答案:
数据库位置:data/data.mdb
数据库表:user
id name pwd wenti daan
conn.asp
<%
db="data/data.mdb" '数据库存放目录
on error resume next
set conn=server.createobject("adodb.connection")
conn.open "driver={microsoft access driver (*.mdb)};dbq="&server.mappath(db)
if err then
err.clear
set conn = Nothing
response.write "数据库连接出错,请检查conn.asp中的连接字符串。"
response.end
end if
function CloseDB
Conn.Close
set Conn=Nothing
End Function
%>
<%
dim badword
badword="'|and|select|update|chr|delete|%20from|;|insert|mid|master.|set|chr(37)|="
if request.QueryString<>"" then
chk=split(badword,"|")
for each query_name in request.querystring
for i=0 to ubound(chk)
if instr(lcase(request.querystring(query_name)),chk(i))<>0 then
response.write "<script language=javascript>alert('传参错误!参数 "&query_name&" 的值中包含非法字符串!\n\n');location='"&request.ServerVariables ("HTTP_REFERER")&"'</Script>"
response.end
end if
next
next
end if
%>
reg.asp
<!--#i nclude file="conn.asp"-->
<%
if request("action")="reg" then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from user where name='"&trim(request("name"))&"'",conn,1,1
if rs.recordcount>0 then
response.write "<Script language='JavaScript'>window.alert('您输入的用户名已存在,请返回重新输入!');history.back(-1);</Script>"
response.End()
end if
sql="select * from user"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs.addnew
rs("name")=trim(request.Form("name"))
rs("pwd")=trim(request.Form("pwd"))
rs("wenti")=trim(request.Form("wenti"))
rs("daan")=trim(request.Form("daan"))
rs.update
rs.close
set rs=nothing
response.write "<script language=javascript> alert('注册成功,点击确定立即登录!');location.replace('login.asp');</script>"
response.end
end if
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>用户注册
<form name="form1" method="post" action="?action=reg" onsubmit="return chkform(this)">
<table width="347" border="1" cellpadding="5" cellspacing="0">
<tr>
<td width="142">用户名</td>
<td width="179"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td>密码</td>
<td><input name="pwd" type="password" id="pwd"></td>
</tr>
<tr>
<td>密码提示问题</td>
<td><input name="wenti" type="text" id="wenti"></td>
</tr>
<tr>
<td>密码提示答案</td>
<td><input name="daan" type="text" id="daan"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="注册">
<input type="reset" name="Submit" value="重置"> </td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</body>
</html>
top.asp
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><a href=><%
if Session("name")="" then
%>
<a href=><a href=>else
%>
欢迎您<%=Session("name")%>, <a href=><%
end if
%>
<a href=></tr>
</table>
<br>
login.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>
用户登陆
<%
if Session("name")="" then
%>
<form name="form1" method="post" action="loginok.asp?action=login" onsubmit="return chkform(this)">
<table border="1" cellspacing="0" cellpadding="5">
<tr>
<td width="116">用户名</td>
<td width="116"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td>密码</td>
<td><input name="pwd" type="password" id="pwd"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="登陆">
<input type="reset" name="Submit" value="重置"></td>
</tr>
</table>
</form>
<%
else
%>
<table border="1" cellspacing="0" cellpadding="5">
<tr>
<td width="303"><%=Session("name")%>,您已经成功登陆</td>
</tr>
</table>
<%
end if
%>
</td>
</tr>
</table>
</body>
</html>
loginok.asp
<!--#i nclude file="conn.asp"-->
<%
Session.TimeOut=30
if request("action")="login" then
name=trim(request.form("name"))
pwd=trim(request.form("pwd"))
if name="" or pwd="" then
Response.Redirect ("login.asp")
end if
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'and pwd='"&pwd&"'"
rs.open sql,conn,1,1
if not rs.eof then
session("name")=name
response.redirect"edit.asp"
else
response.redirect"Error.asp"
response.end
end if
end if
%>
loginout.asp
<%
session("name")=""
response.write "<script language=javascript> alert('退出登陆成功!');location.href('index.asp');</script>"
response.end
%>
pwd.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><p>找回密码</p>
<form name="form1" method="post" action="pwd2.asp?action=pwd">
<table width="398" border="1" cellpadding="5" cellspacing="0">
<tr>
<td width="130">请输入用户名</td>
<td width="168"><input name="name" type="text" id="name"></td>
<td width="62"><input type="submit" name="Submit" value="查询"></td>
</tr>
</table>
</form></td>
</tr>
</table>
</body>
</html>
pwd2.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>无标题文档</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>
找回密码
<%
name=trim(requ
上一个:ASP中使用FileSystemObject时提高性能的方法
下一个:ASP计算str2在str1中出现的次数