当前位置: 首页 > 图文教程 > 网络编程 > ASP > 用asp.net写的论坛程序--上贴保存

ASP
生成像资源管理器一样的树形目录
将连接数据库的代码隐藏在DLL中
ASP中从数据库读取二进制文件数据代码
asp查询xml的代码,实现了无刷新、模糊查询功能
一个asp函数, 解决SQL Injection漏洞
在ASP中利用COM组件开发Web应用程序
关于如何利用COM+,来提高ASP执行权限的问题!
升级MD5.ASP,打造完全动态不重复的安全加密代码
ASP安全检测与过滤函数SafeCheck
在ASP中,用JScript脚本实现分页的另类办法
查看服务器Application/Session变量工具
自己写的一个简单ASP调用存储过程查询
ASP登陆验证页应做的安全问题
使用ASP与javascript配合实现多个复选框数据关联显示
Windows 2003下不注册组件用ASP发邮件
数据分页方法新思路,速度非常快!
ASP程序中同一个用户不允许同时登陆两次
分栏显示记录集的表格演示,并实现了分页
关于Adodb.Stream的写数据库数据到客户端文件的实践
将ASP的Debug变得简单的两个函数

ASP 中的 用asp.net写的论坛程序--上贴保存


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-11-03   浏览: 236 ::
收藏到网摘: n/a

  3) postmessage.aspx :- The page which saved data to the Database


<%@ Import Namespace="System" %>
<%@ Assembly Name="System.Data" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.ADO" %>
<%@ Page Language="C#" Debug="true" %>
<html>
<head>
<title>Thank You for Posting !</title>
<script language="C#" runat="server" >
//execute this script when the page loads
void Page_Load(Object Src, EventArgs E)
{
//if the page is called from another page
if (!Page.IsPostBack) {
//Get all the Parameters from the Query string
string name = Request.Params["name"] ;
string email = Request.Params["email"] ;
string subject = Request.Params["subject"] ;
string ip = Request.Params["ip"] ;
string date = Request.Params["date" ];
string message = Request.Params["message"] ;
bool newmess =true ;
string previd ="1";
//Check if the post is a New topic or a reply to a new topic
if(Request.Params["newpost"].Equals("no"))
{
//if its a reply then get the postid called as previd here
newmess =false ;
previd = Request.Params["previd"] ;
}
//If the post is a new topic then follow the below routine
if(newmess)
{
//The string for the path to the database , if your database is in some other
directory then edit the path
//of this variable
string strConn=@"Provider=Microsoft.Jet.OLEDB.4.0 ;Data Source=
"+Server.MapPath(".\\db\\board.mdb") ;
//Get a ADOConnection to the database
ADOConnection myConn = new ADOConnection(strConn) ;
//The SQL Select statement
string strCom = "Select postid from newpost" ;
//Create a ADOCommand since we want a ADODataReader later
ADOCommand myCommand =new ADOCommand(strCom,myConn);
//Open the connection
myConn.Open();
ADODataReader reader;
//Execute the command and get the Data into "reader"
myCommand.Execute(out reader) ;
int i=1 ;
//Get the current number of records present in the database.
while(reader.Read())
{
i++ ;
}
reader.Close() ;
//build the SQL statement to insert into the Database
string insertStr =" INSERT INTO newpost VALUES ("
+i +", '"
+name+"', '"
+email+"', '"
+subject+"', '"
+ip+"', '"
+date+"', '"
+message+"',0, 0)" ;
myCommand.CommandText =insertStr ;
//Since the SQL statement does not return any output use "ExecuteNonQuery() method
myCommand.ExecuteNonQuery() ;
//Close the connection
myConn.Close() ;
}
else
{
//If the posted data is a reply to a topic then follow the below procedure
//string for the path to the database, if your database is stored in some other directory then
//edit the path here
string strConn=@"Provider=Microsoft.Jet.OLEDB.4.0 ;Data Source="+
Server.MapPath(".\\db\\board.mdb") ;
ADOConnection myConn = new ADOConnection(strConn) ;
//SQL statement to select the replyid
string strCom = "Select replyid from reply" ;
//create a ADOCommand
ADOCommand myCommand =new ADOCommand(strCom,myConn);
//Open the Connection
myConn.Open();
ADODataReader reader;
//Execute the command and get the Data into "reader"
myCommand.Execute(out reader) ;
int i=1 ;
//Get the current number of records present in the database.
while(reader.Read())
{
i++ ;
}
reader.Close() ;
//Build a statement to insert the values into the reply table
string insertStr =" INSERT INTO reply VALUES ("
+i +", '"
+name+"', '"
+email+"', '"
+subject+"', '"
+ip+"', '"
+date+"', '"
+message+"', "