asp简单的用户登录

asp简单的用户登录

<!--#include file="../inc/P_connect.asp" -->
<%
 Dim uid,pwd
 uid =html_encode(Request.Form("Uid") )
 pwd =html_encode(Request.Form("pwd") )
 
 If uid ="admin_videa" and pwd="videa888" Then
  Session("Admin")=uid
  Response.Redirect("../Input.asp")
 Else
  Response.Write("<script>alert('用户名与密码不正确!');history.back();</script>")
  Response.End()
 End if
%>

下面是数据库连接函数

<%
 Dim Rs,Conn 
 Sub Db_connect()  
  Dpath ="D_datadb2.mdb"
  Set Conn=Server.CreateObject("Adodb.connection")
  Set Rs =Server.CreateObject("Adodb.Recordset")
  Conn.connectionstring="Provider=Microsoft.Jet.oledb.4.0;Data source="&Server.MapPath(Dpath)
  Conn.open
 End sub
 
 sub closedb()
  if isobject(Rs) then
   if not(Rs is nothing) then
    Rs.close
    set Rs=nothing
    end if
   end if
  if isobject(Conn) then
   if not(Conn is nothing) then
    Conn.close
    set Conn=nothing
   end if
  end if
 end sub
 
 '********************************************************* 过滤不安全
 
 function html_encode(html)
  dim temp
  temp=replace(html,"<","&lt;")
  temp=replace(temp,">","&gt;")
  temp=replace(temp,"'","单引号")
  temp=replace(temp,chr(13),"<br>")
  html_encode=replace(temp,chr(32),"&nbsp;")
 end function
 
 function encode_html(html)
  dim temp
  temp=replace(html,"&lt;","<")
  temp=replace(temp,"&gt;",">")
  temp=replace(temp,"单引号","'")
  temp=replace(temp,chr(13),"<br>")
  encode_html=replace(temp,chr(32),"&nbsp;")
 end function
 
 这里是退出登录函数

 function Login()
  If Session("Admin")="" then
   Response.Write("<script>alert('对不起你还未登录!');location='../login.asp';</script>")
   Response.End()
  End if
 End function
 
%>