UC知道********************用户判断******************???
来源:百度知道 编辑:UC知道 时间:2024/05/19 15:45:24
set rs=server.CreateObject("adodb.recordset")
sql="select * from askadmin where adminname="&AdminName&"and adminpwd="&md5(adminpwd)&" "
rs.open sql,conn,1,1
if rs.eof and rs.bof then
session("adminname")=rs("adminname")
response.Redirect("index.asp")
else
response.Redirect("adminlogin.asp")
response.End()
end if
哪出错了~~~~???
不管怎么~~~~输用户名~~~~都登录了
sql="select * from askadmin where adminname="&AdminName&"and adminpwd="&md5(adminpwd)&" "
rs.open sql,conn,1,1
if rs.eof and rs.bof then
session("adminname")=rs("adminname")
response.Redirect("index.asp")
else
response.Redirect("adminlogin.asp")
response.End()
end if
哪出错了~~~~???
不管怎么~~~~输用户名~~~~都登录了
改成
pwd=md5(adminpwd)
set rs=server.CreateObject("adodb.recordset")
sql="select * from askadmin where adminname='"&AdminName&"' and adminpwd='"&pwd&"'"
rs.open sql,conn,1,1
if not (rs.eof or rs.bof) then
session("adminname")=rs("adminname")
response.Redirect("index.asp")
else
response.Redirect("adminlogin.asp")
response.End()
end if
sql="select * from askadmin where adminname="&AdminName&"and adminpwd="&md5(adminpwd)&" "
sql="select * from askadmin where adminname = '"&AdminName&"' and adminpwd = '"&md5(adminpwd)&"' "
sql语句错了
sql="select * from askadmin where adminname='"&AdminName&"' and adminpwd='"&md5(adminpwd)&"'"
这很明显吧。
rs.eof and rs.bof 指当前没有记录。。。