当前位置: 首页 > 图文教程 > 网络编程 > ASP > 不通过数据源完全控制MDB数据库

ASP
asp 实现对SQL注入危险字符进行重编码处理的函数
asp下实现对HTML代码进行转换的函数
asp 验证用户名是否包含有非常字符的函数
ASP通用分页样式函数代码
asp 生成任意英文+数字位数长度的随机码函数
asp 取得中文句子头一个字的大写拼音字母的函数
asp实现计算两个时间内的工作日的函数
asp实现过滤关键字的函数
asp实现限制搜索的关键字的函数
asp动态include文件,方便多模板的实现
推荐的用Asp实现屏蔽IP地址访问的代码
XDOWNPAGE ASP版本 分页类
飞云防CC攻击ASP程序代码插件
定期自动运行ASP程式的代码
ASP下Cookie操作的详细讲解
再发几个ASP不错的函数
比较不错的asp模板引终极讲解(WEB开发之ASP模式)
ip138之asp小偷程序代码
在VBScript中实现-函数/方法名作为参数传入另一个函数
asp实现批量插入表单中的数据到数据库的方法

ASP 中的 不通过数据源完全控制MDB数据库


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-11-03   浏览: 112 ::
收藏到网摘: n/a

<%

' BEGIN USER CONSTANTS

' To just use a DSN, the format is shown on the next line:

'Const DSN_NAME = "DSN=ASP101email"

' Two other samples I used it with.  Left in as syntax examples for DSN-less connections

'Const DSN_NAME = "DBQ=C:\InetPub\wwwroot\asp101\samples\database.mdb;Driver={Microsoft Access Driver (*.mdb)};DriverId=25"

'Const DSN_NAME = "DBQ=C:\InetPub\database\donations.mdb;Driver={Microsoft Access Driver (*.mdb)};DriverId=25"

 

Dim DSN_NAME

DSN_NAME = "DBQ=" & Server.MapPath("db_dsn.mdb") & ";Driver={Microsoft Access Driver (*.mdb)};DriverId=25;"

Const DSN_USER = "username"

Const DSN_PASS = "password"

' Ok, I know these are poorly named constants, so sue me!

' This script can be used without actually setting up a DSN, so

' DSN_NAME as well as the other two constants should really be named

' something more generic like CONNECTION_STRING, CONNECTION_USER, and

' CONNECTION_PASS, but I did it this way without really thinking about

' it and I'm too lazy to change it now.  If it bothers you, you do it!

' END USER CONSTANTS

 

' BEGIN SUBS & FUNCTIONS SECTION

Sub OpenConnection

Set objDC = Server.CreateObject("ADODB.Connection")

objDC.ConnectionTimeout = 15

objDC.CommandTimeout = 30

objDC.Open DSN_NAME, DSN_USER, DSN_PASS

End Sub

 

Sub OpenRecordset(sType)

Dim sSqlString ' as String - building area for SQL query

Dim sCritOperator ' as String - basically "=" or "LIKE"

Dim sCritDelimiter ' as String - parameter delimiter "", "'", or "#"

 

Set objRS = Server.CreateObject("ADODB.Recordset")

Select Case sType

Case "ListTables" ' Open RS of the Tables in the DB

Set objRS = objDC.OpenSchema(adSchemaTables)

Case "ViewTable"  ' Open the Selected Table

Set objRS = Server.CreateObject("ADODB.Recordset")

objRS.Open "[" & sTableName & "]", objDC, adOpenForwardOnly, adLockReadOnly

Case "DrillDown"  ' Open the Recordset built by the selected options

Set objRS = Server.CreateObject("ADODB.Recordset")

 

' Build Our SQL Statement

sSqlString = "SELECT * FROM [" & sTableName & "]"

 

' If we're limiting records returned - insert the WHERE Clause into the SQL

If sCritField <> "" Then

' Figure out if we're dealinh with Numeric, Date, or String Values

Select Case iCritDataType

Case adSmallInt, adInteger, adSingle, adDouble, adDecimal, adTinyInt, adUnsignedTinyInt, adUnsignedSmallInt, adUnsignedInt, adBigInt, adUnsignedBigInt, adBinary, adNumeric, adVarBinary, adLongVarBinary, adCurrency, adBoolean

sCritOperator = "="

sCritDelimiter = ""

Case adDate, adDBDate, adDBTime, adDBTimeStamp

sCritOperator = "="

sCritDelimiter = "#"

Case adBSTR, adChar, adWChar, adVarChar, adLongVarChar, adVarWChar, adLongVarWChar

sCritOperator = "LIKE"

sCritDelimiter = "'"

End Select

sSqlString = sSqlString & " WHERE [" & sCritField & "] " & sCritOperator & " " & sCritDelimiter & sCritValue & sCritDelimiter

End If

 

' If we're sorting - insert the ORDER BY clause

If sSortOrder <> "none" Then

sSqlString = sSqlString & " ORDER BY [" & sSortField & "] " & sSortOrder

End If

 

sSqlString = sSqlString & ";"

 

' Open the actual Recordset using a Forward Only Cursor in Read Only Mode

objRS.Open sSqlString, objDC, adOpenForwardOnly, adLockReadOnly

End Select

End Sub

 

Sub CloseRecordset

objRS.Close

Set objRS = Nothing

End Sub

 

Sub CloseConnection

objDC.Close

Set objDC = Nothing

End Sub

 

Sub WriteTitle(sTitle)

Response