注册 登录
编程论坛 ASP技术论坛

请问这段代码有没有什么问题??

杨絮 发布于 2008-05-10 13:48, 456 次点击
<%response.Expires = 0%>
<!--#include file="system/connection.asp"-->
<!--#include file="../inc/md5.asp"-->
<%
dim admin,password
admin=replace(trim(request("name")),"'","")
password=md5(replace(trim(request("password")),"'",""))

if cstr(session("getcode"))<>cstr(trim(request("verifycode"))) then
response.Write "<script LANGUAGE='javascript'>alert('请输入正确的验证码!');history.go(-1);</script>"
response.end
end if

set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from master where name='"&admin&"' and password='"&password&"' " ,conn,1,1
if not(rs.bof or rs.eof) then
if password=rs("password") then
session("admin")=trim(rs("name"))
session("flag")=int(rs("flag"))
session.Timeout=20

rs.Close
set rs=nothing
response.Redirect "Admin_Index.asp"
else
response.write "<script LANGUAGE='javascript'>alert('对不起,登陆失败!');history.go(-1);</script>"

end if
else
response.write "<script LANGUAGE='javascript'>alert('对不起,登陆失败!');history.go(-1);</script>"

end if
%>
3 回复
#2
不夜星空2008-05-10 14:03
我是菜鸟,看不出什么问题来!
#3
yms1232008-05-10 15:10
set rs=server.CreateObject("adodb.recordset")
rs.Open "select * from master where name='"&admin&"' and password='"&password&"' " ,conn,1,1
if not(rs.bof or rs.eof) then
 '这里的判断很不理解master看名字像是管理员表,上面的查询和判断已经对密码做了判断,这里再次判断,个人感觉这个判断是多此一举。
 if password=rs("password") then
    session("admin")=trim(rs("name"))
    session("flag")=int(rs("flag"))
    session.Timeout=20
    rs.Close
    set rs=nothing
    response.Redirect "Admin_Index.asp"
 else
     response.write "<script LANGUAGE='javascript'>alert('对不起,登陆失败!');history.go(-1);</script>"
 end if
else
   response.write "<script LANGUAGE='javascript'>alert('对不起,登陆失败!');history.go(-1);</script>"

end if
#4
multiple19022008-05-10 16:07
语法的缩进要注意,不然这个endif……endif看起来头大
1
©2025, BC-CN.NET
电脑版