我做的网站一直有个隐形人，说他是隐形人就是他能跳过我任何的判断语句，比如网站上看图片要收费，他就可以随便看。在我的消费记录表中，显示ID为空，这说明他的身份是游客，我就想不明白，他怎样跳过我的限制呢？？
或者用其他方法，声明一下，我的网站以前被人入侵过，不过现在应该干净了。

我的判断代码是这样的，大家看看有什么漏洞不？？？？先谢过了。
<%if session("U_id")="" and session("C_id")="" then
response.write("<script>alert('对不起，您还没有登陆！');location.href='login1.asp';</script>")
%>
<%else%>
<%
if session("leixing")=0 then
set rs1=server.createobject("adodb.recordset")
sql1="select U_id,User_his,W_id,W_point from User_com where U_id='"&session("U_id")&"' and W_id='"&id&"'"
rs1.open sql1,conn,1,3
if rs1("User_his")<rs1("W_point") then
response.write("<script>alert('您的余额不足，请充值！');location.href='about/member.asp';</script>")
response.End
else
rs1("User_his")=rs1("User_his")-rs1("W_point")
rs1.update
rs1.close
set rs1=nothing
end if
else if session("leixing")=1 then
set rs2=server.createobject("adodb.recordset")
sql2="select C_id,Company_glodhis,W_id,W_point from Com_work where C_id='"&session("C_id")&"' and W_id='"&id&"'"
rs2.open sql2,conn,1,3
if rs2("Company_glodhis")<rs2("W_point") then
response.write("<script>alert('您的素材余额不足，请充值！');location.href='about/member0.asp';</script>")
response.End
else
rs2("Company_glodhis")=rs2("Company_glodhis")-rs2("W_point")
rs2.update
rs2.close
set rs2=nothing
end if
end if
end if
%>
<%end if%>

