'处理非法字符
strName=Replace(strName,"'","")
strPwd=Replace(strPwd,"'","")
sql="Select uid,pwd From login Where uid='" & strName & "'"
set objrs=Server.CreateObject("ADODB.RecordSet")
objrs.open sql,"DSN=hengxing;",3
If objrs.Bof And objrs.Eof Then
Response.Write "无此用户<p></p>"
%>
<a href=javascript:history.back()>返回</a>
<%
Response.End
End If
If objrs.RecordCount=1 Then
If objrs("pwd")=strpwd Then
Session("name")=strname
Session("passed")=True
Response.Redirect "转向的页面.asp"
Else
Response.Write "密码错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
Else
Response.Write "用户名错误,请确认后重新输入!<br><br>"
%>
<a href=javascript:history.back()>返回重填</a>
<%
Response.End
End If
objrs.Close
Set objrs=Nothing
%>
</body>
</html>
<body bgcolor="#99CCFF">
<script language=vbscript>
Sub CheckMyfrm()
If Trim(document.Myfrm.name.value)="" Then
alert("请输入用户名!")
document.Myfrm.name.focus()
window.event.returnvalue=false
Else If document.Myfrm.password.value="" Then
alert("请输入密码!")
document.Myfrm.password.focus()
window.event.returnvalue=false
End If
End If
End Sub
</script>