当前位置: 首页 > 图文教程 > 网络编程 > ASP > Discuz!NT 论坛整合ASP程序论坛教程

ASP
ASP调用ORACLE存储过程并返回结果集
用ASP实现网页BBS
关于Global.asa文件的深入研究与session变量失效提示的具体方法
简易ASP+注册系统
防护手册:如何防止ASP木马在服务器上运行
用Visual Basic实现多画面播放功能之二
如何增强ASP程序性能(1)
如何增强ASP程序性能(2)
如何增强ASP程序性能(3)
ASP备份数据库
二十八条改善 ASP 性能和外观的技巧
在Form域中Post大于100K的数据
如何使用ASP制作模似动态生长的表单?
Microsoft IIS 真的如此「不安全」吗?(1)
Microsoft IIS 真的如此「不安全」吗?(2)
Microsoft IIS 真的如此「不安全」吗?(3)
Microsoft IIS 真的如此「不安全」吗?(4)
Microsoft IIS 真的如此「不安全」吗?(5)
关于页面和代码分离
ServerVariables 对路径的操作

Discuz!NT 论坛整合ASP程序论坛教程


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-10-12   浏览: 180 ::
收藏到网摘: n/a

Discuz!NT 论坛整合ASP程序论坛 实现代码。
复制代码 代码如下:

登陆时记录cookies页面代码
<!--#include file="md5.asp"--> //32位md5加密文件,一定得调用,该文件到处有,我就不提供了
<%
dim Username,Password,Question,Answer,Expires,Verify
Username=replace(trim(Request.form("Username")),"'","''") //用户名
Password=replace(trim(Request.form("Password")),"'","''") //用户密码
Question=replace(trim(Request.form("Question")),"'","''") //密码问题
Answer=replace(trim(Request.form("Answer")),"'","''") //密码答案
Expires=replace(trim(Request.form("Expires")),"'","''") //cookies记录时长
Verify=replace(trim(Request.form("Verify")),"'","''") //验证码
//此处加上提交的验证,如xxx不能为空等或字段长度等
sql="select * from [dnt_users] where username='"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
if rs.eof then
Response.Write ("<script>alert('提示!\n\n用户帐号错误!');history.back();</script>")
Response.end
else
if rs("password")<>md5(Password) then
Response.Write ("<script>alert('提示!\n\n用户密码错误!');history.back();</script>")
Response.end
else
if rs("secques")<>Answer then
Response.Write ("<script>alert('提示!\n\n安全答案错误!');history.back();</script>")
Response.end
else
Dim DES,DESCode
Set DES=Server.CreateObject("DiscuzNT.DES")
DESCode=DES.Encode(""&rs("password")"","Z143D2VBML") //Z143D2VBML为你的DES加密密钥,请用记事本打开CONFIG目录里的general.config文件,找到<Passwordkey>Z846D4VVZL</Passwordkey>这行,<Passwordkey>与</Passwordkey>中间的英文就是你的密钥,把密钥修改成你的文件的
Set DES=Nothing
Response.Cookies("dnt")("userid") = rs("uid")
Response.Cookies("dnt")("password") = DESCode
Response.Cookies("dnt")("tpp") = rs("tpp")
Response.Cookies("dnt")("ppp") = rs("ppp")
Response.Cookies("dnt")("pmsound") = rs("pmsound")
Response.Cookies("dnt")("invisible") = rs("invisible")
Response.Cookies("dnt")("referer") = "index.aspx"
Response.Cookies("dnt")("sigstatus") = rs("sigstatus")
Response.Cookies("dnt")("expires") = Expires
if Expires<>0 then
Response.Cookies("dnt").Expires = DateAdd("N", Expires, Now())
end if
Response.Cookies("dnt").Domain = ".xxx.com" //修改为你的域名,注意前面带.(点)
Response.Cookies("dnt").Secure = False
end if
end if
end if
rs.close
set rs=nothing
//此处加登陆后转向或向其他操作,具体你自己看着办
%>

