<%response.buffer = true%> <!--#INCLUDE FILE="inc/db_inc.asp"--> <!--#INCLUDE FILE="inc/md5_inc.asp"--> <!--#INCLUDE FILE="inc/char_inc.asp"--> <!--#INCLUDE FILE="header.asp"--> <% dim ip, strip, killip dim StrSql, toptext, rs, rs2, StrHtml, error

StrHtml = loadtemplate("htmltop") StrHtml = Replace(StrHtml, "{pagetitle}", loadtemplate("logintitle")) StrHtml = Replace(StrHtml, "{style_path}", loadtemplate("path")) StrHtml = Replace(StrHtml, "{forumtitle}", boardtitle) response.write StrHtml StrHtml = loadtemplate("pagetitle") if request.cookies("sf")("username") = "" then toptext = loadtemplate("toptextguest") else toptext = loadtemplate("toptextuser") end if toptext = toptext & loadtemplate("toptext") StrHtml = Replace(StrHtml, "{top_text}", toptext) StrHtml = Replace(StrHtml, "{username}", request.cookies("sf")("username")) response.write StrHtml

' 论坛关闭 StrSql = "select * from sf_setup" Set rs2 = Conn.Execute(StrSql) if rs2("forumclose") = 1 then StrHtml = loadtemplate("error") StrHtml = Replace(StrHtml, "{error_text}", rs2("forumclosehint")) response.write StrHtml response.end end if

' 禁止IP访问 if rs2("killip") = 1 then userip = cstr(request.ServerVariables("REMOTE_ADDR")) killiplist = rs2("killiplist") if killiplist <> "" and userip <> "" then killip = split(killiplist, "|") struserip = split(userip, ".") i = 0 do until i > ubound(killip) strkillip = split(killip(i), ".") bolkill = true if (struserip(0) <> strkillip(0)) and (strkillip(0) <> "*") then bolkill = false if (struserip(1) <> strkillip(1)) and (strkillip(1) <> "*") then bolkill = false if (struserip(2) <> strkillip(2)) and (strkillip(2) <> "*") then bolkill = false if (struserip(3) <> strkillip(3)) and (strkillip(3) <> "*") then bolkill = false if bolkill then StrHtml = loadtemplate("error") StrHtml = Replace(StrHtml, "{error_text}", rs2("killiphint")) response.write StrHtml Response.End end if i = i + 1 loop end if end if

StrHtml = loadtemplate("pagepath") StrHtml = Replace(StrHtml, "{path_text}", "<a href=""index.asp"">" & boardtitle & "</a> &raquo; " & loadtemplate("logintitle")) response.write StrHtml

step = ChkSql(request("step")) select case step case "2" error = "" if request("username") = "" then error = error & "<br><li>" & loadtemplate("err_username") if request("password") = "" or len(request("password")) < 3 then error = error & "<br><li>" & loadtemplate("err_chkpassword") if error <> "" then StrHtml = loadtemplate("error") StrHtml = Replace(StrHtml, "{error_text}", error) response.write StrHtml response.end end if StrSql = "select userid, username, password from sf_user where username = '" & ChkSql(request("username")) & "'" Set rs2 = Conn.Execute(StrSql) if not (rs2.bof or rs2.eof) then if md5(request("password")) = rs2("password") then response.cookies("sf")("username")= ChkSql(rs2("username")) response.cookies("sf")("password")= md5(request("password")) response.cookies("sf")("userid")= rs2("userid") cookietime = ChkSql(request("cookietime")) if IsNumeric(cookietime) then cookietime = clng(cookietime) else cookietime = 0 end if if cookietime = 0 then 'response.cookies("sf").expires = 0 else response.cookies("sf").expires = dateadd("d", cookietime, date()) end if StrSql = "update sf_user set lastvisit = '" & now() & "', lastactivity = '" & now() & "' where username = '" & ChkSql(rs2("username")) & "'" Set rs2 = Conn.Execute(StrSql) StrHtml = loadtemplate("hint") StrHtml = Replace(StrHtml, "{hint_text}", loadtemplate("hint_logined")) StrHtml = Replace(StrHtml, "{pro_name}", request("reurl")) response.write StrHtml else StrHtml = loadtemplate("error") StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_chkpassword")) response.write StrHtml end if else StrHtml = loadtemplate("error") StrHtml = Replace(StrHtml, "{error_text}", loadtemplate("err_chkpassword")) response.write StrHtml end if case else StrHtml = loadtemplate("login") if (request.ServerVariables("HTTP_REFERER") = "") or (instr(lcase(request.ServerVariables("HTTP_REFERER")), "login.asp") > 0) then StrHtml = Replace(StrHtml, "{reurl}", "index.asp") else StrHtml = Replace(StrHtml, "{reurl}", server.htmlencode(request.ServerVariables("HTTP_REFERER"))) end if response.write StrHtml response.write sfcopyright end select

response.write loadtemplate("htmlbottom") response.end Conn.Close Set Conn = nothing Set rs = nothing Set rs2 = nothing set ip = nothing set strip = nothing set killip = nothing %>