<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <%if request.Form("sub")="sub" then username=trim(request.form("username")) username=replace(username,"'","") password=trim(request.form("password")) password=replace(password,"'","") password=md5(password) if username="" or password="" then response.Redirect("login.asp") else set rs=server.CreateObject("adodb.recordset") sql="select * from y_admin where y_username='"&username&"'and y_password='"&password&"'" rs.open sql,conn,1,1 if not rs.eof then session("yd631")="yd631" response.Redirect("list.asp") else response.Redirect("login.asp") end if end if response.End() end if %>

 

 

用户名： 密 码：