想吃cookie，结果把牙给崩了！(42分)

我用
with Response.Cookies.Add do
begin
Name:='UserPwd';
Value:=UserPwd;
end;
写入，用
request.cookiefields.values['UserName'］
读，结果为空。然后又用
with Response do begin
SetCookieField(MyCookies, 'localhost', '/', -1, False);
end;
写入，还是不行！天哪！我的牙......

大富翁的牙医呢？

牙疼不是病，疼起来真要命......

神啊，救救我吧！

hehe ,帮你顶一下，asp我是不玩的，憋不过了，就写isapi，：）

客户端要允许写入，否则肯定读不到：

遍历带子关键字 (Subkeys) 的集合

脚本在单一 cookie 中嵌入相关值以减少在浏览器和 Web 服务器之间传送的 cookie 数目。因此 Request 和 Response 对象的 Cookies 集合能够在单一项目中拥有多个值。这些子项目或子关键字可以被单个访问。只有 Request.Cookies 和 Response.Cookies 集合支持子关键字 (Subkeys)。Request.Cookies 只支持读操作；Response.Cookies 只支持写操作。

可以列举 Request.Cookie 集合中所有的 cookie 以及 Cookie 中所有的子关键字 (Subkeys)。但是，如果在没有子关键字 (Subkeys) 的 Cookie 上遍历子关键字，将不会产生任何结果。通过使用 .HasKeys 语法首先检查 cookie 是否含有子关键字 (Subkeys)，就可以避免这种情况。下面的这个例子展示了这个技巧。

<%
'Declare counter variables
Dim Cookie, Subkey

'Display the entire cookie collection.
For Each Cookie in Request.Cookies
Response.Write Cookie & "<BR>"
If Request.Cookies(Cookie).HasKeys Then
'Display the subkeys
For Each Subkey in Request.Cookies(Cookie)
Response.Write Subkey & "=" & Request.Cookies(Cookie)(Subkey) & "<BR>"
Next
Else
Response.Write "No subkeys in this cookie <BR>"
End If
Next
%>

遍历对象集合

Session 和 Application 集合可以保存数量变量或者对象实例。Contents 集合拥有数量变量和通过调用 Server.CreateObject 生成的对象实例。StaticObjects 集合拥有在 Global.asa 文件中使用 HTML <OBJECT> 元素创建的对象。

在遍历包含对象的集合时，可以访问对象的标识符或对象的方法和属性。例如，假设应用程序使用一些对象创建用户帐号，而且每个对象有初始化方法，可以遍历 StaticObjects 集合来调用每个初始化方法：

<%
For Each Object in Session.StaticObjects
Session.StaticObjects(Object).InitializeUser
Next
%>

检查是否支持！




<html><title>※ 网:域:科:技 - 无:限:商:机 ※ - Http://www.wykj.com</title>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
</head>

<script Language="JavaScript">
<!-- hide script from non compliant broswers
// author: Roger W. Davis

//first, calculate an expiration for your temporary test cookie
var oneDay= 1*24*60*60*1000;
var expDate = new Date();
expDate.setTime (expDate.getTime() + oneDay);
var cookieExpires = expDate.toGMTString();
//just for completeness, get the browser information
document.write("Your browser is: <b>", navigator.appName,"</b><BR>");
document.write("Version: <b>",navigator.appVersion,"</b><BR>");
//set your temprorary cookie
document.cookie="verifyCookie=test; expires="+cookieExpires
//check to see if ANY cookies exist, including the one you just set
if (document.cookie.length>0)
document.write("Your browser supports cookies.<BR><BR>");
else {
document.write("Your browser doesn't support cookies, ")
document.write("or they're currently disabled.<BR><BR>");
document.write(document.cookie.substring(0,document.cookie.length)+"<BR><BR>");
}
//now be a good Netizen and clear out the unwanted stuff
document.cookie="verifyCookie=CLEAR; expires=Sun, 09-Nov-97 01:00:00 GMT";
//-->
</script>


