经常有人问我,在没有任何基础的情况下,怎么学习动态网页编程。今天偶尔发现一篇《1小时ASP快速入门》的文章,或许对他们很有用,就转了过来。我一开始学的也是ASP语言,自己在2003年8月创办的网站---商资网就是用ASP写的。但现在已经很久没用ASP技术做动态网站了,原因是学校大多数网站的服务器用的是Linux操作系统,WEB服务自然也就是PHP语言+MySQL数据库了。正如我相信的一句话:“如果不能改变现实,就要面对现实。在现实的基础上因势利导。”我要给学校一些部门做网站,但我不可能叫他们更换操作系统与PHP服务,所以我后来转向了PHP技术。我给经济学院做的网站、给校党委宣传部做的中南民族大学新闻网、给就业指导服务中心做的中南民族大学就业信息网等等,都用的是PHP技术。虽然我已经可以决定在服务器上安装什么系统、采用什么技术,但此时已经习惯了PHP,就用PHP了做了。现在很多企业、国家机关的网站开始用JSP、ASP.NET技术写,我想,未来我可能还会转向JSP、ASP.NET。
1小时ASP快速入门,原文如下:
<1>
<%
语句
……
%>
<2>定义变量dim语句
<%
dim a,b
a=10
b=”ok!”
%>
注意:定义的变量可以是数值型,也可以是字符或者其他类型的
<3>简单的控制流程语句
1. If 条件1 then
语句1
elseif 条件2 then
语句2
else
语句3
endif
2.while 条件
语句
wend
3.for count=1 to n step m
语句1
exit for
语句2
next
二.ASP数据库简单*作教程
<1>.数据库连接(用来单独编制连接文件conn.asp)
<%
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("\bbs\db1\user.mdb")
%>
(用来连接bbs\db1\目录下的user.mdb数据库)
<2>显示数据库记录
原理:将数据库中的记录一一显示到客户端浏览器,依次读出数据库中的每一条记录
如果是从头到尾:用循环并判断指针是否到末 使用: not rs.eof
如果是从尾到头:用循环并判断指针是否到开始 使用:not rs.bof
<!--#include file=conn.asp--> (包含conn.asp用来打开bbs\db1\目录下的user.mdb数据库)
<%
set rs=server.CreateObject("adodb.recordset") (建立recordset对象)
sqlstr="select * from message" ---->(message为数据库中的一个数据表,即你要显示的数据所存放的数据表)
rs.open sqlstr,conn,1,3 ---->(表示打开数据库的方式)
rs.movefirst ---->(将指针移到第一条记录)
while not rs.eof ---->(判断指针是否到末尾)
response.write(rs("name")) ---->(显示数据表message中的name字段)
rs.movenext ---->(将指针移动到下一条记录)
wend ---->(循环结束)
------------------------------------------------------
rs.close
conn.close 这几句是用来关闭数据库
set rs=nothing
set conn=nothing
-------------------------------------------------------
%>
其中response对象是服务器向客户端浏览器发送的信息
<3>增加数据库记录
增加数据库记录用到rs.addnew,rs.update两个函数
<!--#include file=conn.asp--> (包含conn.asp用来打开bbs\db1\目录下的user.mdb数据库)
<%
set rs=server.CreateObject("adodb.recordset") (建立recordset对象)
sqlstr="select * from message" ---->(message为数据库中的一个数据表,即你要显示的数据所存放的数据表)
rs.open sqlstr,conn,1,3 ---->(表示打开数据库的方式)
rs.addnew 新增加一条记录
rs("name")="xx" 将xx的值传给name字段
rs.update 刷新数据库
------------------------------------------------------
rs.close
conn.close 这几句是用来关闭数据库
set rs=nothing
set conn=nothing
-------------------------------------------------------
%>
<4>删除一条记录
删除数据库记录主要用到rs.delete,rs.update
<!--#include file=conn.asp--> (包含conn.asp用来打开bbs\db1\目录下的user.mdb数据库)
<%
dim name
name="xx"
set rs=server.CreateObject("adodb.recordset") (建立recordset对象)
sqlstr="select * from message" ---->(message为数据库中的一个数据表,即你要显示的数据所存放的数据表)
rs.open sqlstr,conn,1,3 ---->(表示打开数据库的方式)
-------------------------------------------------------
while not rs.eof
if rs.("name")=name then
rs.delete
rs.update 查询数据表中的name字段的值是否等于变量name的值"xx",如果符合就执行删除,
else 否则继续查询,直到指针到末尾为止
rs.movenext
emd if
wend
------------------------------------------------------
------------------------------------------------------
rs.close
conn.close 这几句是用来关闭数据库
set rs=nothing
set conn=nothing
-------------------------------------------------------
%>
<5>关于数据库的查询
(a) 查询字段为字符型
<%
dim user,pass,qq,mail,message
user=request.Form("user")
pass=request.Form("pass")
qq=request.Form("qq")
mail=request.Form("mail")
message=request.Form("message")
if trim(user)&"x"="x" or trim(pass)&"x"="x" then (检测user值和pass值是否为空,可以检测到空格)
response.write("注册信息不能为空")
else
set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from user where user='"&user&"'" (查询user数据表中的user字段其中user字段为字符型)
rs.open sqlstr,conn,1,3
if rs.eof then
rs.addnew
rs("user")=user
rs("pass")=pass
rs("qq")=qq
rs("mail")=mail
rs("message")=message
rs.update
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("注册成功")
end if
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("注册重名")
%>
(b)查询字段为数字型
<%
dim num
num=request.Form("num")
set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from message where id="&num (查询message数据表中id字段的值是否与num相等,其中id为数字型)
rs.open sqlstr,conn,1,3
if not rs.eof then
rs.delete
rs.update
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("删除成功")
end if
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("删除失败")
%>
<6>几个简单的asp对象的讲解
response对象:服务器端向客户端发送的信息对象,包括直接发送信息给浏览器,重新定向URL,或设置cookie值
request对象:客户端向服务器提出的请求
session对象:作为一个全局变量,在整个站点都生效
server对象:提供对服务器上方法和属性的访问
(a) response对象的一般使用方法
比如:
<%
resposne.write("hello, welcome to asp!")
