NEWSZW_HZH_BEGIN-->
< %
if not IsEmpty(Session( " cust—id " )) and Len(Session( " cust—id " ))>0 then
' 用户登录后指向主页 .
Response.Redirect( " navigation/dashbrd.asp " )
' 在此添入真正的主页 URL.
end if
bLogin = False
' 设置标志 .
bError = False
if IsEmpty(Request( " uid " )) or Len(Request( " uid " )) = 0 or IsEmpty(Request( " pwd " )) or Len(Request( " pwd " )) = 0 then
' 检查空字符 .
bLogin = True
else
----------------------------------------------------------------------------------------------------------------
' 检验数据库保存密码表中是否有该用户 .
" select * from customer WHERE cust—id=′ " & request( " uid " ) & " ′ and ′cust—pwd=′ " & request(″pwd″) & " ′ "
' 连接数据库 , 其中 request(″uid″) 和 request(″pwd″) 为本页 html 中表单中的用户名和密码的 text.
gbFound = False
----------------------------------------------------------------------------------------------------------------
if not rsCust.BOF and not rsCust.EOF then
gbFound = True
end if
if gbFound then
Session( " cust—id " ) = rsCust.Fields( " cust—id " )
' 在 session 变量中记录有用的信息 . 此项为数据库中用户名 .
Session( " cust—pwd " ) = rsCust.Fields( " cust—pwd " )
' 此项为数据库中用户密码 .
Session( " power " ) = rsCust.Fields( " power " )
' 此项为数据库中用户权限 , 可选 .
' rsCust.ActiveConnection.Execute ( " update customer set cust—login = ′ " & Now & " ′ where cust_id = " & Session( " cust—id " ) & "" )
' 更新最后登录时间 , 可选 .
Response.Redirect( " navigation/dashbrd.asp " )
' 真正主页 URL.
Else
′UID and password not found
bError = True bLogin = True
end if
rsCust.Close
' 关闭记录 .
mycn—login.Close
set mycn—login=Nothing
end if
% >
----------------------------------------------------------------------------------------------------------------
' 登录页面 .
<form name= " login " action= " default.asp " method= " post " target= " —top " >
' 在 html 中加入 FORM, 并设为自发送页 . action 后面要接本页的 URL, 这样 , 即使用户登录错误 , 在本页即可获得提示 , 而无须再返回前一页登录 .
input name= " uid " size= " 10 " maxlength= " 10 " style= " HEIGHT: 21px; WIDTH: 101px " >
<input name= " pwd " type= " password " size= " 10 " maxlength= " 10 " >
[1]
NEWSZW_HZH_END-->查看更多关于如何最大限度地实现安全登录功能?_编程10000问的详细内容...