您所在位置:主题:各位大哥大姐帮帮忙 登陆界面表单提交出现“错误405”--禁止访问资源
一个老好人
[专家分:0] 发布于 2010-03-17 10:20:00
这是个登陆界面,出现两个问题:
(1)在”用户名“和”密码“里面不管输入什么,点击“登陆”之后,都出现“错误405--禁止访问资源”
(2)如果在”用户名“和”密码“里面什么都不输入,会出现“您输入的用户名称错误,请重新输入!”的警告,接着又出现“错误405--禁止访问资源”
对于第一点,貌似调教表单的值与数据库没有任何交流;
对于第二点,貌似没有实现“return”的功能!
请高手指点指点!
ps:代码如下
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="conn/conn.asp"--> <!--包含数据库连接文件-->
<%
function filter_Str(InString)
'***********************************
'功能:过滤输入字符串中的危险符号
'调用方法:filter_Str("String")
'***********************************
NewStr=Replace(InString,"'","''")
NewStr=Replace(NewStr,"<","<")
NewStr=Replace(NewStr,">",">")
NewStr=Replace(NewStr,"chr(60)","<")
NewStr=Replace(NewStr,"chr(37)",">")
NewStr=Replace(NewStr,"""",""")
NewStr=Replace(NewStr,";",";;")
NewStr=Replace(NewStr,"--","-")
NewStr=Replace(NewStr,"/*"," ")
NewStr=Replace(NewStr,"%"," ")
filter_Str=NewStr
end function
if Request.Form("username")<>"" and request.Form("password")<>"" then
user=filter_Str(request.Form("username"))
pass=filter_Str(request.Form("password"))
set rs=server.CreateObject("adodb.recordset")
sql="select * from tb_user where username='"&user&"'"
rs.open sql,conn,1,3
if rs.eof and rs.bof then %>
<script language="javascript">
alert("您输入的用户名称错误,请重新输入!");
location='index.asp';
</script>
<%
else
if rs("password")=pass then
%>
<script language="javascript">
alert("登录成功!");
</script>
<%
end if
end if
end if%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>普通用户登录页面</title>
<style>
body{
margin:0px;
}
#login{
height:100px;
width:241px;
background-color:#015E99;
border:0px;
position:absolute;
left: 391px;
top: 220px;
}
</style>
</head>
<script language="javascript">
function Mycheck(){
if(form1.username.value=="")
{alert("用户名称不能为空!!");form1.username.focus();return ;}
if(form1.password.value=="")
{alert("用户密码不能为空!!");form1.password.focus();return ;}
form1.submit();
}
</script>
<body background="image/all.jpg"">
<form name="form1" method="post">
<div id="login">
<table width="241" height="100" border="0" cellpadding="0" cellspacing="0">
<tr>
<td height="35" width="100"> <div align="center">用户名</div></td>
<td height="35" width="141"> <input name="username" type="text" id="username" size="20"style="height:15pt"></td>
</tr>
<tr>
<td height="35" width="100"><div align="center">密 码</div></td>
<td height="35" width="141"><input name="password" type="password" id="password" size="21"style="height:15pt">
</tr>
<tr>
<td colspan="2" align="center" height="30">
<input type="submit" name="submit" onclick="Mycheck"value="登陆"/>
<input type="reset" name="reset" value="取消" /></td>
</tr>
</table>
</div>
</form>
</body>
</html>
(1)在”用户名“和”密码“里面不管输入什么,点击“登陆”之后,都出现“错误405--禁止访问资源”
(2)如果在”用户名“和”密码“里面什么都不输入,会出现“您输入的用户名称错误,请重新输入!”的警告,接着又出现“错误405--禁止访问资源”
对于第一点,貌似调教表单的值与数据库没有任何交流;
对于第二点,貌似没有实现“return”的功能!
请高手指点指点!
ps:代码如下
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<!--#include file="conn/conn.asp"--> <!--包含数据库连接文件-->
<%
function filter_Str(InString)
'***********************************
'功能:过滤输入字符串中的危险符号
'调用方法:filter_Str("String")
'***********************************
NewStr=Replace(InString,"'","''")
NewStr=Replace(NewStr,"<","<")
NewStr=Replace(NewStr,">",">")
NewStr=Replace(NewStr,"chr(60)","<")
NewStr=Replace(NewStr,"chr(37)",">")
NewStr=Replace(NewStr,"""",""")
NewStr=Replace(NewStr,";",";;")
NewStr=Replace(NewStr,"--","-")
NewStr=Replace(NewStr,"/*"," ")
NewStr=Replace(NewStr,"%"," ")
filter_Str=NewStr
end function
if Request.Form("username")<>"" and request.Form("password")<>"" then
user=filter_Str(request.Form("username"))
pass=filter_Str(request.Form("password"))
set rs=server.CreateObject("adodb.recordset")
sql="select * from tb_user where username='"&user&"'"
rs.open sql,conn,1,3
if rs.eof and rs.bof then %>
<script language="javascript">
alert("您输入的用户名称错误,请重新输入!");
location='index.asp';
</script>
<%
else
if rs("password")=pass then
%>
<script language="javascript">
alert("登录成功!");
</script>
<%
end if
end if
end if%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>普通用户登录页面</title>
<style>
body{
margin:0px;
}
#login{
height:100px;
width:241px;
background-color:#015E99;
border:0px;
position:absolute;
left: 391px;
top: 220px;
}
</style>
</head>
<script language="javascript">
function Mycheck(){
if(form1.username.value=="")
{alert("用户名称不能为空!!");form1.username.focus();return ;}
if(form1.password.value=="")
{alert("用户密码不能为空!!");form1.password.focus();return ;}
form1.submit();
}
</script>
<body background="image/all.jpg"">
<form name="form1" method="post">
<div id="login">
<table width="241" height="100" border="0" cellpadding="0" cellspacing="0">
<tr>
<td height="35" width="100"> <div align="center">用户名</div></td>
<td height="35" width="141"> <input name="username" type="text" id="username" size="20"style="height:15pt"></td>
</tr>
<tr>
<td height="35" width="100"><div align="center">密 码</div></td>
<td height="35" width="141"><input name="password" type="password" id="password" size="21"style="height:15pt">
</tr>
<tr>
<td colspan="2" align="center" height="30">
<input type="submit" name="submit" onclick="Mycheck"value="登陆"/>
<input type="reset" name="reset" value="取消" /></td>
</tr>
</table>
</div>
</form>
</body>
</html>
