如何实现强制登录？

security.asp

<%

bloggedin = (len(session("username")) > 0)

if brequirelogin then

' 要求登录.

   if not bloggedin then   

     response.redirect "login.asp?comebackto=" & _

     request.servervariables("script_name") & "?" & _

      ' 如果没注册,请注册.

     server.urlencode(request.querystring)

   end if

end if

%> 

　

login.asp

<%

if request("comebackto") <> "" then

   sreferer = request("comebackto")

   sgobackto = "?" & request.querystring

end if

if request("cmdlogin") <> "" then

   susername = request("txtusername")

   spassword = request("txtpassword")

   ' 提交注册.

   if susername = "bill" and spassword = "gates" then

     bloginsuccessful = true

     ' 验证帐号和密码.

   end if

   session("username") = susername

   if sreferer = "" then

     response.redirect "index.asp"

     ' 登录成功,到用户请求页.

   else

     response.redirect sreferer

     ' 如果没填写,重定向到登录页或其他约定的页.

end if

else

%>

   <form action="login.asp<%=sgobackto%>" method="post">

     <input type="text" name="txtusername"><br>

     <input type="password" name="txtpassword"><br>

     <input type="submit" name="cmdlogin"><br>

   </form>

    ' 显示登录.

<%

end if

%>

 

testpage.asp

<%

   brequirelogin = true

%>

<!--#include file="security.asp"-->

' 将 brequirelogin设为真,放到 security.asp 中.

 

[1]