default.asp - This ASP code is a login form that checks use…

/default.asp

http://github.com/khaneh/Orders · ASP · 125 lines · 116 code · 5 blank · 4 comment · 18 complexity · 17eef1ac4881dac672061e8652b8806d MD5 · raw file


<%

response.buffer = true

'server.transfer "beta/login.asp"

response.redirect "beta"

function sqlSafe (s)

  st=s

  st=replace(St,"'","`")

  st=replace(St,chr(34),"`")

  sqlSafe=st

end function

%>

<HTML>

<HEAD>

<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">

<meta http-equiv="Content-Language" content="fa">

<style>

	Table { font-size: 10pt;}

</style>

<TITLE>Login </TITLE>

<SCRIPT LANGUAGE="JavaScript">

<!--

var tempKeyBuffer;

function myKeyDownHandler(){

	tempKeyBuffer=window.event.keyCode;

}

function myKeyPressHandler(){

//	alert (tempKeyBuffer)

	if (tempKeyBuffer>=65 && tempKeyBuffer<=90){

		window.event.keyCode=tempKeyBuffer+32;

	}

	else if(tempKeyBuffer==186){

		window.event.keyCode=59;

	}

	else if(tempKeyBuffer==188){

		window.event.keyCode=44;

	}

	else if(tempKeyBuffer==190){

		window.event.keyCode=46;

	}

	else if(tempKeyBuffer==191){

		window.event.keyCode=47;

	}

	else if(tempKeyBuffer==192){

		window.event.keyCode=96;

	}

	else if(tempKeyBuffer>=219 && tempKeyBuffer<=221){

		window.event.keyCode=tempKeyBuffer-128;

	}

	else if(tempKeyBuffer==222){

		window.event.keyCode=39;

	}

}

//-->

</SCRIPT>

</HEAD>



<BODY onLoad="document.all.UserName.focus();">



<font face="tahoma">

<FORM METHOD=POST ACTION="default.asp">

<div dir='rtl' align = "center" >

<!--IMG SRC="images/khaneh.jpg" WIDTH="350" HEIGHT="20" BORDER=0 ALT=""-->



<TABLE>

<TR>

	<TD colspan="2" align="center"></TD>

</TR>

<TR>

	<TD> ��� ����� </TD>

	<TD><INPUT TYPE="text" NAME="UserName" onkeyDown="return myKeyDownHandler();" onKeyPress="return myKeyPressHandler();"></TD>

</TR>

<TR>

	<TD> ��� ���� </TD>

	<TD><INPUT TYPE="password" NAME="Password" onkeyDown="return myKeyDownHandler();" onKeyPress="return myKeyPressHandler();"></TD>

</TR>

<TR>

	<TD></TD>

	<TD><INPUT style="font-family:tahoma; width:100%;" TYPE="submit" name="act" value="����"></TD>

</TR>

</TABLE>

 <br>

&nbsp; 

<br>

<hr>

</div>

</FORM>

<br>

<%

if request("act")="����" then

'	conStr="dsn=sefareshat; uid=sefadmin; pwd=5tgb; DATABASE=sefareshat"

	'	conStr = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath("kid.mdb")

    conStr = "Provider=SQLNCLI10.1;Persist Security Info=False;User ID=sefadmin;Initial Catalog=sefareshat;Data Source=(local);PWD=5tgb;"

    Set conn = Server.CreateObject("ADODB.Connection")

	conn.open conStr

'	conn.Execute ("DELETE FROM Temp_Moein")

    

    Set RS1 = conn.Execute("SELECT * FROM [tblCSR] WHERE [UserName]='" & sqlSafe(request("UserName")) & "' AND  [Password]='" & sqlSafe(request("Password")) & "' ")

    If (RS1.EOF) Then

		session.abandon

	%>

		<TABLE border='1' width='70%' align='center' cellpadding='10' >

		<TR>

			<td align='center' dir='rtl' bgcolor='#FF8888'>Login Incorrect&nbsp;</td>

		</TR>

		</TABLE>

	<%else

		session("ID")=RS1("CSRID")

		conn.Close

		response.redirect "search.asp"

    End If



	conn.Close

elseif request.querystring("err")<>"" then 

%>

		<TABLE border='1' width='70%' align='center' cellpadding='10' >

		<TR>

			<td align='center' dir='rtl' bgcolor='#FF8888'><%=request.querystring("err")%>&nbsp;</td>

		</TR>

		</TABLE>

<%

end if

%>

</font>

</BODY>

</HTML>

Summary ✨

This ASP code is a login form that checks user credentials against a database. When submitted, it attempts to connect to a SQL Server database and execute a query to verify the username and password. If successful, it redirects the user to another page; otherwise, it displays an error message indicating incorrect login credentials or provides additional error information if specified in the query string.

Alerts (1)

Complexity hotspot; line 46 (total complexity: 3)
46