code.asp
<%
Option Explicit
Response.buffer=true
NumCode
Function NumCode()
Response.Expires = -1
Response.AddHeader "Pragma","no-cache"
Response.AddHeader "cache-ctrol","no-cache"
dim zNum,i,j
dim Ados,Ados1
Randomize timer
zNum = cint(8999*Rnd+1000)
Session("GetCode") = zNum
dim zimg(4),NStr
NStr=cstr(zNum)
For i=0 to 3
zimg(i)=cint(mid(NStr,i+1,1))
Next
dim Pos
set Ados=Server.CreateObject("Adodb.Stream")
Ados.Mode=3
Ados.Type=1
Ados.Open
set Ados1=Server.CreateObject("Adodb.Stream")
Ados1.Mode=3
Ados1.Type=1
Ados1.Open
Ados.LoadFromFile(Server.mappath("body.Fix"))
Ados1.write Ados.read(1280)
for i=0 to 3
Ados.Position=(9-zimg(i))*320
Ados1.Position=i*320
Ados1.write ados.read(320)
next
Ados.LoadFromFile(Server.mappath("head.fix"))
Pos=lenb(Ados.read())
Ados.Position=Pos
for i=0 to 9 step 1
for j=0 to 3
Ados1.Position=i*32+j*320
Ados.Position=Pos+30*j+i*120
Ados.write ados1.read(30)
next
next
Response.ContentType = "image/BMP"
Ados.Position=0
Response.BinaryWrite Ados.read()
Ados.Close:set Ados=nothing
Ados1.Close:set Ados1=nothing
End Function
' Asp code Created by BlueIdea.COM Web Team V37 2003-7-25
%>
<%
Option Explicit
Response.buffer=true
NumCode
Function NumCode()
Response.Expires = -1
Response.AddHeader "Pragma","no-cache"
Response.AddHeader "cache-ctrol","no-cache"
dim zNum,i,j
dim Ados,Ados1
Randomize timer
zNum = cint(8999*Rnd+1000)
Session("GetCode") = zNum
dim zimg(4),NStr
NStr=cstr(zNum)
For i=0 to 3
zimg(i)=cint(mid(NStr,i+1,1))
Next
dim Pos
set Ados=Server.CreateObject("Adodb.Stream")
Ados.Mode=3
Ados.Type=1
Ados.Open
set Ados1=Server.CreateObject("Adodb.Stream")
Ados1.Mode=3
Ados1.Type=1
Ados1.Open
Ados.LoadFromFile(Server.mappath("body.Fix"))
Ados1.write Ados.read(1280)
for i=0 to 3
Ados.Position=(9-zimg(i))*320
Ados1.Position=i*320
Ados1.write ados.read(320)
next
Ados.LoadFromFile(Server.mappath("head.fix"))
Pos=lenb(Ados.read())
Ados.Position=Pos
for i=0 to 9 step 1
for j=0 to 3
Ados1.Position=i*32+j*320
Ados.Position=Pos+30*j+i*120
Ados.write ados1.read(30)
next
next
Response.ContentType = "image/BMP"
Ados.Position=0
Response.BinaryWrite Ados.read()
Ados.Close:set Ados=nothing
Ados1.Close:set Ados1=nothing
End Function
' Asp code Created by BlueIdea.COM Web Team V37 2003-7-25
%>
<!--#include file="mdb_path_user.asp"-->
<!--#include file="config.asp"-->
<!--#include file="MD5.asp"-->
<%
'==========================================
'
' 晓宇听幽新闻文章管理系统 2004
'
' 主页地址:http://www.xoYu.com
'
'==========================================
'程序名称:晓宇听幽新闻文章管理系统
'英文名称:xoYu News 2004 Professional
'程序创建时间:2003-7-10
'程序完成时间:2003-9-11
'最后修改时间:2003-10-10
'==========================================
'-----------------彩色验证码---------------------
'If request("GetCode")="" or isnull(request("GetCode")) then
' xoYuStudioLoginMgs="请输入您的验证码。"
'else
' if int(request("GetCode"))<>int(Session("GetCode")) then xoYuStudioLoginMgs="您的验证码不正确。"
'end if
'------------------------------------------------
xoYuStudioLoginTitle="用户登陆"
if request("xoYuStudioType")="logout" then
xoYuStudioLoginTitle="退出登陆"
xoYuStudioLoginMgs="成功:退出登陆成功!"
