我的一个用户有一个'在用户名内,我认为它打破了行上的登录代码tempPassword = Request.Form("UserPassword")
if (Request.Form("Action") = "Login") then
tempUsername=Request.Form("UserName")
tempPassword=Request.Form("UserPassword")
if not (tempUserName = "") and not (tempPassword = "") then
strSQL="SELECT ContactID,Email,Password from Directory WHERE Email='" & tempUsername & "' AND Password='" & tempPassword & "'"
set rsQuery=cn.execute(strSQL)
if not (rsQuery.EOF) then
'-- Login correct, so set session variables
Session("CBWorkUser") = "Yes"
Session("CBWorkUserName") = rsQuery("Email")
Session("CBWorkID") = rsQuery("ContactID")
end if
set rsQuery = nothing
end if
end if
有什么解决方案可以解决这个问题?
vbscript ×1