PageRenderTime 25ms CodeModel.GetById 12ms app.highlight 5ms RepoModel.GetById 2ms app.codeStats 0ms

/beta/login.asp

http://github.com/khaneh/Orders
ASP | 246 lines | 223 code | 19 blank | 4 comment | 30 complexity | 2cad361d24ddab7961c26e128a37d3ae MD5 | raw file
  1<%@LANGUAGE="VBSCRIPT" CODEPAGE="1256"%><% 'Response.Addheader "WWW-Authenticate", "BASIC" %>
  2<%
  3function sqlSafe (s)
  4  st=s
  5  st=replace(St,"'","`")
  6  st=replace(St,chr(34),"`")
  7  sqlSafe=st
  8end function
  9%>
 10
 11<HTML>
 12<HEAD>
 13<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
 14<meta http-equiv="Content-Language" content="fa">
 15<style>
 16	Table { font-family:tahoma; font-size: 9pt;}
 17</style>
 18<TITLE>Login </TITLE>
 19<SCRIPT LANGUAGE="JavaScript">
 20<!--
 21var tempKeyBuffer;
 22function myKeyDownHandler(){
 23
 24	tempKeyBuffer=window.event.keyCode;
 25}
 26function myKeyPressHandler(){
 27//	alert (tempKeyBuffer)
 28	if (tempKeyBuffer>=65 && tempKeyBuffer<=90){
 29		window.event.keyCode=tempKeyBuffer+32;
 30	}
 31	else if(tempKeyBuffer==186){
 32		window.event.keyCode=59;
 33	}
 34	else if(tempKeyBuffer==188){
 35		window.event.keyCode=44;
 36	}
 37	else if(tempKeyBuffer==190){
 38		window.event.keyCode=46;
 39	}
 40	else if(tempKeyBuffer==191){
 41		window.event.keyCode=47;
 42	}
 43	else if(tempKeyBuffer==192){
 44		window.event.keyCode=96;
 45	}
 46	else if(tempKeyBuffer>=219 && tempKeyBuffer<=221){
 47		window.event.keyCode=tempKeyBuffer-128;
 48	}
 49	else if(tempKeyBuffer==222){
 50		window.event.keyCode=39;
 51	}
 52}
 53//-->
 54</SCRIPT>
 55</HEAD>
 56
 57<BODY onLoad="document.all.UserName.focus();">
 58<%
 59Function AscEncode(str)
 60    Dim i
 61    Dim sAscii
 62    
 63    sAscii = ""
 64    For i = 1 To Len(str)
 65        sAscii = sAscii + CStr(Hex(Asc(Mid(str, i, 1))))
 66    Next
 67    
 68    AscEncode = sAscii
 69End Function
 70Function ChrEncode(str)
 71    Dim i
 72    Dim sStr
 73    
 74    sStr = ""
 75    For i = 1 To Len(str) Step 2
 76        sStr = sStr + Chr(CLng("&H" & Mid(str, i, 2)))
 77    Next
 78    
 79    ChrEncode = sStr
 80End Function
 81function EncodeUTF8(s)
 82	dim i
 83	dim c
 84	
 85	i = 1
 86	do while i <= len(s)
 87		c = asc(mid(s,i,1))
 88		if c >= &H80 then
 89		s = left(s,i-1) + chr(&HC2 + ((c and &H40) / &H40)) + chr(c and &HBF) + mid(s,i+1)
 90		i = i + 1
 91		end if
 92		i = i + 1
 93	loop
 94	EncodeUTF8 = s 
 95end function
 96
 97function DecodeUTF8(s)
 98	dim i
 99	dim c
100	dim n
101	
102	i = 1
103	do while i <= len(s)
104		c = asc(mid(s,i,1))
105		if c and &H80 then
106		n = 1
107		do while i + n < len(s)
108			if (asc(mid(s,i+n,1)) and &HC0) <> &H80 then
109			exit do
110			end if
111			n = n + 1
112		loop
113		if n = 2 and ((c and &HE0) = &HC0) then
114			c = asc(mid(s,i+1,1)) + &H40 * (c and &H01)
115		else
116			c = 191 
117		end if
118		s = left(s,i-1) + chr(c) + mid(s,i+n)
119		end if
120		i = i + 1
121	loop
122	DecodeUTF8 = s 
123end function
124a="�"
125response.write Asc (a)
126response.write "<br> " & encodeUTF8("����������̍��") & " - "
127response.write "&#" & 1376 + Asc(a) & ";"
128response.write "<br> &#x062E;"
129%>
130<TABLE cellspacing=0 cellpadding=0 width=300 height=150 style='border:4px solid <%=SelectedMenuColor%>;' dir=rtl align=center>
131<TR>
132	<TD>
133		<font face="tahoma">
134		<%
135		if request("act")="����" then
136'			conStr="DRIVER={SQL Server};SERVER=(local);DATABASE=sefareshat;UID=sefadmin; PWD=5tgb;"
137conStr="Provider=SQLNCLI10.1;Persist Security Info=False;User ID=sefadmin;Initial Catalog=jame;Data Source=.\sqlexpress;PWD=5tgb;"
138			Set conn = Server.CreateObject("ADODB.Connection")
139			conn.open conStr
