28,408
社区成员
发帖
与我相关
我的任务
分享谁能解决此问题,我全部积分全给你。
我现在在写一个数据库显示的代码:
可是发现就是显示不出来(显示超时)
我该了IIS的时间,也没用。
代码如下:
<!-- #include file=conn.asp -->
<%
set rss = server.CreateObject("adodb.recordset")
rss.open "select * from [userbook]",conn,1,1
rss.movefirst
do while not rs.eof
response.Write rss("user_name")
response.Write rss("user_message")
response.Write rss("time")
rss.movenext
loop
rss.close
set rss = nothing
response.End()
%>
哪位高手帮我解决了此问题,我全部积分全给你,跪求~!!
这问题我整了不知道多久了,心都快死去了,大哥大姐大侠们,求你们给我个答案吧!
可是发现就是显示不出来(显示超时)
我该了IIS的时间,也没用。
代码如下:
<!-- #include file=conn.asp -->
<%
set rss = server.CreateObject("adodb.recordset")
rss.open "select * from [userbook]",conn,1,1
rss.movefirst
do while not rs.eof
response.Write rss("user_name")
response.Write rss("user_message")
response.Write rss("time")
rss.movenext
loop
rss.close
set rss = nothing
response.End()
%>
哪位高手帮我解决了此问题,我全部积分全给你,跪求~!!
这问题我整了不知道多久了,心都快死去了,大哥大姐大侠们,求你们给我个答案吧!
...全文
请发表友善的回复…
发表回复
叫我梁大侠 2011-07-12
- 打赏
- 举报
好久的帖子咯 呵呵
lj1234567 2011-07-10
- 打赏
- 举报
学习了,我也出现了同样的这个错误
叫我梁大侠 2010-05-28
- 打赏
- 举报
conn.asp文件为:
<%
dim conn
dim connstr
dim db
db="userbase.mdb" '数据库文件位置
on error resume next
connstr="DBQ="+server.mappath(""&db&"")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};"
set conn=server.createobject("ADODB.CONNECTION")
if err then
err.clear
else
conn.open connstr
end if
sub CloseConn()
conn.close
set conn=nothing
end sub
%>
<%
'检测SQL注入,发现注入语法,直接报非法输入,并退出
'检测非字符
'SQL_injdata = "'|exec |insert |select |update |delete |set |xp_cmdshell |exec master|xp_dirtree |exec master |char |net localgroup administrators | and |net user | or |mid( |asc( |truncate |cast|declare|exec|varchar"
SQL_injdata = "'|exec |insert |select |update |delete |set |xp_cmdshell |exec master|xp_dirtree |exec master |char |net localgroup administrators | and |net user | or |mid( |asc( |truncate |declare|exec|varchar"
SQL_inj = split(SQL_Injdata,"|")
'检测GET
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(lcase(Request.QueryString(SQL_Get)),Sql_Inj(Sql_DATA))>0 Then
response.write "输入非法"
Response.end
end if
next
Next
End If
'检测POST
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(lcase(Request.Form(Sql_Post)),Sql_Inj(Sql_DATA))>0 Then
response.write "输入非法"
Response.end
end if
next
next
end if
'检测cookie
If Request.Cookies<>"" Then
For Each Sql_Cookie In Request.Cookies
For SQL_Data=0 To Ubound(SQL_inj)
if instr(lcase(Request.Cookies(Sql_Cookie)),Sql_Inj(Sql_DATA))>0 Then
response.write "输入非法"
Response.end
end if
next
next
end if
%>
<%
dim conn
dim connstr
dim db
db="userbase.mdb" '数据库文件位置
on error resume next
connstr="DBQ="+server.mappath(""&db&"")+";DefaultDir=;DRIVER={Microsoft Access Driver (*.mdb)};"
set conn=server.createobject("ADODB.CONNECTION")
if err then
err.clear
else
