2013年9月6日 星期五

asp-logon-by-mssql


Logon.asp


<%@ LANGUAGE="VBSCRIPT" %>
<% pageTitle = "Outpost Login" %>
<!--#include virtual="/pagetop.txt"-->
<%
'First check to see if user is already logged in
if Request.cookies("isLoggedInAs") = "" then  %>
     <H2>Member Login</H2>
     <% if Request.querystring("retry") = "password" then %>
          <h3>Invalid Password</h3>
     <% elseif Request.querystring("") = "username" then %>
          <h3>Invalid username</h3>
     <% end if %>
     <FORM ACTION="login_action.asp" METHOD="post">
     Username:  <INPUT TYPE="text" NAME="p_username"><BR>
     Password:  <INPUT TYPE="password" NAME="p_password"><BR>
     <BR>
     <INPUT TYPE="checkbox" NAME="p_save" VALUE="yes">
     Save my username and password
     <P>
     <INPUT TYPE="submit" VALUE="Log In">
     </FORM>
     <P>
     Don't have a username and password?  You can
     <A HREF="register.asp">register</a> for free
     and get your own space!
<% else  %>
     <H2><%= Request.cookies("isLoggedInAs")("first_name") %>'s Personal Space</H2>
     If you are not <%= Request.cookies("isLoggedInAs")("first_name") %>,
     <A HREF="/logoff.asp">click here</a>.
<% end if %>
<P>
<!--#include virtual="/pagebottom.txt"-->
</BODY>
</HTML>



login_action.asp


<%@ LANGUAGE="VBSCRIPT" %>
<% pageTitle = "Counter" %>
<%
p_username = Request.form("p_username")
p_password = Request.form("p_password")
p_save = Request.form("p_save")
set outpostDB = Server.CreateObject("ADODB.Connection")
outpostDB.Open "outpost"
sqlText="select * from members where username='"&p_username &"'"
set userSet = outpostDB.Execute(sqlText)
if userSet.EOF then
Response.Redirect " /login.asp?retry=username"
else
real_password = trim(userSet("password"))
if p_password = real_password then
Response.cookies("isLoggedInAs")("username") = p_username
Response.cookies("isLoggedInAs")("first_name") = userSet("first_name")
if p_save = "yes" then
Response.cookies("isLoggedInAs").expires =_
  #December 31, 2001 00:00:00#
end if
else
'Username is good, but password is wrong
Response.Redirect "http://localhost/login.asp?retry=password"
end if
end if
 %>
 <% pageTitle = "Counter" %>
 <!--#include virtual="/pagetop.txt"-->
 Welcome back, <%= userSet("first_name")%>!
 <%  userSet.Close
     set userSet = Nothing
     outpostDB.Close
     set outpostDB = Nothing
 %>
 <!--#include virtual="/pagebottom.txt"-->
 </BODY>
 </HTML>

















張貼者:
標籤:

沒有留言:

張貼留言

訂閱: 張貼留言 (Atom)