<!--#include file="sql.asp"-->
<!--#include file="articleconn.asp"-->
'<!--#include file=md5.asp-->
<%
server_vv=len(Request.ServerVariables("SERVER_NAME"))
server_v1=left(Cstr(Request.ServerVariables("HTTP_REFERER")),server_vv)
server_v2=left(Cstr("http://"&Request.ServerVariables("SERVER_NAME")),server_vv)
if server_v1<>server_v2 and server_v1<>"" and server_v2<>"" then
response.write("<script>alert('错误：禁止从站点外部提交数据!.')</script>")
response.end
end if
%>
<%trim(replace(request("username"),"'",""))
if request.form("randm1")="" then
response.write "<script language=javascript>alert('请输入验证码!');history.back(-1);</script>"
response.end ()
end if
if request.form("randm1")<>request.form("randm2") then
response.write "<script language=javascript>alert('登陆错误：验证码填写错误!');history.back(-1);</script>"
response.end ()
end if
if request.form("username")="" then
response.write "<script language=javascript>alert('请输入用户名!');history.back(-1);</script>"
response.end ()
end if
if request.form("password")="" then
response.write "<script language=javascript>alert('请输入密码!');history.back(-1);</script>"
response.end ()
end if
user=trim(replace(request("username"),"'",""))
pas=trim(replace(request("password"),"'",""))
session("user")=request("username")
pass=request("password")
session("pas")=md5(pass)
Set rsadmin = Server.CreateObject("ADODB.Recordset")
sqladmin="SELECT * FROM admin where admin='"&session("user")&"'"
rsadmin.OPEN sqladmin, Conn,1,1
if rsadmin.eof and rsadmin.bof then
user1=trim(replace(request("username"),"'",""))
sql1="select * from log where (id is null)"
set rs1=server.createobject("adodb.recordset")
rs1.open sql1,conn,1,3
rs1.addnew
rs1("user1")=user1
rs1("sq")=2
rs1("IP")=IP
rs1.update
rs1.close
response.write "<script language=javascript>alert('请不要攻击小站!');history.back(-1);</script>"
elseif session("pas")<>rsadmin("pws") then
user1=trim(replace(request("username"),"'",""))
sql1="select * from log where (id is null)"
set rs1=server.createobject("adodb.recordset")
rs1.open sql1,conn,1,3
rs1.addnew
rs1("user1")=user1
rs1("sq")=3
rs1("IP")=IP
rs1.update
rs1.close
response.write "<script language=javascript>alert('密码错！');history.back(-1);</script>"
else
session("qx")=rsadmin("qx")
session("user")=rsadmin("admin")
session("pas")=rsadmin("pws")
IP=Request("REMOTE_ADDR")
user1=trim(replace(request("username"),"'",""))
sql1="select * from log where (id is null)"
set rs1=server.createobject("adodb.recordset")
rs1.open sql1,conn,1,3
rs1.addnew
rs1("user1")=user1
rs1("sq")=1
rs1("IP")=IP
rs1.update
rs1.close
Response.Redirect "k.asp"
end if
rsadmin.close
set rsadmin=nothing
%>
我想把它改成不用MD5加密怎么实现？
数据库的密码找不回来了，我怎么也更改不了，所以我想如果不用它，怎么来实现呢？各位高手帮我改改！谢谢啦！

一
用明文加密改一下就可以

rsadmin("pws")=md5("123456")



二
如果实在不想用把session("pas")=md5(pass)

MD5去掉就可以。换成session("pas")=pass


写到数据库中
rsadmin("pws")=pass

但数据库里的其它记录的密码都要改回明文。建议还是用第一种方法！

[此贴子已经被作者于2006-1-21 12:14:21编辑过]

可以改的～～做个页面，无条件地把密码覆盖不就行了吗？

如果用2楼说的第一种方法怎么改好呢？请指教！

sql="select from admintable where id="&id 'id是你要改的那条记录对应的id
rsadmin.open sql,conn,1,3
rsadmin("pws")=md5("123456")
rsadmin.update

这样，新密码就是123456

楼上的能不能帮我改下？谢啦！

我给你写的只是思路！

5楼的写的很详细了！