3

这可能真的很简单,但我几乎没有任何经典 ASP 语法的经验。基本上我有登录声明。如下图所示:

<%if session("AccountID") = "0" or session("AccountID")=""  then%>
                    <%
                    If request.form("SmPress") = "Pressed" Then
                        dim SQLVerifyEmail
                        SQLVerifyEmail = "SELECT * FROM Users WHERE UserName= '"&killchars(request.form("UserName"))&"' and Password = '"&killchars(request.form("Password"))&"' AND Status = 'A' AND Deleted = 'no'  "
                        set RSVerifyEmail = MyConn.execute(SQLVerifyEmail)
                        If RSVerifyEmail.EOF Then

                            response.write ("<span class=loginerror>Incorrect login details.</span><br>")

                        Else
                            LastLogin2 = "UPDATE Users SET LastLogin = Convert(datetime,'"&now()&"',103) WHERE AccountID = '"&RSVerifyEmail("AccountID")&"' "
                            MyConn.execute(LastLogin2)
                            session("admin") = RSVerifyEmail("admin")
                            session("AccountID") = RSVerifyEmail("AccountID")
                            response.redirect "profile.asp"

                        End if
                    End if
                    %>

我要做的就是拆分它,这样如果 session = admin 它将重定向到 profile.asp,但如果它等于帐户 ID,则重定向到 profile-user.asp。我尝试了以下方法,但它通过大量错误:

ElseIF
                            LastLogin2 = "UPDATE Users SET LastLogin = Convert(datetime,'"&now()&"',103) WHERE AccountID = '"&RSVerifyEmail("AccountID")&"' "
                            MyConn.execute(LastLogin2)
                            session("admin") = RSVerifyEmail("admin") Then
                            response.redirect "profile.asp"

                        Else
                        session("AccountID") = RSVerifyEmail("AccountID")
                        response.redirect "profile-user.asp"
                        End if
                    End if
                    %>

我哪里错了?

4

1 回答 1

4

假设您只在数据库中的管理员配置文件上设置 RSVerifyEmail("admin") = "True":试试这个:

<% if session("AccountID") = "0" or session("AccountID") = ""  then %>
<%
If request.form("SmPress") = "Pressed" Then
    dim SQLVerifyEmail
        SQLVerifyEmail = "SELECT * FROM Users WHERE UserName= '"&killchars(request.form("UserName"))&"' and Password = '"&killchars(request.form("Password"))&"' AND Status = 'A' AND Deleted = 'no'  "

    set RSVerifyEmail = MyConn.execute(SQLVerifyEmail)
        If RSVerifyEmail.EOF Then
            response.write ("<span class=loginerror>Incorrect login details.</span><br>")
        Else
            LastLogin2 = "UPDATE Users SET LastLogin = Convert(datetime,'"&now()&"',103) WHERE AccountID = '"&RSVerifyEmail("AccountID")&"' "
            MyConn.execute(LastLogin2)

            ' // Set only for admin session only for admins
            IF RSVerifyEmail("admin") = "True" Then
                RedirectWho         = "admin"
                session("admin")    = RSVerifyEmail("admin")
            Else
                RedirectWho         = "user"
            End if
            session("AccountID")    =   RSVerifyEmail("AccountID")
        End if
    set RSVerifyEmail = Nothing

    ' // redirect the logged in user or admin
    If RedirectWho = "admin" Then
        response.redirect "profile.asp"
    ElseIf RedirectWho = "user" Then
        response.redirect "profile-user.asp"
    End if
End if
%>
于 2012-09-26T14:08:42.340 回答