将 sql="select * from tb_admin where w_name='"&user&"' and w_pass='"&md5pass(password)&"'"
set rs=conn.execute(sql)
if rs.eof then
Response.Write("<script language=javascript>alert('您所输入的管理员姓名和密码有误!');this.location.href='login.asp';</script>")
改为 sql="select * from tb_admin where w_name='"&user&"' and w_pass='"&password&"'"
set rs=conn.execute(sql)
if rs.eof then
Response.Write("<script language=javascript>alert('您所输入的管理员姓名和密码有误!');this.location.href='login.asp';</script>")