security.asp
<%
bLoggedIn = (len(session("UserName")) > 0)
if bRequireLogin then
' 要求登錄.
if Not bLoggedIn then
response.redirect "login.asp?comebackto=" & _
request.servervariables("script_name") & "?" & _
' 如果沒注冊,請注冊.
server.urlencode(request.querystring)
end if
end if
%>
login.asp
<%
if request("comebackto") <> "" then
sReferer = request("comebackto")
sGoBackTo = "?" & request.querystring
end if
if request("cmdLogin") <> "" then
sUserName = request("txtUserName")
sPassword = request("txtPassword")
' 提交注冊.
if sUserName = "bill" And sPassword = "gates" then
bLoginSuccessful = True
' 驗證帳號和密碼.
end if
session("UserName") = sUserName
if sReferer = "" then
response.redirect "index.asp"
' 登錄成功,到用戶請求頁.
else
response.redirect sReferer
' 如果沒填寫,重定向到登錄頁或其他約定的頁.
end if
else
%>
<form action="login.asp<%=sGoBackTo%>" method="post">
<input type="text" name="txtUserName"><br>
<input type="password" name="txtPassword"><br>
<input type="submit" name="cmdLogin"><br>
</form>
' 顯示登錄.
<%
end if
%>
testpage.asp
<%
bRequireLogin = True
%>
<!--#include file="security.asp"-->
' 將 bRequireLogin設為真,放到 security.asp 中.
[1]