2

使用 Dreamweaver CS5,我添加了以下运行良好的服务器行为。

问题是,我需要关闭 MM_rsUser1 吗?

自动生成的代码会关闭 MM_rsUser,但是当我尝试在关闭 MM_rsUser 之前或之后的行上关闭 MM_rsUser1 时,页面会失败。

我发现这个关于 MySql的参考资料似乎表明我可能不需要,但由于这是我的第一个项目,我正在努力学习尽可能多的“好习惯”......而且由于 Dreamweaver 正在生成大部分VB 代码,我不想“假设”它对我的作用必然是当今的最佳实践。(该项目正在添加动态数据并将所述数据编辑到预先存在的经典 ASP 站点......我的下一个项目将把它升级到 MVC/C#)

<%
' *** Validate request to log in to this site.
MM_LoginAction = Request.ServerVariables("URL")
If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
MM_valUsername = CStr(Request.Form("userid"))
If MM_valUsername <> "" Then
  Dim MM_fldUserAuthorization
  Dim MM_redirectLoginSuccess
  Dim MM_redirectLoginFailed
  Dim MM_loginSQL
  Dim MM_rsUser
  Dim MM_rsUser_cmd
  Dim MM_loginUpdate ' used to execute timestamp to log last successful login for user
  Dim MM_rsUser1 '     also used to execute timestamp as above

  MM_fldUserAuthorization = "accessLevel"
  MM_redirectLoginSuccess = "/sql.asp"
  MM_redirectLoginFailed = "/login.asp"

  MM_loginSQL = "SELECT email, password"
  If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
  MM_loginSQL = MM_loginSQL & " FROM table WHERE userid = ? AND pword = ?"
  Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
  MM_rsUser_cmd.ActiveConnection = MM_SQL_STRING
  MM_rsUser_cmd.CommandText = MM_loginSQL
  MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 202, 1, 50, MM_valUsername) ' adVarWChar
  MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 202, 1, 50, Request.Form("password")) ' adVarWChar
  MM_rsUser_cmd.Prepared = true
  Set MM_rsUser = MM_rsUser_cmd.Execute

  If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then 
    ' username and password match - this is a valid user
    Session("MM_Username") = MM_valUsername
    MM_loginUpdate = "UPDATE table SET lastLoggedIn = { fn NOW() } WHERE userid = '" & MM_valUsername & "'"
    MM_rsUser_cmd.CommandText = MM_loginUpdate
    Set MM_rsUser1 = MM_rsUser_cmd.Execute ' unsure if I have to write an MM_rsUser1.Close somewhere or not, but page fails where I've tried
    If (MM_fldUserAuthorization <> "") Then
      Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    Else
      Session("MM_UserAuthorization") = ""
    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And true Then
      MM_redirectLoginSuccess = Request.QueryString("accessdenied")
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)
  End If
  MM_rsUser.Close
  Response.Redirect(MM_redirectLoginFailed)
End If
%>
4

1 回答 1

0

乍一看,代码有点棘手。我看到 2 个关闭 MM_rsUser 的语句。Response.Redirect() 就像一个返回语句,所以只会执行一个或另一个,即使 IF 块倾向于使它看起来不一样。我认为对您来说关键是如果您不输入 IF 块,您将无法关闭 MM_rsUser1,因为它从未被打开过。所以我建议这样做:

    If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then 
        ' username and password match - this is a valid user
        Session("MM_Username") = MM_valUsername
        MM_loginUpdate = "UPDATE table SET lastLoggedIn = '" & NOW() & "' WHERE userid = '" & MM_valUsername & "'"
        MM_rsUser_cmd.CommandText = MM_loginUpdate
        Set MM_rsUser1 = MM_rsUser_cmd.Execute ' unsure if I have to write an MM_rsUser1.Close somewhere or not, but page fails where I've tried
        If (MM_fldUserAuthorization <> "") Then
            Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
        Else
            Session("MM_UserAuthorization") = ""
        End If
        if CStr(Request.QueryString("accessdenied")) <> "" And true Then
            MM_redirectLoginSuccess = Request.QueryString("accessdenied")
        End If
        MM_rsUser1.Close 'close it here
        MM_rsUser.Close
        Response.Redirect(MM_redirectLoginSuccess)
    End If 'Not MM_rsUser.EOF Or Not MM_rsUser.BOF 
    'not open, so don't close it
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginFailed)
End If 'MM_valUsername <> ""

更新

重用 MM_rsUser_cmd 充其量是令人困惑的,并且可能是某些错误的原因。改变

MM_rsUser_cmd.CommandText = MM_loginUpdate
Set MM_rsUser1 = MM_rsUser_cmd.Execute


Dim MM_rsUser_cmd1 
Set MM_rsUser_cmd1 = Server.CreateObject ("ADODB.Command")
MM_rsUser_cmd1.ActiveConnection = MM_SQL_STRING
MM_rsUser_cmd1.CommandText = MM_loginUpdate
MM_rsUser_cmd1.Parameters.Append MM_rsUser_cmd1.CreateParameter("param1", 135, 1, -1, NOW()) ' adDBTimeStamp 
MM_rsUser_cmd1.Parameters.Append MM_rsUser_cmd1.CreateParameter("param2", 202, 1, 50, MM_valUsername) ' adVarWChar
MM_rsUser_cmd1.Prepared = true
Set MM_rsUser1 = MM_rsUser_cmd1.Execute
于 2012-05-10T16:03:17.623 回答