的是撒的撒的实打实
View CodeEnd If if Instr(UserName,">")>0 or Instr(UserName,"<")>0 or Instr(UserName,"=")>0 or Instr(UserName,"%")>0 or Instr(UserName,chr(32))>0 or Instr(UserName,"?")>0 or Instr(UserName,"&")>0 or Instr(UserName,";")>0 or Instr(UserName,",")>0 or Instr(UserName,"'")>0 or Instr(UserName,chr(34))>0 or Instr(UserName,chr(9))>0 or Instr(UserName,"")>0 or Instr(UserName,"$")>0 then Response.Write ("<script>alert('登陆失败!\n\n错误原因:会员含有非法字符!');history.back();</script>") Response.end else UserName=Trim(UserName) end if set rs=server.createobject("adodb.recordset") sql="select * from admin where UserName='"&UserName&"'" rs.open sql,conn,1,3 if rs.eof then Response.Write ("<script>alert('登陆失败!\n\n错误原因:帐号或密码错误。');window.location='Login.asp';</script>") Response.end else if rs("PassWord")<>PassWord then rs.close
来源:https://www.cnblogs.com/yefanchen/archive/2012/08/27/2658562.html