28,391
社区成员
发帖
与我相关
我的任务
分享如何用ASP编个用户检测程序!!!!在线
大概流程我知道但有些地方不太清楚
1、注册 2、 登录
1、注册我会写
2、就是登录时检测用户是否存在不知道如何写
检测如果有这个用户就可进入,反之就返回注册页面。
请大家帮个忙写下
1、注册 2、 登录
1、注册我会写
2、就是登录时检测用户是否存在不知道如何写
检测如果有这个用户就可进入,反之就返回注册页面。
请大家帮个忙写下
...全文
请发表友善的回复…
发表回复
clcy 2004-05-12
- 打赏
- 举报
谢谢了
fury 2004-05-04
- 打赏
- 举报
回复人: diveas(枫) ( ) 信誉:100 2004-05-03 22:23:00 得分:0
To: lcx45(木头)
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
To: thb28(c++学习中)
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
楼上的两位这两句都有很大漏洞,我用特殊的用户名,密码我可以随便打都可以进入!
===================================
看清楚了:
-----------------------------------------------
lcx45(木头)
name=request.form("username")
pwd=request.form("userpassword")
if instr(name,"'")<>0 or instr(pwd,"'")<>0 then
response.redirect "login.asp"
response.end
end if
-----------------------------------------------
thb28(c++学习中)
name=replace(trim(request("name")),"'","")
password=replace(trim(request("password")),"'","")
-----------------------------------------------
这样你也可以随便进去吗?
To: lcx45(木头)
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
To: thb28(c++学习中)
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
楼上的两位这两句都有很大漏洞,我用特殊的用户名,密码我可以随便打都可以进入!
===================================
看清楚了:
-----------------------------------------------
lcx45(木头)
name=request.form("username")
pwd=request.form("userpassword")
if instr(name,"'")<>0 or instr(pwd,"'")<>0 then
response.redirect "login.asp"
response.end
end if
-----------------------------------------------
thb28(c++学习中)
name=replace(trim(request("name")),"'","")
password=replace(trim(request("password")),"'","")
-----------------------------------------------
这样你也可以随便进去吗?
diveas 2004-05-03
- 打赏
- 举报
http://expert.csdn.net/Expert/topic/2945/2945224.xml?temp=.4705469
jeasoyang 2004-05-03
- 打赏
- 举报
CSDN自己人的乐园
shcsdn.35sw.com
bbs.35sw.com
www.35sw.com
shcsdn.35sw.com
bbs.35sw.com
www.35sw.com
diveas 2004-05-03
- 打赏
- 举报
To: lcx45(木头)
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
To: thb28(c++学习中)
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
楼上的两位这两句都有很大漏洞,我用特殊的用户名,密码我可以随便打都可以进入!
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
To: thb28(c++学习中)
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
楼上的两位这两句都有很大漏洞,我用特殊的用户名,密码我可以随便打都可以进入!
diveas 2004-05-03
- 打赏
- 举报
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
var checkflag = "false";
function check(field) {
if (checkflag == "false") {
for (i = 0; i < field.length; i++) {
field[i].checked = true;}
checkflag = "true";
return "取消全选"; }
else {
for (i = 0; i < field.length; i++) {
field[i].checked = false; }
checkflag = "false";
return "全部选定"; }
}
// End -->
</script>
<td align="center" bgcolor="#00CCFF"><input type=button value=" 全部选定 " onClick="this.value=check(this.form.list)"> </td>
<!-- Begin
var checkflag = "false";
function check(field) {
if (checkflag == "false") {
for (i = 0; i < field.length; i++) {
field[i].checked = true;}
checkflag = "true";
return "取消全选"; }
else {
for (i = 0; i < field.length; i++) {
field[i].checked = false; }
checkflag = "false";
return "全部选定"; }
}
// End -->
</script>
<td align="center" bgcolor="#00CCFF"><input type=button value=" 全部选定 " onClick="this.value=check(this.form.list)"> </td>
diveas 2004-05-03
- 打赏
- 举报
<%Option Explicit%>
<html>
<body bgcolor="#99CCFF">
<center>
<%
Dim strName,strPwd,objrs,sql
strName=Request.Form("name")
strPwd=Request.Form("password")
'处理非法字符
strName=Replace(strName,"'","")
strPwd=Replace(strPwd,"'","")
sql="Select UserName From Login Where UserName='" & strName & "'"
set objrs=Server.CreateObject("ADODB.RecordSet")
'打开数据库语句,自己写。。。。。。我的和你不一样!!
If objrs.Bof And objrs.Eof Then
Response.Write "无此用户<p></p>"
%>
<a href=javascript:history.back()>返回</a>
<%
Response.End
End If
If objrs.RecordCount=1 Then
If objrs("pwd")=strPwd Then
Response.Redirect "kj.asp"
Else
Response.Write "密码错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
Else
Response.Write "用户名错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
objrs.Close
Set objrs=Nothing
%>
</body>
</html>
<html>
<body bgcolor="#99CCFF">
<center>
<%
Dim strName,strPwd,objrs,sql
strName=Request.Form("name")
strPwd=Request.Form("password")
'处理非法字符
strName=Replace(strName,"'","")
strPwd=Replace(strPwd,"'","")
sql="Select UserName From Login Where UserName='" & strName & "'"
set objrs=Server.CreateObject("ADODB.RecordSet")
'打开数据库语句,自己写。。。。。。我的和你不一样!!
