导航
  • 主页
会员中心
收藏
消息
创作中心

一个简单的 循环修改1/0 的 代码 怎么老不成功,恳请高手啊!

madnesser 2009-08-17 05:08:15
下面是点击文章未审 和 已审 之间切换的代码 : 我点击时候 点击未审的(Talers("shixiao")=0)可以变成已审(Talers("shixiao")=1) 可是我点击已审却无法改变! 这里漏洞在那里啊????


<%
Call DoNoIpLock
Operate=Trim(Request("operate"))
If Operate="del" Then
DelLock
ElseIf Operate="save" Then
Call SaveLock
ElseIf Operate="shenhe" Then
Call shenhelock()
Else
Call LockList
End if
Response.Write "</table>"

Sub Locklist
Set Talers=Conn.ExeCute("Select * from IpLock order by iplock")
If Not Talers.Eof Then
i=0
%>


<%
Response.Write "<a href='m1l1ip.Asp?operate=shenhe&ipid="&Talers("ipid")&"'>"
If Talers("shixiao")=0 Then
Response.Write "<font color=red>未审</font>"
Else
Response.Write "已审"
End If
Response.Write "</a>" %>



<%
sub shenhelock()
ipid=request("ipid")
shixiao=request("shixiao")
If shixiao=1 then
shixiao=0
else
shixiao=1
End if
set Talers=conn.execute("Update IpLock set shixiao="&shixiao&" Where ipid="&ipid&"")
Response.Redirect "m1l1ip.Asp"
end sub
%>
...全文
68 点赞 收藏 7
写回复
7 条回复
切换为时间正序
请发表友善的回复…
发表回复
anjing5566 2009-08-17
呵呵,遇到问题,建议把sql写出来,这样就好分析原因了,上面解答的很详细了,lz自己看吧

 回复
Y_Leopard 2009-08-17
UP
 回复
王者coco 2009-08-17
up
 回复
lzp4881 2009-08-17
<%
Call DoNoIpLock
Operate=Trim(Request("operate"))
If Operate="del" Then
DelLock
ElseIf Operate="save" Then
Call SaveLock
ElseIf Operate="shenhe" Then
Call shenhelock()
Else
Call LockList
End if
Response.Write " </table>"

Sub Locklist
Set Talers=Conn.ExeCute("Select * from IpLock order by iplock")
If Not Talers.Eof Then
i=0
%>


<%
Response.Write " <a href='m1l1ip.Asp?operate=shenhe&ipid="&Talers("ipid")&"'>"
If Talers("shixiao")=0 Then
Response.Write " <font color=red>未审 </font>"
Else
Response.Write "已审"
End If
Response.Write " </a>" %>
这里差一个end sub

<%
sub shenhelock()
ipid=request("ipid")
shixiao=request("shixiao")
If shixiao=1 then
shixiao=0
else
shixiao=1
End if
set Talers=conn.execute("Update IpLock set shixiao="&shixiao&" Where ipid="&ipid&"")
Response.Redirect "m1l1ip.Asp"
end sub
%>
 回复
xxwood 2009-08-17
顶1楼
 回复
jiewenxu 2009-08-17


<%

Call DoNoIpLock

Operate=Trim(Request.QueryString("operate"))

If Operate="del" Then

    Call DelLock        '这里漏掉Call,会引起脚本错误

ElseIf Operate="save" Then

    Call SaveLock

ElseIf Operate="shenhe" Then

    Call shenhelock()

Else

Call LockList

End if

Response.Write " </table>"



Sub Locklist

Set Talers=Conn.ExeCute("Select * from IpLock order by iplock")

If Not Talers.Eof Then

i=0

%>





<%

  Response.Write " <a href='m1l1ip.Asp?operate=shenhe&ipid="&Talers("ipid")& "&shixiao="& Talers("shixiao") &"'>"

            If Talers("shixiao")=0 Then

              Response.Write " <font color=red>未审 </font>"

            Else

              Response.Write "已审"

            End If

            Response.Write " </a>" %>





<%

sub shenhelock()

ipid=CLng(request.QueryString("ipid"))  '注意防注入

shixiao=CInt(request.QueryString("shixiao"))  '你原来的地址中没有包含shixiao这个参数

If shixiao=1 then

shixiao=0

else

shixiao=1

End if

set Talers=conn.execute("Update IpLock set shixiao="&shixiao&" Where ipid="&ipid&"")

Response.Redirect "m1l1ip.Asp"

end sub

%>
回复
wansai00 2009-08-17
1,0的切换 使用这个方法

减一后的绝对值 Abs(n - 1)
update table set filed = abs(fields - 1) where ....

http://www.hn5000.com/program/view/no30.html
 回复
发动态
发帖子
ASP
创建于2007-09-28

2.8w+

社区成员

35.7w+

社区内容

ASP即Active Server Pages,是Microsoft公司开发的服务器端脚本环境。
申请成为版主
社区公告
暂无公告