我做了一个会员登入页面,我是网上申请的免费asp空间,然后我写了一个 p的文件,代码如下:
我做了一个会员登入页面,我是网上申请的免费asp空间,然后我写了一个 p的文件,代码如下: 然后,我在login页面输入了 p内有一个if代码如下MM_LoginAction = Request.ServerVariables("URL")If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)MM_valUsername=CStr(Request.Form("username"))If MM_valUsername <> "" Then MM_fldUserAuthorization="" MM_redirectLoginSuccess=" p" MM_redirectLoginFailed=" p" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_conn_STRING MM_rsUser.Source = "SELECT username, password" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM tadmin WHERE username='" & Replace(MM_valUsername,"'","''") &"' AND password='" & Replace(Request.Form("password"),"'","''") & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And false Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed)End If然后我输入任意一个与数据库原始数据不符的帐号登入测试,发现并没有跳到error页面,竟然都与填入正确数据一样进入了browse页面,是不是我没有成功与数据库相连啊?
展开
全部