他的IP我是看的到的。。。

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" >
<title>游客登陆界面</title>
<script language="javascript">
<!--
function checkform()
{
if(document.login.name.value==""){
alert("请输入用户名！");
document.login.name.focus();
return false;
}
if(document.login.password.value==""){
alert("请输入密码！");
document.login.password.focus();
return false;
}
if(document.login.Checkcode.value==""){
alert("验证码不能为空！");
document.login.Checkcode.focus();
return false;
}
}
//-->
</script>
<style type="text/css">
<!--
td{color:#FFFFFF}
-->
</style>
<%
Dim num1
Dim rndnum
Randomize
Do While Len(rndnum)<4
num1=CStr(Chr((57-48)*rnd+48))
rndnum=rndnum&num1
Loop
session("Checkcode")=rndnum
%>
<link href="css/index.css" rel="stylesheet" type="text/css"></head>
<body bgcolor="#000000">
<p>&nbsp;</p>
<table width="900" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td height="108" colspan="2"><!--#include file="top.asp"--></td>
</tr>
<tr>
<td height="388">&nbsp;</td>
<td width="743" align="center" valign="top"><p>&nbsp;</p>
<table width="900" border="0" align="center" cellspacing="0">
<tr>
<td align="right"><table style="border-style:dotted; border-color:#666666; border-width:thin" width="90%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#333333">
<tr>
<td height="18" class="xiaobiao"><font size=2>尽快加入作品交易会员----</font></td>
</tr>
<tr>
<td height="18"><span class="whitexiaobiao">即可点击下载</span>由全国设计师提供的包含(效果图、尺寸图、矢量图、工艺制作说明)的成套成衣作品。</td>
</tr>
<tr>
<td height=1>&nbsp;</td>
</tr>
<tr>
<td height="18">超过<span class="hot">10,000,000</span>幅最新最全欧美、日韩服装款式、设计手稿、时尚杂志、时装秀、橱窗照片等各类图库<span class="xiaobiao">免费提供</span></td>
</tr>
<tr>
<td height="18">纵览全球最新流行款式，打造热卖爆款。</td>
</tr>
<tr>
<td height="18" align="left">　　　　　　　　　　　　　　 　　　　　　　　　　　　<span class="xiaobiao"> ·<a href="index.asp" target="_parent">返回首页</a>　　</span></td>
</tr>
<tr>
<td height="3" class="xiaobiao"></td>
</tr>
<tr>
<td height="18" class="xiaobiao">　　　　　　　　　　　　　　　　　　　　　　　　　·<a href="../about/member0.asp">查看资费标准</a></td>
</tr>
<tr>
<td height="3" class="xiaobiao"></td>
</tr>
<tr>
<td height="18" class="xiaobiao">　　　　　　　　　　　　　　　　　　　　　　　　　·<a href="../about/payment.asp" class="xiaobiao">联系我们　进行充值</a></td>
</tr>
<tr>
<td height="18" class="black">&nbsp;</td>
</tr>
<tr>
<td height="18" align="center" class="whitexiaobiao">中国服装站欢迎您的加盟！</td>
</tr>
<tr>
<td height="18">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<br>
<br>
<table width="900" border="0" align="center" cellspacing="0">
<tr>
<td width="26%" align="center"><table width="181" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="183" height="305" bgcolor="#CCFF00"><a href="guanggao.asp"><img src="images/guanggaogeishejishide.jpg" width="180" height="300" border="0"></a></td>
</tr>
</table></td>
<td width="74%" align="center"><form action ="checkname.asp" method="post" name="login" onSubmit="return checkform();">
<br>
<br>
<br>
<%if session("U_id")="" and session("C_id")="" then%>
<table width="80%" border="1" cellspacing="0" cellpadding="0" bordercolor="#663366">
<tr>
<td height="30" colspan="3" align="center" valign="middle" class="whitexiaobiao">! 注册即可上传作品 ! </td>
</tr>
<tr>
<td height="58" colspan="3" align="center"><font size="+3"><strong>用 户 登 陆</strong></font></td>
</tr>
<tr>
<td width="20%" height="33" align="right">账 号：</td>
<td width="41%"><input name="name" type="text" class="brown"></td>
<td width="39%" align="center"> <a href="/company/reg_item.asp">厂商注册</a> <a href="/person/person_tiaokuan.asp">设计师注册</a></td>
</tr>
<tr>
<td height="33" align="right" width="20%">密 码：</td>
<td><input name="password" type="password" class="brown"></td>
<td rowspan="2" align="center"><input type="submit" name="Submit" value="登陆">&nbsp;
<a href="zhaohuimima.asp"><input type="button" name="Submit2" value="忘密"></a></td>
</tr>
<tr>
<td height="33" width="20%" align="right">验证码：</td>
<td bgcolor="#ECE9D8"><input name="Checkcode" type="text" class="brown" size="10"><font color=#000000><strong><%=session("Checkcode")%></strong></font></td>
</tr>
<tr>
<td height="46" colspan="3" align="center"><input type="radio" name="r1" value="0" checked="checked">
设计师 <input type="radio" name="r1" value="1">
厂商 </td>
</tr>
</table>
<%else if session("U_id")<>"" then%>
<table width="175" border="1" bordercolor="#333333" style="table-layout: fixed;WORD-BREAK: break-all; WORD-WRAP: break-word">
<tr>
<td height="40" class="whitexi">&nbsp;欢迎您，<%=session("User_id")%>用户</td>
</tr>
<tr>
<td class="whitexi"><a href="person/default.asp">我的首页</a>&nbsp;&nbsp;&nbsp;&nbsp;
<a href="person/person_exit.asp">退出登陆</a></td>
</tr>
</table>
<% else if session("C_id")<>"" then %>
<table width="175" border="1" bordercolor="#333333" style="table-layout: fixed;WORD-BREAK: break-all; WORD-WRAP: break-word">
<tr>
<td height="40" class="whitexi">&nbsp;欢迎您，<%=session("user")%>用户</td>
</tr>
<tr>
<td class="whitexi"><a href="company/default.asp">我的首页</a>&nbsp;&nbsp;&nbsp;&nbsp;
<a href="company/company_exit.asp">退出登陆</a></td>
</tr>
</table>

<% end if %>
<% end if %>
<% end if %>

<br>
<br>
<br>
<br>
<br>
<br>
</form></td>
</tr>
</table>
<br> </td>
</tr>
<tr>
<td height="121" colspan="2"><!--#include file="bottom.asp"--></td>
</tr>
</table>

