请各位帮忙看一下,这个代码?我怀疑这个代码有安全性的问题?情况是数据库里被人植入了一个管理账号,无法删除.也无法修改
密码与用户名输入正确后,无法登陆,提示:A96YC609G44.asp文件名出错,无法修改!
请各位帮着看一下这个登陆验证程序代码,有没有问题?
<!--#include file="conn.asp"-->
<!--#include file="../inc/check_inc.asp"-->
<!--#include file="../md5/md5.asp"-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title></title>
</head>
<body>
<%
dim rs,username,password,verifyCode,TimeNow
'读数据
username=sqlchg(request.Form("username"))
password=md5(sqlchg(request.Form("password")))
verifyCode=request.Form("verifyCode")
'判断验证码
if Cint(verifyCode) <> Cint(session("verifyCode")) then
response.Write("<script language=javascript>alert('验证码错误');window.location.href='admin_login.asp';</script>")
response.End()
end if
'判断用户是否存在
set rs=conn.execute("select count(*) from administrator where adminUsername='"&username&"' and adminPassword='"&password&"'")
if rs(0)=0 then
response.Write("<script language=javascript>alert('用户名或者密码错误');window.location.href='admin_login.asp';</script>")
response.End()
else
'重写上传文件
dim rs_file,objfso,upfile,upload,upfile1,upload1
'生成随即文件名
dim ychar,yc,ycodenum,ycode,i
ychar="0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z"
yc=split(ychar,",") '将字符串生成数组
ycodenum=10
for i=1 to ycodenum
Randomize
ycode=ycode&yc(Int((35*Rnd))) '数组一般从0开始读取,所以这里为35*Rnd
next
upfile = "A"&ycode&".asp"
ycode = ""
for i=1 to ycodenum
Randomize
ycode=ycode&yc(Int((35*Rnd))) '数组一般从0开始读取,所以这里为35*Rnd
next
upload = "A"&ycode&".asp"
'安全上传改文件名
set rs_file=server.CreateObject("adodb.recordset")
rs_file.open"select upfile,upload from webconfig",conn,1,3
upfile1 = rs_file("upfile")
upload1 = rs_file("upload")
rs_file("upfile") = upfile
rs_file("upload") = upload
'改文件名
set objfso=server.CreateObject("scripting.filesystemobject")
if objfso.fileexists(server.mappath("../"&upfile1)) then
objfso.movefile server.MapPath("../"&upfile1),server.MapPath("../"&upfile)
else
response.Write(server.mappath("../"&upfile1))
response.Write("文件名出错,无法修改!")
response.End()
end if
if objfso.fileexists(server.mappath("../"&upload1)) then
objfso.movefile server.MapPath("../"&upload1),server.MapPath("../"&upload)
else
response.Write(server.mappath("../"&upload1))
response.Write("文件名出错,无法修改!")
response.End()
end if
set objfso=nothing
rs_file.update
rs_file.close
set rs_file=nothing
'记录登入时间
TimeNow = now()
conn.execute("Update Administrator set adminLastLoginDate = '"&TimeNow&"' where adminUsername = '"&username&"'")
'登入
if Session("UserName") = "" then
'session("UserName")="管理员"
'Session("LevelNum")=100
session("adminUsername")=username
session.Timeout=20
else
session("adminUsername")=username
session.Timeout=20
end if
response.Write("<script language=javascript>window.location.href='index.asp';</script>")
response.End()
end if
%>
<!--#include file="inc/closeconn_inc.asp"-->
</body>
</html>
rml2sZiI.txt
