<%
errmsg=""
if request("username")<>"" and request("password")<>"" then
username=Checkstr(request("username"))
password=Checkstr(request("password"))
set rs=server.createobject("adodb.recordset")
sql="select * from [admin] where adminname = '"&username&"'"
rs.open sql,conn,1,3
if rs.bof or rs.eof then
errmsg="此用户不存在"
elseif MD5(password)<>rs("adminpass") then
errmsg="用户名或密码错误"
else
rs("lastip")=request.servervariables("Remote_ADDR")
rs("lastlogin")=date()
rs.update
session("userid")=rs("adminid")
session("username")=rs("adminname")
session("userpass")=password
response.redirect "admin_index.asp"
response.end
end if
end if
%>
羊嘟嘟后台管理