Hvoffor response.redirecter denne ikke??
Set Conn = Server.CreateObject(\"ADODB.Connection\")Conn.Open \"DRIVER={Microsoft Access Driver (*.mdb)};DBQ=D:\\home\\formordk\\db\\member.mdb\"
Set RS = conn.Execute (\"SELECT MedlemsPassword From MedlemsInfo WHERE MedlemsIdNr =\'\" & YourId & \"\'\")
If RS.EOF Then
FejlYourIdNotInDb = FejlYourIdNotInDb + 1
Else
If RS(\"MedlemsPassword\") <> Password Then
FejlForkertPassword = FejlForkertPassword + 1
Else
If RememberMe = \"\" Then
FejlRememberMe = FejlRememberMe + 1
End If
Når passwordet er forkert så viser den bare siden helt blank i stedet for at Redirecte.
Her er hele scriptet
<%@LANGUAGE=\"VBSCRIPT\"%>
<%
Response.Expires = 0
Response.AddHeader \"PRAGMA\", \"NO-CACHE\"
%>
<%
Dim YourId, Password, FejlYourId, Fejl, FejlPassword, FejlYourIdNotInDb, FejlForkertPassword, FejlRememberMe ,RememberMe
YourId = Request.Querystring(\"YourId\")
Password = Request.Querystring(\"Password\")
Fejl = (\"0\")
FejlYourId = (\"0\")
FejlPassword = (\"0\")
FejlYourIdNotInDb = (\"0\")
FejlForkertPassword = (\"0\")
FejlRememberMe = (\"0\")
RememberMe = Request.Querystring(\"RememberMe\")
%>
<%
If YourId = (\"\") Or Password = (\"\") Then
Fejl = Fejl + 1
End If
if instr(YourId ,\"\'\") Or _
instr(YourId ,\"&\") Or _
instr(YourId ,\",\") Or _
instr(YourId ,\";\") Or _
instr(YourId ,\"_\") Or _
instr(YourId ,\"=\") Or _
instr(YourId ,\" \") Or _
instr(lcase(YourId) ,\"select \") Or _
instr(lcase(YourId) ,\" where \") Or _
instr(lcase(YourId) ,\" or \") Or _
instr(lcase(YourId) ,\" by \") Or _
instr(lcase(YourId) ,\" insert \") Or _
instr(lcase(YourId) ,\" update \") Or _
instr(lcase(YourId) ,\" and \") Then
FejlYourId = FejlYourId + 1
End If
if instr(Password ,\"\'\") Or _
instr(Password ,\"&\") Or _
instr(Password ,\",\") Or _
instr(Password ,\";\") Or _
instr(Password ,\"_\") Or _
instr(Password ,\"=\") Or _
instr(Password ,\" \") Or _
instr(lcase(Password) ,\"select \") Or _
instr(lcase(Password) ,\" where \") Or _
instr(lcase(Password) ,\" or \") Or _
instr(lcase(Password) ,\" by \") Or _
instr(lcase(Password) ,\" insert \") Or _
instr(lcase(Password) ,\" update \") Or _
instr(lcase(Password) ,\" and \") Then
FejlPassword = FejlPassword + 1
End If
If Fejl > 0 Or FejlYourId > 0 Or FejlPassword > 0 Then
Response.Redirect \"login.asp?FejlYourId=\" & FejlYourId & _
\"&FejlPassword=\" & FejlPassword
End If
Set Conn = Server.CreateObject(\"ADODB.Connection\")
Conn.Open \"DRIVER={Microsoft Access Driver (*.mdb)};DBQ=D:\\home\\formordk\\db\\member.mdb\"
Set RS = conn.Execute (\"SELECT MedlemsPassword From MedlemsInfo WHERE MedlemsIdNr =\'\" & YourId & \"\'\")
If RS.EOF Then
FejlYourIdNotInDb = FejlYourIdNotInDb + 1
Else
If RS(\"MedlemsPassword\") <> Password Then
FejlForkertPassword = FejlForkertPassword + 1
Else
If RememberMe = \"\" Then
FejlRememberMe = FejlRememberMe + 1
End If
If FejlYourIdNotInDb > 0 Or FejlForkertPassword > 0 Or FejlRememberMe > 0 Then
Response.Redirect \"login.asp?FejlYourIdNotInDb=\" & FejlYourIdNotInDb & _
\"&FejlForkertPassword=\" & FejlForkertPassword & _
\"&FejlRememberMe=\" & FejlRememberMe
Else
Function MakePassword(intAntaltegn)
For x = 1 To intAntalTegn
Randomize
intChooser = Int(Rnd * 2) + 1
Select Case intChooser
Case 1
intWildChar = Int(Rnd * 57) + 65
If intWildChar => 91 And intWildChar <= 96 Then
intWildChar = intWildChar + 8
End If
strPassword = strPassword & Chr(intWildChar)
Case Else
intWildChar = Int(Rnd * 9) + 1
strPassword = strPassword & intWildChar
End Select
Next
MakePassword = strPassword
End Function
CookiesId1 = MakePassword(20)
\'for at undgå 2 mennesker ender med samme CookiesId sætter vi Id nummer ind foran
CookiesId = YourId & CookiesId1
If RememberMe = (\"1\") Then
Set RS1 = conn.Execute (\"UPDATE MedlemsInfo SET CookiesId = \'\" & CookiesId & \"\' Where MedlemsIdNr = \'\" & YourId & \"\'\")
Response.Cookies(\"Memberacces\")(\"CookiesId\") = \"\" & CookiesId & \"\"
Response.Cookies(\"Memberacces\")(\"YourId\") = \"\" & YourId & \"\"
\'Response.Cookies(\"Memberacces\").Expires = dateadd(\"h\",2,now())
Response.Write \"enellerandenside.asp cookie = 1\"
Else
If RememberMe = (\"2\") Then
Set RS2 = conn.Execute (\"UPDATE MedlemsInfo SET CookiesId = \'\" & CookiesId & \"\' Where MedlemsIdNr = \'\" & YourId & \"\'\")
Response.Cookies(\"Memberacces\")(\"CookiesId\") = \"\" & CookiesId & \"\"
Response.Cookies(\"Memberacces\")(\"YourId\") = \"\" & YourId & \"\"
Response.Cookies(\"Memberacces\").Expires = Date+365
Response.Write \"enellerandenside.asp cookie = 2\"
End If
End If
End If
End If
End If
%>