140			
141			Set RS1 = conn.Execute("SELECT * FROM [Users] WHERE [UserName]='" & sqlSafe(request("UserName")) & "' AND  [Password]='" & sqlSafe(request("Password")) & "' ")
142
143			If (RS1.EOF) Then
144				session.abandon
145				rs1.close
146				set rs1=conn.execute("select * from [Users] where [UserName]='" & sqlSafe(request("UserName")) & "' AND  [oldPassword]='" & sqlSafe(request("Password")) & "' ")
147				if rs1.eof then 
148			%>
149					<div align=center style='background-color: #FF8888;width:300' >�������� �� ���� ���� ������ ���&nbsp;</div><br><br>
150			<%
151				else
152			%>
153					<div align=center style='background-color: #FF8800;width:300' >�� ����� ������ ��� ���� ��� ����� �����<br> ���� ��� ���� �� ���� ������ � �� ����� �� ��� ������ �� ����� <b>31</b> ���� Ȑ����<br>&nbsp;</div><br><br>
154			<%
155				end if
156				rs1.close
157			else
158				session("ID")=RS1("ID")
159				session("CSRName") = RS1("RealName")
160				session("Permission") = RS1("Permission")
161				session("exten")= RS1("Extention")
162				Set RS2 = conn.Execute("SELECT GLs.*, UserDefaults.[User] FROM GLs INNER JOIN UserDefaults ON GLs.ID = UserDefaults.WorkingGL WHERE (UserDefaults.[User] = '"& RS1("ID") & "') OR (UserDefaults.[User] = 0) ORDER BY ABS(UserDefaults.[User]) DESC")
163				remotID = request.serverVariables("REMOTE_ADDR")
164				conn.Execute ("INSERT INTO loginLog (user_id,ip) VALUES ("&RS1("ID")&",'"&remotID&"')")
165				session("VatRate")=RS2("Vat")
166				session("OpenGL")=RS2("id")
167				session("FiscalYear")=RS2("FiscalYear")
168				session("OpenGLName")=RS2("name")
169				session("OpenGLStartDate")=RS2("StartDate")
170				session("OpenGLEndDate")=RS2("EndDate")
171				session("IsClosed")=RS2("IsClosed") ' add by SAM
172				RS2.movenext
173				session("differentGL") = False
174				if not RS2.EOF then
175					temp=RS2("id")
176					if temp <> session("OpenGL") then
177						session("differentGL") = True
178					end if
179				end if
180				RS2.close
181
182				RS1.close
183				conn.Close
184				
185				' Added By kid 820910
186				if session("ID")=16 OR session("ID")=17 then ' shahami = 16  dehghan = 17
187					session.Timeout=240
188				end if
189
190				if request.cookies("OldURL")<>"" then
191					aa = request.cookies("OldURL")
192					response.cookies("OldURL") = ""
193					'response.form = request.cookies("OldForm") 
194					'response.redirect split(aa,"?")(0)
195					response.redirect aa
196				else
197					response.redirect "default.asp"
198				end if
199			End If
200
201			conn.Close
202		elseif request.querystring("err")<>"" then 
203		%>
204					<div align=center style='background-color: #FF8888;width:300'><%=request.querystring("err")%>&nbsp;</div><br><br>
205		<%
206		end if
207		%>
208	</TD>
209</TR>
210<TR>
211	<TD>
212
213		<FORM METHOD=POST ACTION="?">
214		<div dir='rtl' align = "center" >
215		<!--IMG SRC="images/khaneh.jpg" WIDTH="350" HEIGHT="20" BORDER=0 ALT=""-->
216
217		<TABLE>
218		<TR>
219			<TD colspan="2" align="center"></TD>
220		</TR>
221		<TR>
222			<TD> ��� ����� </TD>
223			<TD><INPUT TYPE="text" NAME="UserName" onkeyDown="return myKeyDownHandler();" onKeyPress="return myKeyPressHandler();"></TD>
224		</TR>
225		<TR>
226			<TD> ��� ���� </TD>
227			<TD><INPUT TYPE="password" NAME="Password" onkeyDown="return myKeyDownHandler();" onKeyPress="return myKeyPressHandler();"></TD>
228		</TR>
229		<TR>
230			<TD></TD>
231			<TD><INPUT style="font-family:tahoma; width:100%;" TYPE="submit" name="act" value="����"></TD>
232		</TR>
233		</TABLE>
234		 <br>
235		&nbsp; 
236		<br>
237		</div>
238		</FORM>
239		<br>
240		</font>
241	</TD>
242</TR>
243</TABLE>
244
245</BODY>
246</HTML>