ASP应用中的应用函数1

最新推荐文章于 2024-11-02 23:32:29 发布

CodingSir

最新推荐文章于 2024-11-02 23:32:29 发布

阅读量1.1k

点赞数

文章标签： asp filter html 数据库 system input

本文链接：https://blog.csdn.net/educast/article/details/2894746

版权

1、登录验证函数
<%
Function chk_regist(requestname,requestpwd,tablename,namefield,pwdfield,reurl)
dim cn_name,cn_pwd
cn_name=trim(request.form(""&requestname&""))
cn_pwd=trim(request.form(""&requestpwd&""))
if cn_name="" or cn_pwd="" then
response.Write("<script language=javascript>alert(""请将帐号密码填写完整，谢谢合作。"");history.go(-1)</script>")
end if
Set rs = Server.CreateObject ("ADODB.Recordset")
sql = "Select * from "&tablename&" where "&namefield&"=’"&cn_name&"’"
rs.open sql,conn,1,1
if rs.eof then
response.Write("<script language=javascript>alert(""没有该会员ID，请确认有没有被申请。"");history.go(-1)</script>")
else
if rs(""&pwdfield&"")=cn_pwd then
session("cn_name")=rs(""&namefield&"")
response.Redirect(reurl)
else
response.Write("<script language=javascript>alert(""提醒，您的帐号和密码是不吻合。注意数字和大小写。"");history.go(-1)</script>")
end if
end if
rs.close
Set rs = Nothing
End Function
%>

参数说明：
chk_regist(requestname,requestpwd,tablename,namefield,pwdfield,reurl)

requestname 为接受HTML页中输入名称的INPUT控件名
requestpwd 为接受HTML页中输入密码的INPUT控件名
tablename 为数据库中保存注册信息的表名
namefield 为该信息表中存放用户名称的字段名
pwdfield 为该信息表中存放用户密码的字段名
reurl 为登录正确后跳转的页

引用示例如下：

<%
call chk_regist("b_name","b_pwd","cn_admin","cn_name","cn_pwd","admin.asp")
%>

调试地址：http://www.cnbruce.com/test/function/regist.asp

2，经常有可能对某个事物进行当前状态的判断，一般即做一字段（数值类型，默认滴?）
通过对该字段值的修改达到状态切换的效果。那么，我又做了个函数，让自己轻松轻松。

<%
Function pvouch(tablename,fildname,autoidname,indexid)
dim fildvalue
Set rs = Server.CreateObject ("ADODB.Recordset")
sql = "Select * from "&tablename&" where "&autoidname&"="&indexid
rs.Open sql,conn,2,3
fildvalue=rs(""&fildname&"")
if fildvalue=0 then
fildvalue=1
else
fildvalue=0
end if
rs(""&fildname&"")=fildvalue
rs.update
rs.close
Set rs = Nothing
End Function
%>

参数说明：
pvouch(tablename,fildname,autoidname,indexid)

tablename 该事物所在数据库中的表名
fildname 该事物用以表明状态的字段名（字段类型是数值型）
autoidname 在该表中的自动编号名
indexid 用以修改状态的对应自动编号的值

引用示例如下：

<%
dowhat=request.QueryString("dowhat")
p_id=cint(request.QueryString("p_id"))

if dowhat="tj" and p_id<>"" then
call pvouch("cn_products","p_vouch","p_id",p_id)
end if
%>

<%if rs("p_vouch")=0 then%>
<%=rs("p_id")%>>推荐
<%else%>
<%=rs("p_id")%>>取消推荐
<%end if%>

3.HTML转换函数

动作转换成HTML

Function HTMLEncode(reString) ’转换HTML代码(显示数据时使用)
Dim Str:Str=reString
If Not IsNull(Str) Then
Str = Replace(Str, "&", "&")
Str = Replace(Str, ">", ">")
Str = Replace(Str, "<", "<")
Str = Replace(Str, CHR(32), " ")
Str = Replace(Str, CHR(9), " ")
Str = Replace(Str, CHR(34), """)
Str = Replace(Str, CHR(39), "’")
Str = Replace(Str, CHR(13), "")
Str = Replace(Str, CHR(10), "
")
HTMLEncode = Str
End If
End Function

HTML解码函数

Function HTMLDecode(reString) ’HTML解码函数(保存或提交数据时使用,可以不使用)
Dim Str:Str=reString
If Not IsNull(Str) Then
Str = Replace(Str, "&", "&")
Str = Replace(Str, ">", ">")
Str = Replace(Str, "<", "<")
Str = Replace(Str, " ", CHR(32))
Str = Replace(Str, " ", CHR(9))
Str = Replace(Str, " ", CHR(9))
Str = Replace(Str, """, CHR(34))
Str = Replace(Str, "’", CHR(39))
Str = Replace(Str, "", CHR(13))
Str = Replace(Str, "
", CHR(10))
HTMLDecode = Str
End If
End Function

