28,404
社区成员
发帖
与我相关
我的任务
分享在线$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$为什么我乱输入也可以登入!!!!
index.asp
一个用户输入框 login
用户密码输入框 password
数据库:clcy
表:check
字段:
name password
admin admin888 登入用户和密码
------------------------------
login.asp
代码如下:
<%@ Language=VBScript %>
<%
if isempty(request.form("login")) then
session.abandon()
session("clcy")=1
else
set conn=server.createobject("adodb.connection")
conn.open "provider=microsoft.jet.oledb.4.0;data source="&server.mappath("zz/clcy.mdb")
thename=request.form("login")
thepassword=request.form("password")
if instr(thename,"")=0 and instr(thepassword,"")=0 and instr(thename,"")=0 and instr(thepassword,"")=0 then
set rslogin=conn.execute("select * from check where "&"name='"&thename&"' and "&"password='"&thepassword&"'")
if rslogin.eof then
session("clcy")=session("clcy")+1
if application("clcy")=0 then
themessage="登录失败,请重试:"
elseif session("clcy")>application("clcy") then
themessage="登录不成功,登录次数已满,无法重试"
else
thetimes=application("clcy")-session("clcy")+1
themessage="登录不成功,还有"& thetimes &" 次机会,请重试:"
end if
end if
else
response.write"正在登陆..."
response.write"<meta http-equiv=refresh content=""3;url=index1.asp"">"
response.end
end if
end if
%>
无论我输入什么都可以登入??????????????????
一个用户输入框 login
用户密码输入框 password
数据库:clcy
表:check
字段:
name password
admin admin888 登入用户和密码
------------------------------
login.asp
代码如下:
<%@ Language=VBScript %>
<%
if isempty(request.form("login")) then
session.abandon()
session("clcy")=1
else
set conn=server.createobject("adodb.connection")
conn.open "provider=microsoft.jet.oledb.4.0;data source="&server.mappath("zz/clcy.mdb")
thename=request.form("login")
thepassword=request.form("password")
if instr(thename,"")=0 and instr(thepassword,"")=0 and instr(thename,"")=0 and instr(thepassword,"")=0 then
set rslogin=conn.execute("select * from check where "&"name='"&thename&"' and "&"password='"&thepassword&"'")
if rslogin.eof then
session("clcy")=session("clcy")+1
if application("clcy")=0 then
themessage="登录失败,请重试:"
elseif session("clcy")>application("clcy") then
themessage="登录不成功,登录次数已满,无法重试"
else
thetimes=application("clcy")-session("clcy")+1
themessage="登录不成功,还有"& thetimes &" 次机会,请重试:"
end if
end if
else
response.write"正在登陆..."
response.write"<meta http-equiv=refresh content=""3;url=index1.asp"">"
response.end
end if
end if
%>
无论我输入什么都可以登入??????????????????
...全文
请发表友善的回复…
发表回复
clcy 2005-01-08
- 打赏
- 举报
加了个登录次数
lucks 2005-01-08
- 打赏
- 举报
重写
红色银狐 2005-01-08
- 打赏
- 举报
一个登陆的问题没有必要写成这样复杂吧
clcy 2005-01-08
- 打赏
- 举报
还没有解决
阿泰 2005-01-08
- 打赏
- 举报
要出去参加婚礼,没时间给你看了
你的代码风格不便于查错,现在的问题就是你的逻辑没有控制住,直接就到
response.write"正在登陆..."
response.write"<meta http-equiv=refresh content=""3;url=index1.asp"">"
了,建议你把代码格式化一下,然后仔细看一下逻辑
代码应该这样写,还有些大小写格式的问题
<%@ Language=VBScript %>
<%
if isempty(request.form("login")) then
session.abandon()
session("clcy")=1
else
set conn=server.createobject("adodb.connection")
conn.open "provider=microsoft.jet.oledb.4.0;data source="&server.mappath("zz/clcy.mdb")
thename=request.form("login")
thepassword=request.form("password")
if instr(thename,"")=0 and instr(thepassword,"")=0 and instr(thename,"")=0 and instr(thepassword,"")=0 then
set rslogin=conn.execute("select * from check where "&"name='"&thename&"' and "&"password='"&thepassword&"'")
if rslogin.eof then
session("clcy")=session("clcy")+1
if application("clcy")=0 then
themessage="登录失败,请重试:"
elseif session("clcy")>application("clcy") then
themessage="登录不成功,登录次数已满,无法重试"
else
thetimes=application("clcy")-session("clcy")+1
themessage="登录不成功,还有"& thetimes &" 次机会,请重试:"
end if
end if
else
response.write"正在登陆..."
response.write"<meta http-equiv=refresh content=""3;url=index1.asp"">"
response.end
end if
end if
%>
你的代码风格不便于查错,现在的问题就是你的逻辑没有控制住,直接就到
response.write"正在登陆..."
response.write"<meta http-equiv=refresh content=""3;url=index1.asp"">"
了,建议你把代码格式化一下,然后仔细看一下逻辑
代码应该这样写,还有些大小写格式的问题
<%@ Language=VBScript %>
<%
if isempty(request.form("login")) then
session.abandon()
session("clcy")=1
else
set conn=server.createobject("adodb.connection")
conn.open "provider=microsoft.jet.oledb.4.0;data source="&server.mappath("zz/clcy.mdb")
thename=request.form("login")
thepassword=request.form("password")
if instr(thename,"")=0 and instr(thepassword,"")=0 and instr(thename,"")=0 and instr(thepassword,"")=0 then
set rslogin=conn.execute("select * from check where "&"name='"&thename&"' and "&"password='"&thepassword&"'")
if rslogin.eof then
session("clcy")=session("clcy")+1
if application("clcy")=0 then
themessage="登录失败,请重试:"
elseif session("clcy")>application("clcy") then
themessage="登录不成功,登录次数已满,无法重试"
else
thetimes=application("clcy")-session("clcy")+1
themessage="登录不成功,还有"& thetimes &" 次机会,请重试:"
end if
end if
else
response.write"正在登陆..."
response.write"<meta http-equiv=refresh content=""3;url=index1.asp"">"
response.end
end if
end if
%>
dh20156 2005-01-08
- 打赏
- 举报
set rslogin=conn.execute("select * from check where "&"name='"&thename&"' and "&"password='"&thepassword&"'")
建议:
select password from check where name='"&thename&"'
建议:
select password from check where name='"&thename&"'
clcy 2005-01-08
- 打赏
- 举报
如果看不清楚可以看这里
http://www.uniclr.com/index1.asp
http://www.uniclr.com/index1.asp
clcy 2005-01-08
- 打赏
- 举报
TO;阿泰
也不行,错误依旧
也不行,错误依旧
红色银狐 2005-01-08
- 打赏
- 举报
可以提供下载吗?
俺在本机器测试一下......
俺在本机器测试一下......
阿泰 2005-01-08
- 打赏
- 举报
if instr(thename,"")=0 and instr(thepassword,"")=0 and instr(thename,"")=0 and instr(thepassword,"")=0 then
==>
if instr(thename," ")=0 and instr(thepassword," ")=0 then
==>
if instr(thename," ")=0 and instr(thepassword," ")=0 then
clcy 2005-01-08
- 打赏
- 举报
没人知道吗?
clcy 2005-01-08
- 打赏
- 举报
应该不乱吧
fashchina 2005-01-08
- 打赏
- 举报
把你的SQL语句打印出来看看
好乱呀
好乱呀
clcy 2005-01-08
- 打赏
- 举报
自己顶
