如何更好地保护我的网页?
作者:
main.htm
<html>
<body>
<form action="login.asp" method="Post">
<input type="text" name="username" size="20"> 账号<br>
<input type="password" name="password" size="20"> 密码<br>
<input type="submit" value="进入">
</form>
</body></html>
login.asp
<%@Language=VBScript%>
<%Response.Buffer = True%>
<html>
<body>
<%
UserName = Request.Form("username")
Password = Request.Form("password")
Set MyConn=Server.CreateObject("ADODB.Connection")
MyConn.Open "Provider={Microsoft Access Driver (*.mdb)};
DBQ=D:\suifengqiwu\databases\test.mdb"
SQL = "Select * From tblLogin"
Set RS = MyConn.Execute(SQL)
If UserName = RS("UserName") And Password = RS("Password") Then
Session("allow") = True
< !-----连接保护的页面------->
Else
Response.Redirect "main.asp"
RS.Close
MyConn.Close
Set RS = Nothing
Set MyConn = Nothing
End If
%>
</body></html>
做好了上面两个程序,再完善一下外围:把global.asa中的Session_Onstart加上 Session("allow") = False 语句,再在要保护的网页中加入下面的语句:
<% @Language=VBScript %>
<% Response.Buffer = True %>
<% If session("allow") = False Then Response.Redirect "main.asp" %>
[1]