4.日期转换函数

Function DateToStr(DateTime,ShowType) ’日期转换函数
Dim DateMonth,DateDay,DateHour,DateMinute
DateMonth=Month(DateTime)
DateDay=Day(DateTime)
DateHour=Hour(DateTime)
DateMinute=Minute(DateTime)
If Len(DateMonth)<2 Then DateMonth="0"&DateMonth
If Len(DateDay)<2 Then DateDay="0"&DateDay
If Len(DateMinute)<2 Then DateMinute="0"&DateMinute
Select Case ShowType
Case "Y-m-d"
DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay
Case "Y-m-d H:I A"
Dim DateAMPM
If DateHour>12 Then
DateHour=DateHour-12
DateAMPM="PM"
Else
DateHour=DateHour
DateAMPM="AM"
End If
If Len(DateHour)<2 Then DateHour="0"&DateHour
DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay&" "&DateHour&":"&DateMinute&" "&DateAMPM
Case "Y-m-d H:I:S"
Dim DateSecond
DateSecond=Second(DateTime)
If Len(DateHour)<2 Then DateHour="0"&DateHour
If Len(DateSecond)<2 Then DateSecond="0"&DateSecond
DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay&" "&DateHour&":"&DateMinute&":"&DateSecond
Case "YmdHIS"
DateSecond=Second(DateTime)
If Len(DateHour)<2 Then DateHour="0"&DateHour
If Len(DateSecond)<2 Then DateSecond="0"&DateSecond
DateToStr=Year(DateTime)&DateMonth&DateDay&DateHour&DateMinute&DateSecond
Case "ym"
DateToStr=Right(Year(DateTime),2)&DateMonth
Case "d"
DateToStr=DateDay
Case Else
If Len(DateHour)<2 Then DateHour="0"&DateHour
DateToStr=Year(DateTime)&"-"&DateMonth&"-"&DateDay&" "&DateHour&":"&DateMinute
End Select
End Function

5.删除附件函数:
sub Delfile(filepath)
on error resume next
set DelObj=Server.CreateObject("Scripting.FileSystemObject")
filepath="../"&filepath
Delpath=server.mappath(filepath)
’ response.write delpath&"
"
set DelFi=DelObj.getfile(Delpath)
DelFi.Delete
set Delobj=nothing
end sub

6.提交表单时出现的提示框:

7.经常有可能对某个事物进行当前状态的判断，一般即做一字段（数值类型，默认值为0）
通过对该字段值的修改达到状态切换的效果。那么，我又做了个函数，让自己轻松轻松。

参数说明：
pvouch(tablename,fildname,autoidname,indexid)

引用示例如下：

<%
dowhat=request.QueryString("dowhat")
p_id=cint(request.QueryString("p_id"))

if dowhat="tj" and p_id<>"" then
call pvouch("cn_products","p_vouch","p_id",p_id)
end if
%>

<%if rs("p_vouch")=0 then%>
<%=rs("p_id")%>>推荐
<%else%>
<%=rs("p_id")%>>取消推荐
<%end if%>

调试地址：http://www.cnbruce.com/test/function/showpro.asp

8.为很多中小企业写站点，一般产品展示是个大项目，那么做成的页面也就不同。
要不就是横排来几个，要不就是竖排来几个，甚至全站要翻来覆去的搞个好几次，麻烦也很累。
索性写个函数能缓解一下，于是就成了下面

<%
function showpros(tablename,topnum,fildname,loopnum,typenum)
Set rs = Server.CreateObject ("ADODB.Recordset")
sql = "Select top "&topnum&" * from "&tablename
rs.Open sql,conn,1,1
if rs.eof and rs.bof then
response.Write("暂时无该记录")
else
response.Write(" ")
for i=1 to rs.recordcount
if (i mod loopnum=1) then
response.write""
end if
select case typenum
case "1"
response.Write(" ")
response.Write(rs(""&fildname&""))
response.Write(" ")
response.Write("方式1之"&i&"记录")’此处的“方式1”可以替换显示为其余字段的值
response.Write("")’如果字段比较多，继续添加新个表格行来显示
response.Write("")
case "2"
response.Write(" ")
response.Write(rs(""&fildname&""))
response.Write("")
response.Write(" ")
response.Write("方式2之"&i&"记录")
response.Write("")
response.Write("")
end select
if (i mod loopnum=0) then
response.write""
end if
rs.movenext
next
response.Write("")
end if
rs.close
Set rs = Nothing
end function
%>

参数说明：showpros(tablename,topnum,fildname,loopnum,typenum)

whichpro为选择何类型的产品种类
topnum表示提取多少条记录
fildname表示调试显示的字段，具体应用的时候可以省去该参数，在函数内部直接使用
loopnum表示显示的循环每行的记录条数
typenum表示循环显示的方法：目前分了两类，横向并列、纵向并列显示同一数据记录行的不同记录

