discuz! NT Forum Integration ASP Program Forum Tutorials _ Application Tips

Source: Internet
Author: User
Tags md5 servervariables
Copy Code code as follows:

Record cookies page code when landing
<!--#include file= "md5.asp"-->//32-bit MD5 encrypted file, must be called, the file is everywhere, and I will not provide the
<%
Dim username,password,question,answer,expires,verify
Username=replace (Trim (Request.Form ("Username")), "'", "" "//Username
Password=replace (Trim (Request.Form ("Password")), "'", "" "//user Password
Question=replace (Trim (Request.Form ("question")), "'", "" "//Password problem
Answer=replace (Trim (Request.Form ("Answer")), "'", "" ")//password answer
Expires=replace (Trim (Request.Form ("Expires")), "'", "" "//cookies record length
Verify=replace (Trim (Request.Form ("Verify")), "'", "'")//CAPTCHA code
Here plus the validation of the commit, such as XXX can not be empty or field length, etc.
Sql= "SELECT * from [dnt_users] where username= '" &username ""//in order to facilitate, I do not add the filter function, if you use it must add, otherwise be injected
Set Rs=conn.execute (SQL)
If Rs.eof Then
Response.Write (' <script>alert (' prompts!\n\n user account error! '); History.back ();</script> ")
Response.End
Else
If RS ("password") <>md5 (password) then
Response.Write (' <script>alert (' Hint!\n\n user password error! '); History.back ();</script> ")
Response.End
Else
If RS ("Secques") <>answer Then
Response.Write (' <script>alert (' Hint!\n\n safety answer wrong! '); History.back ();</script> ")
Response.End
Else
Dim Des,descode
Set des=server.createobject ("Discuznt.des")
Descode=des. Encode ("" "&rs (" password ")" "," z143d2vbml ")//z143d2vbml for your DES encryption key, please use Notepad to open the General.config file in the Config directory to find < Passwordkey>z846d4vvzl</passwordkey> this line of,<passwordkey> and </Passwordkey> in the middle of the English is your key, Change the key to your file.
Set des=nothing
Response.Cookies ("dnt") ("userid") = RS ("UID")
Response.Cookies ("dnt") ("password") = Descode
Response.Cookies ("dnt") ("TPP") = RS ("TPP")
Response.Cookies ("dnt") ("PPP") = RS ("PPP")
Response.Cookies ("dnt") ("pmsound") = RS ("Pmsound")
Response.Cookies ("dnt") ("invisible") = RS ("invisible")
Response.Cookies ("dnt") ("referer") = "index.aspx"
Response.Cookies ("dnt") ("sigstatus") = RS ("Sigstatus")
Response.Cookies ("dnt") ("expires") = Expires
If Expires<>0 Then
Response.Cookies ("dnt"). Expires = DateAdd ("N", Expires, Now ())
End If
Response.Cookies ("dnt"). Domain = ". xxx.com"//change for your domain name, pay attention to the front band. Point
Response.Cookies ("dnt"). Secure = False
End If
End If
End If
Rs.close
Set rs=nothing
Here add to the landing after the turn or to other operations, specifically you look at the office
%>



===========================================================================================
Sign up for the page code (login at the same time after registration)

