日期:2014-05-17  浏览次数:20823 次

asp 分 类型 登陆的问题,求解决方法!!!!!
我的目的   登陆的时候可以分2种类型   选择一种之后   到数据库会搜索相应的类型字段   进行判断.  

数据库字段   1.username(此为邮件地址)2.nickname(昵称)3.pass(密码)   4.power(权限)  

提交数据页面的   下拉框:  
<select   ID= "Select1 "   NAME= "type "> <option   name= "Email "> 邮件地址 </option> <option   name= "Nick "> 昵称 </option> </select>  

登陆判断页面.  
loginfinsh.asp  

strType=trim(request.Form( "Type "))  
strUse=trim(request.Form( "UserName "))  
strPass=trim(request.Form( "pass "))  

const   strConn   =   "driver={SQL   Server};server=172.16.0.3;uid=sysdba;pwd=masterkey;database=kingcrm "  
set   Conn   =   server.CreateObject   ( "ADODB.Connection ")  
Conn.Open   strConn  

set   rs=server.CreateObject( "ADODB.Recordset ")  

if   strType= "邮件地址 "   then  

strSQL   =   "select   *   from   sysdba.UserTablebackup1   where   UserName= ' "   &   strUse   &   " '   and   pass= ' "   &   strPass   &   " ' "  
rs.Open   strSQL,Conn,1,1  
if   rs.EOF   or   rs.BOF   then  
Response.Write   " <font   face= '华文新魏 '   size= '5 '> 登陆失败,请确定用户名和密码!! </font> <br> "  
Response.Write   " <a   href= 'index.asp '> 返回 </a> "  
else  
Session( "UserName ")=rs( "UserName ")  
Session( "pass ")=rs( "Pass ")  
Session( "power ")=rs( "power ")  
Response.Redirect( "SY_index.html ")  
end   if  

elseif   strType= "昵称 "   then  

strSQL   =   "select   *   from   sysdba.UserTablebackup1   where   NickName= ' "   &   strUse   &   " '   and   pass= ' "   &   strPass   &   " ' "  
rs.Open   strSQL,Conn,1,1  
if   rs.EOF   or   rs.BOF   then  
Response.Write   " <font   face= '华文新魏 '   size= '5 '> 登陆失败,请确定用户名和密码!! </font> <br> "  
Response.Write   " <a   href= 'index.asp '> 返回 </a> "  
else  
Session( "UserName ")=rs( "UserName ")  
Session( "pass ")=rs( "Pass ")  
Session( "power ")=rs( "power ")  
Response.Redirect( "SY_index.html ")  
end   if  
end   if  
rs.Close  
conn.Close  
set   rs=nothing  
set   Conn=nothing  


------解决方案--------------------
if strType= "邮件地址 " then
strSQL = "UserName= ' " & strUse & " ' "
else
strSQL = "NickName= ' " & strUse & " ' "
end if

sql = "select .... where " & strSQL & " and pass= ' " & strPass & " ' "

set rs