用户登录验证脚本,Chkpwd.asp
- <%
-
-
- If IsEmpty(Session("Passed")) Then
- Session("Passed")=false
- End If
-
-
- If Session("Passed")=False Then
- UserName=Request.Form("UserName")
- UserPwd=Request.Form("UserPwd")
-
- If UserName="" Then
- Errmsg="提示:请输入用户名和密码"
- Else
-
- Set Conn= Server.CreateObject("ADODB.Connection")
- Conn.Connectionstring= "Driver={SQL Server};Server=192.168.1.3;UID=sa;PWD=;Database=zcmrs"
- Conn.open
-
-
- Set rs=Server.CreateObject("ADODB.Recordset")
-
- Set rs.ActiveConnection=Conn
-
- rs.CursorType=3
-
- rs.Open "Select username,password from erpuser Where username='"&UserName&"'"
-
- If rs.EOF Then
- Errmsg="提示:用户不存在或密码错误"
- Else
- If UserPwd<>rs.Fields("password") Then
- Errmsg="提示:登录失败!密码错误?"
- Else
- Errmsg=""
- Session("Passed")=True
- Session("UserName")=rs.Fields("username")
-
- End If
- End If
- End If
- End If
-
- If Not Session("Passed")=True Then
- %>
- <html>
- <head><title>无标题文档</title>
- <style type="text/css">
-
-
-
- </style>
- <style type="text/css">
-
-
-
- </style>
- </head>
-
- <body leftmargin=0 topmargin=0 marginheight="0" marginwidth="0" bgcolor="#000000">
- <div id=parent style="height:300;width:450;border-style:solid;border-color:#FFFFFF;margin-top:80px;margin-left:25%;margin-right:25%;background-color:#FFFFFF">
-
- <div id=denglu style="font-size:12px;font-weight:bold;background-color:#0099FF;text-align:center;height:40px;"><br>ERP系统登录</div>
- <form action="<%=request.ServerVariables("path_info")%>" method="post" name="MyForm" id="MyForm">
- <p class="STYLE1">用户名:<input name="UserName" type="text" id="UserName" size="18" maxlength="20">
- </p>
- <p class="STYLE1">密 码:<input name="UserPwd" type="password" id="UserPwd" size="18" maxlength="20">
- </p>
- <p align="center" class="STYLE2"><%=Errmsg%> </p>
- <p>
- <input type="submit" align="middle" name="Submit" value="登录系统">
- <input name="rege" type="button" align="middle" onClick="location='register.asp'" id="rege" value="注册用户">
- </p>
- </form>
- </div>
-
- </body>
-
- </html>
- <%
- '<p class="STYLE1">验证码:<input name="CheckCode" type="text" id="CheckCode" size="6" maxlength="4">
- '<IMG style="MARGIN-RIGHT: 40px" alt="" src="common/getcode.asp"></p>
- response.End
- End If
- %>
要访问的页面erp.asp
-
- <body>
- <div style='font-size:12px;font-weight:bold;border:1px solid #001;padding:4px;background:#FFCCFF;margin-top:0;'>欢迎使用ERP查询系统,当前登录用户为:
- <%
- If Session("Passed")=True Then
- Response.Write(Session("UserName"))
- End If
- %><a href="logout.asp">退出系统</a>
- </div>
- </body>
以上每次打开erp.asp的时候,都首先执行Chkpwd.asp(),这样可以有效防止未授权用户访问指定网页.
logout.asp系统退出
- <body>
- <%
- Session("Passed")=false
- Session("UserName")=""
- Response.Redirect("index.asp")
- %>
- </body>
- 使用图片提交表单
-
- <form name="form1" method="post" action="">
-
- <td align="right"><input type="image" method="submit" name="submit" src="image/loginin.gif" width="70" height="21" alt="submit"></td>
-
- </form>
(责任编辑:admin) |