#12003/4/11 15:08:31
login.asp
这个文件代码如下,运行的时候出505错(在某些服务器上可以运行。在某些服务器上又不能。):
<%
reg=Request.form("reg")
reg1=Request.form("reg1")
ysqx=Request.form("ysqx")
if reg<>reg1 then
%>
<%
else
username=trim(Request.Form("username"))
password=trim(Request.Form("password"))
lip=Application("lt_ysqx_lockip")
if instr(username,"'")<>0 then Response.Redirect "error.asp?id=524"
if Application("lt_ysqx_systemname")="" then Response.Redirect "error.asp?id=001"
if InStr(Request.ServerVariables("HTTP_USER_AGENT"),"MSIE")=0 then Response.Redirect "error.asp?id=250"
if username="" or password="" then Response.Redirect "error.asp?id=002"
for each element in Request.Form
elevalue=Request.Form(element)
if instr(elevalue,"'")<>0 or instr(elevalue,"\")<>0 or instr(elevalue,";") or instr(elevalue,"") then Response.Redirect "error.asp?id=056"
next
for i=1 to len(username)
usernamechr=mid(username,i,1)
if asc(usernamechr)>0 then Response.Redirect "error.asp?id=003"
next
if len(password)<6 then Response.Redirect "error.asp?id=004"
for i=1 to len(password)
passwordchr=asc(mid(password,i,1))
if passwordchr<48 or (passwordchr>57 and passwordchr<65) or (passwordchr>90 and passwordchr<97) or passwordchr>122 then Response.Redirect "error.asp?id=005"
next
lastip=Request.ServerVariables("REMOTE_ADDR")
if instr(lip,";"&lastip&";")<>0 then Response.Redirect "error.asp?id=247"
password=md5(password)
lastlogintime=now()
lastlogintimetype="#"&month(lastlogintime)&"/"&day(lastlogintime)&"/"&year(lastlogintime)&" "&hour(lastlogintime)&":"&minute(lastlogintime)&":"&second(lastlogintime)&"#"
set conn=server.CreateObject("adodb.connection")
conn.Open Application("lt_ysqx_connstr")
set rst=server.CreateObject("adodb.recordset")
conn.Execute "update x set b=b+1 where a='访问量'"
n=Year(date())
y=Month(date())
r=Day(date())
s=Hour(time())
f=Minute(time())
m=Second(time())
if len(y)=1 then y="0" & y
if len(r)=1 then r="0" & r
if len(s)=1 then s="0" & s
if len(f)=1 then f="0" & f
if len(m)=1 then m="0" & m
sj=n & "-" & y & "-" & r
%>
<%
sql="select * from 贷款 where 贷款人='"&username&"' and 还贷记录=false and DateDiff('d',贷款日期,#" & sj & "#)>7"
Set Rs=connt.Execute(sql)
if not(rs.BOF or rs.EOF) then
connt.Execute ("update 贷款 set 还贷记录=true where 贷款人='"&username&"'")
connt.Close
set connt=nothing
conn.Execute "update 用户 set 体力=体力-100000,内力=内力-100000,状态='鬼魂' where 姓名='"&username&"'"
conn.Close
set conn=nothing
Response.Redirect "error.asp?id=243"
Response.end
end if
rst.Open "select 门派,等级,状态,形态,最后登录时间,会员,会员时间 from 用户 where 姓名='"&username&"' and 密码='"&password&"'",conn
if rst.EOF or rst.BOF then Response.Redirect "error.asp?id=010"
mycorp=rst("门派")
mygrade=rst("等级")
predicament=rst("状态")
xingtai=rst("形态")
if rst("会员时间")>=date() and rst("会员")=true then
fellow=true
else
conn.Execute "update 用户 set 会员=false where 姓名='"&username&"'"
fellow=false
end if
allowlogintime=rst("最后登录时间")
rst.Close
set rst=nothing
if datediff("s",allowlogintime,lastlogintime)<0 then
t=abs(datediff("s",allowlogintime,lastlogintime))
Response.write ""
Response.End
end if
if predicament="逮捕" and datediff("s",allowlogintime,lastlogintime)<0 then Response.Redirect "error.asp?id=022&allowtime="&allowlogintime
if predicament="入狱" and datediff("s",allowlogintime,lastlogintime)<0 then Response.Redirect "error.asp?id=022&allowtime="&allowlogintime