引用示例如下：

<%
if request.form("submit")<>"" then
topnum=request.form("topnum")
loopnum=request.form("loopnum")
typenum=request.form("typenum")
else
topnum=8
loopnum=2
typenum=1
end if
%>
<%call showpros("cn_products",topnum,"p_name",loopnum,typenum)%>

显示的记录总数： <%=topnum%>>
显示的行循环数： <%=loopnum%>>
显示的方式类型：
方式1
方式2

调试地址：http://www.cnbruce.com/test/function/index.asp

可以选择文件下载查看： Download file

9.IP转换成数字，限制IP时用

’//IP转换成数字，限制IP时用
’@使用示例
’// userIPnum = IP2Num(Request.ServerVariables("REMOTE_ADDR"))
’// if userIPnum > IP2Num("192.168.0.0") and userIPnum < IP2Num("192.168.0.255") then
’// response.write ("

您的IP被禁止 ")
’// response.end’
// end if

function IP2Num(sip)
dim str1,str2,str3,str4
dim num IP2Num=0
if isnumeric(left(sip,2)) then
str1=left(sip,instr(sip,".")-1)
sip=mid(sip,instr(sip,".")+1)
str2=left(sip,instr(sip,".")-1)
sip=mid(sip,instr(sip,".")+1)
str3=left(sip,instr(sip,".")-1)
str4=mid(sip,instr(sip,".")+1)
num=cint(str1)*256*256*256+cint(str2)*256*256+cint(str3)*256+cint(str4)-1
IP2Num = num
end if
end function

10.ASP安全检测与过滤函数SafeCheck

<%
’作用:安全字符串检测函数
’名字:SafeCheck
’参数:CheckString,CheckType,CheckLength
’说明:
’Checkstring待检测字符串:任意字符.
’CheckType检测类型0正常短字符1数字2日期3金钱4编码HTML5解码HTML6登录字符串7防攻击检测
’CheckLength检测类型长度:类型为int,当为金钱时为小数点的位置
’返回值:如果通过检测,返回正确字符串,
’如果未通过则返回错误代码SYSTEM_ERROR|ERROR_CODE
’Script Writen by :SnowDu(杜雪.NET)
’Web:http://www.snsites.com/
’Web:http://www.knowsky.com/
’-------------------------------------------
function SafeCheck(CheckString,CheckType,CheckLength)
On Error Resume Next
ErrorRoot="SYSTEM_ERROR|"
if checkString="" then
SafeCheck=ErrorRoot&"00001"
exit function
end if

CheckString=Replace(CheckString,"’","’")
select case CheckType
case 0
CheckString=trim(CheckString)
SafeCheck=Left(CheckString,CheckLength)

case 1
if not isnumberic(CheckString) then
SafeCheck=ErrorRoot&"00002"
exit function
else
SafeCheck=Left(CheckString,CheckLength)
end if

case 2
tempVar=IsDate(CheckString)
if Not TempVar then
SafeCheck=ErrorRoot&"00003"
exit function
else
select case CheckLength
case 0
SafeCheck=FormatDateTime(CheckString,vbShortDate)
case 1
SafeCheck=FormatDateTime(CheckString,vbLongDate)
case 2
SafeCheck=CheckString
end select
end if

case 3
tempVar=FormatCurrency(CheckString,0)
if Err then
SafeCheck=ErrorRoot&"00004"
exit function
else
SafeCheck=FormatCurrency(CheckString,CheckLength)
end if

case 4
sTemp = CheckString
If IsNull(sTemp) = True Then
SafeCheck=ErrorRoot&"00005"
Exit Function
End If
sTemp = Replace(sTemp, "&", "&")
sTemp = Replace(sTemp, "<", "<")
sTemp = Replace(sTemp, ">", ">")
sTemp = Replace(sTemp, Chr(34), """)
sTemp = Replace(sTemp, Chr(10), "
")
SafeCheck = Left(sTemp,CheckLength)

case 5
sTemp = CheckString
If IsNull(sTemp) = True Then
SafeCheck=ErrorRoot&"00006"
Exit Function
End If
sTemp = Replace(sTemp, "&", "&")
sTemp = Replace(sTemp, "<", "<")
sTemp = Replace(sTemp, ">", ">")
sTemp = Replace(sTemp, """, Chr(34))
sTemp = Replace(sTemp, "
",Chr(10))
SafeCheck = Left(sTemp,CheckLength)

case 6
s_BadStr = "’ 　&<>?%,;:()`~!@#$^*{}[]|+-=" & Chr(34) & Chr(9) & Chr(32)
n = Len(s_BadStr)
IsSafeStr = True
For i = 1 To n
If Instr(CheckString, Mid(s_BadStr, i, 1)) > 0 Then
IsSafeStr = False
End If
Next
if IsSafeStr then
SafeCheck=left(CheckString,CheckLength)
else
SafeCheck=ErrorRoot&"00007"
Exit Function
end if