我要写一个登陆界面
数据库名是 xj 表名是user 字段名是username和password
谢谢了
---------------------------------------------------------------
偶的一个,仅做参考,欢迎提出批评
HidOper = Request ("hidoper") '从登陆页面穿过来的一个hidden text
function check(id) '过滤掉非法字符
id = replace(id,"or","")
id = replace(id,"OR","")
id = replace(id,"'","")
id = replace(id," ","")
id = replace(id,"=","")
check = id
end function
if HidOper = 1 then '如果是第一次登陆这个页面的话要检查用户的合法性
HidOper = 0
OpName = check(trim(Request("OperName"))) '得到操作员用户名和密码
OpPass = check(trim(Request("OperPass")))
strSQL="Select * from TOperators where Name='"&OpName&"' and Password='"&OpPass&"'" '验证操作员密码
set rs=server.CreateObject("adodb.recordset")
rs.open strSQL,ConnectionString,3,1
if rs.recordcount =1 then
Session("OpName")=OpName
else
Session("OpName")=""
Response.Redirect "../default.asp?err=1"
Response.End
end if
else
session("thefirst")=0
if Session("OpName")="" then
Response.Redirect "../default.asp?err=1"
Response.End
end if
end if
---------------------------------------------------------------
1
2username=request.form("user")
3password=request.form("password")
4'记录登录用户,包括非法登录者
5set fss=server.CreateObject("scripting.FileSystemObject")
6logfile=server.MapPath("/logfile")&"\login_XSlog.txt"
7set ts=fss.OpenTextFile(logfile,8,true)',-1)
8strss=now()&"--ip地址:"&Request.ServerVariables("REMOTE_ADDR")&"--用户ID:"&username
9ts.write(strss)
10IF Session("count")>2 Then
11Session("count")=0
12strss="--密码:"&password&"--登录失败!"
13ts.writeline(strss)
14ts.writeline("三次登录无效,系统强行关闭!")
1<script>
2alert("您无权使用本系统");
3closes.Click();
4</script>
1
2Response.End()
3Else
4usesql="Select * from user where username='"&username&"' and password='"&password&"'"
5Set Rs=Conn.Execute(usesql)
6If Not Rs.Eof then
7'进行一系列操作
8session.Timeout=20
9Session("username1")=trim(rs("username"))
10Session("username")=trim(rs("name"))
11Session("userpassword1")=trim(rs("userpasswd"))
12strss="授权用户,成功登录!"
13ts.writeline(strss)
14Session("count")=0
15rs.close
16Set Rs=Nothing
1<script>
2window.open("*.asp","big"," width=770,height=500,scrollbars=auto,status=yes,toolbar=no,menubar=no,location=yes");
3history.back();
4</script>
1
2Else
3Session("count")=Session("count")+1
4strss="--密码:"&userpassword1&"--登录失败!"
5ts.writeline(strss)
1<script language="JavaScript">
2alert("用户或密码错,请重试");
3history.back();
4</script>
1
2End If
3ts.close
4set fss=nothing
5Conn.close
6End If
---------------------------------------------------------------
a.htm
1<script>
2function aa(s)
3{
4if(s.user.value=="")
5{
6alert("uer?");
7return false;
8}
9if(s.psw.value=="")
10{
11alert("psw?");
12return false;
13}
14}
15</script>
1<html>
2<body>
3<form action="b.asp" method="post" onsubmit="return aa(this)">
4user:<input name="user" type="text"/>
5psw:<input name="psw" type="password"/>
6<input type="submit" value="send"/>
7</form>
8</body>
9</html>
b.asp
user = trim(Request("user")))
psw = trim(Request("user")))
sql="Select * from table where user='"&user&"' and psw='"&psw&"'" '验证操作员密码
set rs=server.CreateObject("adodb.recordset")
rs.open sql,conn,3,1
if rs.recordcount =1 then
Session("OpName")=user
else
Session("OpName")=""
Response.Redirect "../default.asp?err=1"
Response.End
end if
else
session("thefirst")=0
if Session("OpName")="" then
Response.Redirect "../default.asp?err=1"
Response.End
end if
end if
rs.close
set rs=nothing
---------------------------------------------------------------
给你一个登陆系统源代码:
admin.asp
1
2Set Conn=Server.CreateObject("ADODB.Connection")
3Connstr="DRIVER={Microsoft Access Driver (*.mdb)};DBQ="&server.mappath("xj.mdb")
4Conn.Open connstr
1 dim user,password,users,passwords
1 user=Request.form("username")
2password=Request.form("password")
1
2user=trim(request("username"))
3password=cstr(Request("password"))
4
5set rs=server.createobject("adodb.recordset")
6sql="select * from user where username='"&user&"'"
7rs.open sql,conn,1,1
8
9if not(rs.bof and rs.eof) then
10if password=rs("password") and user=rs("username") then
11response.cookies("admin")=true
12response.redirect "login.asp" '成功登陆到login.asp
13else
14Response.Redirect "登陆失败!"
15end if
16end if
17rs.close
18conn.close
19set rs=nothing
20set conn=nothing
21
注意:为了防止某些人拷贝地址,最好在每一需要保护的页面加上:
1
2if request.cookies("admin")="" then
3response.redirect "admin.asp"
4end if