28,406
社区成员
发帖
与我相关
我的任务
分享sql查询无效!帮忙解决!
这个是源代码
<title>FX美丽世界官方网站</title><!--#include file="conn.asp" -->
<%
Dim URL
If DateDiff("s",Request.Cookies("KevanTM")("vitistime"),Now())<2 Then
URL=Request.ServerVariables("Http_REFERER")
Response.Write("<meta http-equiv=""refresh"" content=""2;URL="&URL&""">")
Response.Write("网站启动页面防刷新功能,两秒后自动跳转......")
Response.end
End IF
Response.Cookies("KevanTM")("vitistime")=Now()
%>
<%
if not instr(1,Request.ServerVariables("http_Referer"),Request.ServerVariables
("SERVER_NAME"),1)=8 then
response.write "<b>请不要从非本服务器的页面提交信息</b>"
response.end
end if
if (int(session("GetCode"))<>int(request("yzm"))) then
response.write "<script language=JavaScript>" & chr(13) & "alert('验证码不正确!');" &
"history.back()" & "</script>"
response.end
end if
ps_loginname=trim(request.form("id_loginid"))
charname=trim(request.form("charname"))
password=trim(request.form("password"))
if instr(id_loginid,"'")<>0 then hk=1
if instr(id_loginid,"=")<>0 then hk=1
if instr(id_loginid,"%")<>0 then hk=1
if instr(id_loginid,"&")<>0 then hk=1
if instr(password,"'")<>0 then hk=1
if instr(password,"=")<>0 then hk=1
if instr(password,"%")<>0 then hk=1
if instr(password,"&")<>0 then hk=1
if instr(charname,"'")<>0 then hk=1
if instr(charname,"=")<>0 then hk=1
if instr(charname,"%")<>0 then hk=1
if instr(charname,"&")<>0 then hk=1
if hk=1 then
response.write "<script language=javascript>alert('您所输入的数据包含非法字符,对不起!请不要尝试注
入!如果次数过多将自动封你的IP!');history.back();</script>"
response.end
end if
if ps_loginname="" then
response.write "<script language=javascript>alert('请您输入用户名!');history.back();</script>"
response.end
end if
if password="" then
response.write "<script language=javascript>alert('请您输入密码!');history.back();</script>"
response.end
end if
if charname="" then
response.write "<script language=javascript>alert('请您输入角色名!');history.back();</script>"
response.end
end if
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from chr_log_info where id_loginid = '"&ps_loginname&"'"
rs1.open sql,conn,1,1
if rs1.eof then
response.write "<script language=JavaScript>" & chr(13) & "alert('用户名不存在');" &
"history.back()" & "</script>"
response.end
else
if rs1("id_passwd")<>password then
response.write "<script language=JavaScript>" & chr(13) & "alert('您的密码错误!');" &
"history.back()" & "</script>"
response.end
else
editid=rs1("propid")
rs1.close
set rs1=nothing
'===============================================================================
if charname<>"" then
'----------------------------自救游戏角色功能-------------------------------
set rs = Server.CreateObject("ADODB.Recordset")
sql="select * from charname_1 where propid = "&editid&""
rs.open sql,conn,1,1
editids=rs("charPropID")
rs.close
set rs=nothing
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
if rs("charName")=charname then
rs1("cmap")=1
rs1("x")=5740
rs1("z")=10000
rs1.update
else
response.write "<script language=JavaScript>" & chr(13) & "alert('您输入的角色名错误!');" &
"history.back()" & "</script>"
response.end
end if
rs1.close
set rs1=nothing
'----------------------------自救游戏角色功能-------------------------------
end if
'===============================================================================
conn.close
set conn=nothing
response.write "<script language=JavaScript>" & chr(13) & "alert('自救成功!');" & "history.back
()" & "</script>"
response.end
end if
end if
%>
反复测试后无效,于是我改成调试代码
<title>FX美丽世界官方网站</title><!--#include file="conn.asp" -->
<%
Dim URL
If DateDiff("s",Request.Cookies("KevanTM")("vitistime"),Now())<2 Then
URL=Request.ServerVariables("Http_REFERER")
Response.Write("<meta http-equiv=""refresh"" content=""2;URL="&URL&""">")
Response.Write("网站启动页面防刷新功能,两秒后自动跳转......")
