security.asp<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
<%
bLoggedIn = (len(session("UserName")) > 0)
if bRequireLogin then
' 要求登录.
if Not bLoggedIn then
response.redirect "login.asp?comebackto=" & _
request.servervariables("script_name") & "?" & _
' 如果没注册,请注册.
server.urlencode(request.querystring)
end if
end if
%>
login.asp
<%
if request("comebackto") <> "" then
sReferer = request("comebackto")
sGoBackTo = "?" & request.querystring
end if
if request("cmdLogin") <> "" then
sUserName = request("txtUserName")
sPassword = request("txtPassword")
' 提交注册.
if sUserName = "bill" And sPassword = "gates" then
bLoginSuccessful = True
' 验证帐号和密码.
end if
session("UserName") = sUserName
if sReferer = "" then
response.redirect "index.asp"
' 登录成功,到用户请求页.
else
response.redirect sReferer
' 如果没填写,重定向到登录页或其他约定的页.
end if
else
%>
<form action="login.asp<%=sGoBackTo%>" method="post">
<input type="text" name="txtUserName"><br>
<input type="password" name="txtPassword"><br>
<input type="submit" name="cmdLogin"><br>
</form>
' 显示登录.
<%
end if
%>
testpage.asp
<%
bRequireLogin = True
%>
<!--#include file="security.asp"-->
' 将 bRequireLogin设为真,放到 security.asp 中.
[1]