if Session("xoYuStudioAdminName")<>"" then
Session("xoYuStudioAdminName") =""
Session("xoYuStudioAdminDj")=""
response.cookies("xoYuStudioUserSoftUrl")=""
end if
if request.cookies("xoYuStudioUserName")<>"" then
response.cookies("xoYuStudioUserName") =""
response.cookies("xoYuStudioUserDj")=""
end if
elseif request("xoYuStudioType")="login" then
server_vv=len(Request.ServerVariables("SERVER_NAME"))
server_v1=left(Cstr(Request.ServerVariables("HTTP_REFERER")),server_vv)
server_v2=left(Cstr("http://"&Request.ServerVariables("SERVER_NAME")),server_vv)
if server_v1<>server_v2 or server_v1="" or server_v1="" then
response.write("<script>alert('错误:禁止从站点外部提交数据!.')</script>")
response.end
end if
if request.form("user")<>"" and request.form("pwd")<>"" and request.form("getcode")<>"" then
user=replace(request("user")," ","+++ close")
pwd=md5(replace(request("pwd")," ","+++ close"))
set rs=server.createobject("adodb.recordset")
rs.open "select * from UserInfo where user='"&user&"' and pwd='"&pwd&"'",conn,1,1
thesoft=Request.ServerVariables("HTTP_USER_AGENT")
if instr(thesoft,"Windows NT 5.0") then
vOS="Win 2000"
elseif instr(thesoft,"Windows NT 5.1") then
vOs="Win XP"
elseif instr(thesoft,"Windows NT") then
vOs="Win NT"
elseif instr(thesoft,"Windows 9") then
vOs="Win 9x"
elseif instr(thesoft,"unix") or instr(thesoft,"linux") or instr(thesoft,"SunOS") or instr(thesoft,"BSD") then
vOs="类Unix"
elseif instr(thesoft,"Mac") then
vOs="Mac"
else
vOs="Other"
end if
if not rs.eof then
if pwd=rs("pwd") and user=rs("user") and int(request("GetCode"))=int(Session("GetCode")) then
xoYuStudioDj=rs("dj")
if xoYuStudioDj=0 or xoYuStudioDj=1 or xoYuStudioDj=2 or xoYuStudioDj=3 or xoYuStudioDj=4 then
if rs("lock")=1 then
xoYuStudioLoginMgs="错误:帐号 "&user&" 已被锁定,你不能登陆!请联系站长。"
else
xoYuStudioLoginMgs="成功:帐号 "&user&" 登录成功!"
if xoYuStudioDj=0 then SF="普通会员"
if xoYuStudioDj=1 then SF="认证会员"
if xoYuStudioDj=2 then SF="栏目管理员"
if xoYuStudioDj=3 then SF="系统管理员"
if xoYuStudioDj=4 then SF="超级管理员"
response.cookies("xoYuStudioUserName")=rs("user")
response.cookies("xoYuStudioUserDj")=rs("dj")
if xoYuStudioDj=2 or xoYuStudioDj=3 or xoYuStudioDj=4 then
if rs("softurl")<>"" then
response.cookies("xoYuStudioUserSoftUrl")=rs("softurl")
end if
Session("xoYuStudioAdminName")=rs("user")
Session("xoYuStudioAdminDj")=rs("dj")
Session("xoYuStudioAdminAdmin")=rs("admin")
Session("xoYuType")=rs("type")
UserId = rs("id")
set rs1=Server.Createobject("adodb.recordset")
sql1="Select * from Log"
rs1.open sql1,conn,3,3
rs1.addnew
rs1("User")=rs("user")
rs1("LoginIP")=request.ServerVariables("Remote_Addr")
rs1("OS")=vOS
rs1.update
rs1.close
end if
end if
else
set rs1=Server.Createobject("adodb.recordset")
sql1="Select * from Log"
rs1.open sql1,conn,3,3
rs1.addnew
rs1("User")=Request.Form("User")
rs1("LoginIP")=request.ServerVariables("Remote_Addr")
rs1("OS")=vOS
rs1("ErrorPas")=Request.Form("pwd")
rs1("Result")="Error"
rs1.update
rs1.close
end if
else
xoYuStudioLoginMgs="错误:用户名|密码|验证码错误!"
set rs1=Server.Createobject("adodb.recordset")
sql1="Select * from Log"
rs1.open sql1,conn,3,3
rs1.addnew
rs1("User")=Request.Form("User")
rs1("LoginIP")=request.ServerVariables("Remote_Addr")
rs1("OS")=vOS
rs1("ErrorPas")=Request.Form("pwd")
rs1("Result")="Error"
rs1.update
rs1.close
end if
else
xoYuStudioLoginMgs="错误:用户名|密码|验证码错误!"