Response.end
End IF
Response.Cookies("KevanTM")("vitistime")=Now()
%>
<%
if not instr(1,Request.ServerVariables("http_Referer"),Request.ServerVariables ("SERVER_NAME"),1)=8 then
response.write "<b>请不要从非本服务器的页面提交信息</b>"
response.end
end if
if (int(session("GetCode"))<>int(request("yzm"))) then
response.write "<script language=JavaScript>" & chr(13) & "alert('验证码不正确!');" & "history.back()" & "</script>"
response.end
end if
ps_loginname=trim(request.form("id_loginid"))
charname=trim(request.form("charname"))
password=trim(request.form("password"))
if instr(id_loginid,"'")<>0 then hk=1
if instr(id_loginid,"=")<>0 then hk=1
if instr(id_loginid,"%")<>0 then hk=1
if instr(id_loginid,"&")<>0 then hk=1
if instr(password,"'")<>0 then hk=1
if instr(password,"=")<>0 then hk=1
if instr(password,"%")<>0 then hk=1
if instr(password,"&")<>0 then hk=1
if instr(charname,"'")<>0 then hk=1
if instr(charname,"=")<>0 then hk=1
if instr(charname,"%")<>0 then hk=1
if instr(charname,"&")<>0 then hk=1
if hk=1 then
response.write "<script language=javascript>alert('您所输入的数据包含非法字符,对不起!请不要尝试注入!如果次数过多将自动封你的IP!');history.back();</script>"
response.end
end if
if ps_loginname="" then
response.write "<script language=javascript>alert('请您输入用户名!');history.back();</script>"
response.end
end if
if password="" then
response.write "<script language=javascript>alert('请您输入密码!');history.back();</script>"
response.end
end if
if charname="" then
response.write "<script language=javascript>alert('请您输入角色名!');history.back();</script>"
response.end
end if
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from chr_log_info where id_loginid = '"&ps_loginname&"'"
rs1.open sql,conn,1,1
if rs1.eof then
response.write "<script language=JavaScript>" & chr(13) & "alert('用户名不存在');" & "history.back()" & "</script>"
response.end
else
if rs1("id_passwd")<>password then
response.write "<script language=JavaScript>" & chr(13) & "alert('您的密码错误!');" & "history.back()" & "</script>"
response.end
else
editid=rs1("propid")
rs1.close
set rs1=nothing
'===============================================================================
if charname<>"" then
'----------------------------自救游戏角色功能-------------------------------
set rs = Server.CreateObject("ADODB.Recordset")
sql="select * from charname_1 where propid = "&editid&""
rs.open sql,conn,1,1
editids=rs("charPropID")
rs.close
set rs=nothing
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
abcd=rs("charName")
if rs("charName")=charname then
rs1("cmap")=1
rs1("x")=5740
rs1("z")=10000
rs1.update
else
response.write "<script language=JavaScript>" & chr(13) & "alert('您输入的角色名错误!');" & "history.back()" & "</script>"
response.end
end if
rs1.close
set rs1=nothing
'----------------------------自救游戏角色功能-------------------------------
end if
'===============================================================================
conn.close
set conn=nothing
end if
end if
%>
<%=editid%><br>
<%=editids%><br>
<%=charname%><br>
<%=abcd%>
发现<%=abcd%>这个值出不来,也就是说
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
这段代码无效,请问这个问题怎么解决?在线等`~谢谢大家帮帮我。。。
ps:数据库没问题
<title>FX美丽世界官方网站</title><!--#include file="conn.asp" -->
<%
Dim URL
If DateDiff("s",Request.Cookies("KevanTM")("vitistime"),Now())<2 Then
URL=Request.ServerVariables("Http_REFERER")
Response.Write("<meta http-equiv=""refresh"" content=""2;URL="&URL&""">")
Response.Write("网站启动页面防刷新功能,两秒后自动跳转......")