If objrs.Bof And objrs.Eof Then
Response.Write "无此用户<p></p>"
%>
<a href=javascript:history.back()>返回</a>
<%
Response.End
End If
If objrs.RecordCount=1 Then
If objrs("pwd")=strPwd Then
Response.Redirect "kj.asp"
Else
Response.Write "密码错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
Else
Response.Write "用户名错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
objrs.Close
Set objrs=Nothing
%>
</body>
</html>
thb28 2004-05-03
- 打赏
- 举报
application使全局对象,这里不需要,只需要创建用户SESSION
登陆的界面不用说了吧
看下面的验证程序
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<%
‘连接数据库,以ACCESS为例
option explicit
Response.Expires=0
dim conn,connstr,db,rs,name,password
db="你的数据库路径和名称.mdb"
Set conn = Server.CreateObject("ADODB.Connection")
connstr = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(""&db&"")
conn.Open connstr
‘接收用户登陆信息
name=replace(trim(request("name")),"'","")
password=replace(trim(request("password")),"'","")
if name="" or password="" then
response.Write "<script language=javascript>alert('请填写用户名和密码')</script>"
response.end
end if
‘通过数据库验证用户身份
set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
if not(rs.bof and rs.eof) then
if password=rs("password") then
‘创建SESSION
session("user")=trim(rs("name"))
session("PASS")=trim(rs("PASSWORD"))
‘限定过期时间
session.Timeout=60
rs.Close
set rs=nothing
'验证正确接受用户登陆
response.Redirect "../login.asp"
else
call Error
end if
else
call Error()
end if
sub Error()
response.write "<script language=javascript>alert('无效的用户名和密码')</script>"
end sub
set rs=nothing
set conn=nothing
%>
登陆的界面不用说了吧
看下面的验证程序
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<%
‘连接数据库,以ACCESS为例
option explicit
Response.Expires=0
dim conn,connstr,db,rs,name,password
db="你的数据库路径和名称.mdb"
Set conn = Server.CreateObject("ADODB.Connection")
connstr = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath(""&db&"")
conn.Open connstr
‘接收用户登陆信息
name=replace(trim(request("name")),"'","")
password=replace(trim(request("password")),"'","")
if name="" or password="" then
response.Write "<script language=javascript>alert('请填写用户名和密码')</script>"
response.end
end if
‘通过数据库验证用户身份
set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from works where name='"&name&"' and password='"&password&"' " ,conn,1,1
if not(rs.bof and rs.eof) then
if password=rs("password") then
‘创建SESSION
session("user")=trim(rs("name"))
session("PASS")=trim(rs("PASSWORD"))
‘限定过期时间
session.Timeout=60
rs.Close
set rs=nothing
'验证正确接受用户登陆
response.Redirect "../login.asp"
else
call Error
end if
else
call Error()
end if
sub Error()
response.write "<script language=javascript>alert('无效的用户名和密码')</script>"
end sub
set rs=nothing
set conn=nothing
%>
stayhere 2004-05-03
- 打赏
- 举报
全选?
<form name=test><input type=checkbox name=chk value=A>A<input type=checkbox name=chk value=B>B<input type=checkbox name=chk value=C>C
<input type=button value=全选 onclick="SelAllNow()">
</form>
<script language=vbscript>
sub SelAllNow()
for i=0 to 2
test.chk(i).checked=true
next
end sub
</script>
<form name=test><input type=checkbox name=chk value=A>A<input type=checkbox name=chk value=B>B<input type=checkbox name=chk value=C>C
<input type=button value=全选 onclick="SelAllNow()">
</form>
<script language=vbscript>
sub SelAllNow()
for i=0 to 2
test.chk(i).checked=true
next
end sub
</script>
clcy 2004-05-03
- 打赏
- 举报
还有就是“全选”按钮如何写
clcy 2004-05-03
- 打赏
- 举报
能否注释一下
clcy 2004-05-03
- 打赏
- 举报
哦
lcx45 2004-05-03
- 打赏
- 举报
<%
if request("username")<>"" and request("userpassword")<>"" then
dim name
dim pwd
dim sql
dim rs
name=request.form("username")
pwd=request.form("userpassword")
if instr(name,"'")<>0 or instr(pwd,"'")<>0 then
response.redirect "login.asp"
response.end
end if
set rs = server.createobject("adodb.recordset")
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
rs.open sql,conn,1,1
if err.number <> 0 then
response.write "数据库操作失败:"&err.description
response.end
else
if not rs.eof and not rs.bof then
session("purview")=rs("purview")
session("name")=rs("name")
response.redirect "admin/index.asp"
end if
end if
rs.close
set rs=nothing
end if
%>
if request("username")<>"" and request("userpassword")<>"" then
dim name
dim pwd
dim sql
dim rs
name=request.form("username")
pwd=request.form("userpassword")
if instr(name,"'")<>0 or instr(pwd,"'")<>0 then
response.redirect "login.asp"
response.end
end if
set rs = server.createobject("adodb.recordset")
sql="select * from users where name='" & name & "' and pwd='" & pwd & "'"
rs.open sql,conn,1,1
if err.number <> 0 then
response.write "数据库操作失败:"&err.description
response.end
else
if not rs.eof and not rs.bof then
session("purview")=rs("purview")
session("name")=rs("name")
response.redirect "admin/index.asp"
end if
end if
rs.close
set rs=nothing
end if
%>