===========================================================================================
注册页面代码(注册完后同时登陆状态)
<!--#include file="md5.asp"--> //32为md5加密文件,一定得调用,该文件到处有,我就不提供了
<%
dim Username,Password,CheckPassword,Email,Question,Answer,Verify
Username=replace(trim(Request.form("Username")),"'","''") //用户名
Password=replace(trim(Request.form("Password")),"'","''") //用户密码
CheckPassword=replace(trim(Request.form("CheckPassword")),"'","''") //密码验证
Question=replace(trim(Request.form("Question")),"'","''") //密码问题
Answer=replace(trim(Request.form("Answer")),"'","''") //密码答案
Expires=replace(trim(Request.form("Expires")),"'","''") //cookies记录时长
Verify=replace(trim(Request.form("Verify")),"'","''") //验证码
//此处加上提交的验证,如xxx不能为空等或字段长度等
sql="select * from [dnt_users] where username='"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
if not rs.eof then
Response.Write ("<script>alert('提示!\n\n用户帐号已被注册使用!');history.back();</script>")
Response.end
end if
rs.close
set rs=nothing
sql="select * from [dnt_users] where Email='"&Email"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
if not rs.eof then
Response.Write ("<script>alert('提示!\n\n电子邮箱已被注册使用!');history.back();</script>")
Response.end
end if
rs.close
set rs=nothing
ip = request.servervariables("http_x_forwarded_for")
if ip = "" then ip = request.servervariables("remote_addr")
sql="insert into [dnt_users] (username,nickname,password,secques,gender,adminid,groupid,groupexpiry,extgroupids,regip,joindate,lastip,lastvisit,lastactivity,lastpost,lastpostid,lastposttitle,posts,digestposts,oltime,pageviews,credits,extcredits1,extcredits2,extcredits3,extcredits4,extcredits5,extcredits6,extcredits7,extcredits8,avatarshowid,email,bday,sigstatus,tpp,ppp,templateid,pmsound,showemail,newsletter,invisible,newpm,newpmcount,accessmasks,onlinestate) values ('"&Username"',' ','"&MD5(Password)"','"&Answer"',0,0,10,0,' ','"&ip"','"&now()"','"&ip"','"&now()"','"&now()"','"&now()"',0,' ',0,0,0,0,0,'0.00','0.00','0.00','0.00','0.00','0.00','0.00','0.00',0,'"&Email"',' ',1,0,0,0,1,1,1,0,1,1,0,1)"
set rs=conn.execute(sql)
sql="select uid from [dnt_users] where username='"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
Uid=rs(0)
sql="insert into [dnt_userfields] (uid,avatar,avatarwidth,avatarheight,authtime,authflag) values ('"&Uid"','/upload/tech/20091012/20091012012718_539fd53b59e3bb12d203f45a912eeaf2.gif',0,0,'"&now()"',0)"
set rs=conn.execute(sql)
sql="update [dnt_statistics] set totalusers=totalusers+1,lastusername='"&Username"',lastuserid='"&Uid"'"
set rs=conn.execute(sql)
sql="select * from [dnt_users] where username='"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
if rs.eof then
Response.Write ("<script>alert('提示!\n\n用户帐号错误!');history.back();</script>")
Response.end
else
if rs("password")<>md5(Password) then
Response.Write ("<script>alert('提示!\n\n用户密码错误!');history.back();</script>")
Response.end
else
Dim DES,DESCode
Set DES=Server.CreateObject("DiscuzNT.DES")
DESCode=DES.Encode(""&rs("password")"","Z143D2VBML") //Z143D2VBML为你的DES加密密钥,请用记事本打开CONFIG目录里的general.config文件,找到<Passwordkey>Z846D4VVZL</Passwordkey>这行,<Passwordkey>与</Passwordkey>中间的英文就是你的密钥,把密钥修改成你的文件的
Set DES=Nothing
Response.Cookies("dnt")("userid") = rs("uid")
Response.Cookies("dnt")("password") = DESCode
Response.Cookies("dnt")("tpp") = rs("tpp")
Response.Cookies("dnt")("ppp") = rs("ppp")
Response.Cookies("dnt")("pmsound") = rs("pmsound")
Response.Cookies("dnt")("invisible") = rs("invisible")
Response.Cookies("dnt")("referer") = "index.aspx"
Response.Cookies("dnt")("sigstatus") = rs("sigstatus")
Response.Cookies("dnt")("expires") = 0
Response.Cookies("dnt").Domain = ".xxx.com" //修改为你的域名,注意前面带.(点)
Response.Cookies("dnt").Secure = False
end if
end if
rs.close
set rs=nothing
//此处加注册后转向或向另外一个用户表添加同步用户数据,具体你自己看着办
%>

