<%
class quickdb
private conn, connstr
private sqldatabasename, sqlpassword, sqlusername, sqllocalname, sqlnowstring
public rs
private sub class_initialize()
sqldatabasename = "db"
sqlusername = "sa"
sqlpassword = "123456"
sqllocalname = "a01"
sqlnowstring = "getdate()"
opendb
end sub
private sub opendb()
on error resume next
connstr = "provider = sqloledb; user id = " & sqlusername & "; password = " & replace(sqlpassword, chr(0), "") & ";initial catalog = " & sqldatabasename & "; data source = " & sqllocalname & ";"
set conn = createobject("adodb.connection")
conn.open connstr
if err then
err.clear
set conn = nothing
on error goto 0
err.raise 1, "myclass", "資料庫連線出錯,請檢查連線字串。"
end if
set rs = server.createobject("adodb.recordset")
end sub
public sub setrs(strsql,cursorandlocktype) '執行乙個查詢 返回紀錄集
dim c,l
if cursorandlocktype="" then
cursorandlocktype=13
end if
if cursorandlocktype<9 then
cursorandlocktype=13
end if
c=left(cursorandlocktype,1)
l=right(cursorandlocktype,1)
rs.open strsql, conn, c,l
end sub
public sub execute(sql,outrs)
if instr(ucase(sql),ucase("select"))>0 then
set outrs = conn.execute(sql)
else
call conn.execute(sql)
outrs=1
end if
end sub
public sub selectdb(table, where,outrs)
dim sqlstr
sqlstr = "select * from " & table & " where " & where
call execute(sqlstr,outrs)
end sub
public function delete(table, where)
dim flag, sqlstr,nulltmp
flag = false
on error resume next
sqlstr = "delete from " & table & " where " & where
execute sqlstr,nulltmp
if err.number = 0 then
flag = true
end if
delete = flag
end function
public function insert(table, myfields, values)
dim sql,nulltmp
insert = false
sql = "insert into table1(fields) values (values)"
sql = replace(sql, "table1", table)
sql = replace(sql, "fields", myfields)
sql = replace(sql, "values", values)
on error resume next
execute sql,nulltmp
if err.number = 0 then
insert = true
end if
on error goto 0
end function
public function update(table,field,value,where)
update=false
dim sqlstr
if sqlinject(table) or sqlinject(field) then'因為value和where中可能包含',不對他們進行安全校驗
response.write "引數中含有不安全因素,程式被終止"
exit function
end if
sqlstr="update [table] set [field]=value where where1"
sqlstr=replace(sqlstr,"table",table)
sqlstr=replace(sqlstr,"field",field)
sqlstr=replace(sqlstr,"value",value)
sqlstr=replace(sqlstr,"where1",where)
on error resume next
dim qdb,tmprs
set qdb=new quickdb
call qdb.execute(sqlstr,tmprs)
if err.number=0 then
if tmprs=1 then
update=true
end if
end if
set qdb=nothing
on error goto 0
end function
function sqlinject(byval sqlstr) 'false 安全 true不安全
sqlinject = true
dim tmpstr, arrstr, originallen
tmpstr = "'',',or,not,and,--, ,chr,asc"
originallen = len(sqlstr)
arrstr = split(tmpstr, ",")
tmpstr = ucase(tmpstr)
for i = 0 to ubound(arrstr)
sqlstr = replace(sqlstr, ucase(arrstr(i)), "")
next
if len(sqlstr) = originallen then
sqlinject = false
end if
end function
private sub class_terminate()
if isobject(conn) then
if conn.state <> 0 then
conn.close
set conn = nothing
end if
end if
if isobject(rs) then
if rs.state <> 0 then
rs.close
set rs = nothing
end if
end if
end sub
end class
%>
ex.set qdb=new quickdb
call qdb.setrs("select * from remark","")
qdb.rs.addnew
qdb.rs("resid")= resid
qdb.rs("userip")=ip
qdb.rs("title")=name
qdb.rs("content")=content
qdb.rs.update
qdb.rs.close
資料連線在類裡邊修改,這個類裡邊預設的是sql連線
如果需要連線access把字串換下就可以了
ASP資料庫操作通用類
class quickdb private conn,connstr private sqldatabasename,sqlpassword,sqlusername,sqllocalname,sqlnowstring public rs private sub class initialize sq...
為ASP封裝的資料庫操作類
游標型別 const adopenforwardonly 0 const adopenkeyset 1 const adopendynamic 2 const adopenstatic 3 鎖型別 const adlockreadonly 1 const adlockpessimistic 2 co...
mysql仿asp的資料庫操作類
具體 如下所示 php class mysqldb function mysqldb tablename database slt 建構函式 this dbid mysql select db database if this dbid function isempty value function...