security.asp
<%
bLoggedIn = (len(session(\”UserName\”)) > 0)
if bRequireLogin then
\’ 要求登录.
if Not bLoggedIn then
response.redirect \”login.asp?comebackto=\” & _
request.servervariables(\”script_name\”) & \”?\” & _
\’ 如果没注册,请注册.
server.urlencode(request.querystring)
end if
end if
%>
login.asp
<%
if request(\”comebackto\”) <> \”\” then
sReferer = request(\”comebackto\”)
sGoBackTo = \”?\” & request.querystring
end if
if request(\”cmdLogin\”) <> \”\” then
sUserName = request(\”txtUserName\”)
sPassword = request(\”txtPassword\”)
\’ 提交注册.
if sUserName = \”bill\” And sPassword = \”gates\” then
bLoginSuccessful = True
\’ 验证帐号和密码.
end if
session(\”UserName\”) = sUserName
if sReferer = \”\” then
response.redirect \”index.asp\”
\’ 登录成功,到用户请求页.
else
response.redirect sReferer
\’ 如果没填写,重定向到登录页或其他约定的页.
end if
else
%>
<form action=\”login.asp<%=sGoBackTo%>\” method=\”post\”>
<input type=\”text\” name=\”txtUserName\”><br>
<input type=\”password\” name=\”txtPassword\”><br>
<input type=\”submit\” name=\”cmdLogin\”><br>
</form>
\’ 显示登录.
<%
end if
%>
testpage.asp
<%
bRequireLogin = True
%>
<!–#include file=\”security.asp\”–>
\’ 将 bRequireLogin设为真,放到 security.asp 中.
[1]