<% act=html(trim(request("act"))) if act="post" then username=html(lcase(trim(request.Form("username")))) password=html(lcase(trim(request.Form("password")))) safecode=html(lcase(trim(request.form("safecode")))) back_url=html(request.Form("back_url")) if safecode<>session("safecode") or safecode="" or session("safecode")="" then call msg("验证码错误","") end if if len(username)<4 or len(username)>20 or feifa(username) then call msg("用户名格式不正确","") end if if len(password)<4 or len(password)>20 or feifa(password) then call msg("密码格式不正确","") end if set rs=server.CreateObject("adodb.recordset") sql="select * from person where username='"&username&"'" rs.open sql,conn,1,3 if rs.eof then call msg("该用户名不存在","") else if rs("password")<>password then call msg("用户名或密码错误","") else if rs("pass")<>"yes" then call msg("该用户已被停用,请联系管理员","") else session("person")=username session("rename")=rs("rename") rs("login_num")=rs("login_num")+1 rs("ltime")=rs("etime") rs("lip")=rs("eip") rs("etime")=now() rs("eip")=getip() rs.update() end if end if end if rs.close set rs=nothing if back_url<>"" then w_url=back_url else w_url="person.asp" end if call msg("","location='"&w_url&"'") end if %> 员工登录-<%=webzhong(0)%>