%>
在客户端浏览器就会看到 hello, welcome to asp! 这一段文字
<%
response.Redirect("www.sohu.com")
%>
如果执行这一段,则浏览器就会自动连接到 “搜狐” 的网址
关于response对象的用法还有很多,大家可以研究研究
request对象的一般使用方法
比如客户端向服务器提出的请求就是通过request对象来传递的
列如 :你在申请邮箱的所填写的个人信息就是通过该对象来将
你所填写的信息传递给服务器的
比如:这是一段表单的代码,这是提供给客户填写信息的,填写完了按
“提交”传递给request.asp文件处理后再存入服务器数据库
<form name="form1" method="post" action="request.asp">
<p>
<input type="text" name="user">
</p>
<p>
<input type="text" name="pass">
</p>
<p>
<input type="submit" name="Submit" value="提交">
</p>
</form>
那么request.asp该如何将其中的信息读入,在写入数据库,在这里就要用到
request对象了,下面我们就来分析request.asp的写法
<%
dim name,password (定义user和password两个变量)
name=request.form(“user”) (将表单中的user信息传给变量name)
password=request.form(“pass”) (将表单中的pass信息传给变量password)
%>
通过以上的几句代码我们就将表单中的数据读进来了,接下来我们要做的就是将
信息写入数据库了,写入数据库的方法上面都介绍了,这里就不一一复述了。
(通过上面的学习大家完全可以自己做一个留言版了)
ASP的函数详解
Array()
FUNCTION: 返回一个数组
SYNTAX: Array(list)
ARGUMENTS: 字符,数字均可
EXAMPLE: <%
Dim myArray()
For i = 1 to 7
Redim Preserve myArray(i)
myArray(i) = WeekdayName(i)
Next
%>
RESULT: 建立了一个包含7个元素的数组myArray
myArray("Sunday","Monday", ... ... "Saturday")
CInt()
FUNCTION: 将一个表达式转化为数字类型
SYNTAX: CInt(expression)
ARGUMENTS: 任何有效的字符均可
EXAMPLE: <%
f = "234"
response.write cINT(f) + 2
%>
RESULT: 236
转化字符"234"为数字"234",如果字符串为空,则返回0值
CreateObject()
FUNCTION: 建立和返回一个已注册的ACTIVEX组件的实例。
SYNTAX: CreateObject(objName)
ARGUMENTS: objName 是任何一个有效、已注册的ACTIVEX组件的名字.
EXAMPLE: <%
Set con = Server.CreateObject("ADODB.Connection")
%>
RESULT:
CStr()
FUNCTION: 转化一个表达式为字符串.
SYNTAX: CStr(expression)
ARGUMENTS: expression 是任何有效的表达式。
EXAMPLE: <%
s = 3 + 2
response.write "The result is: " & cStr(s)
%>
RESULT: 转化数字“5”为字符“5”。
Date()
FUNCTION: 返回当前系统日期.
SYNTAX: Date()
ARGUMENTS: None.
EXAMPLE: <%=Date%>
RESULT: 8/4/99
DateAdd()
FUNCTION: 返回一个被改变了的日期。
SYNTAX: DateAdd(timeinterval,number,date)
ARGUMENTS: timeinterval is the time interval to add; number is amount of time intervals to add; and date is the starting date.
EXAMPLE: <%
currentDate = #8/4/99#
newDate = DateAdd("m",3,currentDate)
response.write newDate
%>
<%
currentDate = #12:34:45 PM#
newDate = DateAdd("h",3,currentDate)
response.write newDate
%>
RESULT: 11/4/99
3:34:45 PM
"m" = "month";
"d" = "day";
If currentDate is in time format then,
"h" = "hour";
"s" = "second";
DateDiff()
FUNCTION: 返回两个日期之间的差值 。
SYNTAX: DateDiff(timeinterval,date1,date2 [, firstdayofweek [, firstweekofyear>>)
ARGUMENTS: timeinterval 表示相隔时间的类型,如“M“表示“月”。
EXAMPLE: <%
fromDate = #8/4/99#
toDate = #1/1/2000#
response.write "There are " & _
DateDiff("d",fromDate,toDate) & _
" days to millenium from 8/4/99."
%>
RESULT: 从8/4/99 到2000年还有 150 天.
Day()
FUNCTION: 返回一个月的第几日 .
