我要评论security.asp
<%
bloggedin = (len(session("username")) > 0)
if brequirelogin then
' 要求登录.
if not bloggedin then
response.redirect "login.asp?comebackto=" & _
request.servervariables("script_name") & "?" & _
' 如果没注册,请注册.
server.urlencode(request.querystring)
end if
end if
%>
login.asp
<%
if request("comebackto") <> "" then
sreferer = request("comebackto")
sgobackto = "?" & request.querystring
end if
if request("cmdlogin") <> "" then
susername = request("txtusername")
spassword = request("txtpassword")
' 提交注册.
if susername = "bill" and spassword = "gates" then
bloginsuccessful = true
' 验证帐号和密码.
end if
session("username") = susername
if sreferer = "" then
response.redirect "index.asp"
' 登录成功,到用户请求页.
else
response.redirect sreferer
' 如果没填写,重定向到登录页或其他约定的页.
end if
else
%>
<form action="login.asp<%=sgobackto%>" method="post">
<input type="text" name="txtusername"><br>
<input type="password" name="txtpassword"><br>
<input type="submit" name="cmdlogin"><br>
</form>
' 显示登录.
<%
end if
%>
testpage.asp
<%
brequirelogin = true
%>
<!--#include file="security.asp"-->
' 将 brequirelogin设为真,放到 security.asp 中.
[1]
发表评论