</body>
</html>
应该不会和这个页面有关系吧？？

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" >
<title>游客登陆界面</title>
<script language="javascript">
<!--
function checkform()
{
if(document.login.name.value==""){
alert("请输入用户名！");
document.login.name.focus();
return false;
}
if(document.login.password.value==""){
alert("请输入密码！");
document.login.password.focus();
return false;
}
if(document.login.Checkcode.value==""){
alert("验证码不能为空！");
document.login.Checkcode.focus();
return false;
}
}
//-->
</script>
<style type="text/css">
<!--
td{color:#FFFFFF}
-->
</style>
<%
Dim num1
Dim rndnum
Randomize
Do While Len(rndnum)<4
num1=CStr(Chr((57-48)*rnd+48))
rndnum=rndnum&num1
Loop
session("Checkcode")=rndnum
%>
<link href="css/index.css" rel="stylesheet" type="text/css"></head>
<body bgcolor="#000000">
<p>&nbsp;</p>
<table width="900" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td height="108" colspan="2"><!--#include file="top.asp"--></td>
</tr>
<tr>
<td height="388">&nbsp;</td>
<td width="743" align="center" valign="top"><p>&nbsp;</p>
<table width="900" border="0" align="center" cellspacing="0">
<tr>
<td align="right"><table style="border-style:dotted; border-color:#666666; border-width:thin" width="90%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#333333">
<tr>
<td height="18" class="xiaobiao"><font size=2>尽快加入作品交易会员----</font></td>
</tr>
<tr>
<td height="18"><span class="whitexiaobiao">即可点击下载</span>由全国设计师提供的包含(效果图、尺寸图、矢量图、工艺制作说明)的成套成衣作品。</td>
</tr>
<tr>
<td height=1>&nbsp;</td>
</tr>
<tr>
<td height="18">超过<span class="hot">10,000,000</span>幅最新最全欧美、日韩服装款式、设计手稿、时尚杂志、时装秀、橱窗照片等各类图库<span class="xiaobiao">免费提供</span></td>
</tr>
<tr>
<td height="18">纵览全球最新流行款式，打造热卖爆款。</td>
</tr>
<tr>
<td height="18" align="left">　　　　　　　　　　　　　　 　　　　　　　　　　　　<span class="xiaobiao"> ·<a href="index.asp" target="_parent">返回首页</a>　　</span></td>
</tr>
<tr>
<td height="3" class="xiaobiao"></td>
</tr>
<tr>
<td height="18" class="xiaobiao">　　　　　　　　　　　　　　　　　　　　　　　　　·<a href="../about/member0.asp">查看资费标准</a></td>
</tr>
<tr>
<td height="3" class="xiaobiao"></td>
</tr>
<tr>
<td height="18" class="xiaobiao">　　　　　　　　　　　　　　　　　　　　　　　　　·<a href="../about/payment.asp" class="xiaobiao">联系我们　进行充值</a></td>
</tr>
<tr>
<td height="18" class="black">&nbsp;</td>
</tr>
<tr>
<td height="18" align="center" class="whitexiaobiao">中国服装站欢迎您的加盟！</td>
</tr>
<tr>
<td height="18">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<br>
<br>
<table width="900" border="0" align="center" cellspacing="0">
<tr>
<td width="26%" align="center"><table width="181" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="183" height="305" bgcolor="#CCFF00"><a href="guanggao.asp"><img src="images/guanggaogeishejishide.jpg" width="180" height="300" border="0"></a></td>
</tr>
</table></td>
<td width="74%" align="center"><form action ="checkname.asp" method="post" name="login" onSubmit="return checkform();">
<br>
<br>
<br>
<%if session("U_id")="" and session("C_id")="" then%>
<table width="80%" border="1" cellspacing="0" cellpadding="0" bordercolor="#663366">
<tr>
<td height="30" colspan="3" align="center" valign="middle" class="whitexiaobiao">! 注册即可上传作品 ! </td>
</tr>
<tr>
<td height="58" colspan="3" align="center"><font size="+3"><strong>用 户 登 陆</strong></font></td>
</tr>
<tr>
<td width="20%" height="33" align="right">账 号：</td>
<td width="41%"><input name="name" type="text" class="brown"></td>
<td width="39%" align="center"> <a href="/company/reg_item.asp">厂商注册</a> <a href="/person/person_tiaokuan.asp">设计师注册</a></td>
</tr>
<tr>
<td height="33" align="right" width="20%">密 码：</td>
<td><input name="password" type="password" class="brown"></td>
<td rowspan="2" align="center"><input type="submit" name="Submit" value="登陆">&nbsp;
<a href="zhaohuimima.asp"><input type="button" name="Submit2" value="忘密"></a></td>
</tr>
<tr>
<td height="33" width="20%" align="right">验证码：</td>
<td bgcolor="#ECE9D8"><input name="Checkcode" type="text" class="brown" size="10"><font color=#000000><strong><%=session("Checkcode")%></strong></font></td>
</tr>
<tr>
<td height="46" colspan="3" align="center"><input type="radio" name="r1" value="0" checked="checked">
设计师 <input type="radio" name="r1" value="1">
厂商 </td>
</tr>
</table>
<%else if session("U_id")<>"" then%>
<table width="175" border="1" bordercolor="#333333" style="table-layout: fixed;WORD-BREAK: break-all; WORD-WRAP: break-word">
<tr>
<td height="40" class="whitexi">&nbsp;欢迎您，<%=session("User_id")%>用户</td>
</tr>
<tr>
<td class="whitexi"><a href="person/default.asp">我的首页</a>&nbsp;&nbsp;&nbsp;&nbsp;
<a href="person/person_exit.asp">退出登陆</a></td>
</tr>
</table>
<% else if session("C_id")<>"" then %>
<table width="175" border="1" bordercolor="#333333" style="table-layout: fixed;WORD-BREAK: break-all; WORD-WRAP: break-word">
<tr>
<td height="40" class="whitexi">&nbsp;欢迎您，<%=session("user")%>用户</td>
</tr>
<tr>
<td class="whitexi"><a href="company/default.asp">我的首页</a>&nbsp;&nbsp;&nbsp;&nbsp;
<a href="company/company_exit.asp">退出登陆</a></td>
</tr>
</table>

