更新经典asp中的密码页面

时间:2016-10-27 07:30:53

标签: asp-classic passwords

  1. 我有一个经典的asp网站,但我不是很擅长。用户可以在其中更改用户名密码的页面。我想允许用户只更改密码,而不是用户名。我对代码做了一些更改,但它没有用。 表单如下:old form

    2. 我希望如下:new form 

    <%
oldUsername=QS_CLEAR(request.QueryString("s1"))
oldPassword=request.QueryString("s2")
newUsername=QS_CLEAR(request.QueryString("nu"))
newPassword=request.QueryString("np1")
newComfirm=request.QueryString("np2")
if oldUsername="" or oldPassword="" or newUsername="" or newPassword="" or newComfirm="" then
    response.Write("<div id=""hata"">Fill the form correctly.</div>")
elseif QS_CLEAR(newPassword)<>QS_CLEAR(newComfirm) then
    response.Write("<div id=""hata"">New passwords do not match.</div>")
else
    rst.open "SELECT * FROM Users WHERE (Type='T') AND (username='"&username&"') and (UserID<>"&ID&")",conn,3,3
    if rst.eof then
        rst.close:rst.open "SELECT * FROM Users WHERE ID="&session("UserID"),conn,3,3
        if lcase(rst("username"))<>lcase(oldUsername) then
            response.Write("<div id=""hata"">Your username is wrong.</div>")
        elseif encode(lcase(oldUsername)&oldPassword&lcase(mid(cstr(rst("GUID")),2,36)))<>rst("Password")  then
            response.Write("<div id=""hata"">Your password is wrong.</div>")
        else
            GUID=lcase(GetGuid()):password=encode(lcase(oldUsername)&newPassword&GUID)
            rst("Username")=newUsername:rst("Password")=password:rst("GUID")="{"&GUID&"}"
            rst.update
            response.Write("<div id=""basarili"">Your password has changed.</div>")
        end if
    else
        response.Write("<div id=""hata"">You can not choose this username.</div>")
    end if
    rst.close
end if

%>

    我应该在上面的代码中做出哪些更改才能使其正常工作。

    1. 我还想在我的数据库的Users表中将密码更改为 PasswordChanged 字段时添加日期和时间。

1 个答案:

答案 0 :(得分:0)

以下未经测试的代码:

添加了一些评论,请询问您是否需要更多信息或是否有任何错误 

<%
'we have only three inputs now,

oldPassword=request.QueryString("s2")
newPassword=request.QueryString("np1")
newComfirm=request.QueryString("np2")

Response.write "oldPassword = " & oldPassword & "<br>";
Response.write "newPassword = " & newPassword & "<br>";
Response.write "newComfirm  = " & newComfirm  & "<br>";

if oldPassword="" or newPassword="" or newComfirm="" then
    response.Write("<div id=""hata"">Fill the form correctly.</div>")
elseif QS_CLEAR(newPassword)<>QS_CLEAR(newComfirm) then
    response.Write("<div id=""hata"">New passwords do not match.</div>")
else
    Dim sql : sql = "SELECT * FROM Users WHERE ID="&session("UserID")
    Response.write "sql=" & sql & "<br>"
    rst.open sql,conn,3,3
    if NOT rst.EOF
        'check if the old password provided is correct.Use rst("Username") instead of oldUsername
        if encode(lcase(rst("Username"))&oldPassword&lcase(mid(cstr(rst("GUID")),2,36)))<>rst("Password")  then
            response.Write("<div id=""hata"">Your password is wrong.</div>")
        else
            GUID=lcase(GetGuid())
            password=encode(lcase(rst("Username")&newPassword&GUID)
            rst("Password")=password
            rst("GUID")="{"&GUID&"}"
            'add changed date, may need some tweaking for the required format.
            rst("PasswordChanged") = Now 
            rst.update
            response.Write("<div id=""basarili"">Your password has changed.</div>")
        end if
    end if
    rst.close
end if

%>
相关问题
最新问题