这是一个判断登录用户合法性的代码,可正常运行但是好像不是很合理,希望各位大侠能帮忙完善一下 <!--#include file="conn.asp"--> <% dim admin,pwd,adminname,adminpwd admin=replace(trim(request.Form("name")),"'","") pwd=request.Form("password") set rs=server.createobject("ADODB.Recordset") sql="select * from admin where admin='" &admin& "'" rs.open sql,conn,1,1 if rs.eof and rs.bof then response.write"<script>alert('用户名或密码不存在');history.back();</script>" else adminname=rs("admin") adminpwd=rs("pwd") rs.close set rs=nothing end if if admin<>adminname then response.write"<script>alert('用户名不存在');history.back();</script>" elseif pwd<>adminpwd then response.Write"<script>alert('密码错误');history.back();</script>" elseif request.form("name")="" then response.write"<script>alert('用户名不能为空');history.back();</script>" elseif request.Form("password")="" then response.write"<script>alert('密码不能为空');history.back();</script>" else response.Redirect("admin_edit.asp") end if %>