<%@language=vbscript codepage=936%> <% Option Explicit '强制浏览器重新访问服务器下载页面，而不是从缓存读取页面 Response.Buffer = True Response.Expires = -1 Response.ExpiresAbsolute = Now() - 1 Response.Expires = 0 Response.CacheControl = "no-cache" '主要是使随机出现的图片数字随机 %> <% Action = Trim(Request("Action")) If Action = "Login" Then Call ChkLogin ElseIf Action = "Logout" Then Call Logout Else Call main End If If FoundErr = True Then Call WriteErrMsg End If Call CloseConn Sub main() Dim EnableSoftKey EnableSoftKey = Conn.Execute("select EnableSoftKey from PE_Config")(0) Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "

" & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf If EnableSiteManageCode = True Then Response.Write " " & vbCrLf Response.Write " " & vbCrLf End If Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf If EnableSoftKey = True Then Response.Write " " & vbCrLf Else Response.Write " " & vbCrLf End If If EnableSiteManageCode = True Then Response.Write " " & vbCrLf End If Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " " & vbCrLf Response.Write " 用户名称： 用户密码： 管理认证码： 验证码： " & vbCrLf If EnableSiteManageCode = True And SiteManageCode = "PowerEasy2006" Then Response.Write " 您使用的后台管理认证码为系统初始值“PowerEasy2006”，请修改Admin_ChkCode.asp文件中相应的SiteManageCode值。" & vbCrLf End If Response.Write " " & vbCrLf Response.Write "

" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf Response.Write "" & vbCrLf End Sub Sub ChkLogin() Dim sql, rs Dim UserName, Password, CheckCode, RndPassword, AdminLoginCode UserName = ReplaceBadChar(Trim(Request("UserName"))) Password = ReplaceBadChar(Trim(Request("Password"))) CheckCode = LCase(ReplaceBadChar(Trim(Request("CheckCode")))) AdminLoginCode = Trim(Request("AdminLoginCode")) If CSng(ScriptEngineMajorVersion & "." & ScriptEngineMinorVersion) < 5.6 Then FoundErr = True ErrMsg = ErrMsg & "

服务器脚本解释引擎（VBScript）版本过低，请联系您的空间商或服务器管理员更新。

" ErrMsg = ErrMsg & "

脚本解释引擎下载地址

" End If If UserName = "" Then FoundErr = True ErrMsg = ErrMsg & "

用户名不能为空！

" End If If Password = "" Then FoundErr = True ErrMsg = ErrMsg & "

密码不能为空！

" End If If Trim(Session("CheckCode")) = "" Then FoundErr = True ErrMsg = ErrMsg & "

你在管理登录停留的时间过长，导致验证码失效。请重新返回登录页面进行登录。

" End If If FoundErr = True Then Exit Sub End If ComeUrl = Trim(Request.ServerVariables("HTTP_REFERER")) Password = MD5(Password, 16) Set rs = Server.CreateObject("adodb.recordset") sql = "select * from PE_Admin where Password='" & Password & "' and AdminName='" & UserName & "'" rs.Open sql, Conn, 1, 3 If rs.bof And rs.EOF Then FoundErr = True ErrMsg = ErrMsg & "

用户名或密码错误！！！

" Else If Password <> rs("Password") Then FoundErr = True ErrMsg = ErrMsg & "

用户名或密码错误！！！

" End If End If If FoundErr = True Then Call InsertLog(1, -1, UserName, UserTrueIP, "登录失败", ComeUrl, "") Session("AdminName") = "" Session("AdminPassword") = "" Session("RndPassword") = "" rs.Close Set rs = Nothing Exit Sub End If UserName = rs("UserName") RndPassword = GetRndPassword(16) rs("LastLoginIP") = UserTrueIP rs("LastLoginTime") = Now() rs("LoginTimes") = rs("LoginTimes") + 1 rs("RndPassword") = RndPassword rs.Update Call InsertLog(1, 0, UserName, UserTrueIP, "登录成功", ComeUrl, "") strInstallDir = GetScriptPath(Trim(Request.ServerVariables("SCRIPT_NAME")), 1) Site_Sn = Replace(Replace(LCase(Request.ServerVariables("SERVER_NAME") & strInstallDir), "/", ""), ".", "") Response.Cookies(Site_Sn)("AdminName") = rs("AdminName") Response.Cookies(Site_Sn)("AdminPassword") = rs("Password") Response.Cookies(Site_Sn)("RndPassword") = RndPassword Response.Cookies(Site_Sn)("AdminLoginCode") = AdminLoginCode rs.Close sql = "select UserPassword,LastPassword,LastLoginIP,LastLoginTime,LoginTimes from PE_User where UserName='" & UserName & "'" rs.Open sql, Conn, 1, 3 If Not (rs.bof And rs.EOF) Then rs("LastPassword") = RndPassword rs("LastLoginIP") = UserTrueIP rs("LastLoginTime") = Now() rs("LoginTimes") = rs("LoginTimes") + 1 rs.Update Response.Cookies(Site_Sn)("UserName") = UserName Response.Cookies(Site_Sn)("UserPassword") = rs("UserPassword") Response.Cookies(Site_Sn)("LastPassword") = RndPassword End If rs.Close Set rs = Nothing Call CloseConn Response.Redirect "Admin_Index.asp" End Sub Sub Logout() Conn.Execute ("update PE_Admin set LastLogoutTime=" & PE_Now & " where AdminName='" & ReplaceBadChar(Trim(Request.Cookies(Site_Sn)("AdminName"))) & "'") Response.Cookies(Site_Sn)("AdminName") = "" Response.Cookies(Site_Sn)("AdminPassword") = "" Response.Cookies(Site_Sn)("RndPassword") = "" Response.Cookies(Site_Sn)("UserName") = "" Response.Cookies(Site_Sn)("UserPassword") = "" Response.Cookies(Site_Sn)("LastPassword") = "" Response.Cookies(Site_Sn)("UnreadMsg") = "" Call CloseConn Response.Redirect "../Index.asp" End Sub '**************************************************** '过程名：WriteErrMsg '作 用：显示错误提示信息 '参 数：无 '**************************************************** Sub WriteErrMsg() Dim strErr strErr = strErr & "" & vbCrLf strErr = strErr & "" & vbCrLf strErr = strErr & "" & vbCrLf strErr = strErr & " " & vbCrLf strErr = strErr & " " & vbCrLf strErr = strErr & " " & vbCrLf strErr = strErr & "

错误信息

产生错误的可能原因： " & ErrMsg & "

<< 返回登录页面

" & vbCrLf strErr = strErr & "" & vbCrLf Response.Write strErr End Sub Sub InsertLog(LogType, ChannelID, UserName, UserIP, LogContent, ScriptName, PostString) Dim sqlLog, rsLog sqlLog = "select top 1 * from PE_Log" Set rsLog = Server.CreateObject("Adodb.RecordSet") rsLog.Open sqlLog, Conn, 1, 3 rsLog.addnew rsLog("LogType") = LogType rsLog("ChannelID") = ChannelID rsLog("LogTime") = Now() rsLog("UserName") = UserName rsLog("UserIP") = UserIP rsLog("LogContent") = LogContent rsLog("ScriptName") = ScriptName rsLog("PostString") = PostString rsLog.Update rsLog.Close Set rsLog = Nothing End Sub %>