<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <% If cstr(Request.Form("m_username"))<>"" Then If Request.form("RemberMe") ="1" Then Response.Cookies("RemName") = Request.Form("m_username") Response.Cookies("RemPass") = Request.Form("m_passwd") Response.Cookies("RemMe") = "1" Response.Cookies("RemName").expires = Date + 365 Response.Cookies("RemPass").expires = Date + 365 Response.Cookies("RemMe").expires = Date + 365 Else Response.Cookies("RemMe") = "" Response.Cookies("RemName") = "" Response.Cookies("RemPass") = "" End If End If %> "") Then MM_newQS = "?" For Each Item In Request.QueryString If (Item <> "MM_Logoutnow") Then If (Len(MM_newQS) > 1) Then MM_newQS = MM_newQS & "&" MM_newQS = MM_newQS & Item & "=" & Server.URLencode(Request.QueryString(Item)) End If Next if (Len(MM_newQS) > 1) Then MM_logoutRedirectPage = MM_logoutRedirectPage & MM_newQS End If Response.Redirect(MM_logoutRedirectPage) End If %> <% Dim RecUser__MMColParam RecUser__MMColParam = "1" If (Session("MM_Username") <> "") Then RecUser__MMColParam = Session("MM_Username") End If %> <% Dim RecUser Dim RecUser_numRows Set RecUser = Server.CreateObject("ADODB.Recordset") RecUser.ActiveConnection = MM_connMember_STRING RecUser.Source = "SELECT * FROM memberData WHERE m_username = '" + Replace(RecUser__MMColParam, "'", "''") + "'" RecUser.CursorType = 0 RecUser.CursorLocation = 2 RecUser.LockType = 1 RecUser.Open() RecUser_numRows = 0 %> <% ' *** Validate request to log in to this site. MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Request.QueryString MM_valUsername=CStr(Request.Form("m_username")) If MM_valUsername <> "" Then MM_fldUserAuthorization="m_level" MM_redirectLoginSuccess="memberzone.asp" MM_redirectLoginFailed="index.asp?errMsg=您所输入的账号或密码错误，请重新登录！" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_connMember_STRING MM_rsUser.Source = "SELECT m_username, m_passwd" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM memberData WHERE m_username='" & Replace(MM_valUsername,"'","''") &"' AND m_passwd='" & Replace(Request.Form("m_passwd"),"'","''") & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And true Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If %>

 

<% RecUser.Close() Set RecUser = Nothing %>