set rs1=Server.Createobject("adodb.recordset")
sql1="Select * from Log"
rs1.open sql1,conn,3,3
rs1.addnew
rs1("User")=Request.Form("User")
rs1("LoginIP")=request.ServerVariables("Remote_Addr")
rs1("OS")=vOS
rs1("ErrorPas")=Request.Form("pwd")
rs1("Result")="Error"
rs1.update
rs1.close
end if
rs.close
set rs=nothing
conn.close
set conn=nothing
else
xoYuStudioLoginMgs="错误:用户名|密码|验证码都不能为空!"
end if
end if%>
<html><head>
<title><%=xoYuStudioLoginTitle%></title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta copy="程序制作:xoyu(QQ:5964887)www.xoyu.com">
<link rel="stylesheet" href="admin.css" type="text/css">
</head>
<body topmargin="10" leftmargin="0" bgcolor="#FFFFFF" text="#000000">
<form method="post" action="login.asp?xoYuStudioType=login" target="_top">
<div align="center">
<center>
<table border="0" class="tableBorder" cellpadding="2" cellspacing="1" width="600" align="center">
<tr>
<th class="tableHeaderText" colspan=2 height=25 width="592">晓宇听幽工作室“晓宇听幽新闻文章管理系统”管理登陆</th> </tr>
<%if xoYuStudioLoginMgs<>"" then%>
<tr>
<td width="120" bgcolor="#FFFFFF">
<p align="center"><img src="images/admin.jpg" border="0"></td>
<td width="467" bgcolor="#FFFFFF">
<font color="#FF0000">·</font><%=xoYuStudioLoginMgs%>
<%if SF<>"" then%><br><font color="#FF0000">·</font>身份:<font color="#008080"><%=SF%></font><%
if xoYuStudioDj="2" or xoYuStudioDj="3" or xoYuStudioDj="4"then%>
<br><font color="#FF0000">·</font><a href="index.asp">进入系统管理中心</a><%else
%><br><font color="#FF0000">·</font><a href="../">返回首页</a><%end if%>
<br><font color="#FF0000">·</font><%if webuseredit="1" then%><a href="edit.asp"><%end if%>修改个人资料</a>
<br><font color="#FF0000">·</font><a href="login.asp?xoYuStudioType=logout">退出登陆</a>
<br><font color="#FF0000">·</font><a href="login.asp">重新登陆</a><%end if%></td>
</tr>
<%else%>
<tr>
<td width="592" bgcolor="#FFFFFF" colspan="2">
<table border="0" cellpadding="2" cellspacing="0" style="border-collapse: collapse" width="100%" height="68">
<tr>
<td width="50%" align="center" height="20">
<p align="right">用户名<font color="#000000">(<span class="big">U</span>)</font>:<input name="user" maxlength="20" size="15"></td>
<td width="50%" align="center" height="20"> </td>
</tr>
<tr>
<td width="50%" align="center" height="20">
<p align="right">密 码<font color="#000000">(<span class="big">P</span>)</font>:<input type="password" name="pwd" maxlength="20" size="15"></td>
<td width="50%" align="center" height="20"> </td>
</tr>
<tr>
<td width="64%" align="center" height="16">
<p align="right">验证码<font color="#000000">(<span class="big">Y</span>)</font>:<input name="GetCode" maxlength="20" size="15"></td>
<td width="36%" align="center" height="16">
<img src="code.asp" width="38" height="10" align="left"></td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="592" colspan="2">
<p align="center"><input type="submit" name="Submit" value="登 陆">
<input type="button" name="Submit1" <%if webreg="1" then%>onclick="javascript:location.href='../reg.asp'"<%else%>disabled<%end if%> value="注 册"></td>
</tr>
<%end if%>
<tr>
<td width="592" colspan="2">
<p align="left"> 说明:·晓宇听幽 新闻文章管理系统 属于“晓宇听幽工作室”版权所有<br>
·第一次使用请在登陆之后注册本系统,只有注册了之后才能拥有所有功能的使用权<br>
·目前系统版本:<%=version%> <%=edition%><br>
·官方支持网站:<font color="#FF0000"><a href="http://www.xoyu.com/">http://www.xoyu.com/</a></font></td>
</tr>
<tr>
<td width="592" colspan="2">
<p align="center"><img border="0" src="../ads/ads.gif"></td>
</tr>
</table>
</center>
</div>
</form>
</body>
</html>
