<!--#include file="../Conn.asp" -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>用户验证</title>
</head>
<%
name = request.form("name") '取得用户名
name = replace(name,"'","")
pwd = request.form("pwd") '取得密码
set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from admin where name='"& name &"'" &" and pwd='"& pwd & "'"
rs.open sqlstr,conn,1,1
if rs.eof then
response.redirect "error.asp" '登录失败进入error.asp页
else
session("name")=request.form("name")
' 设置session值,以便对页面进行限制登录。有了这行代码,再将上面提到的<!--#include file="session.asp" -->代码加入到需要限制登录的页面中,该页面就必须登录成功后才能访问response.redirect "admins.asp" '登录成功后进入admins.asp的管理页,'本页中就要加入<!--#include file="session.asp" -->代码
end if
%>
<body>
</body>
</html>