<%if Request.Cookies("HZJJ8User")<>"" and Request.Cookies("lx")="teacher" then ' response.Write("") response.Redirect("TeacherAdmin.asp") response.End() end if %> <% if request("action")="save" then '取消掉了里的"="和单引号 u=Replace(replace(trim(request.form("name")),"'",""),"=","") p=Replace(replace(trim(request.form("password")),"'",""),"=","") sql="Select id,num,logins,Regtime,jxcg,tc,Check3,Check,name,islock from tc where userid='"&u&"' and psw='" &p&"'" rsjj.open sql,conn,1,3 if rsjj.recordcount>0 then '判断是否锁定,锁定不让登录教员中心 if rsjj("islock")=true then response.Write("") response.end end if Response.Cookies("HZJJ8User")=u Response.Cookies("num")=rsjj("num") Response.Cookies("name")=rsjj("name") Response.Cookies("lx")="teacher" Response.Cookies("times")=rsjj("logins") ' Response.Cookies("last")=rsjj("Regtime") Response.Cookies("last")=Now() Response.Cookies("HZJJ8User").expires =date()+1 Response.Cookies("lx").expires =date()+1 Response.Cookies("num").expires =date()+1 Response.Cookies("name").expires =date()+1 '添加登录次数,一小时内不加 If DateDiff("h",rsjj("Regtime"), Now()) >=1 then rsjj("logins") = rsjj("logins") + 1 Response.Cookies("times") = rsjj("logins") '如果内容详细每登录一次加5,如果简单,每登录一次加2 if len(rsjj("jxcg")) > 60 OR len(tc) > 60 then rsjj("Check3") = rsjj("Check3") + 5 else rsjj("Check3") = rsjj("Check3") + 2 end if '如果达到KingLevel时,且写的资料比较详细时,变成金牌 If rsjj("Check3")>=KingLevel AND (len(rsjj("jxcg")) > 20 OR len(tc) > 20) Then rsjj("Check")=1 End If End if Response.Cookies("jf") = rsjj("Check3") '将当前时间设置为注册时间 rsjj("Regtime") = Now() rsjj.update if isnull(rsjj("tc")) or isnull(rsjj("name")) then response.Write("") response.end else response.Write("") response.end 'response.redirect("TeacherAdmin.asp") End If end if rsjj.close sql="select id,num,name from st where userid='"&u&"' and psw='" &p&"'" rsjj.open sql,conn,1,1 if rsjj.recordcount>0 then Response.Cookies("HZJJ8User")=u Response.Cookies("num")=rsjj("num") Response.Cookies("name")=rsjj("name") Response.Cookies("lx")="student" Response.Cookies("HZJJ8User").expires =date()+30 Response.Cookies("lx").expires =date()+30 Response.Cookies("num").expires =date()+30 Response.Cookies("name").expires =date()+30 response.redirect("Index.asp") end if rsjj.close response.Write("") end if %> <% sub mb(byval txt,byval url,byval go) response.write "" response.end end sub function IsEmail(email) dim names, name, i, c IsEmail = true names = Split(email, "@") if UBound(names) <> 1 then IsEmail = false exit function end if for each name in names if Len(name) <= 0 then IsEmail = false exit function end if for i = 1 to Len(name) c = Lcase(Mid(name, i, 1)) if InStr("abcdefghijklmnopqrstuvwxyz_-.", c) <= 0 and not IsNumeric(c) then IsEmail = false exit function end if next if Left(name, 1) = "." or Right(name, 1) = "." then IsEmail = false exit function end if next if InStr(names(1), ".") <= 0 then IsEmail = false exit function end if i = Len(names(1)) - InStrRev(names(1), ".") if i <> 2 and i <> 3 then IsEmail = false exit function end if if InStr(email, "..") > 0 then IsEmail = false end if end function %>
