当前位置: 首页 > 图文教程 > 网络编程 > ASP > 用asp.net写的论坛程序--上贴保存

ASP
编写通用的asp防注入程序
vbs(asp)下的Function 语句
ASP中类Class相关内容的整理资料
字符批量替换程序asp服务器版
旁注-网站小助手旭方修改免杀asp版
用正则表达式写的HTML分离函数
asp中"无限流"分页程序代码
asp的一个日期格式化函数
asp中创建多级目录的两段代码
asp中去除内容HTML标签的三个function函数
chr(9)、chr(10)、chr(13)、chr(32)、chr(34)讲解
方便的大家admin及admin888 经过 md5加密后16位和32位代码
可用的ASP无重复数字随机函数, 数组实现, 并应用于随机显示记录集
asp动态级联菜单代码
ASP中经常使用的SQL语句与教程说明
实例分析之用ASP编程实现网络内容快速查找的代码
服务端 VBScript 与 JScript 几个相同特性的写法与示例
ASP 环境下 VBS 事件应用 示例代码
asp 之上传漏洞终结篇
asp中一段防SQL注入的通用脚本

ASP 中的 用asp.net写的论坛程序--上贴保存


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-11-03   浏览: 189 ::
收藏到网摘: n/a

  3) postmessage.aspx :- The page which saved data to the Database


<%@ Import Namespace="System" %>
<%@ Assembly Name="System.Data" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="System.Data.ADO" %>
<%@ Page Language="C#" Debug="true" %>
<html>
<head>
<title>Thank You for Posting !</title>
<script language="C#" runat="server" >
//execute this script when the page loads
void Page_Load(Object Src, EventArgs E)
{
//if the page is called from another page
if (!Page.IsPostBack) {
//Get all the Parameters from the Query string
string name = Request.Params["name"] ;
string email = Request.Params["email"] ;
string subject = Request.Params["subject"] ;
string ip = Request.Params["ip"] ;
string date = Request.Params["date" ];
string message = Request.Params["message"] ;
bool newmess =true ;
string previd ="1";
//Check if the post is a New topic or a reply to a new topic
if(Request.Params["newpost"].Equals("no"))
{
//if its a reply then get the postid called as previd here
newmess =false ;
previd = Request.Params["previd"] ;
}
//If the post is a new topic then follow the below routine
if(newmess)
{
//The string for the path to the database , if your database is in some other
directory then edit the path
//of this variable
string strConn=@"Provider=Microsoft.Jet.OLEDB.4.0 ;Data Source=
"+Server.MapPath(".\\db\\board.mdb") ;
//Get a ADOConnection to the database
ADOConnection myConn = new ADOConnection(strConn) ;
//The SQL Select statement
string strCom = "Select postid from newpost" ;
//Create a ADOCommand since we want a ADODataReader later
ADOCommand myCommand =new ADOCommand(strCom,myConn);
//Open the connection
myConn.Open();
ADODataReader reader;
//Execute the command and get the Data into "reader"
myCommand.Execute(out reader) ;
int i=1 ;
//Get the current number of records present in the database.
while(reader.Read())
{
i++ ;
}
reader.Close() ;
//build the SQL statement to insert into the Database
string insertStr =" INSERT INTO newpost VALUES ("
+i +", '"
+name+"', '"
+email+"', '"
+subject+"', '"
+ip+"', '"
+date+"', '"
+message+"',0, 0)" ;
myCommand.CommandText =insertStr ;
//Since the SQL statement does not return any output use "ExecuteNonQuery() method
myCommand.ExecuteNonQuery() ;
//Close the connection
myConn.Close() ;
}
else
{
//If the posted data is a reply to a topic then follow the below procedure
//string for the path to the database, if your database is stored in some other directory then
//edit the path here
string strConn=@"Provider=Microsoft.Jet.OLEDB.4.0 ;Data Source="+
Server.MapPath(".\\db\\board.mdb") ;
ADOConnection myConn = new ADOConnection(strConn) ;
//SQL statement to select the replyid
string strCom = "Select replyid from reply" ;
//create a ADOCommand
ADOCommand myCommand =new ADOCommand(strCom,myConn);
//Open the Connection
myConn.Open();
ADODataReader reader;
//Execute the command and get the Data into "reader"
myCommand.Execute(out reader) ;
int i=1 ;
//Get the current number of records present in the database.
while(reader.Read())
{
i++ ;
}
reader.Close() ;
//Build a statement to insert the values into the reply table
string insertStr =" INSERT INTO reply VALUES ("
+i +", '"
+name+"', '"
+email+"', '"
+subject+"', '"
+ip+"', '"
+date+"', '"
+message+"', "