<% dim action : action=getform("action","get") if action = "login" then dim LoginName,Password,sql,sql1 LoginName = filterPara(getForm("LoginName","post")) Password = md5(getForm("userPass","post"),16) sql = "select count(*) from {prefix}User where LoginName = '"& LoginName &"'" Dim rsObj : Set rsObj=Conn.Exec(sql,"r1") if rsObj(0)=1 then sql1 = "select count(*) from {prefix}User where LoginName = '"& LoginName &"' and PassWord='"&Password&"'" Dim rsObj1 : Set rsObj1=Conn.Exec(sql1,"r1") if rsObj1(0)=1 then Set rsObj1=Conn.Exec("select UserId,LoginName,GroupMark,{prefix}User.GroupID as ugi from {prefix}User,{prefix}UserGroup where {prefix}User.GroupID={prefix}UserGroup.GroupID and LoginName='"&LoginName&"' and UserStatus=1","r1") if not rsObj1.Eof Then Session("loginName")=rsObj1("LoginName") Session("userID")=rsObj1("UserId") Session("GroupID")=rsObj1("ugi") Session("loginstatus")="1" Session("GroupMark")=rsObj1("GroupMark") Conn.Exec"update {prefix}User set LastLoginTime='"&now()&"',LastLoginIP='"&getIp()&"',LoginCount=LoginCount+1 where UserId="&rsObj1("UserId"),"exe" response.Redirect("userinfo.asp") response.End() else alertMsgAndGo "对不起,您的账号已被禁用!","-1" end if else alertMsgAndGo "密码错误,系统即将返回登录页面!","login.asp" end if rsObj1.Close() : set rsObj1=Nothing else alertMsgAndGo "用户名或邮箱不存在,系统即将返回登录页面!","login.asp" end if rsObj.Close() : set rsObj=Nothing elseif action = "logout" then session("loginName")="" session("loginstatus")="0" session("userID")="" session("GroupID")=2 session("GroupMark")="" alertMsgAndGo "您已经成功退出登录!",sitePath&setting.languagePath elseif action = "relog" then alertMsgAndGo "对不起,您的登录状态已经失效,请重新登录!",sitePath&setting.languagePath elseif session("loginName")<>"" then alertMsgAndGo "您已登录,系统转入用户界面!","userinfo.asp" else echoContent() end if Sub echoContent() dim templateobj,templatePath : set templateobj = new TemplateClass templatePath=sitePath&"/"&"templates/"&setting.defaultTemplate&"/"&setting.htmlFilePath&"/login.html" if not CheckTemplateFile(templatePath) then echo "login.html"&err_16 with templateObj .content=loadFile(templatePath) .parseHtml() .parseCommon echo .content end with set templateobj =nothing : terminateAllObjects End Sub %>