完美解决PJ的Cookies保存时限问题!可选择记录登陆时长!
2018-09-05 18:26
一直被这个问题所困扰!!现在终于完美解决啦!!献给那些需要前台记住登录信息的朋友!(此方法经过我的使用验证不存在星铃丹管理员所说的后台会持续登陆的安全隐患...后台还是和原版一样的,效果只针对前台!!)
感谢Wady和IFairy...
请大家不要只看不回,只回不来我的博客坐坐...回帖是美德!做人要厚道!!
下面是修改方法...
1.首先修改common/checkUser.asp(主要是这个!!)
将以下原码
[Copytoclipboard]CODE:
进行MD5密码验证,转换旧帐户密码验证方式
dimstrSalt
strSalt=randomStr(6)
memLogin(mem_salt)=strSalt
memLogin(mem_LastIP)=getIP()
memLogin(mem_lastVisit)=now()
memLogin(mem_hashKey)=HashKey
memLogin(mem_Password)=SHA1(Password&strSalt)
Response.Cookies(CookieName)(memHashKey)=HashKey
ifRequest.Form(KeepLogin)=1thenResponse.Cookies(CookieName).Expires=Date+365
memLogin.Update
ReInfo(0)=登录成功
ReInfo(1)=<b>&memLogin(mem_Name)&</b>,欢迎你的再次光临。<br/><ahref=default.asp>点击返回主页</a>
ReInfo(2)=MessageIcon
ReInfo(3)=true
EndIF
else
ifmemLogin(mem_Password)<>SHA1(Password&memLogin(mem_salt))then
ReInfo(0)=错误信息
ReInfo(1)=<b>用户名与密码错误</b><br/><ahref=javascript:history.go(-1);>请返回重新输入</a>
ReInfo(2)=ErrorIcon
logout(false)
else
memLogin(mem_LastIP)=getIP()
memLogin(mem_lastVisit)=now()
memLogin(mem_hashKey)=HashKey
Response.Cookies(CookieName)(memName)=memLogin(mem_Name)
Response.Cookies(CookieName)(memHashKey)=HashKey
ifRequest.Form(KeepLogin)=1thenResponse.Cookies(CookieName).Expires=Date+365
memLogin.Update
ReInfo(0)=登录成功
ReInfo(1)=<b>&memLogin(mem_Name)&</b>,欢迎你的再次光临。<br/><ahref=default.asp>点击返回主页</a><metahttp-equiv=refreshcontent=3;url=default.asp/>
ReInfo(2)=MessageIcon
ReInfo(3)=true
endif
endif
memLogin.Close
SetmemLogin=Nothing
login=ReInfo
endfunction
修改成
[Copytoclipboard]CODE:
进行MD5密码验证,转换旧帐户密码验证方式
dimstrSalt
strSalt=randomStr(6)
memLogin(mem_salt)=strSalt
memLogin(mem_LastIP)=getIP()
memLogin(mem_lastVisit)=now()
memLogin(mem_hashKey)=HashKey
memLogin(mem_Password)=SHA1(Password&strSalt)
Response.Cookies(CookieName)(memName)=memLogin(mem_Name)
Response.Cookies(CookieName)(memHashKey)=HashKey
ifCint(Request.Form(KeepLogin))<>0thenResponse.Cookies(CookieName).Expires=Date+Cint(Request.Form(KeepLogin))
memLogin.Update
ReInfo(0)=登陆成功
ReInfo(1)=<b>&memLogin(mem_Name)&</b>,欢迎你的再次光临。<br/><ahref=default.asp>点击返回主页</a>
ReInfo(2)=MessageIcon
ReInfo(3)=true
EndIF
else
ifmemLogin(mem_Password)<>SHA1(Password&memLogin(mem_salt))then
ReInfo(0)=错误信息
ReInfo(1)=<b>用户名与密码错误</b><br/><ahref=javascript:history.go(-1);>请返回重新输入</a>
ReInfo(2)=ErrorIcon
logout(false)
else
memLogin(mem_LastIP)=getIP()
memLogin(mem_lastVisit)=now()
memLogin(mem_hashKey)=HashKey
Response.Cookies(CookieName)(memName)=memLogin(mem_Name)
Response.Cookies(CookieName)(memHashKey)=HashKey
ifCint(Request.Form(KeepLogin))<>0thenResponse.Cookies(CookieName).Expires=Date+Cint(Request.Form(KeepLogin))
memLogin.Update
ReInfo(0)=登陆成功
ReInfo(1)=<b>&memLogin(mem_Name)&</b>,欢迎你的再次光临。<br/><ahref=default.asp>点击返回主页</a><metahttp-equiv=refreshcontent=3;url=default.asp/>
ReInfo(2)=MessageIcon
ReInfo(3)=true
endif
endif
memLogin.Close
SetmemLogin=Nothing
login=ReInfo
endfunction
然后搜索
[Copytoclipboard]CODE:
memLogin(mem_LastIP)=getIP()
有三处!将其删除...
