利用JSP的思想来做ASP

来源:网络时间:2011-07-04

  程序的功能有了个大体的框架,其实可以自己添加一些功能,比如开始的数据库连接 ,可以先设置
  变量然后通过INIT() 来选择不同类型的数据库
  <%
  ’On Error Resume Next
  Class ConnEx
  public ConnEx
  public DBpath ’---------数据库路径
  public DBType ’---------数据库类型 1(Access) 2(SqlServer) 3(可扩充)
  public ConnMethod ’--------连接方式 (DSN,非DSN)
  public User
  public Pass
  Sub Class_initialize
  End Sub

  Sub Init()
  ConnStr = "Driver={Microsoft Access Driver (*.mdb)};dbq="&Server.MapPath("Date.mdb")
  Set ConnEx = Server.Createobject("ADODB.CONNECTION")
  ConnEx.Open ConnStr
  CatchError("Class_Terminate")
  End Sub

  Sub CatchError( Str )
  If Err Then
  Err.Clear
  Class_Terminate()
  Response.Write("捕捉到错误,程序结束!在"&Str&"处")
  Response.End()
  End If
  End Sub

  ’******************************************
  ’*通过SQL语句来查找记录是否存在,容易出错
  ’******************************************

  Function HasRecordBySql( Sql )
  Call CheckSql(Sql,"R")
  Dim Rs,HasR
  Set Rs = ConnEx.Execute( Sql )
  CatchError("HasReordSql")
  If Not (Rs.eof Or Rs.bof) Then
  HasR = False
  Else
  HasR = True
  End If
  Rs.Close
  Set Rs = Nothing
  HasRecordBySql = HasR
  End Function

  ’***************************************
  ’*通过ID来查找记录是否存在
  ’***************************************

  Function HasRecordById( StrTableName , IntID )
  ’CheckValue( IntID , 1 )
  Dim Rs,HasR
  Sql = "Select top 1 * from "&StrTableName&" Where Id = "&IntID
  Call CheckSql(Sql,"R")
  Set Rs = ConnEx.Execute(Sql)
  CatchError("HasRecordByID")
  If Not (Rs.eof Or Rs.bof) Then
  HasR = False
  Else
  HasR = True
  End If
  Rs.close
  Set Rs = Nothing
  HasRecordById = HasR
  End Function

  ’**********************************************
  ’*通过SQL语句取得记录集
  ’**********************************************
  Function GetRsBySql( Sql )
  Call CheckSql(Sql,"R")
  Dim Rs
  Set Rs = Server.CreateObject("Adodb.RecordSet")
  Rs.Open Sql,ConnEx,1,1
  Set GetRsBySql = Rs
  End Function

  ’*********************************************
  ’*取得某个字段的值
  ’*********************************************
  Function GetValueBySql( Sql )
  Call CheckSql(Sql,"R")
  Dim Rs,ReturnValue
  Set Rs = ConnEx.Execute(Sql)
  CatchError("GetValueBySql")
  If Not( Rs.Eof Or Rs.Bof ) Then
  ReturnValue = Rs(0)
  Else
  ReturnValue = "没有记录"
  End If
  Rs.Close
  Set Rs = Nothing
  GetValueBySql = ReturnValue
  End Function

  ’    ==================================================Update,Insert

  ’*********************************************
  ’*利用SQL修改数据
  ’*********************************************
  Function UpdateBySql( Sql )
  Call CheckSql(Sql,"w")
  ConnEx.Execute(Sql)
  CatchError("UpdateBySql")
  UpdateBySql = True
  End Function

  ’********************************************
  ’*利用SQL语句插入数据
  ’********************************************
  Function InsertBySql(Sql)
  Call CheckSql(Sql,"w")
  ConnEx.Execute(Sql)
  CatchError("InsertBySql")
  InsertBySql = True
  End Function

  ’======================================Delete============

  ’********************************************
  ’*通过SQL语句删除
  ’********************************************
  Function DeleteBySql( Sql )
  Call CheckSql(Sql,"D")
  ConnEx.Execute(Sql)
  CatchError("DeleteBySql")
  DeleteBySql = True
  End Function

  ’********************************************
  ’*检查SQL语句权限,根据标志Flag 来检测语句拥有的权限
  ’********************************************
  Sub CheckSql( Sql , Flag )
  Dim StrSql,SinCounts,DouCounts,i
  StrSql = Lcase(Sql)
  SinCounts = 0
  DouCounts = 0
  For i = 1 to Len(StrSql)
  If Mid(StrSql,i,1) = "’" Then SinCounts = SinCounts + 1
  If Mid(StrSql,i,1) = """" Then DouConnts = DouCounts + 1
  Next

  If (SinCounts Mod 2) <> 0 Or (DouCounts Mod 2) <> 0 Or Instr(StrSql,";") > 0 Then
  Call Class_Terminate()
  Response.Write("SQL语法错误!")
  Response.End()
  End If
  Select Case Flag
  Case "R","r":
  If Instr(StrSql,"delete") > 0 Or Instr(StrSql,"update") Or Instr(StrSql,"drop") > 0 Or Instr(StrSql,"insert") > 0 Then
  Class_Terminate()
  Response.Write("权限不足,没有执行写操作的权限")
  Response.End()
  End If
  Case "W","w":
  If Instr(StrSql,"delete") > 0 Or Instr(StrSql,"drop") > 0 Or Instr(StrSql,"select") > 0 Then
  Class_Terminate()
  Response.Write("权限不足,没有执行删除操作的权限")
  Response.End()
  End If
  Case "D","d":
  Case Else:
  Response.Write("函数CheckSql标志错误!")
  End Select
  End Sub

  Sub Class_Terminate
  If Not IsEmpty(FriendConn) Then
  FriendConn.Close
  Set FriendConn = Nothing
  CatchError()
  End If
  End Sub
  End Class
  %>

意见反馈
发表评论

最新评论(共0条)