程序的功能有了个大体的框架,其实可以自己添加一些功能,比如开始的数据库连接 ,可以先设置
变量然后通过INIT() 来选择不同类型的数据库
<%
’On Error Resume Next
Class ConnEx
public ConnEx
public DBpath ’---------数据库路径
public DBType ’---------数据库类型 1(Access) 2(SqlServer) 3(可扩充)
public ConnMethod ’--------连接方式 (DSN,非DSN)
public User
public Pass
Sub Class_initialize
End Sub
Sub Init()
ConnStr = "Driver={Microsoft Access Driver (*.mdb)};dbq="&Server.MapPath("Date.mdb")
Set ConnEx = Server.Createobject("ADODB.CONNECTION")
ConnEx.Open ConnStr
CatchError("Class_Terminate")
End Sub
Sub CatchError( Str )
If Err Then
Err.Clear
Class_Terminate()
Response.Write("捕捉到错误,程序结束!在"&Str&"处")
Response.End()
End If
End Sub
’******************************************
’*通过SQL语句来查找记录是否存在,容易出错
’******************************************
Function HasRecordBySql( Sql )
Call CheckSql(Sql,"R")
Dim Rs,HasR
Set Rs = ConnEx.Execute( Sql )
CatchError("HasReordSql")
If Not (Rs.eof Or Rs.bof) Then
HasR = False
Else
HasR = True
End If
Rs.Close
Set Rs = Nothing
HasRecordBySql = HasR
End Function
’***************************************
’*通过ID来查找记录是否存在
’***************************************
Function HasRecordById( StrTableName , IntID )
’CheckValue( IntID , 1 )
Dim Rs,HasR
Sql = "Select top 1 * from "&StrTableName&" Where Id = "&IntID
Call CheckSql(Sql,"R")
Set Rs = ConnEx.Execute(Sql)
CatchError("HasRecordByID")
If Not (Rs.eof Or Rs.bof) Then
HasR = False
Else
HasR = True
End If
Rs.close
Set Rs = Nothing
HasRecordById = HasR
End Function
’**********************************************
’*通过SQL语句取得记录集
’**********************************************
Function GetRsBySql( Sql )
Call CheckSql(Sql,"R")
Dim Rs
Set Rs = Server.CreateObject("Adodb.RecordSet")
Rs.Open Sql,ConnEx,1,1
Set GetRsBySql = Rs
End Function
’*********************************************
’*取得某个字段的值
’*********************************************
Function GetValueBySql( Sql )
Call CheckSql(Sql,"R")
Dim Rs,ReturnValue
Set Rs = ConnEx.Execute(Sql)
CatchError("GetValueBySql")
If Not( Rs.Eof Or Rs.Bof ) Then
ReturnValue = Rs(0)
Else
ReturnValue = "没有记录"
End If
Rs.Close
Set Rs = Nothing
GetValueBySql = ReturnValue
End Function
’ ==================================================Update,Insert
’*********************************************
’*利用SQL修改数据
’*********************************************
Function UpdateBySql( Sql )
Call CheckSql(Sql,"w")
ConnEx.Execute(Sql)
CatchError("UpdateBySql")
UpdateBySql = True
End Function
’********************************************
’*利用SQL语句插入数据
’********************************************
Function InsertBySql(Sql)
Call CheckSql(Sql,"w")
ConnEx.Execute(Sql)
CatchError("InsertBySql")
InsertBySql = True
End Function
’======================================Delete============
’********************************************
’*通过SQL语句删除
’********************************************
Function DeleteBySql( Sql )
Call CheckSql(Sql,"D")
ConnEx.Execute(Sql)
CatchError("DeleteBySql")
DeleteBySql = True
End Function
’********************************************
’*检查SQL语句权限,根据标志Flag 来检测语句拥有的权限
’********************************************
Sub CheckSql( Sql , Flag )
Dim StrSql,SinCounts,DouCounts,i
StrSql = Lcase(Sql)
SinCounts = 0
DouCounts = 0
For i = 1 to Len(StrSql)
If Mid(StrSql,i,1) = "’" Then SinCounts = SinCounts + 1
If Mid(StrSql,i,1) = """" Then DouConnts = DouCounts + 1
Next
If (SinCounts Mod 2) <> 0 Or (DouCounts Mod 2) <> 0 Or Instr(StrSql,";") > 0 Then
Call Class_Terminate()
Response.Write("SQL语法错误!")
Response.End()
End If
Select Case Flag
Case "R","r":
If Instr(StrSql,"delete") > 0 Or Instr(StrSql,"update") Or Instr(StrSql,"drop") > 0 Or Instr(StrSql,"insert") > 0 Then
Class_Terminate()
Response.Write("权限不足,没有执行写操作的权限")
Response.End()
End If
Case "W","w":
If Instr(StrSql,"delete") > 0 Or Instr(StrSql,"drop") > 0 Or Instr(StrSql,"select") > 0 Then
Class_Terminate()
Response.Write("权限不足,没有执行删除操作的权限")
Response.End()
End If
Case "D","d":
Case Else:
Response.Write("函数CheckSql标志错误!")
End Select
End Sub
Sub Class_Terminate
If Not IsEmpty(FriendConn) Then
FriendConn.Close
Set FriendConn = Nothing
CatchError()
End If
End Sub
End Class
%>