<%
if EnableSiteManageCode=true And SiteManageCode="8888" Then
Response.Write"
系统初始认证码为8888,为了您的系统安全,建议打开conn.asp进行修改!"
End If
%>
<%End Sub
Sub CheckLogin()
Dim PWD,UserName,LoginRS,SqlStr,RndPassword
Dim ScriptName,AdminLoginCode
AdminLoginCode=KS.G("AdminLoginCode")
IF Trim(Request.Form("Verifycode"))<>Trim(Session("Verifycode")) then
Call KS.Alert("登录失败:\n\n验证码有误,请重新输入!","Login.asp")
exit Sub
end if
If EnableSiteManageCode = True And AdminLoginCode <> SiteManageCode Then
Call KS.Alert("登录失败:\n\n您输入的后台管理认证码不对,请重新输入!","Login.asp")
exit Sub
End If
Pwd =MD5(KS.R(Request.form("pwd")),16)
UserName = KS.R(trim(Request.form("username")))
RndPassword=KS.R(KS.MakeRandomChar(20))
ScriptName=KS.R(Trim(Request.ServerVariables("HTTP_REFERER")))
Set LoginRS = Server.CreateObject("ADODB.RecordSet")
SqlStr = "select * from KS_Admin where UserName='" & UserName & "'"
LoginRS.Open SqlStr,Conn,1,3
If LoginRS.EOF AND LoginRS.BOF Then
Call KS.InsertLog(UserName,0,ScriptName,"输入了错误的帐号!")
Call KS.AlertHistory("登录失败:\n\n您输入了错误的帐号,请再次输入!",-1)
Else
IF LoginRS("PassWord")=pwd THEN
IF Cint(LoginRS("Locked"))=1 Then
Call KS.Alert("登录失败:\n\n您的账号已被管理员锁定,请与您的系统管理员联系!","Login.asp")
Response.End
Else
'登录成功,进行前台验证,并更新数据
Dim UserRS:Set UserRS=Server.CreateObject("Adodb.Recordset")
UserRS.Open "Select Score,LastLoginIP,LastLoginTime,LoginTimes,UserName,Password,RndPassWord,IsOnline From KS_User Where UserName='" & LoginRS("PrUserName") & "' and GroupID=1",Conn,1,3
IF Not UserRS.Eof Then
If datediff("n",UserRS("LastLoginTime"),now)>=KS.Setting(36) then '判断时间
UserRS("Score")=UserRS("Score")+KS.Setting(37)
end if
UserRS("LastLoginIP") = KS.GetIP
UserRS("LastLoginTime") = Now()
UserRS("LoginTimes") = UserRS("LoginTimes") + 1
UserRS("RndPassWord") = RndPassWord
UserRS("IsOnline")=1
UserRS.Update
'置前台会员登录状态
Response.Cookies(KS.SiteSn).path = "/"
Response.Cookies(KS.SiteSn)("UserName") = KS.R(UserRS("UserName"))
Response.Cookies(KS.SiteSn)("Password") = UserRS("Password")
Response.Cookies(KS.SiteSn)("RndPassword") = KS.R(UserRS("RndPassword"))
Response.Cookies(KS.SiteSn)("AdminLoginCode") = AdminLoginCode
Response.Cookies(KS.SiteSn)("AdminName") = UserName
Response.Cookies(KS.SiteSn)("AdminPass") = pwd
Response.Cookies(KS.SiteSn)("SuperTF") = LoginRS("SuperTF")
Response.Cookies(KS.SiteSn)("PowerList") = LoginRS("PowerList")
Response.Cookies(KS.SiteSn)("ModelPower") = LoginRS("ModelPower")
Response.Cookies(KS.SiteSn)("SkinID") = KS.S("SkinID")
Else
Call KS.InsertLog(UserName,0,ScriptName,"找不到前台账号!")
Call KS.Alert("登录失败:\n\n找不到前台账号!","Login.asp")
Response.End
End If
UserRS.Close:Set UserRS=Nothing
LoginRS("LastLoginTime")=Now
LoginRS("LastLoginIP")=KS.GetIP
LoginRS("LoginTimes")=LoginRS("LoginTimes")+1
LoginRS.UpDate
Call KS.InsertLog(UserName,1,ScriptName,"成功登录后台系统!")
Response.Redirect("Index.asp")
End IF
ELse
Response.Cookies(KS.SiteSn).path = "/"
Response.Cookies(KS.SiteSn)("AdminName")=""
Response.Cookies(KS.SiteSn)("AdminPass")=""
Response.Cookies(KS.SiteSn)("SuperTF")=""
Response.Cookies(KS.SiteSn)("AdminLoginCode")=""
Response.Cookies(KS.SiteSn)("PowerList")=""
Response.Cookies(KS.SiteSn)("ModelPower")=""
Call KS.InsertLog(UserName,0,ScriptName,"输入了错误的口令:" & Request.form("pwd"))
Call KS.Alert("登录失败:\n\n您输入了错误的口令,请再次输入!","Login.asp")
END IF
End If
END Sub
Sub LoginOut()
Conn.Execute("Update KS_Admin Set LastLogoutTime=" & SqlNowString & " where UserName='" & KS.R(KS.C("AdminName")) &"'")
Dim AdminDir:AdminDir=KS.Setting(89)
Response.Cookies(KS.SiteSn).path = "/"
Response.Cookies(KS.SiteSn)("PowerList")=""
Response.Cookies(KS.SiteSn)("AdminName")=""
Response.Cookies(KS.SiteSn)("AdminPass")=""
Response.Cookies(KS.SiteSn)("SuperTF")=""
Response.Cookies(KS.SiteSn)("AdminLoginCode")=""
Response.Cookies(KS.SiteSn)("ModelPower")=""
session.Abandon()
Response.Write ("")
End Sub
Set KS=Nothing
%>
当前位置:
支持(0) | 
反对(0)
顶端 
底部
![电子邮件:[ jswhys@189.cn ]](http://bbs.kesion.com/club/images/email.gif){kind=small}
