如何更好地保護我的網頁？

main.htm

<html>

<body>

<form action="login.asp" method="Post">

<input type="text" name="username" size="20"> 賬號<br>

<input type="password" name="password" size="20"> 密碼<br>

<input type="submit" value="進入">

</form>

</body></html>

login.asp

<%@Language=VBScript%>

<%Response.Buffer = True%>

<html>

<body>

<%

UserName = Request.Form("username")

Password = Request.Form("password")

Set MyConn=Server.CreateObject("ADODB.Connection")

MyConn.Open "Provider={Microsoft Access Driver (*.mdb)};

DBQ=D:\suifengqiwu\databases\test.mdb"

SQL = "Select * From tblLogin"

Set RS = MyConn.Execute(SQL)

If UserName = RS("UserName") And Password = RS("Password") Then

  Session("allow") = True

< !-----連接保護的頁面------->

Else

  Response.Redirect "main.asp"

  RS.Close

  MyConn.Close

  Set RS = Nothing

  Set MyConn = Nothing

End If

%>

</body></html>

    做好了上面兩個程序，再完善一下外圍：把global.asa中的Session_Onstart加上 Session("allow") = False 語句，再在要保護的網頁中加入下面的語句：

<% @Language=VBScript %>

<% Response.Buffer = True %>

<% If session("allow") = False Then Response.Redirect "main.asp" %>

[1]