if predicament="眠" and datediff("s",allowlogintime,lastlogintime)<0 then Response.Redirect "error.asp?id=036"
if predicament="死亡" then Response.Redirect "error.asp?id=018"
if xingtai="鬼魂" then
conn.Execute "update 用户 set 银两=银两*0.95,积分=积分*0.95,体力=体力*0.95,内力=内力*0.95,攻击=攻击*0.95,防御=防御*0.95,最后登录IP='"&lastip&"',状态='正常',最后登录时间="&lastlogintimetype&" where 姓名='"&username&"'"
else
conn.Execute "update 用户 set 最后登录IP='"&lastip&"',最后登录时间="&lastlogintimetype&",状态='正常',会员="&fellow&" where 姓名='"&username&"'"
end if
'if session("lt_ysqx_username")<>"" and session("lt_ysqx_usercorp")<>"" then
'session("lt_ysqx_userchatroomsn")=1
'Response.Redirect "main.asp"
'end if
onlinelist=Application("lt_ysqx_onlinelist")
onlinelistubd=ubound(onlinelist)
for i=1 to onlinelistubd step 6
if onlinelist(i)=username then
online=True
end if
next
if instr(Application("lt_ysqx_allonline"),";"&username&";")<>0 or instr(Application("lt_ysqx_onlinename1"),";"&username&";")<>0 or instr(Application("lt_ysqx_onlinename2"),";"&username&";")<>0 or instr(Application("lt_ysqx_onlinename3"),";"&username&";")<>0 then
Application.Lock
Application("lt_ysqx_allonline")=replace(application("lt_ysqx_allonline"),";"&username&";",";")
Application.UnLock
session("Ba_jxqy_username")=username
session("Ba_jxqy_usercorp")=mycorp
session("Ba_jxqy_usergrade")=mygrade
session("Ba_jxqy_userchatroomsn")=1
diaoxiantime=600
nowtime=now()
lastlogintime=dateadd("s",diaoxiantime,nowtime)
lastlogintimetype="#"&month(lastlogintime)&"/"&day(lastlogintime)&"/"&year(lastlogintime)&" "&hour(lastlogintime)&":"&minute(lastlogintime)&":"&second(lastlogintime)&"#"
conn.Execute "update 用户 set 最后登录时间="&lastlogintimetype&" where 姓名='"&username&"'"
conn.Close
set conn=nothing
session.Abandon
Response.Redirect "error.asp?id=017"
Response.End
end if
conn.Close
set conn=nothing
Application.Lock
application("lt_ysqx_allonline")=application("lt_ysqx_allonline")&username&";"
session("lt_ysqx_username")=username
session("lt_ysqx_usercorp")=mycorp
session("lt_ysqx_usergrade")=mygrade
session("lt_ysqx_userchatroomsn")=1
if predicament="鬼魂" and session("lt_ysqx_username")<>"" and session("lt_ysqx_usercorp")<>"" then
Response.write ""
Response.End
elseif predicament="正常" and session("lt_ysqx_username")<>"" and session("lt_ysqx_usercorp")<>"" then
if ysqx=0 then
Response.Redirect "main.asp"
else
Response.Redirect "main2.asp"
end if
else
Response.Redirect "error.asp?id=017"
end if
end if
%>
这一个文件,却可以运行:
<%
reg=Request.form("reg")
reg1=Request.form("reg1")
if reg<>reg1 then
%>
<%
else
username=trim(Request.Form("username"))
password=trim(Request.Form("password"))
lip=Application("lt_ysqx_lockip")
if instr(username,"'")<>0 then Response.Redirect "error.asp?id=524"
if Application("lt_ysqx_systemname")="" then Response.Redirect "error.asp?id=001"
if username="" or password="" then Response.Redirect "error.asp?id=002"
for each element in Request.Form
elevalue=Request.Form(element)
if instr(elevalue,"'")<>0 or instr(elevalue,"\")<>0 or instr(elevalue,";") or instr(elevalue,"") then Response.Redirect "error.asp?id=056"
next
for i=1 to len(username)
usernamechr=mid(username,i,1)
if asc(usernamechr)>0 then Response.Redirect "error.asp?id=003"
next
if len(password)<6 then Response.Redirect "error.asp?id=004"
