|    
			
				18/06/2004, 07:36
			
			
			  | 
  |   |  |  |  |  Fecha de Ingreso: junio-2004 Ubicación: MTY-Mexico 
						Mensajes: 49
					 Antigüedad: 21 años, 4 meses Puntos: 0 |  | 
  |   codigo completo 
  Tienen Razon, no dice nada de ASP  
es el puro formulario  
Perdon, mejor aqui lo pego completo     Cita:  accesosnews.asp
 <%@LANGUAGE="VBSCRIPT"%>
 <!--#include file="Connections/proyectos.asp" -->
 <%
 Dim Recordset1__var
 Recordset1__var = "%"
 if (Request.QueryString("pass")  <> "") then Recordset1__var = Request.QueryString("pass")
 %>
 <%
 set Recordset1 = Server.CreateObject("ADODB.Recordset")
 Recordset1.ActiveConnection = MM_proyectos_STRING
 Recordset1.Source = "SELECT *  FROM noticias  WHERE pass LIKE '" + Replace(Recordset1__var, "'", "''") + "'"
 Recordset1.CursorType = 0
 Recordset1.CursorLocation = 2
 Recordset1.LockType = 3
 Recordset1.Open()
 Recordset1_numRows = 0
 %>
 <html>
 <head>
 <STYLE type=text/css>BODY {
 SCROLLBAR-FACE-COLOR: #CAE4FF; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; SCROLLBAR-ARROW-COLOR: #000000; SCROLLBAR-BASE-COLOR: #ffffff; scrollbar-3d-light-color: #000000; scrollbar-dark-shadow-color: #FFFFFF
 }
 INPUT {
 FONT-SIZE: 10px; COLOR: #004080; FONT-FAMILY: Verdana, Arial, Helvetica; BACKGROUND-COLOR: #ffffff
 }
 TEXTAREA {
 FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica; BACKGROUND-COLOR: #ffffff
 }
 A {
 TEXT-DECORATION: none
 }
 A:hover {
 COLOR: black; TEXT-DECORATION: none
 }
 </STYLE>
 <title>Acceso Ventas</title>
 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
 </head>
 <body bgcolor="#FFFFFF" text="#000000" background="dawn.jpg"  bgproperties="fixed">
 <h2 align="center"><font color="#0000FF"><b><font color="#FFFFFF">ACCESO UNICO
 A NOTICIAS</font></b></font></h2>
 <form name="form1" method="get" action="menunoticias.asp">
 <table width="75%" border="0" cellspacing="0" cellpadding="0" align="center">
 <tr>
 <td width="37%"><b><font face="Verdana, Arial, Helvetica, sans-serif">CONTRASEÑA</font></b></td>
 <td width="63%">
 <input type="password" name="pass" size="10" maxlength="6">
 <input type="submit" name="Submit" value="ENTRAR">
 </td>
 </tr>
 </table>
 </form>
 </body>
 </html>
 <%
 Recordset1.Close()
 %>
 
 
 Y manda a este...    Cita:  menunoticias.asp
 
 
 <%@LANGUAGE="VBSCRIPT"%>
 <!--#include file="Connections/proyectos.asp" -->
 <%
 ' *** Edit Operations: declare variables
 
 MM_editAction = CStr(Request("URL"))
 If (Request.QueryString <> "") Then
 MM_editAction = MM_editAction & "?" & Request.QueryString
 End If
 
 ' boolean to abort record edit
 MM_abortEdit = false
 
 ' query string to execute
 MM_editQuery = ""
 %>
 <%
 ' *** Insert Record: set variables
 
 If (CStr(Request("MM_insert")) <> "") Then
 
 MM_editConnection = MM_proyectos_STRING
 MM_editTable = "publica"
 MM_editRedirectUrl = "noticiaaceptada.htm"
 MM_fieldsStr  = "noticias|value|login|value|nivel|value|fecha|valu  e"
 MM_columnsStr = "noticias|',none,''|login|',none,''|nivel|',none,'  '|fecha|',none,''"
 
 ' create the MM_fields and MM_columns arrays
 MM_fields = Split(MM_fieldsStr, "|")
 MM_columns = Split(MM_columnsStr, "|")
 
 ' set the form values
 For i = LBound(MM_fields) To UBound(MM_fields) Step 2
 MM_fields(i+1) = CStr(Request.Form(MM_fields(i)))
 Next
 
 ' append the query string to the redirect URL
 If (MM_editRedirectUrl <> "" And Request.QueryString <> "") Then
 If (InStr(1, MM_editRedirectUrl, "?", vbTextCompare) = 0 And Request.QueryString <> "") Then
 MM_editRedirectUrl = MM_editRedirectUrl & "?" & Request.QueryString
 Else
 MM_editRedirectUrl = MM_editRedirectUrl & "&" & Request.QueryString
 End If
 End If
 
 End If
 %>
 <%
 ' *** Insert Record: construct a sql insert statement and execute it
 