Response.end
End IF
Response.Cookies("KevanTM")("vitistime")=Now()
%>
<%
if not instr(1,Request.ServerVariables("http_Referer"),Request.ServerVariables
("SERVER_NAME"),1)=8 then
response.write "<b>请不要从非本服务器的页面提交信息</b>"
response.end
end if
if (int(session("GetCode"))<>int(request("yzm"))) then
response.write "<script language=JavaScript>" & chr(13) & "alert('验证码不正确!');" &
"history.back()" & "</script>"
response.end
end if
ps_loginname=trim(request.form("id_loginid"))
charname=trim(request.form("charname"))
password=trim(request.form("password"))
if instr(id_loginid,"'")<>0 then hk=1
if instr(id_loginid,"=")<>0 then hk=1
if instr(id_loginid,"%")<>0 then hk=1
if instr(id_loginid,"&")<>0 then hk=1
if instr(password,"'")<>0 then hk=1
if instr(password,"=")<>0 then hk=1
if instr(password,"%")<>0 then hk=1
if instr(password,"&")<>0 then hk=1
if instr(charname,"'")<>0 then hk=1
if instr(charname,"=")<>0 then hk=1
if instr(charname,"%")<>0 then hk=1
if instr(charname,"&")<>0 then hk=1
if hk=1 then
response.write "<script language=javascript>alert('您所输入的数据包含非法字符,对不起!请不要尝试注
入!如果次数过多将自动封你的IP!');history.back();</script>"
response.end
end if
if ps_loginname="" then
response.write "<script language=javascript>alert('请您输入用户名!');history.back();</script>"
response.end
end if
if password="" then
response.write "<script language=javascript>alert('请您输入密码!');history.back();</script>"
response.end
end if
if charname="" then
response.write "<script language=javascript>alert('请您输入角色名!');history.back();</script>"
response.end
end if
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from chr_log_info where id_loginid = '"&ps_loginname&"'"
rs1.open sql,conn,1,1
if rs1.eof then
response.write "<script language=JavaScript>" & chr(13) & "alert('用户名不存在');" &
"history.back()" & "</script>"
response.end
else
if rs1("id_passwd")<>password then
response.write "<script language=JavaScript>" & chr(13) & "alert('您的密码错误!');" &
"history.back()" & "</script>"
response.end
else
editid=rs1("propid")
rs1.close
set rs1=nothing
'===============================================================================
if charname<>"" then
'----------------------------自救游戏角色功能-------------------------------
set rs = Server.CreateObject("ADODB.Recordset")
sql="select * from charname_1 where propid = "&editid&""
rs.open sql,conn,1,1
editids=rs("charPropID")
rs.close
set rs=nothing
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
if rs("charName")=charname then
rs1("cmap")=1
rs1("x")=5740
rs1("z")=10000
rs1.update
else
response.write "<script language=JavaScript>" & chr(13) & "alert('您输入的角色名错误!');" &
"history.back()" & "</script>"
response.end
end if
rs1.close
set rs1=nothing
'----------------------------自救游戏角色功能-------------------------------
end if
'===============================================================================
conn.close
set conn=nothing
response.write "<script language=JavaScript>" & chr(13) & "alert('自救成功!');" & "history.back
()" & "</script>"
response.end
end if
end if
%>
反复测试后无效,于是我改成调试代码
<title>FX美丽世界官方网站</title><!--#include file="conn.asp" -->
<%
Dim URL
If DateDiff("s",Request.Cookies("KevanTM")("vitistime"),Now())<2 Then
URL=Request.ServerVariables("Http_REFERER")
Response.Write("<meta http-equiv=""refresh"" content=""2;URL="&URL&""">")
Response.Write("网站启动页面防刷新功能,两秒后自动跳转......")
