ASP只能查看属于自己的短信问题
来源:百度知道 编辑:UC知道 时间:2024/06/28 13:28:36
我的查看短信页面代码
<%
if session("id")="" or session("Zname")="" or session("mima")="" then
response.write "<script language=JavaScript>" & chr(13) & "alert('您不具备此权限!');" & "history.back()" & "</script>"
Response.End
end if
set rs=server.CreateObject("adodb.recordset")
sql="select * from primsg where primsguser='"&session("Zname")&"' order by primsgtime desc"
rs.open sql,conn,1,1
if rs("primsguser")<>session("Zname") or rs("shouID")<>session("ID") then
rs.close
set rs=nothing
set conn=nothing
response.write "<script language=JavaScript>" & chr(13) & "alert('此短信不是你的!');" & "history.back()" & "</script>"
Response.End
end if
%><
<%
if session("id")="" or session("Zname")="" or session("mima")="" then
response.write "<script language=JavaScript>" & chr(13) & "alert('您不具备此权限!');" & "history.back()" & "</script>"
Response.End
end if
set rs=server.CreateObject("adodb.recordset")
sql="select * from primsg where primsguser='"&session("Zname")&"' order by primsgtime desc"
rs.open sql,conn,1,1
if rs("primsguser")<>session("Zname") or rs("shouID")<>session("ID") then
rs.close
set rs=nothing
set conn=nothing
response.write "<script language=JavaScript>" & chr(13) & "alert('此短信不是你的!');" & "history.back()" & "</script>"
Response.End
end if
%><
session("Zname")本来就是唯一的,不可能改变。所以,你哪个判断,是否是自己的,就是多余的。
<%
if session("id")="" or session("Zname")="" or session("mima")="" then
response.write "<script language=JavaScript>" & chr(13) & "alert('您不具备此权限!');" & "history.back()" & "</script>"
Response.End
end if
primsgid=request.QueryString("id")
'response.Write(primsgid)
set rs=server.CreateObject("adodb.recordset")
'这里两个sql,你数据库里是用的哪个建立关系。你就用哪个。
strsql="select * from primsg where primsgid="&primsgid&" and shouID="&session("ID")
strsql="select * from primsg where primsgid="&primsgid&" and primsguser='"&session("Zname")&"'"
rs.open strsql,conn,1,3
If rs.eof Then
response.write "<script languag