<% end if %>
<% end if %>
<% end if %>

<br>
<br>
<br>
<br>
<br>
<br>
</form></td>
</tr>
</table>
<br> </td>
</tr>
<tr>
<td height="121" colspan="2"><!--#include file="bottom.asp"--></td>
</tr>
</table>

</body>
</html>
谢谢了，大侠！！！

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" >
<title>游客登陆界面</title>
<script language="javascript">
<!--
function checkform()
{
if(document.login.name.value==""){
alert("请输入用户名！");
document.login.name.focus();
return false;
}
if(document.login.password.value==""){
alert("请输入密码！");
document.login.password.focus();
return false;
}
if(document.login.Checkcode.value==""){
alert("验证码不能为空！");
document.login.Checkcode.focus();
return false;
}
}
//-->
</script>
<style type="text/css">
<!--
td{color:#FFFFFF}
-->
</style>
<%
Dim num1
Dim rndnum
Randomize
Do While Len(rndnum)<4
num1=CStr(Chr((57-48)*rnd+48))
rndnum=rndnum&num1
Loop
session("Checkcode")=rndnum
%>
<link href="css/index.css" rel="stylesheet" type="text/css"></head>
<body bgcolor="#000000">
<p>&nbsp;</p>
<table width="900" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td height="108" colspan="2"><!--#include file="top.asp"--></td>
</tr>
<tr>
<td height="388">&nbsp;</td>
<td width="743" align="center" valign="top"><p>&nbsp;</p>
<table width="900" border="0" align="center" cellspacing="0">
<tr>
<td align="right"><table style="border-style:dotted; border-color:#666666; border-width:thin" width="90%" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#333333">
<tr>
<td height="18" class="xiaobiao"><font size=2>尽快加入作品交易会员----</font></td>
</tr>
<tr>
<td height="18"><span class="whitexiaobiao">即可点击下载</span>由全国设计师提供的包含(效果图、尺寸图、矢量图、工艺制作说明)的成套成衣作品。</td>
</tr>
<tr>
<td height=1>&nbsp;</td>
</tr>
<tr>
<td height="18">超过<span class="hot">10,000,000</span>幅最新最全欧美、日韩服装款式、设计手稿、时尚杂志、时装秀、橱窗照片等各类图库<span class="xiaobiao">免费提供</span></td>
</tr>
<tr>
<td height="18">纵览全球最新流行款式，打造热卖爆款。</td>
</tr>
<tr>
<td height="18" align="left">　　　　　　　　　　　　　　 　　　　　　　　　　　　<span class="xiaobiao"> ·<a href="index.asp" target="_parent">返回首页</a>　　</span></td>
</tr>
<tr>
<td height="3" class="xiaobiao"></td>
</tr>
<tr>
<td height="18" class="xiaobiao">　　　　　　　　　　　　　　　　　　　　　　　　　·<a href="../about/member0.asp">查看资费标准</a></td>
</tr>
<tr>
<td height="3" class="xiaobiao"></td>
</tr>
<tr>
<td height="18" class="xiaobiao">　　　　　　　　　　　　　　　　　　　　　　　　　·<a href="../about/payment.asp" class="xiaobiao">联系我们　进行充值</a></td>
</tr>
<tr>
<td height="18" class="black">&nbsp;</td>
</tr>
<tr>
<td height="18" align="center" class="whitexiaobiao">中国服装站欢迎您的加盟！</td>
</tr>
<tr>
<td height="18">&nbsp;</td>
</tr>
</table></td>
</tr>
</table>
<br>
<br>
<table width="900" border="0" align="center" cellspacing="0">
<tr>
