repos_ecs/源数据/PC环境监控/3.0.3.2/BS/login.asp

<!--#include file="inc/common.asp"-->
<!--#include file="inc/md5.asp"-->
<%
Response.Expires = -1
Response.ExpiresAbsolute = Now() - 1
Response.Expires = 0
Response.CacheControl = "no-cache"

If Action = "Login" Then
    Call ChkLogin
ElseIf Action = "Logout" Then
    Call Logout
Else
    Call main
End If
If FoundErr = True Then
    Call WriteErrMsg
End If
Call CloseConn

Sub main()
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><%=systemPageTitle%></title>
<script language=javascript>
<!--
function SetFocus() {
if(document.Login.UserName.value == '')
  document.Login.UserName.focus();
else
  document.Login.UserName.select();
}
function CheckForm() {
  if(document.Login.UserName.value == '') {
    alert('请输入用户名！');
    document.Login.UserName.focus();
    return false;
  }
  if(document.Login.Password.value == '') {
    alert('请输入密码！');
    document.Login.Password.focus();
    return false;
  }
}
function refreshimg(){document.all.CheckCode.src='inc/checkcode.asp?'+Math.random();}
//-->
</script><link href="style.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.STYLE1 {font-size: 12px}
-->
</style>
</head>

<body>
<form name='Login' action='login.asp' method='post' target='_parent' onSubmit='return CheckForm();'>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td align="center" bgcolor="#3E84C0"><img src="images/login_banner.jpg" width="960" height="350" /></td>
  </tr>
  <tr>
    <td align="center">&nbsp;</td>
  </tr>
  <tr>
    <td align="center"><table border="0" cellspacing="0" cellpadding="0">
      
      <tr>
        <td width="50"><img src="images/login_arr.jpg" width="31" height="20" /></td>
        <td width="50" align="right"><span class="STYLE1">用户名：</span></td>
        <td><input name="UserName" type="text" id="UserName" size="15" /></td>
        <td width="50" align="right"><span class="STYLE1">密 码：</span></td>
        <td><input name="Password" type="password" id="Password" /></td>
        <%if useSiteManageCode = true then%>
        <td width="80" align="right"><span class="STYLE1">系统验证码：</span></td>
        <td><input name="AdminLoginCode" type="password" id="AdminLoginCode" size="15" /></td>
        <%
			end if
			if useCheckCode = true then
		%>
        <td width="50" align="right"><span class="STYLE1">验证码：</span></td>
        <td><span class="STYLE1">
          <input name="CheckCode" type="text" id="CheckCode" size="6" />
          <img id='checkcode' src='inc/checkcode.asp' style='border: 1px solid #000' /></span></td>
        <%end if%>
        <td width="100"><input type='hidden' name='Action' value='Login' />
            <input type="submit" name="button" id="button" value="登陆系统" /></td>
        <td><label>
          <input name="voiceAlarm" type="checkbox" id="voiceAlarm" value="voiceAlarm" <%if openSound = true then response.write "checked"%> />
          启用BS声音报警</label></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td align="center">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" background="images/login_bottom.jpg"><img src="images/login_bottom.jpg" width="10" height="56" /></td>
  </tr>
</table>
</form>
<script language='JavaScript' type='text/JavaScript'>
SetFocus();
</script>
</body>
</html>
<%
end sub

Sub ChkLogin()
    Dim sql, rs
    Dim UserName, Password, CheckCode, AdminLoginCode, RndPassword, voiceAlarm
    UserName = ReplaceBadChar(Trim(Request("UserName")))
    Password = ReplaceBadChar(Trim(Request("Password")))
	voiceAlarm = Trim(Request("voiceAlarm"))
    
	if useSiteManageCode = true then AdminLoginCode = Trim(Request("AdminLoginCode"))
	if useCheckCode = true then CheckCode = LCase(ReplaceBadChar(Trim(Request("CheckCode"))))

    If CSng(ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion) < 5.6 Then
        FoundErr = True
        ErrMsg = ErrMsg & "<li>服务器脚本解释引擎（VBScript）版本过低，请联系您的空间商或服务器管理员更新。</li>"
        ErrMsg = ErrMsg & "<li><a href='http://www.microsoft.com/downloads/release.asp?ReleaseID=33136' target='_blank'><font color='green'>脚本解释引擎下载地址</font></a></li>"
    End If

