asp用户登陆代码
求asp用户登陆代码,琏接数据库是Access的.要有注解和带有注册(reg.asp)的更好,写好再加分!十分感谢!谢谢海棠水晶!不过代码显示有错误:错误类型:Micro...
求asp用户登陆代码,琏接数据库是Access的.要有注解和带有注册(reg.asp)的更好,写好再加分!十分感谢!
谢谢海棠水晶!不过代码显示有错误:
错误类型:
Microsoft VBScript 编译器错误 (0x800A0401)
语句未结束
/zhidao/Conn.Asp, line 2, column 41
connstr = "DBQ=" + server.mappathuser.mdb") + ";DRIVER={Microsoft Access Driver (*.mdb)}"
----------------------------------------^ 展开
谢谢海棠水晶!不过代码显示有错误:
错误类型:
Microsoft VBScript 编译器错误 (0x800A0401)
语句未结束
/zhidao/Conn.Asp, line 2, column 41
connstr = "DBQ=" + server.mappathuser.mdb") + ";DRIVER={Microsoft Access Driver (*.mdb)}"
----------------------------------------^ 展开
2个回答
展开全部
<!--引入md5加密函数文件-->
<!--#include file="md5.asp"-->
<%
Dim cnn
const DB_SOURCE = "database.mdb"
On Error Resume Next
Dim conn_string
conn_string = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath(DB_SOURCE)
Set cnn = Server.CreateObject("ADODB.Connection")
cnn.Open conn_string
If Err Then
Err.Clear
Response.Write "连接数据库错误, 请检查数据库连接!"
Response.End
End If
' 获取提交表单参数值
Dim user, pass
user = Trim(Request.Form("user"))
pass = Trim(Request.Form("pass"))
'---------------------
' 登录验证
' table: sys_users
' username: su_username
' password: su_password 32位md5加密
' 为更好地防止注入,验证采用md5加密的密码进行验证,
' 先搜索是否有这个密码,然后根据密码再去找用户
' 而不是先找用户再去验证密码
'---------------------
pass = md5(pass, 32) '对提交的密码参数进行加密
Dim sql, rs
sql = "SELECT * FROM sys_user WHERE su_password = '" & pass & "'"
Set rs = cnn.Execute(sql)
If Not rs.Eof Then
While Not rs.Eof
If LCase(Trim(rs("su_username"))) = LCase(user) Then
'如果区分用户名大小写,请去掉两边的lcase函数
'找到用户名,登录成功
Session("username") = user
Session("password") = pass
Response.Redirect "index.asp"
End If
rs.MoveNext
'循环到最后还没找到匹配的记录,即找不到用户名,登录失败
Wend
End If
'找不到这个密码,登录失败
'或者找不到这个匹配用户,登录失败
Response.Write "登录失败"
Response.End
Set rs = Nothing
cnn.close
Set cnn = Nothing
%>
<!--#include file="md5.asp"-->
<%
Dim cnn
const DB_SOURCE = "database.mdb"
On Error Resume Next
Dim conn_string
conn_string = "Provider=Microsoft.Jet.OLEDB.4.0; Data Source=" & Server.MapPath(DB_SOURCE)
Set cnn = Server.CreateObject("ADODB.Connection")
cnn.Open conn_string
If Err Then
Err.Clear
Response.Write "连接数据库错误, 请检查数据库连接!"