SYNTAX: Day(date)
ARGUMENTS: date 是任何有效的日期。
EXAMPLE: <%=Day(#8/4/99#)%>
RESULT: 4
FormatCurrency()
FUNCTION: 返回表达式,此表达式已被格式化为货币值
SYNTAX: FormatCurrency(Expression [, Digit [, LeadingDigit [, Paren [, GroupDigit>>>>)
ARGUMENTS: Digit 指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置; LeadingDigit 三态常数,指示是否显示小数值小数点前面的零。
EXAMPLE: <%=FormatCurrency(34.3456)%>
RESULT: $34.35
FormatDateTime()
FUNCTION: 返回表达式,此表达式已被格式化为日期或时间
SYNTAX: FormatDateTime(Date, [, NamedFormat>)
ARGUMENTS: NamedFormat 指示所使用的日期/时间格式的数值,如果省略,则使用 vbGeneralDate.
EXAMPLE: <%=FormatDateTime("08/4/99", vbLongDate)%>
RESULT: Wednesday, August 04, 1999
FormatNumber()
FUNCTION: 返回表达式,此表达式已被格式化为数值.
SYNTAX: FormatNumber(Expression [, Digit [, LeadingDigit [, Paren [, GroupDigit>>>>)
ARGUMENTS: Digit 指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。; LeadingDigit i指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。; Paren 指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。; GroupDigit i指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。.
EXAMPLE: <%=FormatNumber(45.324567, 3)%>
RESULT: 45.325
FormatPercent()
FUNCTION: 返回表达式,此表达式已被格式化为尾随有 % 符号的百分比(乘以 100 )。 (%)
SYNTAX: FormatPercent(Expression [, Digit [, LeadingDigit [, Paren [, GroupDigit>>>>)
ARGUMENTS: 同上.
EXAMPLE: <%=FormatPercent(0.45267, 3)%>
RESULT: 45.267%
Hour()
FUNCTION: 以24时返回小时数.
SYNTAX: Hour(time)
ARGUMENTS:
EXAMPLE: <%=Hour(#4:45:34 PM#)%>
RESULT: 16
(Hour has been converted to 24-hour system)
Instr()
FUNCTION: 返回字符或字符串在另一个字符串中第一次出现的位置.
SYNTAX: Instr([start, > strToBeSearched, strSearchFor [, compare>)
ARGUMENTS: Start为搜索的起始值,strToBeSearched接受搜索的字符串 strSearchFor要搜索的字符compare 比较方式(详细见ASP常数)
EXAMPLE: <%
strText = "This is a test!!"
pos = Instr(strText, "a")
response.write pos
%>
RESULT: 9
InstrRev()
FUNCTION: 同上,只是从字符串的最后一个搜索起
SYNTAX: InstrRev([start, > strToBeSearched, strSearchFor [, compare>)
ARGUMENTS: 同上.
EXAMPLE: <%
strText = "This is a test!!"
pos = InstrRev(strText, "s")
response.write pos
%>
RESULT: 13
Int()
FUNCTION: 返回数值类型,不四舍五入。
SYNTAX: Int(number)
ARGUMENTS:
EXAMPLE: <%=INT(32.89)%>
RESULT: 32
IsArray()
FUNCTION: 判断一对象是否为数组,返回布尔值 .
SYNTAX: IsArray(name)
ARGUMENTS:
EXAMPLE: <%
strTest = "Test!"
response.write IsArray(strTest)
%>
RESULT: False
IsDate()
FUNCTION: 判断一对象是否为日期,返回布尔值
SYNTAX: IsDate(expression)
ARGUMENTS: expression is any valid expression.
EXAMPLE: <%
strTest = "8/4/99"
response.write IsDate(strTest)
%>
RESULT: True
IsEmpty()
FUNCTION: 判断一对象是否初始化,返回布尔值.
SYNTAX: IsEmpty(expression)
ARGUMENTS:
EXAMPLE: <%
Dim i
response.write IsEmpty(i)
%>
RESULT: True
IsNull()
FUNCTION: 判断一对象是否为空,返回布尔值.
SYNTAX: IsNull(expression)
ARGUMENTS:
EXAMPLE: <%
Dim i
response.write IsNull(i)
%>
RESULT: False
IsNumeric()
FUNCTION: 判断一对象是否为数字,返回布尔值.
SYNTAX: IsNumeric(expression)
ARGUMENTS:
EXAMPLE: <%
i = "345"
response.write IsNumeric(i)
%>
RESULT: True
就算数字加了引号,ASP还是认为它是数字。
IsObject()
FUNCTION: 判断一对象是否为对象,返回布尔值.
SYNTAX: IsObject(expression)
ARGUMENTS:
EXAMPLE: <%
Set con = Server.CreateObject("ADODB.Connection")
response.write IsObject(con)
%>
RESULT: True
LBound()
FUNCTION: 返回指定数组维的最小可用下标.
SYNTAX: Lbound(arrayname [, dimension>)
ARGUMENTS: dimension 指明要返回哪一维下界的整数。使用 1 表示第一维,2 表示第二维,以此类 推。如果省略 dimension 参数,默认值为 1.
EXAMPLE: <%
i = Array("Monday","Tuesday","Wednesday")
response.write LBound(i)
%>
RESULT: 0
LCase()
FUNCTION: 返回字符串的小写形式
SYNTAX: Lcase(string)
ARGUMENTS: string is any valid string expression.
EXAMPLE: <%
strTest = "This is a test!"
response.write LCase(strTest)
%>
RESULT: this is a test!
