数据库位置:data/data.mdb
数据库表:user id name pwd wenti daan
conn.asp
<% db="data/data.mdb" '数据库存放目录 on error resume next set conn=server.createobject("adodb.connection") conn.open "driver={microsoft access driver (*.mdb)};dbq="&server.mappath(db) if err then err.clear set conn = Nothing response.write "数据库连接出错,请检查conn.asp中的连接字符串。" response.end end if function CloseDB Conn.Close set Conn=Nothing End Function %> <% dim badword badword="'|and|select|update|chr|delete|%20from|;|insert|mid|master.|set|chr(37)|=" if request.QueryString<>"" then chk=split(badword,"|") for each query_name in request.querystring for i=0 to ubound(chk) if instr(lcase(request.querystring(query_name)),chk(i))<>0 then response.write "<script language=javascript>alert('传参错误!参数 "&query_name&" 的值中包含非法字符串!\n\n');location='"&request.ServerVariables ("HTTP_REFERER")&"'</Script>" response.end end if next next end if %>
reg.asp
<!--#i nclude file="conn.asp"--> <% if request("action")="reg" then set rs=server.CreateObject("adodb.recordset") rs.open "select * from user where name='"&trim(request("name"))&"'",conn,1,1 if rs.recordcount>0 then response.write "<Script language='JavaScript'>window.alert('您输入的用户名已存在,请返回重新输入!');history.back(-1);</Script>" response.End() end if sql="select * from user" set rs=server.createobject("adodb.recordset") rs.open sql,conn,1,3 rs.addnew rs("name")=trim(request.Form("name")) rs("pwd")=trim(request.Form("pwd")) rs("wenti")=trim(request.Form("wenti")) rs("daan")=trim(request.Form("daan")) rs.update rs.close set rs=nothing response.write "<script language=javascript> alert('注册成功,点击确定立即登录!');location.replace('login.asp');</script>" response.end end if %> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td>用户注册 <form name="form1" method="post" action="?action=reg" onsubmit="return chkform(this)"> <table width="347" border="1" cellpadding="5" cellspacing="0"> <tr> <td width="142">用户名</td> <td width="179"><input name="name" type="text" id="name"></td> </tr> <tr> <td>密码</td> <td><input name="pwd" type="password" id="pwd"></td> </tr> <tr> <td>密码提示问题</td> <td><input name="wenti" type="text" id="wenti"></td> </tr> <tr> <td>密码提示答案</td> <td><input name="daan" type="text" id="daan"></td> </tr> <tr> <td colspan="2"><input type="submit" name="Submit" value="注册"> <input type="reset" name="Submit" value="重置"> </td> </tr> </table> </form> </td> </tr> </table> </body> </html>
top.asp
<meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td><a href="/"";index.asp">首页</a> <% if Session("name")="" then %> <a href="/"";reg.asp">注册</a> <a href="/"";login.asp">登陆</a> <a href="/"";pwd.asp">忘记密码?</a> <% else %> 欢迎您<%=Session("name")%>, <a href="/"";loginout.asp">注销登陆</a> <% end if %> <a href="/"";jiami.asp">加密页</a></td> </tr> </table> <br>
login.asp
<!--#i nclude file="conn.asp"--> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td> 用户登陆 <% if Session("name")="" then %> <form name="form1" method="post" action="loginok.asp?action=login" onsubmit="return chkform(this)"> <table border="1" cellspacing="0" cellpadding="5"> <tr> <td width="116">用户名</td> <td width="116"><input name="name" type="text" id="name"></td> </tr> <tr> <td>密码</td> <td><input name="pwd" type="password" id="pwd"></td> </tr> <tr> <td colspan="2"><input type="submit" name="Submit" value="登陆"> <input type="reset" name="Submit" value="重置"></td> </tr> </table> </form> <% else %> <table border="1" cellspacing="0" cellpadding="5"> <tr> <td width="303"><%=Session("name")%>,您已经成功登陆</td> </tr> </table>
<% end if %> </td> </tr> </table> </body> </html>
loginok.asp
<!--#i nclude file="conn.asp"--> <% Session.TimeOut=30 if request("action")="login" then name=trim(request.form("name")) pwd=trim(request.form("pwd")) if name="" or pwd="" then Response.Redirect ("login.asp") end if set rs=server.createobject("adodb.recordset") sql="select * from user where name='"&name&"'and pwd='"&pwd&"'" rs.open sql,conn,1,1 if not rs.eof then session("name")=name response.redirect"edit.asp" else response.redirect"Error.asp" response.end end if end if %> loginout.asp