===========================================================================================
编辑页面代码(编辑密码后无需重新登陆)
<!--#include file="md5.asp"--> //32为md5加密文件,一定得调用,该文件到处有,我就不提供了
<%
dim Username,Password,CheckPassword,Email,Question,Answer,Verify
Username=replace(trim(Request.form("Username")),"'","''") //用户名
Password=replace(trim(Request.form("Password")),"'","''") //用户密码
CheckPassword=replace(trim(Request.form("CheckPassword")),"'","''") //密码验证
Question=replace(trim(Request.form("Question")),"'","''") //密码问题
Answer=replace(trim(Request.form("Answer")),"'","''") //密码答案
Expires=replace(trim(Request.form("Expires")),"'","''") //cookies记录时长
Verify=replace(trim(Request.form("Verify")),"'","''") //验证码
//此处加上提交的验证,如xxx不能为空等或字段长度等
if Password<>"" then
if Password<>CheckPassword then
Response.Write ("<script>alert('提示!\n\n验证密码与用户密码不相同!');history.back();</script>")
Response.end
end if
Password=MD5(Password)
else
Password=U_Password //U_Password为你的32位MD5加密密码,在验证时读取出来用来这里验证
end if
if AnswerTrue="true" then
if Question<>0 then
Answer=mid(MD5(Answer+MD5(Question)),16,8)
else
Answer=" "
end if
else
Answer=U_Secques //U_Secques为你的密码答案,在验证时读取出来用来这里验证
end if
ip = request.servervariables("http_x_forwarded_for")
if ip = "" then ip = request.servervariables("remote_addr")
sql="select * from [dnt_users] where username='"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=Conn.execute(Sql)
If Rs.eof then
Response.Write ("<script>alert('提示!\n\n用户帐号错误!');history.back();</script>")
Response.end
else
sql="select * from [dnt_users] where email='"&Email"' and username<>'"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
if not rs.eof then
response.write ("<script>alert('友情提示!\n\n邮箱已被使用!');history.back();</script>")
response.end
else
sql="update [dnt_users] set password='"&Password"',secques='"&Answer"',email='"&Email"' where username='"&Username"'" //为了方便,此处我就不加过滤函数了,如你使用时一定加上,否则被注入
set rs=conn.execute(sql)
Set DES=Server.CreateObject("DiscuzNT.DES")
DESCode=DES.Encode(""&Password"","Z143D2VBML") //Z143D2VBML为你的DES加密密钥,请用记事本打开CONFIG目录里的general.config文件,找到<Passwordkey>Z846D4VVZL</Passwordkey>这行,<Passwordkey>与</Passwordkey>中间的英文就是你的密钥,把密钥修改成你的文件的
Set DES=Nothing
Response.Cookies("dnt")("userid") = rs("uid")
Response.Cookies("dnt")("password") = DESCode
Response.Cookies("dnt")("tpp") = rs("tpp")
Response.Cookies("dnt")("ppp") = rs("ppp")
Response.Cookies("dnt")("pmsound") = rs("pmsound")
Response.Cookies("dnt")("invisible") = rs("invisible")
Response.Cookies("dnt")("referer") = "index.aspx"
Response.Cookies("dnt")("sigstatus") = rs("sigstatus")
Response.Cookies("dnt")("expires") = 0
Response.Cookies("dnt").Domain = ".xxxx.com" //修改为你的域名,注意前面带.(点)
Response.Cookies("dnt").Secure = False
end if
end if
rs.close
set rs=nothing
//此处加编辑后转向或向另外一个用户表添加同步用户数据,具体你自己看着办
%>

=============================================================================================
退出验证cookies页面代码
<%
Response.Cookies("dnt")("userid") = ""
Response.Cookies("dnt")("password") = ""
Response.Cookies("dnt")("tpp") = ""
Response.Cookies("dnt")("ppp") = ""
Response.Cookies("dnt")("pmsound") = ""
Response.Cookies("dnt")("invisible") = ""
Response.Cookies("dnt")("referer") = ""
Response.Cookies("dnt")("sigstatus") = ""
Response.Cookies("dnt")("expires") = ""
Response.Cookies("dnt").Expires = ""
Response.Cookies("dnt").Domain = ".xxx.com"
Response.Cookies("dnt").Secure = False
Response.Write ("<script>alert('提示!\n\n用户注销登陆完毕!');self.opener.location.reload();window.close();</script>")
Response.end
%>

==============================================================================================
验证cookies页面代码,这是我为了简单随手写的一段验证代码,基本都是大同小异,具体你根据你的asp程序验证文件来修改
%>
Dim DES,DESCode
Set DES=Server.CreateObject("DiscuzNT.DES")
DESCode=DES.Decode(""&request.cookies("dnt")("password")"","Z143D2VBML") //Z143D2VBML为你的DES加密密钥,请用记事本打开CONFIG目录里的general.config文件,找到<Passwordkey>Z846D4VVZL</Passwordkey>这行,<Passwordkey>与</Passwordkey>中间的英文就是你的密钥,把密钥修改成你的文件的
Set DES=Nothing
//下面是读取数据库来验证你的cookies是否正确
dim U_UId,U_UserName,U_Password,U_Secques,U_Email
Sql="select uid,username,password,secques,email from [dnt_users] where uid='"&request.cookies("dnt")("userid")"' and password='"&DESCode"'" //为了方便,cookies用户和密码我就不加过滤函数了,如你使用时一定加上,否则被注入,就过滤些单引号及一些比较敏感的就可以了
Set Rs=Conn.execute(Sql)
if not rs.eof then
founduser = true
U_UId = Rs(0)
U_UserName = Rs(1)
U_Password = Rs(2)
U_Secques = Rs(3)
U_Email = Rs(4)
else
founduser = false
end if
rs.close
set rs=nothing
%>