回复 4# 的帖子
<%
'去除表单数据中的空格
UserName = Trim (Request.Form("name"))
UserPass = Trim (Request.Form("passwd"))
'用户名、密码、验证码都必须填写
If (UserName="" Or UserPass="") Then
Response.Redirect "login.asp?ErrMsg=请完整填写登陆表格"
Response.End()
End If
Dim objConn, strSQL, objRS
'建立与数据库的连接
DB="./database/Member.mdb"
Set objConn = Server.CreateObject("ADODB.Connection")
objConn.ConnectionString = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(DB)
objConn.Open
'检索数据库中是否存在相关记录
strSQL = "SELECT * FROM MEMBER WHERE NAME='" & UserName & "'"
strSQL = strSQL & " AND PASSWORD = '" & UserPass & "'"
Set objRS = Server.CreateObject("ADODB.Recordset")
objRS.Open strSQL, objConn, 1, 3, 1
'检索结果为空,表明用户名或者密码错误
If objRS.EOF Then
Response.Redirect "login.asp?ErrMsg=用户名或密码错误"
Response.End()
Else
'检索记录集不为空,说明用户名和密码输入正确
Session("Id") = CStr(objRS.Fields("ID"))
Session("Name") = UserName
Session("Class") = objRS.Fields("CLASS")
Session("IsPassed")=True
'检查用户的级别
If objRS.Fields("CLASS") = "1" Or objRS.Fields("CLASS") = "2" Then
'该登陆用户为管理员
Session("IsAdmin") = True
Else
'该登陆用户为普通用户
Session("IsAdmin") = False
End If
'如果用户选择记住帐号和密码,则将其写入cookies
If Request.Form("RemMe") = "1" Then
Response.Cookies("Name") = UserName
Response.Cookies("Password") = UserPass
Response.Cookies("RemMe") = "1"
Response.Cookies("Name").expires = Date + 365
Response.Cookies("Password").expires = Date + 365
Response.Cookies("RemMe").expires = Date + 365
End If
End If
'关闭记录集和数据库连接
objRS.Close
Set objRS = Nothing
objConn.Close
Set objConn = Nothing
'转向系统主页面
Response.Redirect "index.asp"
Response.End()
%>
额 。。这个~~输入“or”?
Member.rar
(22.67 KB)