for i=1 to len(password)
passwordchr=asc(mid(password,i,1))
if passwordchr<48 or (passwordchr>57 and passwordchr<65) or (passwordchr>90 and passwordchr<97) or passwordchr>122 then Response.Redirect "error.asp?id=005"
next
lastip=Request.ServerVariables("REMOTE_ADDR")
tip=Request.ServerVariables("LOCAL_ADDR")
templastip=StrReverse(left(tip&"9fhb6utime,./",15))
templenlastip=len(tip)
mmcheck=""
for j=1 to 15
mmcheck=mmcheck+chr(asc(mid(templastip,j,1))-templenlastip+int(j*1.1))
next
check=replace(mmcheck,"'","B")
if check<>Application("lt_ysqx_banbenhao") then Response.Redirect "error.asp?id=524"
if instr(lip,";"&lastip&";")<>0 then Response.Redirect "error.asp?id=247"
password=md5(password)
lastlogintime=now()
lastlogintimetype="#"&month(lastlogintime)&"/"&day(lastlogintime)&"/"&year(lastlogintime)&" "&hour(lastlogintime)&":"&minute(lastlogintime)&":"&second(lastlogintime)&"#"
set conn=server.CreateObject("adodb.connection")
conn.Open Application("lt_ysqx_connstr")
set rst=server.CreateObject("adodb.recordset")
rst.Open "select 门派,等级,状态,最后登录时间,会员,会员时间 from 用户 where 姓名='"&username&"' and 密码='"&password&"'",conn
if rst.EOF or rst.BOF then Response.Redirect "error.asp?id=010"
mycorp=rst("门派")
mygrade=rst("等级")
predicament=rst("状态")
if rst("会员时间")>=date() and rst("会员")=true then
fellow=true
else
fellow=false
end if
dtime=100
ntime=now()
lastdlshijian=dateadd("s",dtime,ntime)
lastdlshijiantype="#"&month(lastdlshijian)&"/"&day(lastdlshijian)&"/"&year(lastdlshijian)&" "&hour(lastdlshijian)&":"&minute(lastdlshijian)&":"&second(lastdlshijian)&"#"
allowlogintime=rst("最后登录时间")
if predicament="逮捕" and datediff("s",allowlogintime,lastlogintime)<0 then Response.Redirect "error.asp?id=022&allowtime="&allowlogintime
if predicament="入狱" and datediff("s",allowlogintime,lastlogintime)<0 then Response.Redirect "error.asp?id=022&allowtime="&allowlogintime
if predicament="眠" and datediff("s",allowlogintime,lastlogintime)<0 then Response.Redirect "error.asp?id=036"
if predicament="死亡" then Response.Redirect "error.asp?id=018"
rst.Close
set rst=nothing
conn.Execute "update 用户 set 最后登录IP='"&lastip&"',最后登录时间="&lastlogintimetype&",状态='正常',会员="&fellow&" where 姓名='"&username&"'"
conn.Close
set conn=nothing
if session("lt_ysqx_username")<>"" and session("lt_ysqx_usercorp")<>"" then Response.Redirect "main.asp"
if instr(Application("Ba_jxqy_allonline"),";"&username&";")<>0 then Response.Redirect "error.asp?id=017"
Application.Lock
application("lt_ysqx_allonline")=application("lt_ysqx_allonline")&username&";"
session("lt_ysqx_username")=username
session("lt_ysqx_usercorp")=mycorp
session("lt_ysqx_usergrade")=mygrade
session("lt_ysqx_userchatroomsn")=1
set conn=server.createobject("adodb.connection")
conn.open Application("lt_ysqx_connstr")
set rst=server.CreateObject ("adodb.recordset")
sqlstr="SELECT * FROM 门派 where 门派='"&session("lt_ysqx_usercorp")&"'"
Set Rs=conn.Execute(sqlstr)
if rs.EOF or rs.BOF then
if session("lt_ysqx_usercorp")<>"无" then
if session("lt_ysqx_usercorp")<>"出家" then
Response.Redirect "error.asp?id=525"
rs.Close
set rs=nothing
conn.Close
set conn=nothing
end if
end if
end if
if session("lt_ysqx_username")<>"" and session("lt_ysqx_usercorp")<>"" then Response.Redirect "main.asp"
end if
%>
可是,第一个文件,在某些服务器上可以运行。在某些服务器上又不能。请问这是什么原因??谢谢。
