<% adminUser_Acc = replace(getString(request.Form("adminUser_Acc")),"'","") adminUser_Pwd = replace(getString(request.Form("adminUser_Pwd")),"'","") checkCode = getString(request.Form("checkCode")) action = lcase(getString(request("action"))) If getString(session("admin")) = "nothing" then If Request.Cookies("username")<>"" and Request.Cookies("adminUser_Pwd")<>"" then Set rs = getRecord("select * from tbAdminUser where adminUser_Acc='" & replace(Request.Cookies("username"),"'","") & "' and adminUser_Pwd ='" & replace(Request.Cookies("adminUser_Pwd"),"'","") & "'") If not(rs.eof or err) then session.Timeout = 999 session("master") = true session("admin") = rs("adminUser_Acc") session("username") = rs("adminUser_Name") session("adminUser_Pwd") = rs("adminUser_Pwd") session("adminUser_Power") = rs("adminUser_Power") session("adminUser_jurisdiction") = rs("adminUser_jurisdiction") session.Contents.Remove("checkCode") Response.Cookies("username")=rs("adminUser_Acc") Response.Cookies("adminUser_Pwd")=rs("adminUser_Pwd") Response.Cookies("username").Expires=date()+1 Response.Cookies("adminUser_Pwd").Expires=date()+1 Response.redirect "default.asp" End if rs_close(rs) End if Else Response.redirect "default.asp" End if is_error = false if action = "check" then if adminUser_Acc = "nothing" then acc_error = "登录帐号为空!" is_error = true end if if adminUser_Pwd = "nothing" then acc_error = "登录密码为空!" is_error = true end if if checkCode = "nothing" then acc_error = "验证码为空!" is_error = true end if if getString(checkCode) <> getString(session("GetCode")) and checkCode <> "nothing" then acc_error = "验证码有误!" is_error = true end if if not is_error then set rs = getRecord("select * from tbAdminUser where adminUser_Acc='" & adminUser_Acc & "'") if not(rs.eof or err) then set rs = getRecord("select * from tbAdminUser where adminUser_Acc = '" & adminUser_Acc & "' and adminUser_Pwd = '" & md5(md5(adminUser_Pwd) & "nncb" ) & "'") if not(rs.eof or err) then if not iserror then session.Timeout = 999 session("master") = true session("admin") = rs("adminUser_Acc") session("username") = rs("adminUser_Name") session("adminUser_Pwd") = rs("adminUser_Pwd") session("adminUser_Power") = rs("adminUser_Power") session("adminUser_jurisdiction") = rs("adminUser_jurisdiction") session.Contents.Remove("checkCode") Response.Cookies("username")=rs("adminUser_Acc") Response.Cookies("adminUser_Pwd")=rs("adminUser_Pwd") Response.Cookies("username").Expires=date()+1 Response.Cookies("adminUser_Pwd").Expires=date()+1 '添加日志 getrecord("insert into [tblogin] (login_name,login_ip) values('"&rs("adminUser_Acc")&"','"&Request.ServerVariables("REMOTE_ADDR")&"')") response.redirect "default.asp" end if else acc_error = "登录密码有误!" end if else acc_error = "账号或密码错误!" end if end if else set rs = nothing end if %>
<%=acc_error%>
用户名 " maxlength="18">
密 码
验证码 " size="6" maxlength="4"><%=getcode1()%>