數據庫位置:data/data.mdb
數據庫表:user
id name pwd wenti daan
conn.asp
<%
db="data/data.mdb" '數據庫存放目錄
on error resume next
set conn=server.createobject("adodb.connection")
conn.open "driver={microsoft access driver (*.mdb)};dbq="&server.mappath(db)
if err then
err.clear
set conn = Nothing
response.write "數據庫連接出錯,請檢查conn.asp中的連接字符串。"
response.end
end if
function CloseDB
Conn.Close
set Conn=Nothing
End Function
%>
<%
dim badword
badword="'|and|select|update|chr|delete|%20from|;|insert|mid|master.|set|chr(37)|="
if request.QueryString<>"" then
chk=split(badword,"|")
for each query_name in request.querystring
for i=0 to ubound(chk)
if instr(lcase(request.querystring(query_name)),chk(i))<>0 then
response.write "<script language=javascript>alert('傳參錯誤!參數 "&query_name&" 的值中包含非法字符串!\n\n');location='"&request.ServerVariables ("HTTP_REFERER")&"'</Script>"
response.end
end if
next
next
end if
%>
reg.asp
<!--#i nclude file="conn.asp"-->
<%
if request("action")="reg" then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from user where name='"&trim(request("name"))&"'",conn,1,1
if rs.recordcount>0 then
response.write "<Script language='JavaScript'>window.alert('您輸入的用戶名已存在,請返回重新輸入!');history.back(-1);</Script>"
response.End()
end if
sql="select * from user"
set rs=server.createobject("adodb.recordset")
rs.open sql,conn,1,3
rs.addnew
rs("name")=trim(request.Form("name"))
rs("pwd")=trim(request.Form("pwd"))
rs("wenti")=trim(request.Form("wenti"))
rs("daan")=trim(request.Form("daan"))
rs.update
rs.close
set rs=nothing
response.write "<script language=javascript> alert('注冊成功,點擊確定立即登錄!');location.replace('login.asp');</script>"
response.end
end if
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>用戶注冊
<form name="form1" method="post" action="?action=reg" onsubmit="return chkform(this)">
<table width="347" border="1" cellpadding="5" cellspacing="0">
<tr>
<td width="142">用戶名</td>
<td width="179"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td>密碼</td>
<td><input name="pwd" type="password" id="pwd"></td>
</tr>
<tr>
<td>密碼提示問題</td>
<td><input name="wenti" type="text" id="wenti"></td>
</tr>
<tr>
<td>密碼提示答案</td>
<td><input name="daan" type="text" id="daan"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="注冊">
<input type="reset" name="Submit" value="重置"> </td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</body>
</html>
top.asp
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><a href="/"";index.asp">首頁</a>
<%
if Session("name")="" then
%>
<a href="/"";reg.asp">注冊</a> <a href="/"";login.asp">登陸</a>
<a href="/"";pwd.asp">忘記密碼?</a> <%
else
%>
歡迎您<%=Session("name")%>, <a href="/"";loginout.asp">注銷登陸</a>
<%
end if
%>
<a href="/"";jiami.asp">加密頁</a></td>
</tr>
</table>
<br>
login.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>
用戶登陸
<%
if Session("name")="" then
%>
<form name="form1" method="post" action="loginok.asp?action=login" onsubmit="return chkform(this)">
<table border="1" cellspacing="0" cellpadding="5">
<tr>
<td width="116">用戶名</td>
<td width="116"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td>密碼</td>
<td><input name="pwd" type="password" id="pwd"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="Submit" value="登陸">
<input type="reset" name="Submit" value="重置"></td>
</tr>
</table>
</form>
<%
else
%>
<table border="1" cellspacing="0" cellpadding="5">
<tr>
<td width="303"><%=Session("name")%>,您已經成功登陸</td>
</tr>
</table>
<%
end if
%>
</td>
</tr>
</table>
</body>
</html>
loginok.asp
<!--#i nclude file="conn.asp"-->
<%
Session.TimeOut=30
if request("action")="login" then
name=trim(request.form("name"))
pwd=trim(request.form("pwd"))
if name="" or pwd="" then
Response.Redirect ("login.asp")
end if
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'and pwd='"&pwd&"'"
rs.open sql,conn,1,1
if not rs.eof then
session("name")=name
