AdminRs.Close:set AdminRs = Nothing Response.Redirect(AdminPath & "showerr.asp") Response.End Else If AdminRs("isLock") <> 0 Then ErrMsg = "<li>你的用户名已被锁定,你不能登陆!如要开通此帐号,请联系管理员。</li>" AdminRs.Close:set AdminRs = Nothing Session.Abandon Response.Cookies(AdminCookiesName) = "" Response.Redirect(AdminPath & "showerr.asp?action=error&message=" & server.URLEncode(errmsg) & "") Response.End End If If AdminRs("isAloneLogin") <> 0 And Trim(AdminRs("RandomCode")) <> AdminRandomCode then Session.Abandon Response.Cookies(AdminCookiesName) = "" ErrMsg = "<li><font color='red'>对不起,为了系统安全,本系统不允许两个人使用同一个管理员帐号进行登录!</font></li><li>因为现在有人已经在其他地方使用此管理员帐号进行登录了,所以你将不能继续进行后台管理操作。</li><li>你可以<a href='admin_login.asp' target='_top' class=showmeun>点此重新登录</a>。</li>" Response.Redirect(AdminPath & "showerr.asp?action=error&message=" & server.URLEncode(errmsg) & "") AdminRs.Close:set AdminRs = Nothing Response.End End If End If AdminRs.Close:Set AdminRs = Nothing End Sub Function ChkAdmin(flag) On Error Resume Next Dim Adminflag,m_intAdminGrade ChkAdmin = False AdminFlag = Replace(Session(AdminSessionName & "_Adminflag"), "'", "''") m_intAdminGrade = NewAsp.ChkNumeric(Session(AdminSessionName & "_AdminGrade")) If flag = "" Then Exit Function If AdminFlag = "" Or IsEmpty(AdminFlag) Then Exit Function If CInt(m_intAdminGrade) = 999 Then ChkAdmin = True Exit Function Else If Adminflag = "" Then ChkAdmin = False Exit Function Else Adminflag = "," & Adminflag & "," flag = "," & flag & "," If Instr(Adminflag,flag)=0 then ChkAdmin = False Else ChkAdmin = True End If End If End If End Function Sub AdminCookiesToSession() If Session(AdminSessionName & "_AdminName") = "" And UseAdminCookies Then Session(AdminSessionName & "_AdminName") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("AdminName")) Session(AdminSessionName & "_AdminPass") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("AdminPass")) Session(AdminSessionName & "_AdminGrade") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("AdminGrade")) Session(AdminSessionName & "_Adminflag") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("Adminflag")) Session(AdminSessionName & "_AdminStatus") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("AdminStatus")) Session(AdminSessionName & "_AdminRandomCode") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("RandomCode")) Session(AdminSessionName & "_AdminID") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("AdminID")) If IsAdminValidate Then Session(AdminSessionName & "_validate") = NewAsp.CheckStr(Request.Cookies(AdminCookiesName)("validate")) End If End If End Sub Sub AdminReadonly() Dim sPathInfo:sPathInfo = LCase(Request.ServerVariables("PATH_INFO")) If InStr(sPathInfo,"/sys/admin_config.asp") > 0 Then Exit Sub If Request.Form <> "" Then Response.Redirect (AdminPath & "showerr.asp?action=error&Message=" & Server.URLEncode("<li>后台管理为只读模式,不能进行此操作。</li><li>如果有什么问题,请联系管理员。</li>") & "") Response.End End If If LCase(Trim(Request("action"))) = "del" Or LCase(Trim(Request("action"))) = "delall" Then Response.Redirect (AdminPath & "showerr.asp?action=error&Message=" & Server.URLEncode("<li>后台管理为只读模式,不能进行此操作。</li><li>如果有什么问题,请联系管理员。</li>") & "") Response.End End If End Sub %>