Response.end
End IF
Response.Cookies("KevanTM")("vitistime")=Now()
%>
<%
if not instr(1,Request.ServerVariables("http_Referer"),Request.ServerVariables ("SERVER_NAME"),1)=8 then
response.write "<b>请不要从非本服务器的页面提交信息</b>"
response.end
end if
if (int(session("GetCode"))<>int(request("yzm"))) then
response.write "<script language=JavaScript>" & chr(13) & "alert('验证码不正确!');" & "history.back()" & "</script>"
response.end
end if
ps_loginname=trim(request.form("id_loginid"))
charname=trim(request.form("charname"))
password=trim(request.form("password"))
if instr(id_loginid,"'")<>0 then hk=1
if instr(id_loginid,"=")<>0 then hk=1
if instr(id_loginid,"%")<>0 then hk=1
if instr(id_loginid,"&")<>0 then hk=1
if instr(password,"'")<>0 then hk=1
if instr(password,"=")<>0 then hk=1
if instr(password,"%")<>0 then hk=1
if instr(password,"&")<>0 then hk=1
if instr(charname,"'")<>0 then hk=1
if instr(charname,"=")<>0 then hk=1
if instr(charname,"%")<>0 then hk=1
if instr(charname,"&")<>0 then hk=1
if hk=1 then
response.write "<script language=javascript>alert('您所输入的数据包含非法字符,对不起!请不要尝试注入!如果次数过多将自动封你的IP!');history.back();</script>"
response.end
end if
if ps_loginname="" then
response.write "<script language=javascript>alert('请您输入用户名!');history.back();</script>"
response.end
end if
if password="" then
response.write "<script language=javascript>alert('请您输入密码!');history.back();</script>"
response.end
end if
if charname="" then
response.write "<script language=javascript>alert('请您输入角色名!');history.back();</script>"
response.end
end if
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from chr_log_info where id_loginid = '"&ps_loginname&"'"
rs1.open sql,conn,1,1
if rs1.eof then
response.write "<script language=JavaScript>" & chr(13) & "alert('用户名不存在');" & "history.back()" & "</script>"
response.end
else
if rs1("id_passwd")<>password then
response.write "<script language=JavaScript>" & chr(13) & "alert('您的密码错误!');" & "history.back()" & "</script>"
response.end
else
editid=rs1("propid")
rs1.close
set rs1=nothing
'===============================================================================
if charname<>"" then
'----------------------------自救游戏角色功能-------------------------------
set rs = Server.CreateObject("ADODB.Recordset")
sql="select * from charname_1 where propid = "&editid&""
rs.open sql,conn,1,1
editids=rs("charPropID")
rs.close
set rs=nothing
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
abcd=rs("charName")
if rs("charName")=charname then
rs1("cmap")=1
rs1("x")=5740
rs1("z")=10000
rs1.update
else
response.write "<script language=JavaScript>" & chr(13) & "alert('您输入的角色名错误!');" & "history.back()" & "</script>"
response.end
end if
rs1.close
set rs1=nothing
'----------------------------自救游戏角色功能-------------------------------
end if
'===============================================================================
conn.close
set conn=nothing
end if
end if
%>
<%=editid%><br>
<%=editids%><br>
<%=charname%><br>
<%=abcd%>
发现<%=abcd%>这个值出不来,也就是说
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
这段代码无效,请问这个问题怎么解决?在线等`~谢谢大家帮帮我。。。
ps:数据库没问题
...全文
请发表友善的回复…
发表回复
txwdcom 2005-07-21
- 打赏
- 举报
abcd=rs1("charname")'
用了这个还是不行。。
用了这个还是不行。。
都图软件工作室 2005-07-21
- 打赏
- 举报
set rs1 = Server.CreateObject("ADODB.Recordset")
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
abcd=rs("charName")'錯
abcd=rs1("charname")'註意rs1
sql="select * from CharInfo where charPropID = "&editids&""
rs1.open sql,conn,1,3
abcd=rs("charName")'錯
abcd=rs1("charname")'註意rs1
xiaoyao888 2005-07-21
- 打赏
- 举报
你的rs都关闭了哪来的rs("charName"),当然为空了
stefli 2005-07-21
- 打赏
- 举报
你Response.Write sql
Response.Write conn
看看有没有与数据库断开。
把sql拿得到查询分析器里面试试,看是否有数据
Response.Write conn
看看有没有与数据库断开。
把sql拿得到查询分析器里面试试,看是否有数据
txwdcom 2005-07-21
- 打赏
- 举报
charPropID数据类型是int
测试楼上的2种方法还是无效
<%=abcd%>的值出不来
测试楼上的2种方法还是无效
<%=abcd%>的值出不来
banner91 2005-07-21
- 打赏
- 举报
sql="select * from CharInfo where charPropID = "&editids
试试
或者用SQL客户端看看有什么问题
charPropID 是不是INT值之类得数值,是VARCHAR得要加'"&editids&"'"
试试
或者用SQL客户端看看有什么问题
charPropID 是不是INT值之类得数值,是VARCHAR得要加'"&editids&"'"
