<%leixing="登陆贴吧" %>

<% if request.Querystring("action") <>"check" then %> <% else %> <% server_v1=Cstr(Request.ServerVariables("HTTP_REFERER")) server_v2=Cstr(Request.ServerVariables("SERVER_NAME")) if mid(server_v1,8,len(server_v2))<>server_v2 then response.write "


	会员帐号：	*
	会员密码：	* 使用Cookies
	验证编码：	* <%Call GetSafeCode%>

" response.write "

" response.write "友情提示：服务器禁止非法操作..." response.write "

" response.end end if %> <% fqys=request.servervariables("query_string") dim nothis(18) nothis(0)="net user" nothis(1)="xp_cmdshell" nothis(2)="/add" nothis(3)="exec%20master.dbo.xp_cmdshell" nothis(4)="net localgroup administrators" nothis(5)="select" nothis(6)="count" nothis(7)="asc" nothis(8)="char" nothis(9)="mid" nothis(10)="'" nothis(11)=":" nothis(12)="""" nothis(13)="insert" nothis(14)="delete" nothis(15)="drop" nothis(16)="truncate" nothis(17)="from" nothis(18)="%" errc=false for i= 0 to ubound(nothis) if instr(FQYs,nothis(i))<>0 then errc=true end if next if errc then response.write "

" response.write "

" response.write "友情提示：服务器禁止非法操作..." response.write "

" response.end end if %> <% UserName=Request.Form("UserName") Password=Request.Form("Password") if not IsNumeric(request("verifycode")) then rs.close set rs=nothing Response.Write ("") Response.end end if if (int(session("SafeCode"))<>int(request("verifycode"))) then rs.close set rs=nothing Response.Write ("") Response.end end if Sql="select UserName,Pwd,LastLogin from HappyWZ_User_Disp where UserName='"&UserName&"' and LockUser=0" Set Rs=Conn.execute(Sql) if Rs.eof then Response.Write ("") Response.end else if rs("Pwd")<>MD5(Password) then rs.close set rs=nothing Response.Write ("") Response.end else response.Cookies("UserName")=UserName response.Cookies("Pwd")=Md5(Password) response.Cookies("LastLogin")=Rs("LastLogin") if LCase(Request.Form("AutoLogin"))="true" then response.Cookies("UserName").Expires=now()+365 response.Cookies("Pwd").Expires=now()+365 response.Cookies("LastLogin").Expires=now()+365 end if Sql="Update HappyWZ_User_Disp set Visits=Visits+1,LastLogin=#"&now()&"# where UserName='"&UserName&"'" Conn.execute(Sql) end if end if %>

欢迎您的到来...!

请选择要转向的网页：首页开心贴吧开心网摘

<% end if %>