æ°æ®åºä½ç½®ï¼data/data.mdb
æ°æ®åºè¡¨ï¼user
id --name --pwd --wenti --daan
conn.asp
<%
db="data/data.mdb" 'æ°æ®åºåæ¾ç®å½
on error resume next
set conn=server.createobject("adodb.connection")
conn.open "driver={microsoft access driver (*.mdb)};dbq="&server.mappath(db)
if err then
err.clear
set conn = Nothing
response.write "æ°æ®åºè¿æ¥åºéï¼è¯·æ£æ¥conn.aspä¸çè¿æ¥å符串ã"
response.end
end if
function CloseDB
Conn.Close
set Conn=Nothing
End Function
%>
<%
dim badword
badword="'|and|select|update|chr|delete|%20from|;|insert|mid|master.|set|chr(37)|="
if request.QueryString<>"" then
chk=split(badword,"|")
for each query_name in request.querystring
for i=0 to ubound(chk)
if instr(lcase(request.querystring(query_name)),chk(i))<>0 then
response.write "<script language=javascript>alert('ä¼ åé误ï¼åæ° "&query_name&" çå¼ä¸å
å«éæ³å符串ï¼\n\n');location='"&request.ServerVariables("HTTP_REFERER")&"'</Script>"
response.end
end if
next
next
end if
%>
reg.asp
<!--#include file="conn.asp"-->
<%
if request("action")="reg" then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from user where name='"&trim(request("name"))&"'",conn,1,1
if rs.recordcount>0 then
response.write "<Script language='javascript'>window.alert('æ¨è¾å
¥çç¨æ·åå·²åå¨ï¼è¯·è¿åéæ°è¾å
¥ï¼');history.back(-1);</Script>"
response.End()
end if
sql="select * from user"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs.addnew
rs("name")=trim(request.Form("name"))
rs("pwd")=trim(request.Form("pwd"))
rs("wenti")=trim(request.Form("wenti"))
rs("daan")=trim(request.Form("daan"))
rs.update
rs.close
set rs=nothing
response.write "<script language=javascript> alert('注åæåï¼ç¹å»ç¡®å®ç«å³ç»å½ï¼');location.replace('login.asp');</script>"
response.end
end if
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>æ æ é¢ææ¡£</title>
</head>
<body><!--#include file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>ç¨æ·æ³¨å
<form name="form1" method="post" action="?action=reg" onSubmit="return chkform(this)">
<table width="347" border="1" cellpadding="5" cellspacing="0">
<tr>
<td width="142">ç¨æ·å</td>
<td width="179"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td>å¯ç </td>
<td><input name="pwd" type="password" id="pwd"></td>
</tr>
<tr>
<td>å¯ç æ示é®é¢</td>
<td><input name="wenti" type="text" id="wenti"></td>
</tr>
<tr>
<td>å¯ç æ示çæ¡</td>
<td><input name="daan" type="text" id="daan"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="注å">
<input type="reset" name="Submit" value="éç½®"> </td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</body>
</html>
top.asp
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><a href="index.asp">é¦é¡µ</a>
<%
if Session("name")="" then
%>
<a href="reg.asp">注å</a> <a href="login.asp">ç»é</a>
<a href="pwd.asp">å¿è®°å¯ç ï¼</a> <%
else
%>
欢è¿æ¨<%=Session("name")%>ï¼ <a href="loginout.asp">注éç»é</a>
<%
end if
%>
<a href="jiami.asp">å å¯é¡µ</a></td>
</tr>
</table>
login.asp
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>æ æ é¢ææ¡£</title>
</head>
<body><!--#include file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>
ç¨æ·ç»é
<%
if Session("name")="" then
%>
<form name="form1" method="post" action="loginok.asp?action=login" onSubmit="return chkform(this)">
<table border="1" cellspacing="0" cellpadding="5">
<tr>
<td width="116">ç¨æ·å</td>
<td width="116"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td>å¯ç </td>
<td><input name="pwd" type="password" id="pwd"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="ç»é">
<input type="reset" name="Submit" value="éç½®"></td>
</tr>
</table>
</form>
<%
else
%>
<table border="1" cellspacing="0" cellpadding="5">
<tr>
<td width="303"><%=Session("name")%>ï¼æ¨å·²ç»æåç»é</td>
</tr>
</table>
<%
end if
%>
</td>
</tr>
</table>
</body>
</html>
å»
http://bbs.tlsh365.com/showthread.asp?page=end&threadid=1745ççå§
åèèµæï¼http://bbs.tlsh365.com/showthread.asp?page=end&threadid=1745