<body>
<p>判断你的浏览器是否支持cookies</p>
<p>源代码：</p>
<p><br>
<script Language="JavaScript"><br>
<!-- hide script from non compliant broswers<br>
// author: Roger W. Davis<br>
<br>
//first, calculate an expiration for your temporary test cookie<br>
var oneDay= 1*24*60*60*1000;<br>
var expDate = new Date();<br>
expDate.setTime (expDate.getTime() + oneDay);<br>
var cookieExpires = expDate.toGMTString();<br>
//just for completeness, get the browser information<br>
document.write("Your browser is: <b>", navigator.appName,"</b><BR>");<br>
document.write("Version: <b>",navigator.appVersion,"</b><BR>");<br>
//set your temprorary cookie<br>
document.cookie="verifyCookie=test; expires="+cookieExpires<br>
//check to see if ANY cookies exist, including the one you just set<br>
if (document.cookie.length>0)<br>
document.write("Your browser supports cookies.<BR><BR>");<br>
else {<br>
document.write("Your browser doesn't support cookies, ")<br>
document.write("or they're currently disabled.<BR><BR>");<br>
document.write(document.cookie.substring(0,document.cookie.length)+"<BR><BR>");<br>
}<br>
//now be a good Netizen and clear out the unwanted stuff<br>
document.cookie="verifyCookie=CLEAR; expires=Sun, 09-Nov-97 01:00:00 GMT";<br>
//--><br>
</script><br>
<br>
</p>
</body>

</html>



读写：

<html><title>※ 网:域:科:技 - 无:限:商:机 ※ - Http://www.wykj.com</title>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="GENERATOR" content="Microsoft FrontPage 4.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
</head>
<script language="JavaScript1.2">


<!--
/*
This header must remain in place

Applies to Security aspect of script only
Title: Password Protection
http://www.plebius.org/javascripts/
Copyright 1999 All Rights Reserved.
http://www.plebius.org/copy.shtml
Owner: Plebius Industries
http://www.plebius.org
Author: Martin Kretzmann
scripts@plebius.org
License: GNU General Public License
http://www.plebius.org/scripts/license.html
*/


var GrantedURL = 'http://accept.html';
var DeniedURL = 'http://dontaccept.html';


var jim;
var gotoit;
suzy="0"
var capable;
var name = navigator.appName.toLowerCase();
var vers = parseFloat(navigator.appVersion);

if ((name.indexOf("netscape") >= 0 && vers >= 4) || (name.indexOf("microsoft") >= 0 && vers >= 4))
capable = true;
else
capable = false;

// Constants.

var FLDSEP; // Special characters used as separators in cookie data string.
var IDXSEP;

if (capable) {
FLDSEP = String.fromCharCode(1);
IDXSEP = String.fromCharCode(2);
}

//----------------------------------------------------------------------------
// Stores data currently entered on a form as cookies. Always returns true.
//
// name - The form name.
// months - Number of months to keep the cookies.
// exclude - A comma-delimited list of field names that should not be
// stored. Use to exclude sensitive data such as password,
// credit card numbers, etc.
//----------------------------------------------------------------------------

function storeData(name, months, exclude) {

var f;
var expdate;
var list, include;
var i;
var fld;
var data;
if ((document.myForm.pass.value==document.myForm.pass1.value)&&(document.jim.hiduser.value=="")&&(document.myForm.pass.value!="")){
name="jim";
document.jim.hidpass.value=document.myForm.pass.value;
document.jim.hiduser.value=document.myForm.user.value;
document.jim.hidname.value=document.myForm.name.value;
document.jim.hidhint.value=document.myForm.hint.value;
if (!capable)
return true;

// Get the named form, skip processing if not found.

if (!(f = document.forms[name]))
return true;

// Initialize the data field.

// Set the expiration date.

if (months == "")
months = 12;
expdate = new Date();
expdate.setMonth(expdate.getMonth() + months);

// Build a list of field names for exclusion.

list = new Array();
if (exclude != "") {
i = 0;
while ((i = exclude.indexOf(",")) >= 1) {
list[list.length] = exclude.substr(0, i);
exclude = exclude.substr(i + 1)
}
list[list.length] = exclude;
}

// Run through the fields and add field name/value pairs to the data string.

data = FLDSEP;
for (i = 0; i < f.length; i++) {
fld = f.elements;

// Is field in exclusion list?

include = true;
for (j = 0; j < list.length; j++)
if (fld.name == list[j])
include = false;

if (include) {

// Checkboxes and radio buttons.

if ((fld.type == "checkbox" || fld.type == "radio") && fld.checked)
data += setData(fld.name, fld.value);

