<!-- #include file="Conn.asp"-->
<%
If IsEmpty(Session("Passed")) Then
Session("Passed") = False
End If
If Session("Passed") = False Then
UserName = Request.Form("UserName")
UserPwd = Request.Form("UserPwd")
If UserName = "" or UserPwd = "" Then
Errmsg = "请输入用户名或密码"
Else
Set rs = Server.CreateObject("ADODB.Connection")
Set rs.ActiveConnection = Conn
rs.CursorType = 3
rs.Open "SELECT * FROM Users WHERE UserName='" & UserName & "'"
If rs.EOF Then
Session("Errmsg") = "用户名不存在"
Else
If UserPwd <> rs.Fields("UserPwd") Then
Session("Errmsg") = "用户密码不正确"
Else '登陆成功
Errmsg = ""
Session("Passed") = True
Session("UserName") = rs.Fields("UserName")
Session("UserId") = rs.Fields("UserId")
Session("Errmsg") = ""
End If
End If
<%
Set Conn=Server.CreateObject("ADODB.Connection")
Conn.ConnectionString="Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath("data/discuss.mdb")
Conn.Open
%>