<!--#include file= "md5.asp"-->//32 for MD5 encrypted file, must be called, the file is everywhere, I do not provide a
<%
Dim username,password,checkpassword,email,question,answer,verify
Username=replace (Trim (Request.Form ("Username")), "'", "" "//Username
Password=replace (Trim (Request.Form ("Password")), "'", "" "//user Password
Checkpassword=replace (Trim (Request.Form ("Checkpassword")), "'", "'" "//Password verification
Question=replace (Trim (Request.Form ("question")), "'", "" "//Password problem
Answer=replace (Trim (Request.Form ("Answer")), "'", "" ")//password answer
Expires=replace (Trim (Request.Form ("Expires")), "'", "" "//cookies record length
Verify=replace (Trim (Request.Form ("Verify")), "'", "'")//CAPTCHA code
Here plus the validation of the commit, such as XXX can not be empty or field length, etc.
Sql= "SELECT * from [dnt_users] where username= '" &username ""//in order to facilitate, I do not add the filter function, if you use it must add, otherwise be injected
Set Rs=conn.execute (SQL)
If not rs.eof then
Response.Write (' <script>alert!\n\n user account has been registered for use! '); History.back ();</script> ")
Response.End
End If
Rs.close
Set rs=nothing
Sql= "SELECT * from [dnt_users] where email= '" &email ""//in order to facilitate, I do not add the filter function, if you use it must add, otherwise be injected
Set Rs=conn.execute (SQL)
If not rs.eof then
Response.Write ("<script>alert!\n\n e-Mail has been registered for use!"); History.back ();</script> ")
Response.End
End If
Rs.close
Set rs=nothing
ip = Request.ServerVariables ("Http_x_forwarded_for")
If IP = "" Then IP = Request.ServerVariables ("REMOTE_ADDR")
sql= "INSERT into [dnt_users] (Username,nickname,password,secques,gender,adminid,groupid,groupexpiry,extgroupids, Regip,joindate,lastip,lastvisit,lastactivity,lastpost,lastpostid,lastposttitle,posts,digestposts,oltime, PAGEVIEWS,CREDITS,EXTCREDITS1,EXTCREDITS2,EXTCREDITS3,EXTCREDITS4,EXTCREDITS5,EXTCREDITS6,EXTCREDITS7, EXTCREDITS8,AVATARSHOWID,EMAIL,BDAY,SIGSTATUS,TPP,PPP,TEMPLATEID,PMSOUND,SHOWEMAIL,NEWSLETTER,INVISIBLE,NEWPM, Newpmcount,accessmasks,onlinestate) VALUES (' &username ', ', ', ' &md5 (Password) ', ' &answer ', 0,0,10,0 , ', ' "&ip" ', ' "&now ()" ', ' "&ip" ', ' "&now ()" ', ' "&now ()" ', ' "&now ()" ', 0, ', 0,0,0,0,0, ' 0.00 ', ' 0.00 ', ' 0.00 ', ' 0.00 ', ' 0.00 ', ' 0.00 ', ' 0.00 ', ' 0.00 ', 0, ' &email ', ', ', 1,0,0,0,1,1,1,0,1,1,0,1 '
Set Rs=conn.execute (SQL)
Sql= "Select UID from [dnt_users] where username= '" &username ""//For convenience, here I do not add filter function, if you use must add, otherwise be injected
Set Rs=conn.execute (SQL)
Uid=rs (0)
sql= "INSERT into [Dnt_userfields] (Uid,avatar,avatarwidth,avatarheight,authtime,authflag) VALUES (' &uid" ', ' Avatars\common\0.gif ', 0,0, ' "&now ()" ', 0 "
Set Rs=conn.execute (SQL)
sql= "Update [dnt_statistics] set totalusers=totalusers+1,lastusername= '" &username "', lastuserid= '" "&Uid" "
Set Rs=conn.execute (SQL)
Sql= "SELECT * from [dnt_users] where username= '" &username ""//in order to facilitate, I do not add the filter function, if you use it must add, otherwise be injected
Set Rs=conn.execute (SQL)
If Rs.eof Then
Response.Write (' <script>alert (' prompts!\n\n user account error! '); History.back ();</script> ")
Response.End
Else
If RS ("password") <>md5 (password) then
Response.Write (' <script>alert (' Hint!\n\n user password error! '); History.back ();</script> ")
Response.End
Else
Dim Des,descode
Set des=server.createobject ("Discuznt.des")
Descode=des. Encode ("" "&rs (" password ")" "," z143d2vbml ")//z143d2vbml for your DES encryption key, please use Notepad to open the General.config file in the Config directory to find < Passwordkey>z846d4vvzl</passwordkey> this line of,<passwordkey> and </Passwordkey> in the middle of the English is your key, Change the key to your file.
Set des=nothing
Response.Cookies ("dnt") ("userid") = RS ("UID")
Response.Cookies ("dnt") ("password") = Descode
Response.Cookies ("dnt") ("TPP") = RS ("TPP")
Response.Cookies ("dnt") ("PPP") = RS ("PPP")
Response.Cookies ("dnt") ("pmsound") = RS ("Pmsound")
Response.Cookies ("dnt") ("invisible") = RS ("invisible")
Response.Cookies ("dnt") ("referer") = "index.aspx"
Response.Cookies ("dnt") ("sigstatus") = RS ("Sigstatus")
Response.Cookies ("dnt") ("expires") = 0
Response.Cookies ("dnt"). Domain = ". xxx.com"//change for your domain name, pay attention to the front band. Point
Response.Cookies ("dnt"). Secure = False
End If
End If
Rs.close
Set rs=nothing
After registering, turn to or add synchronization user data to another user table, you can do it yourself.
%>



===========================================================================================
Edit the page code (no need to log in again after editing the password)