// Selection lists (single).

if (fld.type == "select-one")
if (fld.selectedIndex >= 0)
data += setData(fld.name, fld.options[fld.selectedIndex].value);

// Selection lists (multiple). Add a unique name/value pair for each selected item.

if (fld.type == "select-multiple")
for (j = 0; j < fld.options.length; j++)
if (fld.options[j].selected)
data += setData(fld.name + IDXSEP + j, fld.options[j].value);

// Text fields.

if (fld.type == "hidden" || fld.type == "password" || fld.type == "text" || fld.type == "textarea")
data += setData(fld.name, fld.value);
}
}

// Set the cookie.

deleteCookie(name);
setCookie(name, data, expdate);
alert("user "+document.jim.hiduser.value+" has been added");

}
else if(document.myForm.pass.value==""||document.myForm.name.value==""||document.myForm.user.value==""||document.myForm.hint.value==""||document.myForm.pass1.value=="")
alert('fill in the form loser');
else alert("either your passwords don't match or you have registered with us before");
return true;
}
//----------------------------------------------------------------------------
// Retrieves data from the cookie and sets the values in the corresponding
// form fields. Returns true if data was found, false otherwise.
//
// name - The form name.
//----------------------------------------------------------------------------

function retrieveData(name) {

var f;
var i, j;
var fld;
var s;
var data;

if (!capable)
return false;

// Get the named form, return if not found.

if (!(f = document.forms[name]))
return false;

// Get the cookie for this form.

data = getCookie(name);
if (data == "")
return false;

// Run through the fields and retrieve the values.

for (i = 0; i < f.elements.length; i++) {
fld = f.elements;

// Checkboxes and radio buttons.

if ((fld.type == "checkbox" || fld.type == "radio") && (s = getData(fld.name, data)) != null && fld.value == s)
fld.checked = true;

// Selection lists (single).

if (fld.type == "select-one" && (s = getData(fld.name, data)) != null)
for (j = 0; j < fld.options.length; j++)
if (fld.options[j].value == s)
fld.options[j].selected = true;

// Selection lists (multiple).

if (fld.type == "select-multiple")
for (j = 0; j < fld.options.length; j++)
if ((s = getData(fld.name + IDXSEP + j, data)) != null && fld.options[j].value == s)
fld.options[j].selected = true;

// Text fields.

if ((fld.type == "hidden" || fld.type == "password" || fld.type == "text" || fld.type == "textarea") && (s = getData(fld.name, data)) != null)
fld.value = s;
}

return true;
}

/*****************************************************************************
* These functions set and retrieve the field name/value pairs stored in the *
* cookie. *
*****************************************************************************/

//----------------------------------------------------------------------------
// Given a field name and value, creates a name/value string that can be
// appended to the cookie data. A null string is returned if the given value
// is null.
//----------------------------------------------------------------------------

function setData(name, value) {

if (value != "")
return name + "=" + value + FLDSEP;
else
return "";
}

//----------------------------------------------------------------------------
// Given a field name, this function will extract the matching value found
// in the data string. Null is returned if no match is found.
//----------------------------------------------------------------------------

function getData(name, data) {

var i, j;
var s;

if (data == "")
return null;

s = FLDSEP + name + "=";
i = data.indexOf(s);
if (i >= 0) {
i += s.length;
j = data.indexOf(FLDSEP, i);
if (j >= 0)
return data.substr(i, j - i);
}

return null;
}

/*****************************************************************************
* These are the basic functions to set, get and delete a cookie. *
*****************************************************************************/

//----------------------------------------------------------------------------
// Set a cookie given a name, value and expiration date.
//----------------------------------------------------------------------------


function setCookie (name, value, expires) {

document.cookie = name + "=" + escape(value) + "; expires=" + expires.toGMTString() + "; path=/";
}

//----------------------------------------------------------------------------
// Returns the value of the named cookie.
//----------------------------------------------------------------------------

function getCookie(name) {

var search;

search = name + "="
offset = document.cookie.indexOf(search)
if (offset != -1) {
offset += search.length ;
end = document.cookie.indexOf(";", offset) ;
if (end == -1)
end = document.cookie.length;
return unescape(document.cookie.substring(offset, end));
}
else
return "";
}