response.redirect"edit.asp"
else
response.redirect"Error.asp"
response.end
end if
end if
%>
loginout.asp
<%
session("name")=""
response.write "<script language=javascript> alert('退出登陸成功!');location.href('index.asp');</script>"
response.end
%>
pwd.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><p>找回密碼</p>
<form name="form1" method="post" action="pwd2.asp?action=pwd">
<table width="398" border="1" cellpadding="5" cellspacing="0">
<tr>
<td width="130">請輸入用戶名</td>
<td width="168"><input name="name" type="text" id="name"></td>
<td width="62"><input type="submit" name="Submit" value="查詢"></td>
</tr>
</table>
</form></td>
</tr>
</table>
</body>
</html>
pwd2.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>
找回密碼
<%
name=trim(request.form("name"))
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'"
rs.open sql,conn,1,1
if not rs.eof then
%>
<form name="form1" method="post" action="pwd3.asp">
<table width="398" border="1" cellpadding="5" cellspacing="0">
<tr>
<td><%=rs("name")%></td>
<td> </td>
<td><input name="name" type="hidden" id="name" value="<%=rs("name")%>"></td>
</tr>
<tr>
<td width="130">密碼提示問題</td>
<td width="168"><%=rs("wenti")%>
</td>
<td width="62"> </td>
</tr>
<tr>
<td>密碼提示答案</td>
<td><input name="daan" type="text" id="daan"></td>
<td><input type="submit" name="Submit" value="查詢"></td>
</tr>
</table>
</form>
<% else
%>
<table width="413" border="1" cellpadding="5" cellspacing="0">
<tr>
< td>你輸入的用戶名不存在,請<a href="/"";javascript:history.back()">返回</a>重新輸入,或者<a href="/"";reg.asp">注冊</a></td>
</tr>
</table>
<%end if
%>
</td>
</tr>
</table>
</body>
</html>
pwd3.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>
找回密碼
<%
name=trim(request.form("name"))
daan=trim(request.form("daan"))
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"' and daan='"&daan&"'"
rs.open sql,conn,1,1
if not rs.eof then
%>
<table width="398" border="1" cellpadding="5" cellspacing="0">
<tr>
<td width="130"><%=rs("name")%>,您的密碼</td>
<td><%=rs("pwd")%>
</td>
</tr>
</table>
<% else
%>
<table width="413" border="1" cellpadding="5" cellspacing="0">
<tr>
<td>你輸入的密碼提示答案不正確,請<a href="/"";javascript:history.back()">返回</a>重新輸入</td>
</tr>
</table>
<%end if
%>
</td>
</tr>
</table>
</body>
</html>
error.asp
<!--#i nclude file="conn.asp"-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td>登陸失敗,請檢查用戶名和密碼是否正確 <a href="/"";login.asp">返回</a></td>
</tr>
</table>
</body>
</html>
edit.asp
<!--#i nclude file="conn.asp"-->
<%
if request("action")="edit" then
name=session("name")
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'"
rs.open sql,conn,3,2
rs("pwd")=trim(request.Form("pwd"))
rs("daan")=trim(request.Form("daan"))
rs.update
rs.close
set rs=nothing
response.write "<script language=javascript>alert('編輯成功!');location.href('edit.asp');</script>"
end if
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>無標題文檔</title>
</head>
<body><!--#i nclude file="top.asp"-->
<table width="90%" border="1" align="center" cellpadding="10" cellspacing="0">
<tr>
<td><p>修改資料</p>
<p>
<%
if Session("name")="" then
%>
對不起你還沒有登陸,請<a href="/"";login.asp">登陸</a>或者<a href="/"";reg.asp">注冊</a>
<%
else
%>
<%
name=session("name")
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'"
rs.open sql,conn,1,1
%>
</p>
<form action="?action=edit" method="post" name="form" id="form">
<table border="1" cellpadding="5">
<tr>
<td>用戶名</td>
<td><%=rs("name")%></td>
</tr>
<tr>
<td>密碼</td>
<td><input name="pwd" type="text" id="pwd" value="<%=rs("pwd")%>"></td>
</tr>
<tr>
<td>密碼提示問題</td>
<td><%=rs("wenti")%></td>
</tr>
<tr>
<td>密碼提示答案</td>
<td><input name="daan" type="text" id="daan" value="<%=rs("daan")%>"></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="修改">
<input type="reset" name="Submit" value="重置"></td>
</tr>
</table>
</form>
<p> <%
end if
%>
</p></td>
</tr>
</table>
</body>
</html>