表单验证错误，出现提示，仍然继续提交表单，连接数据库

<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%>
<%
' *** Restrict Access To Page: Grant or deny access to this page Session("MM_Username")

MM_authFailedURL="login.asp"
MM_grantAccess=false

If Session("MM_Username") <> "" Then
  
  MM_grantAccess = true
  End If

If Not MM_grantAccess Then
 
  Response.Redirect(MM_authFailedURL)
End If
%>
<!--#include file="Connections/connect.asp" -->

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>无标题文档</title>

<Script Language="VBScript">

Function ChkFields()

If len(Trim(document.form1.xin1.value))>6 Then
msgbox "新密码长度必须小于等于6！"

Exit Function
End If



If Trim(document.form1.xin1.value)="" Then
msgbox "密码不能为空"

Exit Function
End If



If document.form1.xin1.value <> document.form1.xin2.value Then
msgbox "两次输入的新密码不等！"
Exit Function
End If

form1.Submit


End Function

</script>
</head>

<body>
<form method="POST" action="<%=MM_editAction%>" name="form1" >

<%
Dim Recordset1
Dim Recordset1_numRows

Set Recordset1 = Server.CreateObject("ADODB.Recordset")
Recordset1.ActiveConnection = MM_connect_STRING
Recordset1.Source = "SELECT 学号, 密码 FROM dbo.S where 学号='"&Session("MM_Username")&"'"
Recordset1.CursorType = 0
Recordset1.CursorLocation = 2
Recordset1.LockType = 1
Recordset1.Open()

Recordset1_numRows = 0
%>
  <table width="513" border="1">
  <tr>
  <td width="226">旧密码</td>
  <td width="271"><label>
  <input name="jiu" type="text" id="jiu" />
  </label></td>
  </tr>
  <tr>
  <td>新密码</td>
  <td><label>
  <input name="xin1" type="text" id="xin1" />
  </label></td>
  </tr>
  <tr>
  <td>确认密码</td>
  <td><label>
  <input name="xin2" type="text" id="xin2" />
  </label></td>
  </tr>
  <tr>
  <td>&nbsp;</td>
  <td><label>
  <input type="submit" name="Submit" value="提交" onClick="ChkFields"/>
  <input type="reset" name="Submit2" value="重置" />
  </label></td>
  </tr>
  </table>

  <p>&nbsp; </p>
  <p>
  <input type="hidden" name="MM_update" value="form1">
  <input type="hidden" name="MM_recordId" value="<%= Recordset1.Fields.Item("学号").Value %>">
  </p>
  <p>&nbsp;</p>
 
</form>
 <%
' *** Edit Operations: declare variables

Dim MM_editAction
Dim MM_abortEdit
Dim MM_editQuery
Dim MM_editCmd

Dim MM_editConnection
Dim MM_editTable
Dim MM_editRedirectUrl
Dim MM_editColumn
Dim MM_recordId

Dim MM_fieldsStr
Dim MM_columnsStr
Dim MM_fields
Dim MM_columns
Dim MM_typeArray
Dim MM_formVal
Dim MM_delim
Dim MM_altVal
Dim MM_emptyVal
Dim MM_i

'查找当前文件绝对地址

MM_editAction = CStr(Request.ServerVariables("SCRIPT_NAME"))

' boolean to abort record edit
MM_abortEdit = false

' query string to execute
MM_editQuery = ""
%>
<%
' *** Update Record: set variables

If (CStr(Request("MM_update")) = "form1" And CStr(Request("MM_recordId")) <> "") Then

  MM_editConnection = MM_connect_STRING
  MM_editTable = "dbo.S"
  MM_editColumn = "学号"
  MM_recordId = "'" + Request.Form("MM_recordId") + "'"
  MM_editRedirectUrl = "xiumiok.asp"
  MM_fieldsStr = "xin1|value"
  MM_columnsStr = "密码|',none,''"

  ' create the MM_fields and MM_columns arrays
  MM_fields = Split(MM_fieldsStr, "|")
  MM_columns = Split(MM_columnsStr, "|")
  
  ' set the form values
  For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
  
   
   
  MM_fields(MM_i+1) = CStr(Request.Form(MM_fields(MM_i)))

  Next

 

End If
%>
<%
' *** Update Record: construct a sql update statement and execute it

If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then

  ' create the sql update statement
  MM_editQuery = "update " & MM_editTable & " set "
  For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
  MM_formVal = MM_fields(MM_i+1) 
  MM_typeArray = Split(MM_columns(MM_i+1),",") ' none ''
  MM_delim = MM_typeArray(0)
  If (MM_delim = "none") Then MM_delim = ""
  MM_altVal = MM_typeArray(1)
  If (MM_altVal = "none") Then MM_altVal = ""
  MM_emptyVal = MM_typeArray(2)
  If (MM_emptyVal = "none") Then MM_emptyVal = ""
  If (MM_formVal = "") Then
  MM_formVal = MM_emptyVal
  Else
  If (MM_altVal <> "") Then
  MM_formVal = MM_altVal
  ElseIf (MM_delim = "'") Then ' escape quotes
  MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'"
  Else
  MM_formVal = MM_delim + MM_formVal + MM_delim
  End If
  End If
  If (MM_i <> LBound(MM_fields)) Then
  MM_editQuery = MM_editQuery & ","
  End If
  MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal
  Next
  MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId

 If (Not MM_abortEdit) Then
  ' execute the update
  Set MM_editCmd = Server.CreateObject("ADODB.Command")
  MM_editCmd.ActiveConnection = MM_editConnection
  MM_editCmd.CommandText = MM_editQuery
  MM_editCmd.Execute
  MM_editCmd.ActiveConnection.Close

  If (MM_editRedirectUrl <> "") Then
  Response.Redirect(MM_editRedirectUrl)
  End If
 End If

End If
%>

</body>
</html>
<%
Recordset1.Close()
Set Recordset1 = Nothing
%>

<input type="submit" 改成 type="button"