200分关于跨站点cookie问题??

流程:
1、文件1:输入用户名、密码;
2、文件2:接受输入并做简单判断,
然后用xmlhttp把他post到http://www.xxx.com/login.asp
3、文件2:通过返回的文件判断密码是否正确;
正确asp:response.redirect "www.xxx.com/index.asp"
结果:
1、登陆不成功,出现“超时已过期,请重新登陆”

问题:
请问如何解决?

分数:200分相送,并且言语感谢!!!

---------------------------------------------------------------

用xmlhttp GET http://login.asp?user=abc&pwd=cde&thisurl=http://my.xxx.com 返回的信息,不要用POST了吧?
---------------------------------------------------------------

php可以,asp好像不行
---------------------------------------------------------------

除非你用明文,get上去
---------------------------------------------------------------

把返回的数据分析一下
---------------------------------------------------------------

看看你返回的是什么数据!
---------------------------------------------------------------

 1   
 2url="http://login.asp?user=abc&pwd=cde&thisurl=http://my.xxx.com"   
 3return_data=getHTTPPage(url) '<\-- 分析这里面的东西   
 4  
 5function getHTTPPage(url)   
 6on error resume next   
 7dim http   
 8set http=Server.createobject("Msxml2.XMLHTTP")   
 9Http.open "GET",url,false   
10Http.send()   
11if Http.readystate<>4 then exit function   
12getHTTPPage=bytes2BSTR(Http.responseBody)   
13set http=nothing   
14if err.number<>0 then err.Clear   
15end function   
16  
17Function bytes2BSTR(vIn)   
18dim strReturn   
19dim i,ThisCharCode,NextCharCode   
20strReturn = ""   
21For i = 1 To LenB(vIn)   
22ThisCharCode = AscB(MidB(vIn,i,1))   
23If ThisCharCode < &H80 Then   
24strReturn = strReturn & Chr(ThisCharCode)   
25Else   
26NextCharCode = AscB(MidB(vIn,i+1,1))   
27strReturn = strReturn & Chr(CLng(ThisCharCode) * &H100 + CInt(NextCharCode))   
28i = i + 1   
29End If   
30Next   
31bytes2BSTR = strReturn   
32End Function

---------------------------------------------------------------

..
---------------------------------------------------------------

“然后用xmlhttp把他post到http://www.xxx.com/login.asp”

这个LOGIN。ASP,你能修改么? 如果能,登陆之前,用COOKIES记下这个 USER,POST到远端,成功后你叫他返回你本地http://www.YYYYYYYYYYYYYYYYYYYYY.com/loginOK.asp?USERN=USERN&PWD=PWD&CHECKok=ok
loginOK.asp里面,给COOKISE(“USER”)登陆就是了。

如果验证不成功,返回你本地http://www.YYYYYYYYYYYYYYYYYYYYY.com/loginNO.asp?USERN=USERN&PWD=PWD&CHECKok=ok
清除COOKISE(“USER”),告诉他帐号不对。
---------------------------------------------------------------

啊,原来是这样,不早说。大家帮你再想想。。。。
---------------------------------------------------------------

test.asp

=======================

 1   
 2strName = "aa"   
 3strPwd="bb"   
 4Set x = Server.CreateObject("Microsoft.XMLHTTP")   
 5str = "name=" & strName & "&pwd=" & strPwd   
 6x.Open "POST","http://localhost/asp/Login.asp",False   
 7x.setRequestHeader "Content-Length",Len(str)   
 8x.setRequestHeader "CONTENT-TYPE","application/x-www-form-urlencoded"   
 9x.send str   
10If Trim(x.responseText) = "ok" Then   
11Response.Redirect "http://lucky_elove.www1.dotnetplayground.com/"   
12Else   
13Response.write "无效密码和名字"   
14End if   
15

Login.asp
=---------------

1   
2If Request.Form("name") = "aa" And Request.Form("pwd") = "bb" Then   
3Response.write "ok"   
4Else   
5Response.write "fail"   
6End If
Published At
Categories with Web编程
Tagged with
comments powered by Disqus