/beta/login.asp
ASP | 246 lines | 223 code | 19 blank | 4 comment | 30 complexity | 2cad361d24ddab7961c26e128a37d3ae MD5 | raw file
1<%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><% 'Response.Addheader "WWW-Authenticate", "BASIC" %> 2<% 3function sqlSafe (s) 4 st=s 5 st=replace(St,"'","`") 6 st=replace(St,chr(34),"`") 7 sqlSafe=st 8end function 9%> 10 11<HTML> 12<HEAD> 13<meta http-equiv="Content-Type" content="text/html; charset=windows-1256"> 14<meta http-equiv="Content-Language" content="fa"> 15<style> 16 Table { font-family:tahoma; font-size: 9pt;} 17</style> 18<TITLE>Login </TITLE> 19<SCRIPT LANGUAGE="JavaScript"> 20<!-- 21var tempKeyBuffer; 22function myKeyDownHandler(){ 23 24 tempKeyBuffer=window.event.keyCode; 25} 26function myKeyPressHandler(){ 27// alert (tempKeyBuffer) 28 if (tempKeyBuffer>=65 && tempKeyBuffer<=90){ 29 window.event.keyCode=tempKeyBuffer+32; 30 } 31 else if(tempKeyBuffer==186){ 32 window.event.keyCode=59; 33 } 34 else if(tempKeyBuffer==188){ 35 window.event.keyCode=44; 36 } 37 else if(tempKeyBuffer==190){ 38 window.event.keyCode=46; 39 } 40 else if(tempKeyBuffer==191){ 41 window.event.keyCode=47; 42 } 43 else if(tempKeyBuffer==192){ 44 window.event.keyCode=96; 45 } 46 else if(tempKeyBuffer>=219 && tempKeyBuffer<=221){ 47 window.event.keyCode=tempKeyBuffer-128; 48 } 49 else if(tempKeyBuffer==222){ 50 window.event.keyCode=39; 51 } 52} 53//--> 54</SCRIPT> 55</HEAD> 56 57<BODY onLoad="document.all.UserName.focus();"> 58<% 59Function AscEncode(str) 60 Dim i 61 Dim sAscii 62 63 sAscii = "" 64 For i = 1 To Len(str) 65 sAscii = sAscii + CStr(Hex(Asc(Mid(str, i, 1)))) 66 Next 67 68 AscEncode = sAscii 69End Function 70Function ChrEncode(str) 71 Dim i 72 Dim sStr 73 74 sStr = "" 75 For i = 1 To Len(str) Step 2 76 sStr = sStr + Chr(CLng("&H" & Mid(str, i, 2))) 77 Next 78 79 ChrEncode = sStr 80End Function 81function EncodeUTF8(s) 82 dim i 83 dim c 84 85 i = 1 86 do while i <= len(s) 87 c = asc(mid(s,i,1)) 88 if c >= &H80 then 89 s = left(s,i-1) + chr(&HC2 + ((c and &H40) / &H40)) + chr(c and &HBF) + mid(s,i+1) 90 i = i + 1 91 end if 92 i = i + 1 93 loop 94 EncodeUTF8 = s 95end function 96 97function DecodeUTF8(s) 98 dim i 99 dim c 100 dim n 101 102 i = 1 103 do while i <= len(s) 104 c = asc(mid(s,i,1)) 105 if c and &H80 then 106 n = 1 107 do while i + n < len(s) 108 if (asc(mid(s,i+n,1)) and &HC0) <> &H80 then 109 exit do 110 end if 111 n = n + 1 112 loop 113 if n = 2 and ((c and &HE0) = &HC0) then 114 c = asc(mid(s,i+1,1)) + &H40 * (c and &H01) 115 else 116 c = 191 117 end if 118 s = left(s,i-1) + chr(c) + mid(s,i+n) 119 end if 120 i = i + 1 121 loop 122 DecodeUTF8 = s 123end function 124a="�" 125response.write Asc (a) 126response.write "<br> " & encodeUTF8("����������̍��") & " - " 127response.write "&#" & 1376 + Asc(a) & ";" 128response.write "<br> خ" 129%> 130<TABLE cellspacing=0 cellpadding=0 width=300 height=150 style='border:4px solid <%=SelectedMenuColor%>;' dir=rtl align=center> 131<TR> 132 <TD> 133 <font face="tahoma"> 134 <% 135 if request("act")="����" then 136' conStr="DRIVER={SQL Server};SERVER=(local);DATABASE=sefareshat;UID=sefadmin; PWD=5tgb;" 137conStr="Provider=SQLNCLI10.1;Persist Security Info=False;User ID=sefadmin;Initial Catalog=jame;Data Source=.