如何实现强制登录？

security.asp

<%

bLoggedIn = (len(session("UserName")) > 0)

if bRequireLogin then

' 要求登录.

   if Not bLoggedIn then   

     response.redirect "login.asp?comebackto=" & _

     request.servervariables("script_name") & "?" & _

      ' 如果没注册,请注册.

     server.urlencode(request.querystring)

   end if

end if

%> 

login.asp

<%

if request("comebackto") <> "" then

   sReferer = request("comebackto")

   sGoBackTo = "?" & request.querystring

end if

if request("cmdLogin") <> "" then

   sUserName = request("txtUserName")

   sPassword = request("txtPassword")

   ' 提交注册.

   if sUserName = "bill" And sPassword = "gates" then

     bLoginSuccessful = True

     ' 验证帐号和密码.

   end if

   session("UserName") = sUserName

   if sReferer = "" then

     response.redirect "index.asp"

     ' 登录成功,到用户请求页.

   else

     response.redirect sReferer

     ' 如果没填写,重定向到登录页或其他约定的页.

end if

else

%>

   <form action="login.asp<%=sGoBackTo%>" method="post">

     <input type="text" name="txtUserName"><br>

     <input type="password" name="txtPassword"><br>

     <input type="submit" name="cmdLogin"><br>

   </form>

    ' 显示登录.

<%

end if

%>

testpage.asp

<%

   bRequireLogin = True

%>

<!--#include file="security.asp"-->

' 将 bRequireLogin设为真,放到 security.asp 中.

[1]