Left()
FUNCTION: 返回字符串左边第length个字符以前的字符(含第length个字符).
SYNTAX: Left(string, length)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!"
response.write Left(strTest, 3)
%>
RESULT: Thi
Len()
FUNCTION: 返回字符串的长度.
SYNTAX: Len(string | varName)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!"
response.write Len(strTest)
%>
RESULT: 15
LTrim()
FUNCTION: 去掉字符串左边的空格.
SYNTAX: LTrim(string)
ARGUMENTS:
EXAMPLE: <%
strTest = " This is a test!"
response.write LTrim(strTest)
%>
RESULT: This is a test!
Mid()
FUNCTION: 返回特定长度的字符串(从start开始,长度为length).
SYNTAX: Mid(string, start [, length>)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test! Today is Monday."
response.write Mid(strTest, 17, 5)
%>
RESULT: Today
Minute()
FUNCTION: 返回时间的分钏.
SYNTAX: Minute(time)
ARGUMENTS:
EXAMPLE: <%=Minute(#12:45:32 PM#)%>
RESULT: 45
Month()
FUNCTION: 返回日期.
SYNTAX: Month(date)
ARGUMENTS: date is any valid date expression.
EXAMPLE: <%=Month(#08/04/99#)%>
RESULT: 8
MonthName()
FUNCTION: Returns a string identifying the specified month.
SYNTAX: MonthName(month, [, Abb>)
ARGUMENTS: month is the numeric representation for a given month; Abb (optional) is a boolean value used to display month abbreviation. True will display the abbreviated month name and False (default) will not show the abbreviation.
EXAMPLE: <%=MonthName(Month(#08/04/99#))%>
RESULT: August
Now()
FUNCTION: Returns the current system date and time.
SYNTAX: Now()
ARGUMENTS: None
EXAMPLE: <%=Now%>
RESULT: 8/4/99 9:30:16 AM
Replace()
FUNCTION: Returns a string in which a specified sub-string has been replaced with another substring a specified number of times.
SYNTAX: Replace(strToBeSearched, strSearchFor, strReplaceWith [, start [, count [, compare>>>)
ARGUMENTS: strToBeSearched is a string expression containing a sub-string to be replaced; strSearchFor is the string expression to search for within strToBeSearched; strReplaceWith is the string expression to replace sub-string strSearchFor; start (optional) is the numeric character position to begin search; count (optional) is a value indicating the comparision constant.
EXAMPLE: <%
strTest = "This is an apple!"
response.write Replace(strTest, "apple", "orange")
%>
RESULT: This is an orange!
Right()
FUNCTION: 返回字符串右边第length个字符以前的字符(含第length个字符).
SYNTAX: Right(string, length)
ARGUMENTS: .
EXAMPLE: <%
strTest = "This is an test!"
response.write Right(strTest, 3)
%>
RESULT: st!
Rnd()
FUNCTION: 产生一个随机数.
SYNTAX: Rnd [ (number) >
ARGUMENTS:
EXAMPLE: <%
Randomize()
response.write RND()
%>
RESULT: 任何一个在0 到 1 之间的数
Round()
FUNCTION: 返回按指定位数进行四舍五入的数值.
SYNTAX: Round(expression [, numRight>)
ARGUMENTS: numRight数字表明小数点右边有多少位进行四舍五入。如果省略,则 Round 函数返回整数.
EXAMPLE: <%
i = 32.45678
response.write Round(i)
%>
RESULT: 32
Rtrim()
FUNCTION: 去掉字符串右边的字符串.
SYNTAX: Rtrim(string)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!! "
response.write RTrim(strTest)
%>
RESULT: This is a test!!
Second()
FUNCTION: 返回秒.
SYNTAX: Second(time)
ARGUMENTS: .
EXAMPLE: <%=Second(#12:34:28 PM#)%>
RESULT: 28
StrReverse()
FUNCTION: 反排一字符串
SYNTAX: StrReverse(string)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!!"
response.write StrReverse(strTest)
%>
RESULT: !!tset a si sihT
Time()
FUNCTION: 返回系统时间.
SYNTAX: Time()
ARGUMENTS: .
EXAMPLE: <%=Time%>
RESULT: 9:58:28 AM
Trim()
FUNCTION: 去掉字符串左右的空格.
SYNTAX: Trim(string)
ARGUMENTS: string is any valid string expression.
EXAMPLE: <%
strTest = " This is a test!! "
response.write Trim(strTest)
%>
RESULT: This is a test!!
UBound()
FUNCTION: 返回指定数组维数的最大可用下标.
SYNTAX: Ubound(arrayname [, dimension>)
ARGUMENTS: dimension (optional) 指定返回哪一维上界的整数。1 表示第一维,2 表示第二维,以此类推。如果省略 dimension 参数,则默认值为 1.
EXAMPLE: <%
i = Array("Monday","Tuesday","Wednesday")
response.write UBound(i)
%>
RESULT: 2
UCase()
FUNCTION: 返回字符串的大写形式.
SYNTAX: UCase(string)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!!"
response.write UCase(strTest)
%>
RESULT: THIS IS A TEST!!
VarType()
FUNCTION: 返回指示变量子类型的值
SYNTAX: VarType(varName)
ARGUMENTS:
EXAMPLE: <%
i = 3
response.write varType(i)
%>
RESULT: 2(数字)详见"asp常数"
WeekDay()
FUNCTION: 返回在一周的第几天.
