% Option Explicit %> <% ' ## ASP Discussion Forum ## ' ## Copyright (C)2001 Bruce Corkhill ## ' ## URL: http://www.webwizguide.com ## Response.Buffer = True 'Dimension variables Dim rsCheckPassword 'Holds the recordset of the users password Dim strUsername 'Holds the users username Dim strPassword 'Holds the usres password Dim blnAutoLogin 'Holds whether the user wnats to be automactically logged in Dim lngUserID 'Holds the users Id number Dim strUserCode 'Holds the users ID code Dim strReturnPage 'Holds the page to return to Dim strReturnPageProperties 'Holds the properties of the return page 'Intialise variables blnAutoLogin = True 'Get the forum page to return to Select Case Request.QueryString("ReturnPage") Case "Topic" 'Read in the forum and topic to return to strReturnPage = "display_forum_topics.asp" strReturnPageProperties = "?ReturnPage=" & Request.QueryString("ReturnPage") & "&ForumID=" & CInt(Request.QueryString("ForumID")) & "&PagePosition=" & CInt(Request.QueryString("PagePosition")) 'Read in the thread and forum to return to Case "Thread" strReturnPage = "display_topic_threads.asp" strReturnPageProperties = "?ReturnPage=" & Request.QueryString("ReturnPage") & "&ForumID=" & CInt(Request.QueryString("ForumID")) & "&TopicID=" & CLng(Request.QueryString("TopicID")) & "&PagePosition=" & CInt(Request.QueryString("PagePosition")) 'Read in the search to return to Case "Search" strReturnPage = "search.asp" strReturnPageProperties = "?ReturnPage=" & Request.QueryString("ReturnPage") & "&SearchPagePosition=" & Request.QueryString("SearchPagePosition") & "&search=" & Server.URLEncode(Request.QueryString("search")) & "&searchMode=" & Request.QueryString("searchMode") & "&searchIn=" & Request.QueryString("searchIn") & "&forum=" & Request.QueryString("forum") & "&searchSort=" & Request.QueryString("searchSort") 'Else return to the forum main page Case Else strReturnPage = "default.asp" strReturnPageProperties = "?ForumID=0" End Select 'Read in the users details from the form strUsername = Request.Form("name") strPassword = Request.Form("password") 'Replace harmful SQL quotation marks with doubles strUsername = Replace(strUsername, "'", "''") 'If a username has been entered check that the password is correct If NOT strUsername = "" Then 'Intialise the ADO recordset object Set rsCheckPassword = Server.CreateObject("ADODB.Recordset") 'Read the various forums from the database 'Initalise the strSQL variable with an SQL statement to query the database strSQL = "SELECT tblAuthor.Password, tblAuthor.Author_ID, tblAuthor.Login_cookie, tblAuthor.User_code " strSQL = strSQL & "FROM tblAuthor " strSQL = strSQL & "WHERE tblAuthor.Username = '" & strUsername & "';" 'Set the Lock Type for the records so that the record set is only locked when it is updated rsCheckPassword.LockType = 3 'Query the database rsCheckPassword.Open strSQL, strCon 'If the query has returned a value to the recordset then check the password is correct If NOT rsCheckPassword.EOF Then 'Check the password is correct, if it is get the user ID and set a cookie If strPassword = rsCheckPassword("Password") Then 'Read in the users ID number and whether they want to be automactically logged in when they return to the forum lngUserID = CLng(rsCheckPassword("Author_ID")) blnAutoLogin = CBool(rsCheckPassword("Login_cookie")) strUserCode = rsCheckPassword("User_code") 'Write a cookie with the User ID number so the user logged in throughout the forum 'Write the cookie with the name Forum containing the value UserID number Response.Cookies("Forum")("UserID") = strUserCode 'If the user has selected to be remebered when they next login then set the expiry date for the cookie for 1 year If blnAutoLogin = True Then 'Set the expiry date for 1 year (365 days) 'If no expiry date is set the cookie is deleted from the users system 20 minutes after they leave the forum Response.Cookies("Forum").Expires = Now() + 365 End If 'Reset Server Objects Set adoCon = Nothing Set strCon = Nothing Set rsCheckPassword = Nothing 'Redirect the user back to the forum page they have just come from Response.Redirect strReturnPage & strReturnPageProperties End If End If End If 'Reset Server Objects Set adoCon = Nothing Set strCon = Nothing Set rsCheckPassword = Nothing 'Replace the doble quotes we put in fpr the SQL back to single quote to display in the text box strUsername = Replace(strUsername, "''", "'") %>
กรอกข้อมูลไม่ถูกต้อง ลองใหม่่อีกครั้งนะครับ |
<%
If blnEmail = True Then
%>
ลืมรหัสผ่านคลิกที่นี่ <% End If %> ต้องลงทะเบียนก่อนนะครับจึงสามารถเข้าใช้ระบบได้ สำหรับผู้ที่ยังไม่ได้ลงทะเบียนเข้าใช้ คลิกที่นี่ |