如何用ASP编个用户检测程序!!!!在线
大概流程我知道但有些地方不太清楚
1、注册 2、 登录
1、注册我会写
2、就是登录时检测用户是否存在不知道如何写
检测如果有这个用户就可进入,反之就返回注册页面。
请大家帮个忙写下
问题点数:50、回复次数:13Top
1 楼lcx45(木头)回复于 2004-05-03 21:55:33 得分 10
<%
if request("username")<>"" and request("userpassword")<>"" then
dim name
dim pwd
dim sql
dim rs
name=request.form("username")
pwd=request.form("userpassword")
if instr(name,"'")<>0 or instr(pwd,"'")<>0 then
response.redirect "login.asp"
response.end
end if
set rs = server.createobject("adodb.recordset")
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
rs.open sql,conn,1,1
if err.number <> 0 then
response.write "数据库操作失败:"&err.description
response.end
else
if not rs.eof and not rs.bof then
session("purview")=rs("purview")
session("name")=rs("name")
response.redirect "admin/index.asp"
end if
end if
rs.close
set rs=nothing
end if
%>Top
2 楼clcy(风雨)回复于 2004-05-03 21:58:23 得分 0
哦Top
3 楼clcy(风雨)回复于 2004-05-03 22:00:52 得分 0
能否注释一下Top
4 楼clcy(风雨)回复于 2004-05-03 22:04:04 得分 0
还有就是“全选”按钮如何写Top
5 楼stayhere(且留连)回复于 2004-05-03 22:09:00 得分 5
全选?
<form name=test><input type=checkbox name=chk value=A>A<input type=checkbox name=chk value=B>B<input type=checkbox name=chk value=C>C
<input type=button value=全选 onclick="SelAllNow()">
</form>
<script language=vbscript>
sub SelAllNow()
for i=0 to 2
test.chk(i).checked=true
next
end sub
</script>Top
6 楼thb28(没有激情的日子)回复于 2004-05-03 22:16:48 得分 10
application使全局对象,这里不需要,只需要创建用户SESSION
登陆的界面不用说了吧
看下面的验证程序
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<%
‘连接数据库,以ACCESS为例
option explicit
Response.Expires=0
dim conn,connstr,db,rs,name,password
db="你的数据库路径和名称.mdb"
Set conn = Server.CreateObject("ADODB.Connection")
connstr = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(""&db&"")
conn.Open connstr
‘接收用户登陆信息
name=replace(trim(request("name")),"'","")
password=replace(trim(request("password")),"'","")
if name="" or password="" then
response.Write "<script language=javascript>alert('请填写用户名和密码')</script>"
response.end
end if
‘通过数据库验证用户身份
set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
if not(rs.bof and rs.eof) then
if password=rs("password") then
‘创建SESSION
session("user")=trim(rs("name"))
session("PASS")=trim(rs("PASSWORD"))
‘限定过期时间
session.Timeout=60
rs.Close
set rs=nothing
'验证正确接受用户登陆
response.Redirect "../login.asp"
else
call Error
end if
else
call Error()
end if
sub Error()
response.write "<script language=javascript>alert('无效的用户名和密码')</script>"
end sub
set rs=nothing
set conn=nothing
%>
Top
7 楼diveas(枫)回复于 2004-05-03 22:17:03 得分 10
<%Option Explicit%>
<html>
<body bgcolor="#99CCFF">
<center>
<%
Dim strName,strPwd,objrs,sql
strName=Request.Form("name")
strPwd=Request.Form("password")
'处理非法字符
strName=Replace(strName,"'","")
strPwd=Replace(strPwd,"'","")
sql="Select UserName From Login Where UserName='" & strName & "'"
set objrs=Server.CreateObject("ADODB.RecordSet")
'打开数据库语句,自己写。。。。。。我的和你不一样!!
If objrs.Bof And objrs.Eof Then
Response.Write "无此用户<p></p>"
%>
<a href=javascript:history.back()>返回</a>
<%
Response.End
End If
If objrs.RecordCount=1 Then
If objrs("pwd")=strPwd Then
Response.Redirect "kj.asp"
Else
Response.Write "密码错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
Else
Response.Write "用户名错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
objrs.Close
Set objrs=Nothing
%>
</body>
</html>Top
8 楼diveas(枫)回复于 2004-05-03 22:19:33 得分 5
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
var checkflag = "false";
function check(field) {
if (checkflag == "false") {
for (i = 0; i < field.length; i++) {
field[i].checked = true;}
checkflag = "true";
return "取消全选"; }
else {
for (i = 0; i < field.length; i++) {
field[i].checked = false; }
checkflag = "false";
return "全部选定"; }
}
// End -->
</script>
<td align="center" bgcolor="#00CCFF"><input type=button value=" 全部选定 " onClick="this.value=check(this.form.list)"> </td>Top
9 楼diveas(枫)回复于 2004-05-03 22:23:40 得分 5
To: lcx45(木头)
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
To: thb28(c++学习中)
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
楼上的两位这两句都有很大漏洞,我用特殊的用户名,密码我可以随便打都可以进入!
Top
10 楼jeasoyang(主机家园)回复于 2004-05-03 22:31:01 得分 0
CSDN自己人的乐园
shcsdn.35sw.com
bbs.35sw.com
www.35sw.com
Top
11 楼diveas(枫)回复于 2004-05-03 22:31:23 得分 0
http://expert.csdn.net/Expert/topic/2945/2945224.xml?temp=.4705469Top
12 楼fury()回复于 2004-05-04 00:04:30 得分 5
回复人: diveas(枫) ( ) 信誉:100 2004-05-03 22:23:00 得分:0
To: lcx45(木头)
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
To: thb28(c++学习中)
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
楼上的两位这两句都有很大漏洞,我用特殊的用户名,密码我可以随便打都可以进入!
===================================
看清楚了:
-----------------------------------------------
lcx45(木头)
name=request.form("username")
pwd=request.form("userpassword")
if instr(name,"'")<>0 or instr(pwd,"'")<>0 then
response.redirect "login.asp"
response.end
end if
-----------------------------------------------
thb28(c++学习中)
name=replace(trim(request("name")),"'","")
password=replace(trim(request("password")),"'","")
-----------------------------------------------
这样你也可以随便进去吗?
Top
13 楼clcy(风雨)回复于 2004-05-12 21:38:48 得分 0
谢谢了Top
