<%If Trim(Request.Form("validatecode"))=Empty Or Trim(Session("cnbruce.com_ValidateCode"))<>Trim(Request.Form("validatecode")) Then %> <% response.end end if %> <% uid=trim(request("uid")) if instr(uid," ")>0 then response.end end if if instr(uid,"=")>0 then response.end end if if instr(uid,"or")>0 then response.end end if uid=trim(request("uid")) upwd=CfsEnCode(trim(request("upwd"))) sql="select * from v_admin9002 where uid='"&uid&"'" set rs=conn.execute(sql) if rs.eof then response.write "用户不存在" else if cstr(upwd)<>cstr(Rs("upwd")) then response.write "口令输入有误" else session("uid")=rs("uid") session("bmmc")=rs("bmmc") session("bmid")=rs("bmid") session("quxian")=rs("qxian") session("uname")=rs("uname") session("issuper")=rs("issuper") response.Cookies("uid")=uid Response.Cookies("uid").Expires=date+10 response.redirect("default.asp") end if end if %>