conn.open connstr
end if
sub CloseConn()
conn.close
set conn=nothing
end sub
%>
<%
'检测SQL注入,发现注入语法,直接报非法输入,并退出
'检测非字符
'SQL_injdata = "'|exec |insert |select |update |delete |set |xp_cmdshell |exec master|xp_dirtree |exec master |char |net localgroup administrators | and |net user | or |mid( |asc( |truncate |cast|declare|exec|varchar"
SQL_injdata = "'|exec |insert |select |update |delete |set |xp_cmdshell |exec master|xp_dirtree |exec master |char |net localgroup administrators | and |net user | or |mid( |asc( |truncate |declare|exec|varchar"
SQL_inj = split(SQL_Injdata,"|")
'检测GET
If Request.QueryString<>"" Then
For Each SQL_Get In Request.QueryString
For SQL_Data=0 To Ubound(SQL_inj)
if instr(lcase(Request.QueryString(SQL_Get)),Sql_Inj(Sql_DATA))>0 Then
response.write "输入非法"
Response.end
end if
next
Next
End If
'检测POST
If Request.Form<>"" Then
For Each Sql_Post In Request.Form
For SQL_Data=0 To Ubound(SQL_inj)
if instr(lcase(Request.Form(Sql_Post)),Sql_Inj(Sql_DATA))>0 Then
response.write "输入非法"
Response.end
end if
next
next
end if
'检测cookie
If Request.Cookies<>"" Then
For Each Sql_Cookie In Request.Cookies
For SQL_Data=0 To Ubound(SQL_inj)
if instr(lcase(Request.Cookies(Sql_Cookie)),Sql_Inj(Sql_DATA))>0 Then
response.write "输入非法"
Response.end
end if
next
next
end if
%>
叫我梁大侠 2010-05-28
- 打赏
- 举报
poppy~ 大哥
手误是什么意思额
手误是什么意思额
叫我梁大侠 2010-05-28
- 打赏
- 举报
谢谢各位高人的指点,我现在试下。
yunxiang_myx 2010-05-27
- 打赏
- 举报
咳,咳。。。。。。。。。
游戏人间 2010-05-27
- 打赏
- 举报
2楼眼尖呀,
就是数据集名称用错了。
rss rs
就是数据集名称用错了。
rss rs
lj1234567 2010-05-27
- 打赏
- 举报
2楼正解
mrshelly 2010-05-27
- 打赏
- 举报
#2楼正解....
猜我是几娃 2010-05-26
- 打赏
- 举报
这错误应该是手误,楼主之前有发帖问过
猜我是几娃 2010-05-26
- 打赏
- 举报
这段程序没有问题的,多半问题出在conn.asp上,你把数据库文件找到了没???
在打开数据库后,也就是在
rss.open "select * from [userbook]",conn,1,1
的下面加上这句检查下错误在哪。
if not err.number=0 then
response.Write err.description
err.clear
end if
在打开数据库后,也就是在
rss.open "select * from [userbook]",conn,1,1
的下面加上这句检查下错误在哪。
if not err.number=0 then
response.Write err.description
err.clear
end if
Atai-Lu 2010-05-26
- 打赏
- 举报
set rss = server.CreateObject("adodb.recordset")
rss.open "select * from [userbook]",conn,1,1
rss.movefirst
do while not rs.eof
response.Write rss("user_name")
response.Write rss("user_message")
response.Write rss("time")
rss.movenext
loop
rss.close
set rss = nothing
response.End()
rss.movefirst
do while not rs.eof
红色部分,应该就是问题所在
一把编程的菜刀 2010-05-26
- 打赏
- 举报
<!-- #include file=conn.asp -->
<%
set rss = server.CreateObject("adodb.recordset")
sql="select * from [userbook]"
rss.open sql,conn,1,1
if not rs.bof then
do while not rs.eof
response.Write rss("user_name")
response.Write rss("user_message")
response.Write rss("time")
rss.movenext
loop
end if
rss.close
set rss = nothing
response.End()
%>如果还有问题,请贴出你的conn.asp 里面连接数据库的代码
