www.pudn.com > Zhwebcode.rar > Admin.asp, change:2008-10-07,size:1187b


<% 
dim ComeUrl,cUrl,AdminName 
 
ComeUrl=lcase(trim(request.ServerVariables("HTTP_REFERER"))) 
'if ComeUrl="" then 
'	response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许直接输入地址访问本系统的后台管理页面。</font></p>" 
'	response.end 
'else 
'	cUrl=trim("http://" & Request.ServerVariables("SERVER_NAME")) 
'	if mid(ComeUrl,len(cUrl)+1,1)=":" then 
'		cUrl=cUrl & ":" & Request.ServerVariables("SERVER_PORT") 
'	end if 
'	cUrl=lcase(cUrl & request.ServerVariables("SCRIPT_NAME")) 
'	if lcase(left(ComeUrl,instrrev(ComeUrl,"/")))<>lcase(left(cUrl,instrrev(cUrl,"/"))) then 
'		response.write "<br><p align=center><font color='red'>对不起,为了系统安全,不允许从外部链接地址访问本系统的后台管理页面。</font></p>" 
'		response.end 
'	end if 
'end if 
 
AdminName=replace(session("AdminName"),"'","") 
if AdminName="" then 
	call CloseConn() 
	response.redirect "login.asp" 
	response.End() 
end if 
sql="select UserName from Admin where UserName='" & session("AdminName") & "' and Password='" & session("AdminPassword") & "'" 
set rs=conn.execute(sql) 
if rs.eof and rs.bof then 
  rs.close 
  response.Redirect("login.asp") 
  response.End() 
end if 
%>