新教员注册
<% if request("action")="save" then call DeterLocalFormAttack() '防止攻击者自制本地表单提交非法数据到服务器以达到攻击服务端的目的。 '************************************* '防止外部提交 '************************************* function ChkPost() dim server_v1,server_v2 chkpost=false server_v1=Cstr(Request.ServerVariables("HTTP_REFERER")) server_v2=Cstr(Request.ServerVariables("SERVER_NAME")) If Mid(server_v1,8,Len(server_v2))<>server_v2 then chkpost=False else chkpost=True end If end function call ChkPost() if chkpost=False then strMsg="" & vbCrlf Response.Write strMsg response.end end if '字符过滤 TxtFilter="insert/select/delete/update/countchr/mid/master/truncate/char/declare/script/frame" function CheckTxt(str) txtContent=str TxtFilterArr=split(TxtFilter,"/") '过滤脏话 for t=0 to ubound(TxtFilterArr) txtContent=replace(txtContent,TxtFilterArr(t),"***") next if txtContent<>str then '=================================恶意发布信息处理 db =Dataname '记录数据库路径修改为你的数据库路径 dim killConn,killConnstr,ClientIp 'On Error Resume Next Set killConn = Server.CreateObject("ADODB.Connection") killConnstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(db) killConn.Open killConnstr ClientIp=Request.ServerVariables("REMOTE_ADDR")'用户IP set rsKill=server.createobject("adodb.recordset") sqlKill="select Sqlin_IP from SqlIn where Sqlin_IP='"&ClientIp&"'" rsKill.open sqlKill,killConn,1,3 '查询该ip是否存在,如果存在则锁定ip,否则加入ip记录 if rsKill.eof and rsKill.bof then '不存在,插入入ip killConn.Execute("insert into SqlIn(Sqlin_IP,Kill_Ip,hits,SqlIn_SJ) values('"&ClientIp&"','0','1','非法字符:"&str&"')") else killConn.Execute("update SqlIn set Kill_Ip=1 where Sqlin_IP='"&ClientIp&"'") end if '================================== response.write "" response.End() end if end function userid=request.form("userid") psw=request.form("psw") repsw=request.form("repsw") email=request.form("email") userIp="注册ip:"&Request.ServerVariables("REMOTE_ADDR") &"" if userid="" then call mb("用户名不能为空!","",0) end if if psw="" then call mb("密码不能为空!","",0) end if if repsw<>psw then call mb("密码与确认密码不符,请重新输入!","",0) end if if not isemail(email) then call mb("请正确输入电子邮件地址!","",0) end if CheckTxt(userid) CheckTxt(psw) CheckTxt(email) sql="select * from tc where userid='"&userid&"'" rsjj.open sql,conn,1,3 if rsjj.bof and rsjj.eof then rsjj.addnew() rsjj("num")="200"&rsjj("id") ' rsjj("num")=2000000+rsjj("id") num="200"&rsjj("id") rsjj("userid")=userid rsjj("psw")=psw rsjj("email")=email rsjj("AdminBZ")=userIp rsjj.update rsjj.close set rsjj=nothing 'sql="update tc set num=2000000+id where userid='"&userid&"'" 'set rsjj=conn.execute(sql) 'set rsjj=nothing ' 'SQL="select num from tc where userid='"&userid&"'" 'num =conn.execute(SQL)("num") Response.Cookies("HZJJ8User")=userid Response.Cookies("lx")="teacher" Response.Cookies("num")=num Response.Cookies("HZJJ8User").expires =date()+30 Response.Cookies("lx").expires =date()+30 Response.Cookies("num").expires =date()+30 Response.redirect("TeacherReg.asp") else response.Write("") end if end if %>
*设定登录用户名:
*设定登录密码:
*再输入一次登录密码:
*电子邮箱:
会 员 登 录
用户名:  
     
密 码:  
     
 会员注册  忘记账号密码
如果您还没有注册,请点击这里注册为本网站会员