www.gusucode.com > 站长俱乐部新闻发布系统精简版 1.01源码程序 > main_login2.asp
<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%> <% option explicit Response.Buffer = true 'On Error Resume Next Dim objError %> <!--#include file="admin/connections/oConn_db.asp" --> <!--#include file="admin/errors/errors.asp" --> <% Dim FileSystemObject, FileExists 'If MSAccess, verify that the database exists to prevent the server hanging if ((db_STRING <> "") and (strDatabaseType = "msaccess")) then Set FileSystemObject = Server.CreateObject("Scripting.FileSystemObject") If FileSystemObject.FileExists(db_STRING) Then FileExists = True Else FileExists = False DataErrorNoDatabase() End If Set FileSystemObject = Nothing end if %> <!--#include file="admin/queries/query.asp" --> <% If errorFound <> true then %> <!--#include file="admin/admin_encrypt.asp" --> <!--#include file="admin/admin_lang_login.asp" --> <% ' *** Validate request to log in to this site. dim MM_flag, MM_rsUser MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString If MM_valUsername <> "" Then dim MM_redirectLoginSuccess, MM_redirectLoginFailed MM_redirectLoginSuccess="admin/default.asp" MM_redirectLoginFailed="main_login.asp" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_oConn_STRING MM_rsUser.Source = "SELECT ID, Type, Username, Password FROM ac_user WHERE Username='" & MM_valUsername &"' AND Password='" & MM_valUsername3 & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Then dim strOne,strTwo strOne = MM_rsUser.Fields.Item("Password").Value response.write("passwords: " & MM_valUsername3 & ":" & strOne & "<br>") If (MM_valUsername3 = strOne) Then 'username and password match - this is a valid user Session("MM_Username") = MM_valUsername Session("MM_UserID") = MM_rsUser.Fields.Item("ID").Value strTwo = CInt(MM_rsUser.Fields.Item("Type").Value) Session("MM_UserAuthorization") = strTwo 'response.write Session("MM_Username") MM_rsUser.Close If Request.QueryString<>"" then Response.Redirect(Request.QueryString("accessdenied")) Else Response.Redirect(MM_redirectLoginSuccess) End If Else response.write("Login failed<br>") End If Else MM_rsUser.Close Response.Redirect("main_login.asp") End If End If %> <% end if %>