on error resume next
sql2="select * from dv_admin where username='"&ReqStr("username")&"'"

'----------------------------------- ---------------------------- 
Function ReqNum ( StrName ) /* 数值型变量过滤 */ 
ReqNum = Request ( StrName ) 
if Not isNumeric ( ReqNum ) then 
Response.Write "参数必须为数字型!" Response.End 
End if 
End Function 
Function ReqStr ( StrName ) /*字符型和搜索型过滤 */ 
ReqStr = Replace ( Request(StrName), "'", "''" ) /* 用replace函数屏蔽单引号 */
End Function
以下三句SQL语句，说明一下调用方法： 
1.SQL="select * from dv_admin where username=" & ReqNum("username")2.SQL="select * from 
dv_admin where username ='" & 

ReqStr(" username ") & "'" 3.SQL="select * from username where UserName like '%" & ReqStr
(" username ") & "%'" 
12、若想更换SQL Server 的执行服务账号,则该帐号需要以下的权限：
Log On Locally
Log On as a Batch
Access this computer from the Network
Log on as service
Replace a process level token
Act as part of the operating system
Increase quotas