ain_login2.asp 站长俱乐部新闻发布系统精简版 1.01源码程序 - ASP源码程序

www.gusucode.com > 站长俱乐部新闻发布系统精简版 1.01源码程序 > main_login2.asp
    <%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%>
<%
option explicit
Response.Buffer = true
'On Error Resume Next
Dim objError
%>      
<!--#include file="admin/connections/oConn_db.asp" -->
<!--#include file="admin/errors/errors.asp" -->
<%
Dim FileSystemObject, FileExists

'If MSAccess, verify that the database exists to prevent the server hanging
if ((db_STRING <> "") and (strDatabaseType = "msaccess")) then
        Set FileSystemObject = Server.CreateObject("Scripting.FileSystemObject")
    	If FileSystemObject.FileExists(db_STRING) Then
    		    FileExists = True
    	Else
        		FileExists = False
        		DataErrorNoDatabase()
    	End If
    	Set FileSystemObject = Nothing
end if
%>
<!--#include file="admin/queries/query.asp" -->
<%
If errorFound <> true then
%>
        <!--#include file="admin/admin_encrypt.asp" -->
	<!--#include file="admin/admin_lang_login.asp" -->
	<%
	' *** Validate request to log in to this site.
	dim MM_flag, MM_rsUser
	MM_LoginAction = Request.ServerVariables("URL")
	If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString
	
	If MM_valUsername <> "" Then
	        dim MM_redirectLoginSuccess, MM_redirectLoginFailed
	        MM_redirectLoginSuccess="admin/default.asp"
	        MM_redirectLoginFailed="main_login.asp"
	        MM_flag="ADODB.Recordset"
	        set MM_rsUser = Server.CreateObject(MM_flag)
	        MM_rsUser.ActiveConnection = MM_oConn_STRING
	        MM_rsUser.Source = "SELECT ID, Type, Username, Password FROM ac_user WHERE Username='" & MM_valUsername &"' AND Password='" & MM_valUsername3 & "'"
	        MM_rsUser.CursorType = 0
	        MM_rsUser.CursorLocation = 2
	        MM_rsUser.LockType = 3
	        MM_rsUser.Open
	  
	        If Not MM_rsUser.EOF Then
	                dim strOne,strTwo
	                strOne = MM_rsUser.Fields.Item("Password").Value
	                response.write("passwords: " & MM_valUsername3 & ":" & strOne & "<br>")
	    
	                If (MM_valUsername3 = strOne) Then
	                        'username and password match - this is a valid user
	                        Session("MM_Username") = MM_valUsername
	                        Session("MM_UserID") = MM_rsUser.Fields.Item("ID").Value
	                        strTwo = CInt(MM_rsUser.Fields.Item("Type").Value)
	                        Session("MM_UserAuthorization") = strTwo
	                        'response.write Session("MM_Username")
	                        MM_rsUser.Close
	                        If Request.QueryString<>"" then
	                        	Response.Redirect(Request.QueryString("accessdenied"))
	                        Else
	                        	Response.Redirect(MM_redirectLoginSuccess)
	                        End If
	                Else
	                        response.write("Login failed<br>")
	                End If
	        Else
	                MM_rsUser.Close
	                Response.Redirect("main_login.asp")
	        End If
	
	End If
	%>
<%
end if
%>