//----------------------------------------------------------------------------
// Delete the named cookie.
//----------------------------------------------------------------------------

function deleteCookie(name) {

var expdate = new Date();
expdate.setMonth(expdate.getMonth() - 1);
setCookie(name, "", expdate);
}
function checkpass(){
var bob;
if (document.jim.hiduser.value==document.jim.user.value)jim=true;
else jim=false;
if (document.jim.hidpass.value==document.jim.pass.value)bob=true;
else bob=false;
if ((jim==bob)&&(jim==true)){

alert("access granted");window.location=GrantedURL}
else {
suzy=suzy+1;
if (suzy>3){
alert("access denied, you will now be taken far away");
window.location=DeniedURL }
if (suzy<=3)
alert("access denied");
}
}
function getit(){
if (document.jim.hidhint.value==""){
alert("i/'m sorry "+document.jim.hidname.value+" but it appears you didn/'t answer the hint when you registered");}
else if (document.jim.hidhint.value==document.jim.hint.value){
alert("your password is "+document.jim.hidpass.value+".");}
else {alert("nope, that's not it")}
}
//-->

</script>






<!-- STEP TWO: Place the following in the BODY of your document -->

<BODY onLoad="retrieveData('jim')">

<table border=0 cellpadding=8 cellspacing=0 width=550>
<tr><td align=center colspan=2>
<hr noshade>
<p><b><font size="4">记录在这里</font></b></p>
<hr noshade>
</td></tr>
<tr valign=top>
<td bgcolor="#cccccc" width=100> </td>
<td width=450>


<!-- ANOTHER STEP: Set the form action to action="mailto:your email address" -->
<form name="myForm" method=post action="mailto:cn-zhang@21cn.com" onSubmit="storeData(this.name, 12,'user,pass,pass1,hint,name')">



<hr noshade>

<font size="3"><b>输入信息</b></font>

<p>

<table border=0 cellpadding=2 cellspacing=0>

<tr valign=bottom>

<td><b><font size="2">您的名字：</font></b></td>
<td colspan=3><input name="name" size=30 value=""></td>

</tr>
<tr valign=bottom>

<td><b><font size="2">用户名称：</font></b></td>
<td colspan=3><input name="user" size=30 value=""></td>

</tr>

<tr valign=bottom>
<td><b><font size="2">口令：</font></b></td>
<td colspan=3><input type="password" name="pass" size=30 value=""></td>
</tr>
<tr>
<td><b><font size="2">再输入一次：</font></b></td>
<td><input type="password" name="pass1" size=30 value=""></td>
</tr>

<tr valign=bottom>

<td><b><font size="2">口令提供答案：</font></b></td>
<td colspan=3><input name="hint" size=30 value="">
<input type="button" value="可以吗！" onClick="alert('your favorite sport is')"></td>
</tr>
</table>
<hr noshade>

<p align="center">
<input type="submit" value="同意">
<input type=reset value="清除">


</form>

<form name="jim" method=post>



<hr noshade>
<font size=3><b>登录</b></font>
<p>
<table border=0 cellpadding=2 cellspacing=0>
<tr valign=bottom>
<td><b><font size="2">用户名称：</font></b></td>
<td colspan=3><input name="user" size=30 value=""></td>
</tr>

<tr valign=bottom>
<td><b><font size=2>口令：</font></b></td>
<td colspan=3><input type="password" name="pass" size=30 value=""></td>
</tr>
<input type="hidden" name="hiduser" value="">
<input type="hidden" name="hidpass" value="">
<input type="hidden" name="hidname" value="">
<input type="hidden" name="hidhint" value="">
</table>
<hr noshade>

<p>
<input type="button" value="登录" onClick="checkpass()">

<tr valign=bottom>
<td><b><font size="2">忘记口令？</font></b>
<p><b><font size="2">答案：</font></b><font face="Courier New, Courier" size=2><b><input type="button" value="这里" onClick="alert('your favorite sport is')" </b></b></font></p>
</td>
<td colspan=3><input name="hint" size=30 value=""><BR><input type="button" value="获得口令" onClick="getit()"></td>
</tr>
</form>
</table>