SYNTAX: WeekDay(date [, firstdayofweek>)
ARGUMENTS: .
EXAMPLE: <%
d = #8/4/99#
response.write Weekday(d)
%>
RESULT: 4(星期三)
WeekDayName()
FUNCTION: 返回一周第几天的名字.
SYNTAX: WeekDayName(weekday [, Abb [, firstdayofweek>>)
ARGUMENTS: Abb可选。Boolean 值,指明是否缩写表示星期各天的名称。如果省略, 默认值为 False,即不缩写星期各天的名称.firstdayofweek指明星期第一天的数值
EXAMPLE: <%
d = #8/4/99#
response.write WeekdayName(Weekday(d))
%>
RESULT: Wednesday
Year()
FUNCTION: 返回当前的年份.
SYNTAX: Year(date)
ARGUMENTS:
EXAMPLE: <%=Year(#8/4/99#)%>
RESULT: 1999
ASP最新SQL防注入过滤涵数
>> CODE
Function Checkstr(Str)
If Isnull(Str) Then
CheckStr = ""
Exit Function
End If
Str = Replace(Str,Chr(0),"", 1, -1, 1)
Str = Replace(Str, """", """, 1, -1, 1)
Str = Replace(Str,"<","<", 1, -1, 1)
Str = Replace(Str,">",">", 1, -1, 1)
Str = Replace(Str, "script", "script", 1, -1, 0)
Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0)
Str = Replace(Str, "Script", "Script", 1, -1, 0)
Str = Replace(Str, "script", "Script", 1, -1, 1)
Str = Replace(Str, "object", "object", 1, -1, 0)
Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0)
Str = Replace(Str, "Object", "Object", 1, -1, 0)
Str = Replace(Str, "object", "Object", 1, -1, 1)
Str = Replace(Str, "applet", "applet", 1, -1, 0)
Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0)
Str = Replace(Str, "Applet", "Applet", 1, -1, 0)
Str = Replace(Str, "applet", "Applet", 1, -1, 1)
Str = Replace(Str, "[", "[")
Str = Replace(Str, "]", "]")
Str = Replace(Str, """", "", 1, -1, 1)
Str = Replace(Str, "=", "=", 1, -1, 1)
Str = Replace(Str, "'", "''", 1, -1, 1)
Str = Replace(Str, "select", "select", 1, -1, 1)
Str = Replace(Str, "execute", "execute", 1, -1, 1)
Str = Replace(Str, "exec", "exec", 1, -1, 1)
Str = Replace(Str, "join", "join", 1, -1, 1)
Str = Replace(Str, "union", "union", 1, -1, 1)
Str = Replace(Str, "where", "where", 1, -1, 1)
Str = Replace(Str, "insert", "insert", 1, -1, 1)
Str = Replace(Str, "delete", "delete", 1, -1, 1)
Str = Replace(Str, "update", "update", 1, -1, 1)
Str = Replace(Str, "like", "like", 1, -1, 1)
Str = Replace(Str, "drop", "drop", 1, -1, 1)
Str = Replace(Str, "create", "create", 1, -1, 1)
Str = Replace(Str, "rename", "rename", 1, -1, 1)
Str = Replace(Str, "count", "count", 1, -1, 1)
Str = Replace(Str, "chr", "chr", 1, -1, 1)
Str = Replace(Str, "mid", "mid", 1, -1, 1)
Str = Replace(Str, "truncate", "truncate", 1, -1, 1)
Str = Replace(Str, "nchar", "nchar", 1, -1, 1)
Str = Replace(Str, "char", "char", 1, -1, 1)
Str = Replace(Str, "alter", "alter", 1, -1, 1)
Str = Replace(Str, "cast", "cast", 1, -1, 1)
Str = Replace(Str, "exists", "exists", 1, -1, 1)
Str = Replace(Str,Chr(13),"<br>", 1, -1, 1)
CheckStr = Replace(Str,"'","''", 1, -1, 1)
End Function
1小时ASP快速入门,原文如下:
<1>
<%
语句
……
%>
<2>定义变量dim语句
<%
dim a,b
a=10
b=”ok!”
