<pre id=\"best-answer-content\" class=\"reply-text mb10\">1、login.asp
TABLE align=\"center\" cellSpacing=0 cellPadding=0 width=100% border=0
TBODY
TR
TD vAlign=top
TABLE height=5 cellSpacing=1 cellPadding=0 width=100% border=0
TBODY
TR
TD bgColor=#ff93c9/TD
/TR
/TBODY
/TABLE
table width=100% border=0 align=center cellpadding=0 cellspacing=0 bgcolor=#FFFFFF
TR
td width=\"100%\" align=\"center\"font color=\"#ff6600\"用户登录/font/td
/TR
trtd background=images/bg_04.gif border=0/td/tr
form name=loginfo method=post action=chkuser.asp
tr bgcolor=#ffffff
td style=\'padding-left:5px\'用户名:input name=username type=text id=username size=12
/td
/tr
tr bgcolor=#ffffff
td style=\'padding-left:5px\' 密 码:input name=UserPassword type=password id=UserPassword size=12/td
/tr
tr bgcolor=#ffffff
td style=\'padding-left:5px\'验证码:input name=passcode type=text id=passcode size=8
img src=\"code.asp\"/td
/tr
tr bgcolor=#ffffff td colspan=\"2\" align=\"center\"
input type=submit name=Submit value=\"登录\" onClick=\"return checkuu();\"a href=\"reg.asp\"注册/a
input name=comeurl type=hidden value=% = url %/td
/td/tr
/form
/table
SCRIPT LANGUAGE=\"JavaScript\"
!--
function checkuu()
{
if(checkspace(document.loginfo.username.value)) {
document.loginfo.username.focus();
alert(\"用户名不能为空!\");
return false;
}
if(checkspace(document.loginfo.UserPassword.value)) {
document.loginfo.UserPassword.focus();
alert(\"密码不能为空!\");
return false;
}
if(checkspace(document.loginfo.passcode.value)){
document.loginfo.passcode.focus();
alert(\"验证码不能为空\");
return false;
}
}
//--
/script
2、chkuser.asp
%
dim username,UserPassword,comeurl,passcode
username=replace(trim(request.Form(\"username\")),\"\'\",\"\")
UserPassword=md5(replace(trim(request.form(\"UserPassword\")),\"\'\",\"\"))
username=killbad(username)
UserPassword=killbad(UserPassword)
if not isnumeric(request.form(\"passcode\")) then
response.Write \"script LANGUAGE=\'javascript\'alert(\'登录失败!验证码必须是数字,请正确填写!\');history.go(-1);/script\"
response.end
end if
passcode=Cint(request.form(\"passcode\"))
if trim(request.form(\"comeurl\"))=\"\" then
comeurl=\"index.asp\"
else
comeurl=trim(request.form(\"comeurl\"))
end if
if username=\"\" or UserPassword=\"\" then
response.Write \"script LANGUAGE=\'javascript\'alert(\'登录失败!请检查您的登录名和密码!\');history.go(-1);/script\"
response.end
end if
if passcodeSession(\"GetCode\") then
response.Write \"script LANGUAGE=\'javascript\'alert(\'登录失败!验证码错误!\');history.go(-1);/script\"
response.end
end if
set rs=server.CreateObject(\"adodb.recordset\")
rs.Open \"select * from DV_User where username=\'\"script LANGUAGE=\'javascript\'alert(\'登录失败,请检查您的登录名和密码!\');history.go(-1);/script\"
end if
else
response.write \"script LANGUAGE=\'javascript\'alert(\'登录失败!请检查您的登录名和密码!\');history.go(-1);/script\"
end if
conn.close
set conn = nothing
% |