\sqlexpress;PWD=5tgb;" 138 Set conn = Server.CreateObject("ADODB.Connection") 139 conn.open conStr 140 141 Set RS1 = conn.Execute("SELECT * FROM [Users] WHERE [UserName]='" & sqlSafe(request("UserName")) & "' AND [Password]='" & sqlSafe(request("Password")) & "' ") 142 143 If (RS1.EOF) Then 144 session.abandon 145 rs1.close 146 set rs1=conn.execute("select * from [Users] where [UserName]='" & sqlSafe(request("UserName")) & "' AND [oldPassword]='" & sqlSafe(request("Password")) & "' ") 147 if rs1.eof then 148 %> 149 <div align=center style='background-color: #FF8888;width:300' >�������� �� ���� ���� ������ ��� </div><br><br> 150 <% 151 else 152 %> 153 <div align=center style='background-color: #FF8800;width:300' >�� ����� ������ ��� ���� ��� ����� �����<br> ���� ��� ���� �� ���� ������ � �� ����� �� ��� ������ �� ����� <b>31</b> ���� Ȑ����<br> </div><br><br> 154 <% 155 end if 156 rs1.close 157 else 158 session("ID")=RS1("ID") 159 session("CSRName") = RS1("RealName") 160 session("Permission") = RS1("Permission") 161 session("exten")= RS1("Extention") 162 Set RS2 = conn.Execute("SELECT GLs.*, UserDefaults.[User] FROM GLs INNER JOIN UserDefaults ON GLs.ID = UserDefaults.WorkingGL WHERE (UserDefaults.[User] = '"& RS1("ID") & "') OR (UserDefaults.[User] = 0) ORDER BY ABS(UserDefaults.[User]) DESC") 163 remotID = request.serverVariables("REMOTE_ADDR") 164 conn.Execute ("INSERT INTO loginLog (user_id,ip) VALUES ("&RS1("ID")&",'"&remotID&"')") 165 session("VatRate")=RS2("Vat") 166 session("OpenGL")=RS2("id") 167 session("FiscalYear")=RS2("FiscalYear") 168 session("OpenGLName")=RS2("name") 169 session("OpenGLStartDate")=RS2("StartDate") 170 session("OpenGLEndDate")=RS2("EndDate") 171 session("IsClosed")=RS2("IsClosed") ' add by SAM 172 RS2.movenext 173 session("differentGL") = False 174 if not RS2.EOF then 175 temp=RS2("id") 176 if temp <> session("OpenGL") then 177 session("differentGL") = True 178 end if 179 end if 180 RS2.close 181 182 RS1.close 183 conn.Close 184 185 ' Added By kid 820910 186 if session("ID")=16 OR session("ID")=17 then ' shahami = 16 dehghan = 17 187 session.Timeout=240 188 end if 189 190 if request.cookies("OldURL")<>"" then 191 aa = request.cookies("OldURL") 192 response.cookies("OldURL") = "" 193 'response.form = request.cookies("OldForm") 194 'response.redirect split(aa,"?")(0) 195 response.redirect aa 196 else 197 response.redirect "default.asp" 198 end if 199 End If 200 201 conn.Close 202 elseif request.querystring("err")<>"" then 203 %> 204 <div align=center style='background-color: #FF8888;width:300'><%=request.querystring("err")%> </div><br><br> 205 <% 206 end if 207 %> 208 </TD> 209</TR> 210<TR> 211 <TD> 212 213 <FORM METHOD=POST ACTION="?"> 214 <div dir='rtl' align = "center" > 215 <!--IMG SRC="images/khaneh.jpg" WIDTH="350" HEIGHT="20" BORDER=0 ALT=""--> 216 217 <TABLE> 218 <TR> 219 <TD colspan="2" align="center"></TD> 220 </TR> 221 <TR> 222 <TD> ��� ����� </TD> 223 <TD><INPUT TYPE="text" NAME="UserName" onkeyDown="return myKeyDownHandler();" onKeyPress="return myKeyPressHandler();"></TD> 224 </TR> 225 <TR> 226 <TD> ��� ���� </TD> 227 <TD><INPUT TYPE="password" NAME="Password" onkeyDown="return myKeyDownHandler();" onKeyPress="return myKeyPressHandler();"></TD> 228 </TR> 229 <TR> 230 <TD></TD> 231 <TD><INPUT style="font-family:tahoma; width:100%;" TYPE="submit" name="act" value="����"></TD> 232 </TR> 233 </TABLE> 234 <br> 235 236 <br> 237 </div> 238 </FORM> 239 <br> 240 </font> 241 </TD> 242</TR> 243</TABLE> 244 245</BODY> 246</HTML>