<% '===================================================================== ' 软件名称:新云网站管理系统 ' 当前版本:NewCloud Site Management System Version 2.1 SP1 ' 文件名称:admin_login.asp ' 更新日期:2006-10-20 '===================================================================== ' 产品咨询:Tel:027-85777659,QQ:94022511,Email:web@newcloud.net ' 程序开发:新云软件开发组 ' 论坛支持:新云论坛(http://bbs.newasp.net) ' 官方网站:新云网络(www.newasp.net www.newasp.cn) '===================================================================== ' Copyright 2002-2005 newasp.net - All Rights Reserved. ' newasp is a trademark of newasp.net '===================================================================== Response.CacheControl = "no-cache" Dim RefreshTime,GetCode FoundErr = False RefreshTime = 3 '设置防刷新时间 If DateDiff("s", Session("UserTime"), Now()) < RefreshTime Then Response.Write "
本页面起用了防刷新机制,请不要在"&RefreshTime&"秒内连续刷新本页面
正在打开页面,请稍后……" Response.End End If FoundErr = False Select Case Newasp.CheckStr(Request("action")) Case "logout" '退出系统 Call logout() Case "login" '登陆系统 Call chklogin() Case Else Call main() End Select If Founderr = True Then Session("UserTime") = Now() SaveLogInfo("非法登陆!") Response.Redirect("showerr.asp?action=error&message=" & Server.URLEncode(ErrMsg) & "") End If CloseConn Sub main() If Session("AdminName") = "" Then %> 管理员登陆

 

 

新云网站管理系统 ver 2.1 SP1
新云网络 用户名:
密 码: <%If IsAdminValidate Then%>认证码: <%End If%>
附加码:" onmouseover="this.style.background='#FFFFFF';" onmouseout="this.style.background='#F8F8F8'" onFocus="this.select(); "> 请在附加码框输入 验证码,看不清楚?请点击刷新验证码
  

<% Else Response.Redirect "admin_index.asp" End If End Sub Sub logout() '清除COOKIES中管理员身份的验证信息. Session.Abandon Session("AdminName") = "" Session("AdminPass") = "" Session("AdminGrade") = "" Session("AdminFlag") = "" Session("AdminStatus") = "" Session("AdminID") = "" Session("AdminRandomCode") = "" Response.Cookies(Admin_Cookies_Name) = "" Response.Redirect ("../") End Sub Sub chklogin() Dim adminname, password,RandomCode adminname = Newasp.CheckBadstr(Request("adminname")) password = md5(Trim(Replace(Request("password"), "'", ""))) If Newasp.CheckPost = False Then ErrMsg = ErrMsg + "您提交的数据不合法,请不要从外部提交登陆。" Founderr = True End If If Newasp.IsValidStr(Request("adminname")) = False Then ErrMsg = ErrMsg + "
  • 用户名中含有非法字符。
    • " Founderr = True End If If Newasp.IsValidPassword(Request("password")) = False Then ErrMsg = ErrMsg + "
  • 密码中含有非法字符。
    • " Founderr = True End If If IsAdminValidate Then If Trim(Request.Form("validate")) <> AdminValidateCode Or Trim(Request.Form("validate")) = "" Then ErrMsg = ErrMsg+"
  • 您输入的认证码或者密码错误,请重新输入!
    • " Founderr = true Exit Sub End if End If If Request("verifycode") = "" Then ErrMsg = ErrMsg + "
    " + "
  • 请返回输入确认码。
    • " Founderr = True ElseIf Session("getcode") = "9999" Then Session("getcode") = "" ErrMsg = ErrMsg + "
    " + "
  • 请不要重复提交,如需重新登陆请返回登陆页面。
    • " Founderr = True ElseIf CStr(Session("getcode"))<>CStr(Trim(Request("verifycode"))) Then ErrMsg = ErrMsg + "
    " + "
  • 您输入的认码和系统产生的不一致,请重新输入。
    • " Founderr = True End If Session("getcode") = "" If adminname = "" Or password = "" Then Founderr = True ErrMsg = ErrMsg + "
    " + "
  • 请输入您的用户名或密码。
    • " Exit Sub End If If Founderr = True Then Exit Sub If Not IsObject(Conn) Then ConnectionDatabase Set Rs = Server.CreateObject("ADODB.Recordset") SQL = "SELECT * FROM NC_Admin WHERE password='" & password & "' And username='" & adminname & "'" Rs.Open SQL, Conn, 1, 3 If Rs.BOF And Rs.EOF Then FoundErr = True ErrMsg = ErrMsg + "
  • 您输入的用户名和密码不正确或者您不是系统管理员。!
    • " Exit Sub Else If password <> Rs("password") Then FoundErr = True ErrMsg = ErrMsg + "
  • 用户名或密码错误!!!
    • " Exit Sub End If If Rs("isLock") <> 0 Or Rs("isLock") = "" Then Founderr = True ErrMsg = "
  • 你的用户名已被锁定,你不能登陆!如要开通此帐号,请联系管理员。
    • " Exit Sub End If End If RandomCode = Newasp.GetRandomCode Rs("LoginTime") = Now() Rs("Loginip") = Newasp.GetUserip Rs("RandomCode") = RandomCode Rs.Update If FoundErr = False Then Session("AdminName") = Rs("username") Session("AdminPass") = Rs("password") Session("AdminGrade") = Rs("AdminGrade") Session("Adminflag") = Rs("Adminflag") Session("AdminStatus") = Rs("Status") Session("AdminRandomCode") = RandomCode Session("AdminID") = Rs("id") If IsAdminValidate Then Session("validate") = Trim(Request.Form("validate")) End If If UseAdminCookies Then Response.Cookies(Admin_Cookies_Name).path = "/" Response.Cookies(Admin_Cookies_Name)("AdminName") = Rs("username") Response.Cookies(Admin_Cookies_Name)("AdminPass") = Rs("password") Response.Cookies(Admin_Cookies_Name)("AdminGrade") = Rs("AdminGrade") Response.Cookies(Admin_Cookies_Name)("Adminflag") = Rs("Adminflag") Response.Cookies(Admin_Cookies_Name)("AdminStatus") = Rs("Status") Response.Cookies(Admin_Cookies_Name)("RandomCode") = RandomCode Response.Cookies(Admin_Cookies_Name)("AdminID") = Rs("id") If IsAdminValidate Then Response.Cookies(Admin_Cookies_Name)("validate") = Trim(Request.Form("validate")) End If End If End If Rs.Close Set Rs = Nothing Response.Redirect("admin_index.asp") End Sub Function GetCode1() Dim Test On Error Resume Next Set Test = Server.CreateObject("Adodb.Stream") Set Test = Nothing If Err Then Dim zNum Randomize Timer zNum = CInt(8999 * Rnd + 1000) Session("GetCode") = zNum getcode1 = Session("GetCode") Else getcode1 = "" End If End Function %>