<!--#include file= "md5.asp"-->//32 for MD5 encrypted file, must be called, the file is everywhere, I do not provide a
<%
Dim username,password,checkpassword,email,question,answer,verify
Username=replace (Trim (Request.Form ("Username")), "'", "" "//Username
Password=replace (Trim (Request.Form ("Password")), "'", "" "//user Password
Checkpassword=replace (Trim (Request.Form ("Checkpassword")), "'", "'" "//Password verification
Question=replace (Trim (Request.Form ("question")), "'", "" "//Password problem
Answer=replace (Trim (Request.Form ("Answer")), "'", "" ")//password answer
Expires=replace (Trim (Request.Form ("Expires")), "'", "" "//cookies record length
Verify=replace (Trim (Request.Form ("Verify")), "'", "'")//CAPTCHA code
Here plus the validation of the commit, such as XXX can not be empty or field length, etc.
If password<> "" Then
If Password<>checkpassword Then
Response.Write (' <script>alert (' Hint!\n\n authentication password is not the same as user password! '); History.back ();</script> ")
Response.End
End If
PASSWORD=MD5 (Password)
Else
Password=u_password//u_password for your 32-bit MD5 encrypted password, read it for verification here
End If
If answertrue= "true" then
If Question<>0 Then
Answer=mid (MD5 (ANSWER+MD5 (question)), 16,8)
Else
Answer= ""
End If
Else
Answer=u_secques//u_secques for your password answer, read it when validating to verify here
End If
ip = Request.ServerVariables ("Http_x_forwarded_for")
If IP = "" Then IP = Request.ServerVariables ("REMOTE_ADDR")
Sql= "SELECT * from [dnt_users] where username= '" &username ""//in order to facilitate, I do not add the filter function, if you use it must add, otherwise be injected
Set Rs=conn.execute (SQL)
If Rs.eof Then
Response.Write (' <script>alert (' prompts!\n\n user account error! '); History.back ();</script> ")
Response.End
Else
Sql= "SELECT * from [dnt_users] where email= ' &email" ' and Username<> ' "&username" ""//For convenience, I do not add a filter function here, If you use it, you must add it, or you will be injected
Set Rs=conn.execute (SQL)
If not rs.eof then
Response.Write ("<script>alert!\n\n mailbox has been used!"); History.back ();</script> ")
Response.End
Else
sql= "Update [dnt_users] set password= ' &password" ', secques= ' "&answer" ', email= ' "&email" ' where username= ' "&username" "//For convenience, here I do not add filter function, if you use must add, otherwise be injected
Set Rs=conn.execute (SQL)
Set des=server.createobject ("Discuznt.des")
Descode=des. Encode ("" &password "", "z143d2vbml")//z143d2vbml for your DES encryption key, please open the General.config file in the Config directory with Notepad to find < Passwordkey>z846d4vvzl</passwordkey> this line of,<passwordkey> and </Passwordkey> in the middle of the English is your key, Change the key to your file.
Set des=nothing
Response.Cookies ("dnt") ("userid") = RS ("UID")
Response.Cookies ("dnt") ("password") = Descode
Response.Cookies ("dnt") ("TPP") = RS ("TPP")
Response.Cookies ("dnt") ("PPP") = RS ("PPP")
Response.Cookies ("dnt") ("pmsound") = RS ("Pmsound")
Response.Cookies ("dnt") ("invisible") = RS ("invisible")
Response.Cookies ("dnt") ("referer") = "index.aspx"
Response.Cookies ("dnt") ("sigstatus") = RS ("Sigstatus")
Response.Cookies ("dnt") ("expires") = 0
Response.Cookies ("dnt"). Domain = ". Xxxx.com"//change for your domain name, pay attention to the front band. Point
Response.Cookies ("dnt"). Secure = False
End If
End If
Rs.close
Set rs=nothing
Edit here or add Sync user data to another user table, you can do it yourself.
%>


=============================================================================================
Exit Verify Cookies page code

<%
Response.Cookies ("dnt") ("userid") = ""
Response.Cookies ("dnt") ("password") = ""
Response.Cookies ("dnt") ("TPP") = ""
Response.Cookies ("dnt") ("PPP") = ""
Response.Cookies ("dnt") ("pmsound") = ""
Response.Cookies ("dnt") ("invisible") = ""
Response.Cookies ("dnt") ("referer") = ""
Response.Cookies ("dnt") ("sigstatus") = ""
Response.Cookies ("dnt") ("expires") = ""
Response.Cookies ("dnt"). Expires = ""
Response.Cookies ("dnt"). Domain = ". xxx.com"
Response.Cookies ("dnt"). Secure = False
Response.Write (' <script>alert (' prompts!\n\n user to log out of login! '); Self.opener.location.reload (); Window.close ();</script> ")
Response.End
%>


==============================================================================================
Verify the Cookies page code, this is my simple to write a piece of verification code, basically are the same, specific you according to your ASP program validation files to modify
%>
Dim Des,descode
Set des=server.createobject ("Discuznt.des")
Descode=des. Decode ("" "&request.cookies (" dnt ") (" password ")" "," z143d2vbml ")//z143d2vbml for your DES encryption key, Please use Notepad to open the Config directory in the general.config file, find <Passwordkey>Z846D4VVZL</Passwordkey> this line,<passwordkey> and </Passwordkey> in the middle of the English is your key, change the key to your file
Set des=nothing
Here is a reading database to verify that your cookies are correct
Dim u_uid,u_username,u_password,u_secques,u_email
Sql= "Select Uid,username,password,secques,email from [dnt_users] where uid= '" &request.cookies ("dnt") ("userid") " ' and password= ' &descode ' "//For convenience, cookies user and password I do not add filter function, if you use must add, otherwise be injected, filter some single quotes and some more sensitive to the
Set Rs=conn.execute (SQL)
If not rs.eof then
Founduser = True
U_uid = Rs (0)
U_username = Rs (1)
U_password = Rs (2)
U_secques = Rs (3)
U_email = Rs (4)
Else
Founduser = False
End If
Rs.close
Set rs=nothing
%>
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.