    If UserName = "" Then
        FoundErr = True
        ErrMsg = ErrMsg & "<br><li>用户名不能为空！</li>"
    End If
    If Password = "" Then
        FoundErr = True
        ErrMsg = ErrMsg & "<br><li>密码不能为空！</li>"
    End If
	
	if useCheckCode = true then
		If CheckCode = "" Then
			FoundErr = True
			ErrMsg = ErrMsg & "<br><li>您输入的随机验证码和系统产生的不一致，请重新输入。</li>"
		End If
		If Trim(Session("CheckCode")) = "" Then
			FoundErr = True
			ErrMsg = ErrMsg & "<br><li>你在管理登陆停留的时间过长，导致验证码失效。请重新返回登陆页面进行登陆。</li>"
		End If
		If CheckCode <> Session("CheckCode") Then
			FoundErr = True
			ErrMsg = ErrMsg & "<br><li>您输入的验证码和系统产生的不一致，请重新输入。</li>"
		End If
	end if
	
	if useSiteManageCode = true then
		If AdminLoginCode <> SiteManageCode Then
			FoundErr = True
			ErrMsg = ErrMsg & "<br><li>您输入的系统验证码不对，请重新输入。</li>"
		End If
	end if
	
    If FoundErr = True Then
        Exit Sub
    End If

    ComeUrl = Trim(Request.ServerVariables("HTTP_REFERER"))

    Password = MD5(Password, 32)
    Set rs = Server.CreateObject("adodb.recordset")
    sql = "select * from t_user_info where pwd='" & Password & "' and uid='" & UserName & "'"
    rs.Open sql, Conn, 1, 3
    If rs.bof And rs.EOF Then
        FoundErr = True
        ErrMsg = ErrMsg & "<br><li>用户名或密码错误！！！</li>"
    Else
        If rs("status") = 1 then
			FoundErr = True
            ErrMsg = ErrMsg & "<br><li>用户已被禁用！！！</li>"
			if useUserLog = true then Call WriteLog(UserName,"禁止登录")
			Exit Sub
		End If
		If Password <> rs("pwd") Then
            FoundErr = True
            ErrMsg = ErrMsg & "<br><li>用户名或密码错误！！！</li>"
        End If
    End If
    If FoundErr = True Then
		Session("AdminName") = ""
        Session("AdminPassword") = ""
        Session("RndPassword") = ""
        rs.Close
        Set rs = Nothing
        Exit Sub
    End If
	
	RndPassword = GetRndPassword(16)
    rs("rndpassword") = RndPassword
    rs.Update

    Response.Cookies("AdminName") = rs("uid")
    Response.Cookies("AdminPassword") = rs("pwd")
    Response.Cookies("RndPassword") = RndPassword
    if useSiteManageCode = true then Response.Cookies("AdminLoginCode") = AdminLoginCode
	if voiceAlarm = "voiceAlarm" then Response.Cookies("voiceAlarm") = "on" else Response.Cookies("voiceAlarm") = "off"
    rs.Close
    Set rs = Nothing
	
	if useUserLog = true then Call WriteLog(UserName,"登录系统")

    Call CloseConn
    Response.Redirect "index.asp"
End Sub

Sub Logout()
    if useUserLog = true then Call WriteLog(trim(request.Cookies("AdminName")),"退出系统")
	Response.Cookies("AdminName") = ""
    Response.Cookies("AdminPassword") = ""
    Response.Cookies("RndPassword") = ""
	Response.Cookies("voiceAlarm") = "on"
    Call CloseConn
    Response.Redirect "login.asp"
End Sub

Sub WriteErrMsg()
%>
<html><head><title>错误信息</title><meta http-equiv='Content-Type' content='text/html; charset=utf-8'>
</head><body>
<strong>错误信息</strong><br/>
产生错误的可能原因：<br><%=ErrMsg%><br/><br/>
<a href='login.asp'>&lt;&lt; 返回登录页面</a>
</body></html>
<%
End Sub

Sub WriteLog(uid,msg)
	conn.execute("insert into t_user_log (uid,happentime,contents) values ('"&uid&"','"&now()&"','"&msg&"')")
End Sub
%>