%>
注意:定义的变量可以是数值型,也可以是字符或者其他类型的
<3>简单的控制流程语句
1. If 条件1 then
语句1
elseif 条件2 then
语句2
else
语句3
endif
2.while 条件
语句
wend
3.for count=1 to n step m
语句1
exit for
语句2
next
二.ASP数据库简单*作教程
<1>.数据库连接(用来单独编制连接文件conn.asp)
<%
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("\bbs\db1\user.mdb")
%>
(用来连接bbs\db1\目录下的user.mdb数据库)
<2>显示数据库记录
原理:将数据库中的记录一一显示到客户端浏览器,依次读出数据库中的每一条记录
如果是从头到尾:用循环并判断指针是否到末 使用: not rs.eof
如果是从尾到头:用循环并判断指针是否到开始 使用:not rs.bof
<!--#include file=conn.asp--> (包含conn.asp用来打开bbs\db1\目录下的user.mdb数据库)
<%
set rs=server.CreateObject("adodb.recordset") (建立recordset对象)
sqlstr="select * from message" ---->(message为数据库中的一个数据表,即你要显示的数据所存放的数据表)
rs.open sqlstr,conn,1,3 ---->(表示打开数据库的方式)
rs.movefirst ---->(将指针移到第一条记录)
while not rs.eof ---->(判断指针是否到末尾)
response.write(rs("name")) ---->(显示数据表message中的name字段)
rs.movenext ---->(将指针移动到下一条记录)
wend ---->(循环结束)
------------------------------------------------------
rs.close
conn.close 这几句是用来关闭数据库
set rs=nothing
set conn=nothing
-------------------------------------------------------
%>
其中response对象是服务器向客户端浏览器发送的信息
<3>增加数据库记录
增加数据库记录用到rs.addnew,rs.update两个函数
<!--#include file=conn.asp--> (包含conn.asp用来打开bbs\db1\目录下的user.mdb数据库)
<%
set rs=server.CreateObject("adodb.recordset") (建立recordset对象)
sqlstr="select * from message" ---->(message为数据库中的一个数据表,即你要显示的数据所存放的数据表)
rs.open sqlstr,conn,1,3 ---->(表示打开数据库的方式)
rs.addnew 新增加一条记录
rs("name")="xx" 将xx的值传给name字段
rs.update 刷新数据库
------------------------------------------------------
rs.close
conn.close 这几句是用来关闭数据库
set rs=nothing
set conn=nothing
-------------------------------------------------------
%>
<4>删除一条记录
删除数据库记录主要用到rs.delete,rs.update
<!--#include file=conn.asp--> (包含conn.asp用来打开bbs\db1\目录下的user.mdb数据库)
<%
dim name
name="xx"
set rs=server.CreateObject("adodb.recordset") (建立recordset对象)
sqlstr="select * from message" ---->(message为数据库中的一个数据表,即你要显示的数据所存放的数据表)
rs.open sqlstr,conn,1,3 ---->(表示打开数据库的方式)
-------------------------------------------------------
while not rs.eof
if rs.("name")=name then
rs.delete
rs.update 查询数据表中的name字段的值是否等于变量name的值"xx",如果符合就执行删除,
else 否则继续查询,直到指针到末尾为止
rs.movenext
emd if
wend
------------------------------------------------------
------------------------------------------------------
rs.close
conn.close 这几句是用来关闭数据库
set rs=nothing
set conn=nothing
-------------------------------------------------------
%>
<5>关于数据库的查询
(a) 查询字段为字符型
<%
dim user,pass,qq,mail,message
user=request.Form("user")
pass=request.Form("pass")
qq=request.Form("qq")
mail=request.Form("mail")
message=request.Form("message")
if trim(user)&"x"="x" or trim(pass)&"x"="x" then (检测user值和pass值是否为空,可以检测到空格)
response.write("注册信息不能为空")
else
set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from user where user='"&user&"'" (查询user数据表中的user字段其中user字段为字符型)
rs.open sqlstr,conn,1,3
if rs.eof then
rs.addnew
rs("user")=user
rs("pass")=pass
rs("qq")=qq
rs("mail")=mail
rs("message")=message
rs.update
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("注册成功")
end if
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("注册重名")
%>
(b)查询字段为数字型
<%
dim num
num=request.Form("num")
set rs=server.CreateObject("adodb.recordset")
sqlstr="select * from message where id="&num (查询message数据表中id字段的值是否与num相等,其中id为数字型)
rs.open sqlstr,conn,1,3
if not rs.eof then
rs.delete
rs.update
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("删除成功")
end if
rs.close
conn.close
set rs=nothing
set conn=nothing
response.write("删除失败")
%>
<6>几个简单的asp对象的讲解
response对象:服务器端向客户端发送的信息对象,包括直接发送信息给浏览器,重新定向URL,或设置cookie值
request对象:客户端向服务器提出的请求
session对象:作为一个全局变量,在整个站点都生效
server对象:提供对服务器上方法和属性的访问
(a) response对象的一般使用方法
比如:
<%
resposne.write("hello, welcome to asp!")
%>
在客户端浏览器就会看到 hello, welcome to asp! 这一段文字
<%
response.Redirect("www.sohu.com")
%>
如果执行这一段,则浏览器就会自动连接到 “搜狐” 的网址
关于response对象的用法还有很多,大家可以研究研究
request对象的一般使用方法
比如客户端向服务器提出的请求就是通过request对象来传递的
列如 :你在申请邮箱的所填写的个人信息就是通过该对象来将
你所填写的信息传递给服务器的
比如:这是一段表单的代码,这是提供给客户填写信息的,填写完了按
“提交”传递给request.asp文件处理后再存入服务器数据库
<form name="form1" method="post" action="request.asp">
<p>
<input type="text" name="user">
</p>
<p>
<input type="text" name="pass">
</p>
<p>
<input type="submit" name="Submit" value="提交">
</p>
</form>
那么request.asp该如何将其中的信息读入,在写入数据库,在这里就要用到
request对象了,下面我们就来分析request.asp的写法
<%
dim name,password (定义user和password两个变量)
name=request.form(“user”) (将表单中的user信息传给变量name)
password=request.form(“pass”) (将表单中的pass信息传给变量password)
%>
通过以上的几句代码我们就将表单中的数据读进来了,接下来我们要做的就是将
信息写入数据库了,写入数据库的方法上面都介绍了,这里就不一一复述了。
(通过上面的学习大家完全可以自己做一个留言版了)
ASP的函数详解
Array()
FUNCTION: 返回一个数组
SYNTAX: Array(list)
ARGUMENTS: 字符,数字均可
EXAMPLE: <%
Dim myArray()
For i = 1 to 7
Redim Preserve myArray(i)
myArray(i) = WeekdayName(i)
Next
%>
RESULT: 建立了一个包含7个元素的数组myArray
myArray("Sunday","Monday", ... ... "Saturday")
CInt()
FUNCTION: 将一个表达式转化为数字类型
SYNTAX: CInt(expression)
ARGUMENTS: 任何有效的字符均可
EXAMPLE: <%
f = "234"
response.write cINT(f) + 2
%>
RESULT: 236
转化字符"234"为数字"234",如果字符串为空,则返回0值
CreateObject()
FUNCTION: 建立和返回一个已注册的ACTIVEX组件的实例。
SYNTAX: CreateObject(objName)
ARGUMENTS: objName 是任何一个有效、已注册的ACTIVEX组件的名字.
