我们在制作网站时通常想设置用户登陆系统,也就是说当用户登陆之后可以看到相应的内容,这种方法被经常使用了,具体的实现的流程图:

  具体ASP源代码如下:(包括3个文件)

  login.asp

<%@ Language="vbscript" %>
<% Option Explicit %>
<% Response.Buffer = True %>
<!--#include file="dbConn.asp"-->
<%
'================================================
' Was the form submitted?
' If so, lets check the Username and Password
'================================================
If Request.Form("Submitted") = "login" Then
    ' Declare our variables
    Dim objConn, objRS, strSQL
 
    ' Create Connection Object
    Set objConn = Server.CreateObject("ADODB.Connection")
    objConn.Open strConnect
 
    ' Build SQL String
    strSQL = "SELECT * FROM MemberInfo WHERE Username='" & Request.Form("Username") & "'"
 
    ' Create Recordset Object
    Set objRS = Server.CreateObject("ADODB.Recordset")
    objRS.Open strSQL, objConn
 
    If objRS.EOF Then
        '================================================
        ' Does the Username exist?
        ' If not, set strFailed and destroy all objects.
        ' We'll then display the login form again.
        '================================================
        strFailed = "Invalid Username"
        objRS.Close
        Set objRS = Nothing
        objConn.Close
        Set objConn = Nothing
    Else
        '================================================
        ' Username exists - is the password correct?
        ' If not, set strFailed and destroy all objects.
        ' We'll then display the login form again.
        '================================================
        If objRS.Fields("Password") <> Request.Form("Password") Then
            strFailed = "Invalid Password"
            objRs.Close
            Set objRS = Nothing
            objConn.Close
            Set objConn = Nothing
        Else
            '================================================
            ' Username and password are valid.
            ' Set session variable.
            ' Destroy all objects.
            ' Redirect to secret page
            '================================================
            Session("ValidUser") = "true"
            objRS.Close
            Set objRS = Nothing
            objConn.Close
            Set objConn = Nothing
            Response.Redirect "secret-page.asp"   
        End If
    End If
End If
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
            "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
    <title>会员登陆系统</title>
    <meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body>
<h1>Login Area</h1><%
If strFailed <> "" Then
    Response.Write "<p>" & strFailed & "</p>" & vbCrLf
End If
%><form method="post" action="login.asp">
<p>
<label for="username">用户名:</label>>
<input type="text" id="username name="username">
</p>
<p>
<label for="password">密码:</label>
<input type="password" id="password" name="password">
</p>
<p>
<input type="submit" name="Submitted" value="login">
</p>
</form>
</body>
</html>

  dbConn.asp

<%
' Declare our variables
Dim strDBVirtualPath, strDBLocation, strConnect
strDBVirtualPath = "memberDB/LoginInfo.mdb"
strDBLocation = Server.MapPath(strDBVirtualPath)
strConnect = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & strDBLocation
Response.Write Chr(13)
%>

  secret-page.asp

<%@ Language="vbscript" %>
<% Option Explicit %>
<% Response.Buffer = True %>
<%
'=====================================
' Is the Session variable "ValidUser"
' set to "true"? - If not, redirect to
' login.asp
'=====================================
If Session("ValidUser") <> "true" Then
    Response.Redirect "login.asp"
End If
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
            "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
    <title>Secret Area</title>
    <meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body>
<h1>Secret Area</h1>
<p>
Welcome to this secret area.
</p>
</body>
</html>