 If (CStr(Request("MM_insert")) <> "") Then
 
 ' create the sql insert statement
 MM_tableValues = ""
 MM_dbValues = ""
 For i = LBound(MM_fields) To UBound(MM_fields) Step 2
 FormVal = MM_fields(i+1)
 MM_typeArray = Split(MM_columns(i+1),",")
 Delim = MM_typeArray(0)
 If (Delim = "none") Then Delim = ""
 AltVal = MM_typeArray(1)
 If (AltVal = "none") Then AltVal = ""
 EmptyVal = MM_typeArray(2)
 If (EmptyVal = "none") Then EmptyVal = ""
 If (FormVal = "") Then
 FormVal = EmptyVal
 Else
 If (AltVal <> "") Then
 FormVal = AltVal
 ElseIf (Delim = "'") Then  ' escape quotes
 FormVal = "'" & Replace(FormVal,"'","''") & "'"
 Else
 FormVal = Delim + FormVal + Delim
 End If
 End If
 If (i <> LBound(MM_fields)) Then
 MM_tableValues = MM_tableValues & ","
 MM_dbValues = MM_dbValues & ","
 End if
 MM_tableValues = MM_tableValues & MM_columns(i)
 MM_dbValues = MM_dbValues & FormVal
 Next
 MM_editQuery = "insert into " & MM_editTable & " (" & MM_tableValues & ") values (" & MM_dbValues & ")"
 
 If (Not MM_abortEdit) Then
 ' execute the insert
 Set MM_editCmd = Server.CreateObject("ADODB.Command")
 MM_editCmd.ActiveConnection = MM_editConnection
 MM_editCmd.CommandText = MM_editQuery
 MM_editCmd.Execute
 MM_editCmd.ActiveConnection.Close
 
 If (MM_editRedirectUrl <> "") Then
 Response.Redirect(MM_editRedirectUrl)
 End If
 End If
 
 End If
 %>
 <%
 Dim proyectos__var
 proyectos__var = "%"
 if (Request.QueryString("pass")   <> "") then proyectos__var = Request.QueryString("pass")
 %>
 <%
 set proyectos = Server.CreateObject("ADODB.Recordset")
 proyectos.ActiveConnection = MM_proyectos_STRING
 proyectos.Source = "SELECT *  FROM noticias  WHERE noticias.pass LIKE '" + Replace(proyectos__var, "'", "''") + "'"
 proyectos.CursorType = 0
 proyectos.CursorLocation = 2
 proyectos.LockType = 3
 proyectos.Open()
 proyectos_numRows = 0
 %>
 <html>
 <head>
 <STYLE type=text/css>BODY {
 SCROLLBAR-FACE-COLOR: #CAE4FF; SCROLLBAR-HIGHLIGHT-COLOR: #000000; SCROLLBAR-SHADOW-COLOR: #000000; SCROLLBAR-ARROW-COLOR: #000000; SCROLLBAR-BASE-COLOR: #ffffff; scrollbar-3d-light-color: #000000; scrollbar-dark-shadow-color: #FFFFFF
 }
 INPUT {
 FONT-SIZE: 10px; COLOR: #004080; FONT-FAMILY: Verdana, Arial, Helvetica; BACKGROUND-COLOR: #ffffff
 }
 TEXTAREA {
 FONT-SIZE: 10px; COLOR: #000000; FONT-FAMILY: Verdana, Arial, Helvetica; BACKGROUND-COLOR: #ffffff
 }
 A {
 TEXT-DECORATION: none
 }
 A:hover {
 COLOR: black; TEXT-DECORATION: none
 }
 </STYLE>
 <title>Pagina Ventas</title>
 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
 </head>
 <body bgcolor="#FFFFFF" text="#000000" background="dawn.jpg" bgproperties="fixed">
 <table width="100%" border="0">
 <tr>
 <td width="27%"><img src="logo.jpg" border="0"></td>
 <td width="73%">
 <div align="center"><font face="Verdana, Arial, Helvetica, sans-serif" color="#FFFFFF"><b>Menu
 Principal de <%=(proyectos.Fields.Item("descricpion").Value)%  ></b></font></div>
 </td>
 </tr>
 </table>
 <h3 align="center"><font face="Verdana, Arial, Helvetica, sans-serif" color="#FFFFFF">Publicaciones
 recientes acerca de la cadena</font></h3>
 <form name="form1" method="POST" action="<%=MM_editAction%>">
 <table width="100%" border="0">
 <tr>
 <td width="18%"><b><font face="Verdana, Arial, Helvetica, sans-serif" color="#CCCCCC">Publicciones:
 </font></b><font face="Verdana, Arial, Helvetica, sans-serif" color="#CCCCCC">
 : </font></td>
 <td width="55%">
 <textarea name="noticias" cols="60" rows="7"></textarea>
 </td>
 <td width="27%">  </td>
 </tr>
 <tr>
 <td width="18%">  </td>
 <td width="55%">
 <div align="left">
 <input type="submit" name="Submit" value="Enviar">
 <input type="hidden" name="login" value="<%=(proyectos.Fields.Item("login").Value)%>  ">
 <input type="hidden" name="nivel" value="<%=(proyectos.Fields.Item("nivel").Value)%>  ">
 <input type="hidden" name="fecha" value="<%=now()%>">
 </div>
 </td>
 <td width="27%">  </td>
 </tr>
 </table>
 <input type="hidden" name="MM_insert" value="true">
 </form>
 <form name="detallehistory" method="get" action="detallehistorynoticias.asp">
 <input type="submit" name="historyproyect" value="HISTORIAL">
 <input type="hidden" name="login" value="<%=(proyectos.Fields.Item("login").Value)%>  ">
 </form>
 <p> </p>
 </body>
 </html>
 <%
 proyectos.Close()
 %>
 
 
 
Lo puse asi de largo como lo tengo  
pero ahi excluyen lo que no les sirva  
Es que nunca me ha salido eso de login y password con nivel de autoridad. 
Entonces los mando solo con un campo, lo valida, lo deja pasar a la pagna esa.  
Pero si no ? 
Error X linea,,,  donde acomodo , el SI no, ACCESO DENEGADO      ?  
Gracias 
MartYn   Última edición por MartYn; 18/06/2004 a las 07:38
     |