<!--#include file="sql.asp"-->
<!--#include file="articleconn.asp"-->
'<!--#include file=md5.asp-->
<%
server_vv=len(Request.ServerVariables("SERVER_NAME"))
server_v1=left(Cstr(Request.ServerVariables("HTTP_REFERER")),server_vv)
server_v2=left(Cstr("http://"&Request.ServerVariables("SERVER_NAME")),server_vv)
if server_v1<>server_v2 and server_v1<>"" and server_v2<>"" then
response.write("<script>alert('错误:禁止从站点外部提交数据!.')</script>")
response.end
end if
%>
<%trim(replace(request("username"),"'",""))
if request.form("randm1")="" then
response.write "<script language=javascript>alert('请输入验证码!');history.back(-1);</script>"
response.end ()
end if
if request.form("randm1")<>request.form("randm2") then
response.write "<script language=javascript>alert('登陆错误:验证码填写错误!');history.back(-1);</script>"
response.end ()
end if
if request.form("username")="" then
response.write "<script language=javascript>alert('请输入用户名!');history.back(-1);</script>"
response.end ()
end if
if request.form("password")="" then
response.write "<script language=javascript>alert('请输入密码!');history.back(-1);</script>"
response.end ()
end if
user=trim(replace(request("username"),"'",""))
pas=trim(replace(request("password"),"'",""))
session("user")=request("username")
pass=request("password")
session("pas")=md5(pass)
Set rsadmin = Server.CreateObject("ADODB.Recordset")
sqladmin="SELECT * FROM admin where admin='"&session("user")&"'"
rsadmin.OPEN sqladmin, Conn,1,1
if rsadmin.eof and rsadmin.bof then
user1=trim(replace(request("username"),"'",""))
sql1="select * from log where (id is null)"
set rs1=server.createobject("adodb.recordset")
rs1.open sql1,conn,1,3
rs1.addnew
rs1("user1")=user1
rs1("sq")=2
rs1("IP")=IP
rs1.update
rs1.close
response.write "<script language=javascript>alert('请不要攻击小站!');history.back(-1);</script>"
elseif session("pas")<>rsadmin("pws") then
user1=trim(replace(request("username"),"'",""))
sql1="select * from log where (id is null)"
set rs1=server.createobject("adodb.recordset")
rs1.open sql1,conn,1,3
rs1.addnew
rs1("user1")=user1
rs1("sq")=3
rs1("IP")=IP
rs1.update
rs1.close
response.write "<script language=javascript>alert('密码错!');history.back(-1);</script>"
else
session("qx")=rsadmin("qx")
session("user")=rsadmin("admin")
session("pas")=rsadmin("pws")
IP=Request("REMOTE_ADDR")
user1=trim(replace(request("username"),"'",""))
sql1="select * from log where (id is null)"
set rs1=server.createobject("adodb.recordset")
rs1.open sql1,conn,1,3
rs1.addnew
rs1("user1")=user1
rs1("sq")=1
rs1("IP")=IP
rs1.update
rs1.close
Response.Redirect "k.asp"
end if
rsadmin.close
set rsadmin=nothing
%>
我想把它改成不用MD5加密怎么实现?
数据库的密码找不回来了,我怎么也更改不了,所以我想如果不用它,怎么来实现呢?各位高手帮我改改!谢谢啦!
求助——一个登录页面问题?