<p>利用cookies读写密码</p>
<p>建议您另存此页面，慢慢研究源代码!</p>
</body>

</html>

Cookie的建立使用

Cookies是一种Web服务器在客户端存储和返回信息的机制,这种简单的、永久的和基于客户端的状态信息大大的扩充了基于Web的客户/服务器(Client/Server)应用程序的能力。因此广泛应用在大量的实际中，例如所有订阅Microsoft公司的MSDN的用户、访问过Borland Online的用户，以及访问过我的主页(http://www.nease.net/~borland)的用户都会在本地存储Cookie，以便下次访问时提供上次访问的记录。

Delphi 3是Borland公司1997年推出的可视化、面向对象的高效率的快速应用程序开发工具(RAD)，提供了大量的最新功能，例如开发COM/DCOM，一步开发ActiveX对象，多层数据库应用程序MIDAS等，并且使用Delphi 3开发基于Web服务器的程序，如ISAPI/NSAPI，Win-CGI，CGI程序都十分方便。

使用Delphi 3开发Web Server程序是非常简单，方便的，因为在Delphi中提供了Web Module、TWebApplication、TWebRequest、TWebResponse、TPageProducer等大量的对象供使用.对于Cookie,Delphi3也提供了大量的程序供使用,如TWebResponse.Cookies，TWebResponse.SetCookieField，TWebRequest.Cookie，TWebRequest.CookieFields，TWebRequest.ExtractCookieFields等，应该是非常方便。但本人为了实现一功能需要设置Cookie，但是发现使用Delphi提供的SetCookieFields设置不成功，经研究Delphi 3所带的HttpApp.Pas和IsapiApp.Pas文件发现在中文Windows 95和NT环境下该程序有错误。根据Netscape公司的规定,Cookie的格式应为:

Set-Cookie: Name=Value; expires=DATA; Path=PATH; domain=DOMAIN_NAME; secure

而且根据规定,日期(DATA)的设置必须满足格式“Wdy, DD-Mon-YYYY HH:MM:SS GMT”,基于RFC822, RFC850, RFC1036和RFC1123等规定，但是检查HTTPAPP.PAS中的function TCookie.GetHeaderValue: string中为FormatDateTime('"expires="' + DateFormat + ' "GMT; "', Expires);,其中const DateFormat = 'ddd, dd mmm yyyy hh:mm:ss',此程序在英文环境中产生的格式是正确的,但是在中文中产生的结果却不对,因为星期和月份都将按照中文的表示方法：如将11月生产“十一月”中文串，这样在Netscape Navigator和Microsoft Internet Explorer就不能辨认了。

既然错误在于原VCL未考虑中文环境的问题，所以修改的方法有：1、修改VCL源程序，编译后将dcu文件拷贝到Lib目录，这样会完全改正错误，这样是最根本的解决方法，但是如果将源程序放在另一未修改的Delphi中(例如提供源程序给别人和自己重新安装)编译又将出现问题。2、因为使用并不太多，所以可以将修改的程序放在自己的程序中，使用Delphi 3提供的TWebResponse.SetCustomHeader设置,这样的好处是将程序放在自己的程序内，重新装Delphi或在另一台计算机上编译的结果也会完全正确。因为Cookie的目的一般有两种，一种是在此会话过程中使用，过后不使用，此时不需要Expires段，不会产生时间错误，可以使用Delphi 3提供的所有Cookie程序；另一种为永久保存，时间一般越长越好，于是可以将时间设置为2099年二月22日, 于是程序中设置Cookie的方法为:

Response.SetCustomHeader('Set-Cookie','Name=Value; expires=Sun, 22 Feb 2099 08:08:08 GMT');

(注斜体用自己的名称代替，例如设置Count＝10，则Name用Count代替，Value用10代替)，这样就可以建立Cookie了.

以下为建立一个访问计数器的程序，可以参照：
const
LastIp:String='0:0:0:0'; //避免重复计数
Var
S:String;
Count:Integer;
begin
S:=Request.CookieFields.Values['count'];
if S<'' then begin
try
Count:=StrToInt(S);
Except
Count:=0;
End;
end else
Count:=0;
if LastIp<Request.RemoteAddr then Inc(Count);
LastIp:=Request.RemoteAddr;
Response.SetCustomHeader(
'Set-Cookie',
'count='+IntToStr(Count)+
'; expires=Sun, 21 Feb 2010 08:08:08 GMT');
Response.Content:='您是第'+IntToStr(Count)+'来到本页!';
End;

谢谢了！