<%if request.Form("act")="login" then%>
<!--#include file="conn.asp"-->
<%user=trim(request.Form("user"))
user=replace(user,"'","")
user=replace(user,"""","")
user=replace(user," ","")
user=replace(user,"<","")
user=replace(user,">","")
user=replace(user,"%","")
pass=request.Form("pwd")
pass=replace(pass,"'","")
pass=replace(pass,"""","")
pass=replace(pass," ","")
pass=replace(pass,"<","")
pass=replace(pass,">","")
pass=replace(pass,"%","")
if user="" then
response.Write"<script>alert('Error:user is null!');history.go(-1)</script>"
response.End
else
sql="select * from administrator where uid='"&user&"' and pwd='"&pass&"'"
rs.open sql,conn,1,1
if rs.eof or rs.bof then
response.Write"<script>alert('Error:wrong user or password!');history.go(-1)</script>"
response.End
end if
session("uid")=rs("uid")
rs.close
response.Redirect("/admin")
end if
end if%>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>管理员登陆</title>
<style type="text/css">
<!--
table {
font-size: 12px;
color: #3366FF;
}
.table1 {
font-size: 12px;
color: #3366FF;
border: 1px ridge;
}
-->
</style>
<body bgcolor="#efefef" link="#000000" vlink="#000000">
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<table width="300" height="200" border="0" align="center" cellpadding="0" cellspacing="0" class="table1">
<tr>
<td height="45" align="center">管理员入口</td>
</tr>
<tr>
<td valign="top">
<table width="230" height="120" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#000000">
<form name="form1" method="post" action="index.asp"><tr>
<td width="85" height="35" align="center" bgcolor="#efefef">用户名</td>
<td width="142" bgcolor="#efefef"><input name="user" type="text" id="user" size="15" maxlength="15"></td>
</tr>
<tr>
<td height="35" align="center" bgcolor="#efefef">密 码</td>
<td bgcolor="#efefef"><input name="pwd" type="password" id="pwd" size="15" maxlength="15"></td>
</tr>
<tr bgcolor="#efefef">
<td colspan="2" align="center">
<input type="submit" name="Submit2" value="登 陆">
&nbsp;
<input name="act" type="hidden" id="act" value="login"> </td>
</tr> </form>
</table>
</td>
</tr>
</table>
</body>