EXAMPLE: <%
Set con = Server.CreateObject("ADODB.Connection")
%>
RESULT:
CStr()
FUNCTION: 转化一个表达式为字符串.
SYNTAX: CStr(expression)
ARGUMENTS: expression 是任何有效的表达式。
EXAMPLE: <%
s = 3 + 2
response.write "The result is: " & cStr(s)
%>
RESULT: 转化数字“5”为字符“5”。
Date()
FUNCTION: 返回当前系统日期.
SYNTAX: Date()
ARGUMENTS: None.
EXAMPLE: <%=Date%>
RESULT: 8/4/99
DateAdd()
FUNCTION: 返回一个被改变了的日期。
SYNTAX: DateAdd(timeinterval,number,date)
ARGUMENTS: timeinterval is the time interval to add; number is amount of time intervals to add; and date is the starting date.
EXAMPLE: <%
currentDate = #8/4/99#
newDate = DateAdd("m",3,currentDate)
response.write newDate
%>
<%
currentDate = #12:34:45 PM#
newDate = DateAdd("h",3,currentDate)
response.write newDate
%>
RESULT: 11/4/99
3:34:45 PM
"m" = "month";
"d" = "day";
If currentDate is in time format then,
"h" = "hour";
"s" = "second";
DateDiff()
FUNCTION: 返回两个日期之间的差值 。
SYNTAX: DateDiff(timeinterval,date1,date2 [, firstdayofweek [, firstweekofyear>>)
ARGUMENTS: timeinterval 表示相隔时间的类型,如“M“表示“月”。
EXAMPLE: <%
fromDate = #8/4/99#
toDate = #1/1/2000#
response.write "There are " & _
DateDiff("d",fromDate,toDate) & _
" days to millenium from 8/4/99."
%>
RESULT: 从8/4/99 到2000年还有 150 天.
Day()
FUNCTION: 返回一个月的第几日 .
SYNTAX: Day(date)
ARGUMENTS: date 是任何有效的日期。
EXAMPLE: <%=Day(#8/4/99#)%>
RESULT: 4
FormatCurrency()
FUNCTION: 返回表达式,此表达式已被格式化为货币值
SYNTAX: FormatCurrency(Expression [, Digit [, LeadingDigit [, Paren [, GroupDigit>>>>)
ARGUMENTS: Digit 指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置; LeadingDigit 三态常数,指示是否显示小数值小数点前面的零。
EXAMPLE: <%=FormatCurrency(34.3456)%>
RESULT: $34.35
FormatDateTime()
FUNCTION: 返回表达式,此表达式已被格式化为日期或时间
SYNTAX: FormatDateTime(Date, [, NamedFormat>)
ARGUMENTS: NamedFormat 指示所使用的日期/时间格式的数值,如果省略,则使用 vbGeneralDate.
EXAMPLE: <%=FormatDateTime("08/4/99", vbLongDate)%>
RESULT: Wednesday, August 04, 1999
FormatNumber()
FUNCTION: 返回表达式,此表达式已被格式化为数值.
SYNTAX: FormatNumber(Expression [, Digit [, LeadingDigit [, Paren [, GroupDigit>>>>)
ARGUMENTS: Digit 指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。; LeadingDigit i指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。; Paren 指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。; GroupDigit i指示小数点右侧显示位数的数值。默认值为 -1,指示使用的是计算机的区域设置。.
EXAMPLE: <%=FormatNumber(45.324567, 3)%>
RESULT: 45.325
FormatPercent()
FUNCTION: 返回表达式,此表达式已被格式化为尾随有 % 符号的百分比(乘以 100 )。 (%)
SYNTAX: FormatPercent(Expression [, Digit [, LeadingDigit [, Paren [, GroupDigit>>>>)
ARGUMENTS: 同上.
EXAMPLE: <%=FormatPercent(0.45267, 3)%>
RESULT: 45.267%
Hour()
FUNCTION: 以24时返回小时数.
SYNTAX: Hour(time)
ARGUMENTS:
EXAMPLE: <%=Hour(#4:45:34 PM#)%>
RESULT: 16
(Hour has been converted to 24-hour system)
Instr()
FUNCTION: 返回字符或字符串在另一个字符串中第一次出现的位置.
