不首先使用核武的原话:帮我解释一下下面的代码!!!!!

来源:百度文库 编辑:杭州交通信息网 时间:2024/05/05 19:53:55
<%@ LANGUAGE = VBScript %>
<!--#include file="conn.asp"-->

<%
FileName = Request ("FileName")
AdminUserName = Request ("AdminUserName")
AdminPassWord = Request ("AdminPassWord")
If AdminPassWord = "" Then
Conn.Close
Set Conn = nothing
Session ("Message") = "请输入您的管理员密码。"
Response.Redirect "error.asp"
Response.End
End If
If AdminUserName = "" Then
Conn.Close
Set Conn = nothing
Session ("Message") = "请输入您的管理员用户名。"
Response.Redirect "error.asp"
Response.End
End If
Function Filter_SQL(strData)
Dim strFilter
Dim blnFlag
Dim i
strFilter="',;,//,--,exec,declare"
blnFlag = Flase
Dim arrayFilter
arrayFilter = Split(strFilter,",")
For i = 0 To UBound(arrayFilter)
If Instr(strData,arrayFilter(i)) > 0 Then
blnFlag = True
Exit For
End If
Next
If blnFlag Then
Conn.Close
Set Conn = nothing
Session ("Message") = "管理员用户名或密码错误。"
Response.Redirect "error.asp"
Response.End
Else
Filter_SQL = strData
End If
End Function
Filter_SQL(Request ("AdminUserName"))
Filter_SQL(Request ("AdminPassWord"))
rs.Open "Select * From setup Where AdminUserName = '" & AdminUserName & "'",Conn
If rs.Eof Then
rs.Close
Set rs = nothing
Conn.Close
Set Conn = nothing
Session ("Message") = "您输入的管理员用户名并不存在。"
Response.Redirect "error.asp"
Response.End
End if
rs.Close
rs.Open "Select * From setup Where AdminUserName = '" & AdminUserName & "' and AdminPassWord = '" & AdminPassWord & "'",Conn
If rs.EOF Then
rs.Close
Set rs = nothing
Conn.Close
Set Conn = nothing
Session ("Message") = "管理员密码错误。"
Response.Redirect "error.asp"
Response.End
Else
rs.Close
Set rs = nothing
Conn.Close
Set Conn = nothing
Response.Cookies("Admin" & DomainName & "")("AdminUserName") = AdminUserName
Response.Cookies("Admin" & DomainName & "")("AdminPassWord") = AdminPassWord
If FileName <> "" Then
Response.Redirect "" & FileName & ""
Response.End
Else
Response.Redirect "admin.asp"
Response.End
End If
End If
%>
谁能告诉我该登陆页的管理员帐号和密码各是什么?

这段就是判断密码和用户名的正确性和返回错误,,,,密码和账号在数据库里找,,,,数据库setup这个表里面!

管理帐号是在数据库里的。不会写在这里的。它调用了conn.asp文件。conn.asp应该有数据库路径!

<%@ LANGUAGE = VBScript %>
<!--#include file="conn.asp"--> ‘包含数据库连接文件

<%
FileName = Request ("FileName") ’变量filename获得表单FileName的值
AdminUserName = Request ("AdminUserName") ‘变量AdminUserName获得表单AdminUserName的值
AdminPassWord = Request ("AdminPassWord") ’变量AdminPassWord获得表单AdminPassWord的值
If AdminPassWord = "" Then ‘如果AdminPassWord值为空
Conn.Close ’关闭数据库连接
Set Conn = nothing ‘释放conn对象
Session ("Message") = "请输入您的管理员密码。" ’在Session变量Message中写入'请输入您的管理员密码。'字符串
Response.Redirect "error.asp" 传跳至error.asp页面
Response.End ‘结束程序
End If

----------------------------------------
If AdminUserName = "" Then
Conn.Close
Set Conn = nothing
Session ("Message") = "请输入您的管理员用户名。"
Response.Redirect "error.asp"
Response.End
End If
--------------------------------- '和上面一样的功能^_^

Function Filter_SQL(strData) '定义一个函数Filter_SQL
Dim strFilter ’定义变量
Dim blnFlag
Dim i
strFilter="',;,//,--,exec,declare" '变量赋值
blnFlag = Flase
Dim arrayFilter
arrayFilter = Split(strFilter,",") ‘把strFilter的内容以“,”符号为分割符,分解成数字,存入数组变量arraryFilter
---------------------------------------------------
For i = 0 To UBound(arrayFilter)
If Instr(strData,arrayFilter(i)) > 0 Then
blnFlag = True
Exit For
End If
Next
---------------------------------------------------
'通过循环来判断strData中是否存在strFilter中的字符,这个应该是防SQL注入的处理函数

---------------------------------------------
If blnFlag Then
Conn.Close
Set Conn = nothing
Session ("Message") = "管理员用户名或密码错误。"
Response.Redirect "error.asp"
Response.End
Else
Filter_SQL = strData
End If
End Function
Filter_SQL(Request ("AdminUserName"))
Filter_SQL(Request ("AdminPassWord"))
rs.Open "Select * From setup Where AdminUserName = '" & AdminUserName & "'",Conn
If rs.Eof Then
rs.Close
Set rs = nothing
Conn.Close
Set Conn = nothing
Session ("Message") = "您输入的管理员用户名并不存在。"
Response.Redirect "error.asp"
Response.End
End if
rs.Close
--------------------------------------------------
'查询数据库中是否存在输入的用户

------------------------------------------------------------
rs.Open "Select * From setup Where AdminUserName = '" & AdminUserName & "' and AdminPassWord = '" & AdminPassWord & "'",Conn
If rs.EOF Then
rs.Close
Set rs = nothing
Conn.Close
Set Conn = nothing
Session ("Message") = "管理员密码错误。"
Response.Redirect "error.asp"
Response.End
Else
rs.Close
Set rs = nothing
Conn.Close
Set Conn = nothing
Response.Cookies("Admin" & DomainName & "")("AdminUserName") = AdminUserName
Response.Cookies("Admin" & DomainName & "")("AdminPassWord") = AdminPassWord
If FileName <> "" Then
Response.Redirect "" & FileName & ""
Response.End
Else
Response.Redirect "admin.asp"
Response.End
End If
End If
------------------------------------------
查询用户密码是否和用户名相对应,如果为真,向cookies中写入用户名和密码,并转跳到admin.asp页面
%>

用户名和密码在数据库中的setup表中去找。

帮我解释一下下面的代码!!!!! 请帮我解释一下下面的代码 帮我解释一下下面的名言 有谁可以为我解释一下下面的ASP代码? 帮我解释一下下面的话 请那位高人帮我详细解释一下下面代码是什么意思?非常感谢 哪位高人能帮我把下面这段代码解释一下啊~~~谢了 电子邮件的问题,下面的问题帮我解释一下 大家能帮我解释一下下面的意思吗? 帮我解释一下,开机后出现的下面这些语句