下面是一个修改页面,使用中发现:个别用户在修改了信息后,可以修改的字段会被清空,包括密码。以至于登录都不行了。求高人指点!
<!--#include file="conn.asp"-->
<%
if session("Name") = "" then
response.write "<script language=javascript> alert('对不起,登录超时,请重新登录!');location.href('login.asp');</script>"
response.end
end if
%>
<%
if request("action")="edit" then
name=session("name")
session.timeout=20
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'"
rs.open sql,conn,1,3
rs("pwd")=trim(request.form("pwd"))
rs("wenti")=trim(request.form("wenti"))
rs("daan")=trim(request.form("daan"))
rs("C2")=trim(request.form("C2"))
rs("C4")=trim(request.form("C4"))
rs("C6")=trim(request.form("C6"))
rs("C7")=trim(request.form("C7"))
rs("C8")=trim(request.form("C8"))
rs("C9")=trim(request.form("C9"))
rs("jielun")=trim(request.form("jielun"))
rs("now")=trim(request.form("now"))
Rs("datetime")=Now()
Rs("getip")=getip()
rs.update
rs.close
set rs=nothing
conn.close
set conn=nothing
response.write "<script language=javascript>alert('提交成功!');location.href('edit.asp');</script>"
Response.End
end if
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312>
<title>信息登记、核对页面...</title>
<style type="text/css">
<!--
.STYLE15 {
font-size: 12px;
color:#006666;
}
.STYLE16 {
font-size: 12px;
color:#666666;
}
.STYLE17 {
font-size: 18px;
font-weight: bold;
color:#0891D7;
}
.STYLE18 {
font-size: 14px;
font-weight: bold;
color:#ff0000;
}
-->
</style>
</head>
<body background="../images/bj2.gif">
<!--#include file="top.asp"-->
<%
Private Function getIP()
Dim strIPAddr
If Request.ServerVariables("HTTP_X_FORWARDED_FOR") = "" OR InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), "unknown") > 0 Then
strIPAddr = Request.ServerVariables("REMOTE_ADDR")
ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",") > 0 Then
strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ",")-1)
ElseIf InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";") > 0 Then
strIPAddr = Mid(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), 1, InStr(Request.ServerVariables("HTTP_X_FORWARDED_FOR"), ";")-1)
Else
strIPAddr = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
End If
getIP = Trim(Mid(strIPAddr, 1, 30))
End Function
%>
<table width="950" border="0" align="center" cellpadding="10" cellspacing="0">
<tr>
<td align="left" class="STYLE18"><p> 重要说明:本系统</p>
<%
if session("name")="" then
%>
对不起你还没有登陆,请<a href="login.asp">登陆</a>或者<a href="reg.asp">注册</a>
<%
else
%>
<%
name=session("name")
set rs=server.createobject("adodb.recordset")
sql="select * from user where name='"&name&"'"
rs.open sql,conn,1,1
%>
</p>
<form action="" method="post" name="form" id="form">
<table width="850" cellspacing="0" cellpadding="5" align="center" border="1" bordercolorlight="#006666" bordercolordark="#FFFFFF">
<tr>
<td class="STYLE16" colspan="4" align="center"><b>登录信息</b></td>
<tr >
<td class="STYLE16" width="170">用户名</td>
<td class="STYLE16"><%=rs("name")%> </td>
<td class="STYLE16">密码</td>
<td class="STYLE16"><input name="pwd" type="text" id="pwd" style="width:180px;" class="STYLE16" value="<%=rs("pwd")%>"> </td>
</tr>
<tr>
<td class="STYLE16">密码提示问题</td>
<td class="STYLE16"><input name="wenti" type="text" id="wenti" style="width:180px;" class="STYLE16" value="<%=rs("wenti")%>"> </td>
<td class="STYLE16">密码提示答案</td>
<td class="STYLE16"><input name="daan" type="text" id="daan" style="width:180px;" class="STYLE16" value="<%=rs("daan")%>"> </td>
</tr>
<tr><td class="STYLE16">最后登录IP</td><td class="STYLE16"><%=rs("getIP")%> </td><td class="STYLE16">最后登记时间</td><td class="STYLE16"><%=rs("datetime")%> </td></tr>