<% session("name")="" response.write "<script language=javascript> alert('退出登陆成功!');location.href('index.asp');</script>" response.end %> pwd.asp
<!--#i nclude file="conn.asp"--> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td><p>找回密码</p> <form name="form1" method="post" action="pwd2.asp?action=pwd"> <table width="398" border="1" cellpadding="5" cellspacing="0"> <tr> <td width="130">请输入用户名</td> <td width="168"><input name="name" type="text" id="name"></td> <td width="62"><input type="submit" name="Submit" value="查询"></td> </tr> </table> </form></td> </tr> </table> </body> </html>
pwd2.asp
<!--#i nclude file="conn.asp"--> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td> 找回密码 <%
name=trim(request.form("name")) set rs=server.createobject("adodb.recordset") sql="select * from user where name='"&name&"'" rs.open sql,conn,1,1 if not rs.eof then %>
<form name="form1" method="post" action="pwd3.asp"> <table width="398" border="1" cellpadding="5" cellspacing="0"> <tr> <td><%=rs("name")%></td> <td> </td> <td><input name="name" type="hidden" id="name" value="<%=rs("name")%>"></td> </tr> <tr> <td width="130">密码提示问题</td> <td width="168"><%=rs("wenti")%> </td> <td width="62"> </td> </tr> <tr> <td>密码提示答案</td> <td><input name="daan" type="text" id="daan"></td> <td><input type="submit" name="Submit" value="查询"></td> </tr> </table> </form> <% else %> <table width="413" border="1" cellpadding="5" cellspacing="0"> <tr> < td>你输入的用户名不存在,请<a href="/"";javascript:history.back()">返回</a>重新输入,或者<a href="/"";reg.asp">注册</a></td> </tr> </table>
<%end if
%> </td> </tr> </table> </body> </html>
pwd3.asp
<!--#i nclude file="conn.asp"--> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td> 找回密码 <%
name=trim(request.form("name")) daan=trim(request.form("daan")) set rs=server.createobject("adodb.recordset") sql="select * from user where name='"&name&"' and daan='"&daan&"'" rs.open sql,conn,1,1 if not rs.eof then %>
<table width="398" border="1" cellpadding="5" cellspacing="0"> <tr> <td width="130"><%=rs("name")%>,您的密码</td> <td><%=rs("pwd")%> </td> </tr>
</table>
<% else %> <table width="413" border="1" cellpadding="5" cellspacing="0"> <tr> <td>你输入的密码提示答案不正确,请<a href="/"";javascript:history.back()">返回</a>重新输入</td> </tr> </table>
<%end if
%> </td> </tr> </table> </body> </html>
error.asp
<!--#i nclude file="conn.asp"--> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td>登陆失败,请检查用户名和密码是否正确 <a href="/"";login.asp">返回</a></td> </tr> </table> </body> </html>
edit.asp
<!--#i nclude file="conn.asp"--> <% if request("action")="edit" then name=session("name") set rs=server.createobject("adodb.recordset") sql="select * from user where name='"&name&"'" rs.open sql,conn,3,2 rs("pwd")=trim(request.Form("pwd")) rs("daan")=trim(request.Form("daan")) rs.update rs.close set rs=nothing response.write "<script language=javascript>alert('编辑成功!');location.href('edit.asp');</script>" end if %> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312"> <title>无标题文档</title> </head> <body><!--#i nclude file="top.asp"--> <table width="90%" border="1" align="center" cellpadding="10" cellspacing="0"> <tr> <td><p>修改资料</p> <p> <% if Session("name")="" then %> 对不起你还没有登陆,请<a href="/"";login.asp">登陆</a>或者<a href="/"";reg.asp">注册</a> <% else %>
<% name=session("name") set rs=server.createobject("adodb.recordset") sql="select * from user where name='"&name&"'" rs.open sql,conn,1,1 %> </p> <form action="?action=edit" method="post" name="form" id="form"> <table border="1" cellpadding="5"> <tr> <td>用户名</td> <td><%=rs("name")%></td> </tr> <tr> <td>密码</td> <td><input name="pwd" type="text" id="pwd" value="<%=rs("pwd")%>"></td> </tr> <tr> <td>密码提示问题</td> <td><%=rs("wenti")%></td> </tr> <tr> <td>密码提示答案</td> <td><input name="daan" type="text" id="daan" value="<%=rs("daan")%>"></td> </tr> <tr> <td> </td> <td><input type="submit" name="Submit" value="修改"> <input type="reset" name="Submit" value="重置"></td> </tr> </table> </form> <p> <% end if %> </p></td> </tr> </table> </body> </html>
|
请发表评论