function chklogin(byval Level)
if len(getlogin("admin", "username")) =0 Then
Dim CK_UserName,CK_PassWord,Rs
CK_UserName=Request.Cookies(Cacheflag)("login_admin_username")
CK_PassWord=Request.Cookies(Cacheflag)("login_admin_password")
CK_UserName=Replace(Replace(Replace(Replace(Replace(Replace(CK_UserName,"'",""),")",""),">",""),"*",""),"?",""),"%","")
CK_PassWord=Replace(Replace(Replace(Replace(Replace(Replace(CK_PassWord,"'",""),")",""),">",""),"*",""),"?",""),"%","")
If Len(CK_UserName)>0 And Len(CK_PassWord)>0 Then
Set Rs = DB("Select [Username],[Password],[Levels],[ManagePlus],[ManageChannel],[Uploadfileexts],[Uploadfilesize],[CheckCode] From [{pre}Admin] Where [Username]='" & CK_UserName & "'",1)
If Not Rs.Eof Then
If MD5(Cacheflag & GetIP & rs("CheckCode"),32)=CK_PassWord Then
call setLogin("admin","username",rs("username"))
call setLogin("admin","password",rs("password"))
call setLogin("admin","levels",rs("levels"))
call setLogin("admin","manageplus",rs("manageplus"))
call setLogin("admin","managechannel",rs("managechannel"))
call setLogin("admin","uploadfileexts",rs("uploadfileexts"))
call setLogin("admin","uploadfilesize",rs("uploadfilesize"))
End If
End If : Rs.Close
End If
end if
if len(getlogin("admin", "username")) = 0 then
response.write "<Script>top.location.href='Login.Asp';</Script>": response.end
else
if instr(",login," & lcase(getlogin("admin", "levels")) & ",", "," & lcase(Level) & ",") = 0 then response.write "对不起,你没有此权限!": response.end
Session("content_IN_Cache") = ""
end if
end function
麻烦帮我说明下详细的验证流程 谢谢
if len(getlogin("admin", "username")) =0 Then
Dim CK_UserName,CK_PassWord,Rs
CK_UserName=Request.Cookies(Cacheflag)("login_admin_username")
CK_PassWord=Request.Cookies(Cacheflag)("login_admin_password")
CK_UserName=Replace(Replace(Replace(Replace(Replace(Replace(CK_UserName,"'",""),")",""),">",""),"*",""),"?",""),"%","")
CK_PassWord=Replace(Replace(Replace(Replace(Replace(Replace(CK_PassWord,"'",""),")",""),">",""),"*",""),"?",""),"%","")
If Len(CK_UserName)>0 And Len(CK_PassWord)>0 Then
Set Rs = DB("Select [Username],[Password],[Levels],[ManagePlus],[ManageChannel],[Uploadfileexts],[Uploadfilesize],[CheckCode] From [{pre}Admin] Where [Username]='" & CK_UserName & "'",1)
If Not Rs.Eof Then
If MD5(Cacheflag & GetIP & rs("CheckCode"),32)=CK_PassWord Then
call setLogin("admin","username",rs("username"))
call setLogin("admin","password",rs("password"))
call setLogin("admin","levels",rs("levels"))
call setLogin("admin","manageplus",rs("manageplus"))
call setLogin("admin","managechannel",rs("managechannel"))
call setLogin("admin","uploadfileexts",rs("uploadfileexts"))
call setLogin("admin","uploadfilesize",rs("uploadfilesize"))
End If
End If : Rs.Close
End If
end if
if len(getlogin("admin", "username")) = 0 then
response.write "<Script>top.location.href='Login.Asp';</Script>": response.end
else
if instr(",login," & lcase(getlogin("admin", "levels")) & ",", "," & lcase(Level) & ",") = 0 then response.write "对不起,你没有此权限!": response.end
Session("content_IN_Cache") = ""
end if
end function
麻烦帮我说明下详细的验证流程 谢谢