security.asp
%
bLoggedIn = (len(session("UserName")) > 0)
if bRequireLogin then
' 要求登录.
if Not bLoggedIn then
response.redirect "login.asp?comebackto=" _
request.servervariables("script_name") "?" _
' 如果没注册,请注册.
server.urlencode(request.querystring)
end if
end if
%>
login.asp
%
if request("comebackto") > "" then
sReferer = request("comebackto")
sGoBackTo = "?" request.querystring
end if
if request("cmdLogin") > "" then
sUserName = request("txtUserName")
sPassword = request("txtPassword")
' 提交注册.
if sUserName = "bill" And sPassword = "gates" then
bLoginSuccessful = True
' 验证帐号和密码.
end if
session("UserName") = sUserName
if sReferer = "" then
response.redirect "index.asp"
' 登录成功,到用户请求页.
else
response.redirect sReferer
' 如果没填写,重定向到登录页或其他约定的页.
end if
else
%>
form action="login.asp%=sGoBackTo%>" method="post">
input type="text" name="txtUserName">br>
input type="password" name="txtPassword">br>
input type="submit" name="cmdLogin">br>
/form>
' 显示登录.
%
end if
%>
testpage.asp
%
bRequireLogin = True
%>
!--#include file="security.asp"-->
' 将 bRequireLogin设为真,放到 security.asp 中.
[1]