再搜索
[Copytoclipboard]CODE:
ifCheckCookie(mem_LastIP)<>Guest_IPorisNull(CheckCookie(mem_LastIP))then
logout(true)
else
memName=CheckStr(Request.Cookies(CookieName)(memName))
memStatus=CheckCookie(mem_Status)
endif
替换为
[Copytoclipboard]CODE:
memName=CheckStr(Request.Cookies(CookieName)(memName))
memStatus=CheckCookie(mem_Status)
2.修改login.asp:
将以下代码替换<formname=checkUseraction=login.aspmethod=post>至</form>断
[Copytoclipboard]CODE:
<formname=checkUseraction=login.aspmethod=post>
<divid=MsgContent>
<divid=MsgHead>用户登录</div>
<divid=MsgBody>
<inputname=actiontype=hiddenvalue=login/>
<label>用户名:<inputname=usernametype=textsize=18class=userpassmaxlength=24/></label><br/>
<label>密码:<inputname=passwordtype=passwordsize=18class=userpass/></label><br/>
<%ifblog_useCodethen%><label>验证码:<inputname=validatetype=textsize=4class=userpassmaxlength=4/><%=getcode()%></label><br/><%endif%>
<label>记住登陆:<selectname=KeepLoginid=KeepLoginclass=userpass>
<optionvalue=1selected=selected>一天</option>
<optionvalue=30>一個月</option>
<optionvalue=365>一年</option>
<optionvalue=0>不用記住</option>
</select>
</label>
<br/>
<inputtype=submitvalue=登录class=userbutton/><inputtype=buttonvalue=用户注册class=userbuttononclick=location=register.asp/>
</div>
</div>
</form>
附首页显示登陆框的方法
在library.asp里查找退出系统</a>将以下代码替换原来的
[Copytoclipboard]CODE:
else
userPanel=userPanel&<formname=checkUseraction=login.aspmethod=poststyle=margin:1px;><inputname=actiontype=hiddenvalue=login/><label>用户:<inputname=usernametype=textsize=12class=userpassmaxlength=24/></label><br/><label>密码:<inputname=passwordtype=passwordsize=12class=userpass/></label><br/><label>验证:<inputname=validatetype=textsize=4class=userpassmaxlength=4/>&getcode()&</label><br/><label>记住登陆:<selectname=KeepLoginid=KeepLoginclass=userpass><optionvalue=1selected=selected>一天</option><optionvalue=30>一個月</option><optionvalue=365>一年</option><optionvalue=0>不用記住</option></select></label><br/><inputtype=submitvalue=登录class=userbutton/><inputtype=buttonvalue=会员注册class=userbuttononclick=location.href=register.asp/></form>
endif
endfunction
如果你懒得改或不会改的话请下载我打的包,覆盖原文件即可!(修改有风险,请自行备份原文件!!)
点击下载此文件
文章标题:完美解决PJ的Cookies保存时限问题!可选择记录登陆时长!
文章链接:http://soscw.com/essay/8451.html