<?php
/*
* Filename: authimg.php
* Author: hutuworm
* Date: 2003-04-28
* @Copyleft hutuworm.org
*/ //生成验证码图片
Header("Content-type: image/PNG");
srand((double)microtime()*1000000);
$im = imagecreate(58,28);
$black = ImageColorAllocate($im, 0,0,0);
$white = ImageColorAllocate($im, 255,255,255);
$gray = ImageColorAllocate($im, 200,200,200);
imagefill($im,0,0,$gray); //将四位整数验证码绘入图片
imagestring($im, 5, 10, 8, $HTTP_GET_VARS['authnum'], $black); for($i=0;$i<50;$i++) //加入干扰象素
{
imagesetpixel($im, rand()%70 , rand()%30 , $black);
} ImagePNG($im);
ImageDestroy($im);
?>
----------authpage.php-----------
<?php
/*
* Filename: authpage.php
* Author: hutuworm
* Date: 2003-04-28
* @Copyleft hutuworm.org
*/ srand((double)microtime()*1000000); //验证用户输入是否和验证码一致
if(isset($HTTP_POST_VARS['authinput']))
{
if(strcmp($HTTP_POST_VARS['authnum'],$HTTP_POST_VARS['authinput'])==0)
echo "验证成功!";
else
echo "验证失败!";
}
//生成新的四位整数验证码
while(($authnum=rand()%10000)<1000);
?>
<form action=authpage.php method=post>
<table>
请输入验证码:<input type=text name=authinput style="width: 80px"><br>
<input type=submit name="验证" value="提交验证码">
<input type=hidden name=authnum value=<? echo $authnum; ?>>
<img src=authimg.php?authnum=<? echo $authnum; ?>>
</table>
</form>
image.jsp
<%@ page contentType="image/jpeg"%>
<%@ page import="java.awt.*"%>
<%@ page import="java.awt.image.*"%>
<%@ page import="java.util.*"%>
<%@ page import="javax.imageio.*"%>
<%
//在内存中创建图象
int iWidth=130,iHeight=18;
BufferedImage image=new BufferedImage(iWidth,iHeight,BufferedImage.TYPE_INT_RGB);
//获取图形上下文
Graphics g=image.getGraphics();
//设定背景色
g.setColor(Color.white);
g.fillRect(0,0,iWidth,iHeight);
//画边框
g.setColor(Color.black);
g.drawRect(0,0,iWidth-1,iHeight-1);
//取随机产生的认证码(4位数字)
String rand=request.getParameter("Rand");
rand=rand.substring(0,rand.indexOf("."));
switch(rand.length())
{
case 1:rand="000"+rand;break;
case 2:rand="00"+rand;break;
case 3:rand="0"+rand;break;
default:rand=rand.substring(0,4);break;
}
//将认证码存入SESSION
session.setAttribute("Rand",rand);
//将认证码显示到图象中
g.setColor(Color.black);
g.setFont(new Font("Times New Roman",Font.PLAIN,18));
g.drawString(rand,10,15);
//随机产生88个干扰点,使图象中的认证码不易被其它程序探测到
Random random=new Random();
for(int iIndex=0;iIndex<88;iIndex++)
{
int x=random.nextInt(iWidth);
int y=random.nextInt(iHeight);
g.drawLine(x,y,x,y);
}
//图象生效
g.dispose();
//输出图象到页面
ImageIO.write(image,"JPEG",response.getOutputStream());
%>
Index.jsp
<form action="/Login.jsp" method="post" name="Login">
会员名称: <input name="UserName" size="10"><br>
会员密码: <input name="Password" size="10" type="password"><br>
<script>document.write("<img border=0 src='/image.jsp?Rand="+Math.random()*10000+"'>");</script><br>
输认证码: <input name="Rand" maxlength=4 size="10"><br>
<hr size="1" color="#FFFFFF" width="90%">
<%if((String)session.getValue("UserID")!=null){%>
<input type="submit" value="注销" id="Submit0" name="Submit0">
<input type="button" value="邮箱" id="MailBox" name="MailBox" onclick="window.open('Http://mail.***.***/','','')">
<script>
window.open('','','width=300 height=250 top=0 left=0');
</script>
<%}else{%>
<input type="submit" value="登录" id="Submit1" name="Submit1">
<input type="button" value="注册" id="Reg" name="Reg" onclick="window.location.href='';">
<%}%>
</form>
Login.jsp
<%
String Rand=request.getParameter("Rand");
String strRand=(String)session.getAttribute("Rand");
if(!strRand.equals(Rand))//判断验证码
{
session.putValue("UserID",null);
}
response.sendRedirect("/Index.jsp");
%>