Response.End
End If
' 获取提交表单参数值
Dim user, pass
user = Trim(Request.Form("user"))
pass = Trim(Request.Form("pass"))
'---------------------
' 登录验证
' table: sys_users
' username: su_username
' password: su_password 32位md5加密
' 为更好地防止注入,验证采用md5加密的密码进行验证,
' 先搜索是否有这个密码,然后根据密码再去找用户
' 而不是先找用户再去验证密码
'---------------------
pass = md5(pass, 32) '对提交的密码参数进行加密
Dim sql, rs
sql = "SELECT * FROM sys_user WHERE su_password = '" & pass & "'"
Set rs = cnn.Execute(sql)
If Not rs.Eof Then
While Not rs.Eof
If LCase(Trim(rs("su_username"))) = LCase(user) Then
'如果区分用户名大小写,请去掉两边的lcase函数
'找到用户名,登录成功
Session("username") = user
Session("password") = pass
Response.Redirect "index.asp"
End If
rs.MoveNext
'循环到最后还没找到匹配的记录,即找不到用户名,登录失败
Wend
End If
'找不到这个密码,登录失败
'或者找不到这个匹配用户,登录失败
Response.Write "登录失败"
Response.End
Set rs = Nothing
cnn.close
Set cnn = Nothing
%>
本回答由提问者推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
login.asp:
<form name="login" method="post" action="after_login.asp">
用户名:<input name="user_name" size="12" maxlength="16">密 码:<input name="password" size="12" type="password" maxlength="16">
<input align="absMiddle" id="image1" name="image1" src="images/login.gif" type="image" WIDTH="37" HEIGHT="20">
</form>
coon.asp:
<%
connstr = "DBQ=" + server.mappathuser.mdb") + ";DRIVER={Microsoft Access Driver (*.mdb)}"
Set conn=Server.createobject("ADODB.CONNECTION")
conn.Open connstr
%>
外加after_login.asp登录验证页面:
<!--#include file="Conn.Asp"-->
<%
Dim UserName,PassWord
UserName=replace(trim(Request.Form("Username")),"'","‘")
PassWord=replace(trim(Request.Form("PassWord")),"'","‘")
If UserName="" or PassWord="" Then
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员帐号和密码未填。');history.back();</script>")
Response.end
End If
if Instr(UserName,">")>0 or Instr(UserName,"<")>0 or Instr(UserName,"=")>0 or Instr(UserName,"%")>0 or Instr(UserName,chr(32))>0 or Instr(UserName,"?")>0 or Instr(UserName,"&")>0 or Instr(UserName,";")>0 or Instr(UserName,",")>0 or Instr(UserName,"'")>0 or Instr(UserName,chr(34))>0 or Instr(UserName,chr(9))>0 or Instr(UserName," ")>0 or Instr(UserName,"$")>0 then
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员含有非法字符!');history.back();</script>")
Response.end
else
UserName=Trim(UserName)
end if
set rs=server.createobject("adodb.recordset")
sql="select * from [user] where UserName='"&UserName&"'"
rs.open sql,conn,1,3
if rs.eof then
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员帐号错误。');history.back();</script>")
Response.end
else
if rs("PassWord")<>PassWord then
rs.close
set rs=nothing
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员密码错误。');history.back();</script>")
Response.end
else
session("UserName")=UserName'登录成功传递一个session值以便以后调用用户相关
session.timeout=300
end if
end if
rs.close
set rs=nothing
CloseDatabase
%>
<form name="login" method="post" action="after_login.asp">
用户名:<input name="user_name" size="12" maxlength="16">密 码:<input name="password" size="12" type="password" maxlength="16">
<input align="absMiddle" id="image1" name="image1" src="images/login.gif" type="image" WIDTH="37" HEIGHT="20">
</form>
coon.asp:
<%
connstr = "DBQ=" + server.mappathuser.mdb") + ";DRIVER={Microsoft Access Driver (*.mdb)}"
Set conn=Server.createobject("ADODB.CONNECTION")
conn.Open connstr
%>
外加after_login.asp登录验证页面:
<!--#include file="Conn.Asp"-->
<%
Dim UserName,PassWord
UserName=replace(trim(Request.Form("Username")),"'","‘")
PassWord=replace(trim(Request.Form("PassWord")),"'","‘")
If UserName="" or PassWord="" Then
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员帐号和密码未填。');history.back();</script>")
Response.end
End If
if Instr(UserName,">")>0 or Instr(UserName,"<")>0 or Instr(UserName,"=")>0 or Instr(UserName,"%")>0 or Instr(UserName,chr(32))>0 or Instr(UserName,"?")>0 or Instr(UserName,"&")>0 or Instr(UserName,";")>0 or Instr(UserName,",")>0 or Instr(UserName,"'")>0 or Instr(UserName,chr(34))>0 or Instr(UserName,chr(9))>0 or Instr(UserName," ")>0 or Instr(UserName,"$")>0 then
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员含有非法字符!');history.back();</script>")
Response.end
else
UserName=Trim(UserName)
end if
set rs=server.createobject("adodb.recordset")
sql="select * from [user] where UserName='"&UserName&"'"
rs.open sql,conn,1,3
if rs.eof then
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员帐号错误。');history.back();</script>")
Response.end
else
if rs("PassWord")<>PassWord then
rs.close
set rs=nothing
Response.Write ("<script>alert('会员登陆失败!\n\n错误原因:会员密码错误。');history.back();</script>")
Response.end
else
session("UserName")=UserName'登录成功传递一个session值以便以后调用用户相关
session.timeout=300
end if
end if
rs.close
set rs=nothing
CloseDatabase
%>
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
