流程:
1、文件1:输入用户名、密码;
2、文件2:接受输入并做简单判断,
然后用xmlhttp把他post到http://www.xxx.com/login.asp
3、文件2:通过返回的文件判断密码是否正确;
正确asp:response.redirect "www.xxx.com/index.asp"
结果:
1、登陆不成功,出现“超时已过期,请重新登陆”
问题:
请问如何解决?
分数:200分相送,并且言语感谢!!!
---------------------------------------------------------------
用xmlhttp GET http://login.asp?user=abc&pwd=cde&thisurl=http://my.xxx.com 返回的信息,不要用POST了吧?
---------------------------------------------------------------
php可以,asp好像不行
---------------------------------------------------------------
除非你用明文,get上去
---------------------------------------------------------------
把返回的数据分析一下
---------------------------------------------------------------
看看你返回的是什么数据!
---------------------------------------------------------------
1
2url="http://login.asp?user=abc&pwd=cde&thisurl=http://my.xxx.com"
3return_data=getHTTPPage(url) '<\-- 分析这里面的东西
4
5function getHTTPPage(url)
6on error resume next
7dim http
8set http=Server.createobject("Msxml2.XMLHTTP")
9Http.open "GET",url,false
10Http.send()
11if Http.readystate<>4 then exit function
12getHTTPPage=bytes2BSTR(Http.responseBody)
13set http=nothing
14if err.number<>0 then err.Clear
15end function
16
17Function bytes2BSTR(vIn)
18dim strReturn
19dim i,ThisCharCode,NextCharCode
20strReturn = ""
21For i = 1 To LenB(vIn)
22ThisCharCode = AscB(MidB(vIn,i,1))
23If ThisCharCode < &H80 Then
24strReturn = strReturn & Chr(ThisCharCode)
25Else
26NextCharCode = AscB(MidB(vIn,i+1,1))
27strReturn = strReturn & Chr(CLng(ThisCharCode) * &H100 + CInt(NextCharCode))
28i = i + 1
29End If
30Next
31bytes2BSTR = strReturn
32End Function
---------------------------------------------------------------
..
---------------------------------------------------------------
“然后用xmlhttp把他post到http://www.xxx.com/login.asp”
这个LOGIN。ASP,你能修改么? 如果能,登陆之前,用COOKIES记下这个 USER,POST到远端,成功后你叫他返回你本地http://www.YYYYYYYYYYYYYYYYYYYYY.com/loginOK.asp?USERN=USERN&PWD=PWD&CHECKok=ok
loginOK.asp里面,给COOKISE(“USER”)登陆就是了。
如果验证不成功,返回你本地http://www.YYYYYYYYYYYYYYYYYYYYY.com/loginNO.asp?USERN=USERN&PWD=PWD&CHECKok=ok
清除COOKISE(“USER”),告诉他帐号不对。
---------------------------------------------------------------
啊,原来是这样,不早说。大家帮你再想想。。。。
---------------------------------------------------------------
test.asp
=======================
1
2strName = "aa"
3strPwd="bb"
4Set x = Server.CreateObject("Microsoft.XMLHTTP")
5str = "name=" & strName & "&pwd=" & strPwd
6x.Open "POST","http://localhost/asp/Login.asp",False
7x.setRequestHeader "Content-Length",Len(str)
8x.setRequestHeader "CONTENT-TYPE","application/x-www-form-urlencoded"
9x.send str
10If Trim(x.responseText) = "ok" Then
11Response.Redirect "http://lucky_elove.www1.dotnetplayground.com/"
12Else
13Response.write "无效密码和名字"
14End if
15
Login.asp
=---------------
1
2If Request.Form("name") = "aa" And Request.Form("pwd") = "bb" Then
3Response.write "ok"
4Else
5Response.write "fail"
6End If