<td width="26%" align="center"><table width="181" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="183" height="305" bgcolor="#CCFF00"><a href="guanggao.asp"><img src="images/guanggaogeishejishide.jpg" width="180" height="300" border="0"></a></td>
</tr>
</table></td>
<td width="74%" align="center"><form action ="checkname.asp" method="post" name="login" onSubmit="return checkform();">
<br>
<br>
<br>
<%if session("U_id")="" and session("C_id")="" then%>
<table width="80%" border="1" cellspacing="0" cellpadding="0" bordercolor="#663366">
<tr>
<td height="30" colspan="3" align="center" valign="middle" class="whitexiaobiao">! 注册即可上传作品 ! </td>
</tr>
<tr>
<td height="58" colspan="3" align="center"><font size="+3"><strong>用 户 登 陆</strong></font></td>
</tr>
<tr>
<td width="20%" height="33" align="right">账 号：</td>
<td width="41%"><input name="name" type="text" class="brown"></td>
<td width="39%" align="center"> <a href="/company/reg_item.asp">厂商注册</a> <a href="/person/person_tiaokuan.asp">设计师注册</a></td>
</tr>
<tr>
<td height="33" align="right" width="20%">密 码：</td>
<td><input name="password" type="password" class="brown"></td>
<td rowspan="2" align="center"><input type="submit" name="Submit" value="登陆">&nbsp;
<a href="zhaohuimima.asp"><input type="button" name="Submit2" value="忘密"></a></td>
</tr>
<tr>
<td height="33" width="20%" align="right">验证码：</td>
<td bgcolor="#ECE9D8"><input name="Checkcode" type="text" class="brown" size="10"><font color=#000000><strong><%=session("Checkcode")%></strong></font></td>
</tr>
<tr>
<td height="46" colspan="3" align="center"><input type="radio" name="r1" value="0" checked="checked">
设计师 <input type="radio" name="r1" value="1">
厂商 </td>
</tr>
</table>
<%else if session("U_id")<>"" then%>
<table width="175" border="1" bordercolor="#333333" style="table-layout: fixed;WORD-BREAK: break-all; WORD-WRAP: break-word">
<tr>
<td height="40" class="whitexi">&nbsp;欢迎您，<%=session("User_id")%>用户</td>
</tr>
<tr>
<td class="whitexi"><a href="person/default.asp">我的首页</a>&nbsp;&nbsp;&nbsp;&nbsp;
<a href="person/person_exit.asp">退出登陆</a></td>
</tr>
</table>
<% else if session("C_id")<>"" then %>
<table width="175" border="1" bordercolor="#333333" style="table-layout: fixed;WORD-BREAK: break-all; WORD-WRAP: break-word">
<tr>
<td height="40" class="whitexi">&nbsp;欢迎您，<%=session("user")%>用户</td>
</tr>
<tr>
<td class="whitexi"><a href="company/default.asp">我的首页</a>&nbsp;&nbsp;&nbsp;&nbsp;
<a href="company/company_exit.asp">退出登陆</a></td>
</tr>
</table>

<% end if %>
<% end if %>
<% end if %>

<br>
<br>
<br>
<br>
<br>
<br>
</form></td>
</tr>
</table>
<br> </td>
</tr>
<tr>
<td height="121" colspan="2"><!--#include file="bottom.asp"--></td>
</tr>
</table>

</body>
</html>
不会和这个有关系吧

客户端我也有验证的代码啊~
他不会也能跳过吧？
我现在都不知道是怎样跳过的，知道了我就有方法屏蔽他了。