●●●●●倾家荡产,各位大哥们,帮帮小弟吧●●●●●●●●●
----------------------这是界面代码----------------------
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="telephone.aspx.cs" Inherits="telephone" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
<title>短信</title>
</head>
<body>
<form id="form1" runat="server">
<div>
<asp:TextBox ID="TextBox1" runat="server"></asp:TextBox>
<asp:ImageButton ID="ImageButton1" runat="server" ImageUrl="~/Img/but_send.gif" OnClick="ImageButton1_Click" />
</div>
</form>
</body>
</html>
----------------------这是CS代码----------------------
using System;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
public partial class telephone : System.Web.UI.Page
{
string strTime;
DataSet ds = new DataSet();
int Telid;
dbclass sqlcon=new dbclass();
string strsmsuser;
string strsmspass;
string strsms;
protected void Page_Load(object sender, EventArgs e)
{
int id = int.Parse(Request.QueryString["id"]);
sqlcon.RunSQL("select EpDis_smsName,EpDis_smsPass,EpDis_smsContent from EpDiscountInfo where EpDis_Id='" + id + "'",ref ds,"tel");
strsmsuser = ds.Tables["tel"].Rows[0][0].ToString();
strsmspass = ds.Tables["tel"].Rows[0][1].ToString();
strsms = ds.Tables["tel"].Rows[0][2].ToString();
}
protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
{
dbclass sqlcon = new dbclass();
strTime = DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss");
Telid = int.Parse(Request.QueryString["id"]);
SqlParameter[] sp = new SqlParameter[3];
sp[0] = new SqlParameter("@txtBox1", SqlDbType.VarChar, 20);
sp[0].Value = TextBox1.Text;
sp[1] = new SqlParameter("@strTime", SqlDbType.VarChar, 20);
sp[1].Value = strTime;
sp[2] = new SqlParameter("@id", SqlDbType.Int);
sp[2].Value = Telid;
sqlcon.RunSQL("insert into Telephote (TelNumber,TelTime,EpDisId) values(@txtBox1,@strTime,@id)", sp);
Response.Redirect("http://www.waytide.com/cgi/sms81/sendsms.asp?User=" + strsmsuser + "&Pass=" + strsmspass + "&Mobile=" + TextBox1.Text.Trim() + "&Text=" + strsms);
}
}
-------------------------------------------------------
这里省略了部分代码strsmsuser 和strsmspass 都是从数据库提取的
-------------------------------------------------------
关键是看这段代码
Response.Redirect("http://www.waytide.com/cgi/sms81/sendsms.asp?User=" + strsmsuser + "&Pass=" + strsmspass + "&Mobile=" + TextBox1.Text.Trim() + "&Text=" + strsms);
这段代码的功能是通过这个网站用我的张号strsmsuser密码strsmspass手机号TextBox1.Text.Trim() 和短信内容strsms可以给手机发短信
但是现在执行这段代码后跳转到那个网站的界面了
http://www.waytide.com/cgi/sms81/sendsms.asp?User=张号&Pass=密码&Mobile=手机号&Text=短信内容
把我的张号密码手机号短信内容都显示在地址栏和标题栏了
虽然我把地址栏屏蔽了
但是标题栏还是会显示我的张号和密码
我现在想要的结果是执行这段代码的功能还不让它跳转到那个页面
或者是隐藏掉
让执行的人看不到