再问:登陆密码错误,显示源码内容,如何处理?
程序代码:<%
dim username,UserPassword,comeurl,passcode
username=FormatSQL(replace(trim(request.form("username")),"'",""))
UserPassword=md5(FormatSQL(replace(trim(request.Form("Password")),"'","")))
if trim(request.form("comeurl"))="" then
comeurl="index.asp"
else
comeurl=trim(request.form("comeurl"))
end if
if username="" or UserPassword="" then
response.Write "<script LANGUAGE='javascript'>alert('登录失败!请检查您的登录名和密码!');history.go(-1);</script>"
response.end
end if
passcode=request.form("passcode")
if passcode="" then
response.Write "<script LANGUAGE='javascript'>alert('登录失败!请输入您的验证码!');history.go(-1);</script>"
response.end
end if
passcode=Cint(request.form("passcode"))
if passcode<>Session("GetCode") then
response.Write "<script LANGUAGE='javascript'>alert('登录失败!验证码错误!');history.go(-1);</script>"
response.end
end if
set rs=server.CreateObject("adodb.recordset")
sql="select * from [user] where username='"&username&"' and Password='"&UserPassword&"' "
response.write sql
rs.Open sql,conn,1,3
if not(rs.bof and rs.eof) then
if UserPassword=rs("Password") then
response.Cookies("Huibo")("username")=trim(request.form("username"))
response.Cookies("vip")=rs("vip")
rs("Lastvst")=now()
rs("loginnum")=rs("loginnum")+1
rs.Update
rs.Close
set rs=nothing
call loginok()
else
response.write "<script LANGUAGE='javascript'>alert('登录失败,请检查您的登录名和密码!');history.go(-1);</script>"
end if
else
response.write "<script LANGUAGE='javascript'>alert('登录失败!请检查您的登录名和密码!');history.go(-1);</script>"
end if
sub loginok()
response.Write "<font size=2>欢迎 <font color=red size=2>"&request.Cookies("Huibo")("username")&"</font>,光临两秒种后将自动跳转到相应页!</font>"
response.redirect comeurl
end sub
conn.close
set conn = nothing
%>代码如上述密码正确能正常登陆
当密码错误的时候居然显示[select * from [user] where username='输入的用户名' and Password='输入的密码(加密后的)']
请问:如何处理,不显示?