SYNTAX: Instr([start, > strToBeSearched, strSearchFor [, compare>)
ARGUMENTS: Start为搜索的起始值,strToBeSearched接受搜索的字符串 strSearchFor要搜索的字符compare 比较方式(详细见ASP常数)
EXAMPLE: <%
strText = "This is a test!!"
pos = Instr(strText, "a")
response.write pos
%>
RESULT: 9
InstrRev()
FUNCTION: 同上,只是从字符串的最后一个搜索起
SYNTAX: InstrRev([start, > strToBeSearched, strSearchFor [, compare>)
ARGUMENTS: 同上.
EXAMPLE: <%
strText = "This is a test!!"
pos = InstrRev(strText, "s")
response.write pos
%>
RESULT: 13
Int()
FUNCTION: 返回数值类型,不四舍五入。
SYNTAX: Int(number)
ARGUMENTS:
EXAMPLE: <%=INT(32.89)%>
RESULT: 32
IsArray()
FUNCTION: 判断一对象是否为数组,返回布尔值 .
SYNTAX: IsArray(name)
ARGUMENTS:
EXAMPLE: <%
strTest = "Test!"
response.write IsArray(strTest)
%>
RESULT: False
IsDate()
FUNCTION: 判断一对象是否为日期,返回布尔值
SYNTAX: IsDate(expression)
ARGUMENTS: expression is any valid expression.
EXAMPLE: <%
strTest = "8/4/99"
response.write IsDate(strTest)
%>
RESULT: True
IsEmpty()
FUNCTION: 判断一对象是否初始化,返回布尔值.
SYNTAX: IsEmpty(expression)
ARGUMENTS:
EXAMPLE: <%
Dim i
response.write IsEmpty(i)
%>
RESULT: True
IsNull()
FUNCTION: 判断一对象是否为空,返回布尔值.
SYNTAX: IsNull(expression)
ARGUMENTS:
EXAMPLE: <%
Dim i
response.write IsNull(i)
%>
RESULT: False
IsNumeric()
FUNCTION: 判断一对象是否为数字,返回布尔值.
SYNTAX: IsNumeric(expression)
ARGUMENTS:
EXAMPLE: <%
i = "345"
response.write IsNumeric(i)
%>
RESULT: True
就算数字加了引号,ASP还是认为它是数字。
IsObject()
FUNCTION: 判断一对象是否为对象,返回布尔值.
SYNTAX: IsObject(expression)
ARGUMENTS:
EXAMPLE: <%
Set con = Server.CreateObject("ADODB.Connection")
response.write IsObject(con)
%>
RESULT: True
LBound()
FUNCTION: 返回指定数组维的最小可用下标.
SYNTAX: Lbound(arrayname [, dimension>)
ARGUMENTS: dimension 指明要返回哪一维下界的整数。使用 1 表示第一维,2 表示第二维,以此类 推。如果省略 dimension 参数,默认值为 1.
EXAMPLE: <%
i = Array("Monday","Tuesday","Wednesday")
response.write LBound(i)
%>
RESULT: 0
LCase()
FUNCTION: 返回字符串的小写形式
SYNTAX: Lcase(string)
ARGUMENTS: string is any valid string expression.
EXAMPLE: <%
strTest = "This is a test!"
response.write LCase(strTest)
%>
RESULT: this is a test!
Left()
FUNCTION: 返回字符串左边第length个字符以前的字符(含第length个字符).
SYNTAX: Left(string, length)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!"
response.write Left(strTest, 3)
%>
RESULT: Thi
Len()
FUNCTION: 返回字符串的长度.
SYNTAX: Len(string | varName)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!"
response.write Len(strTest)
%>
RESULT: 15
LTrim()
FUNCTION: 去掉字符串左边的空格.
SYNTAX: LTrim(string)
ARGUMENTS:
EXAMPLE: <%
strTest = " This is a test!"
response.write LTrim(strTest)
%>
RESULT: This is a test!
Mid()
FUNCTION: 返回特定长度的字符串(从start开始,长度为length).
SYNTAX: Mid(string, start [, length>)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test! Today is Monday."
response.write Mid(strTest, 17, 5)
%>
RESULT: Today
Minute()
FUNCTION: 返回时间的分钏.
SYNTAX: Minute(time)
ARGUMENTS:
EXAMPLE: <%=Minute(#12:45:32 PM#)%>
RESULT: 45
Month()
FUNCTION: 返回日期.
SYNTAX: Month(date)
ARGUMENTS: date is any valid date expression.
EXAMPLE: <%=Month(#08/04/99#)%>
RESULT: 8
MonthName()
FUNCTION: Returns a string identifying the specified month.
SYNTAX: MonthName(month, [, Abb>)
ARGUMENTS: month is the numeric representation for a given month; Abb (optional) is a boolean value used to display month abbreviation. True will display the abbreviated month name and False (default) will not show the abbreviation.
EXAMPLE: <%=MonthName(Month(#08/04/99#))%>
RESULT: August
Now()
FUNCTION: Returns the current system date and time.
SYNTAX: Now()
ARGUMENTS: None
EXAMPLE: <%=Now%>
RESULT: 8/4/99 9:30:16 AM
Replace()
FUNCTION: Returns a string in which a specified sub-string has been replaced with another substring a specified number of times.
SYNTAX: Replace(strToBeSearched, strSearchFor, strReplaceWith [, start [, count [, compare>>>)
ARGUMENTS: strToBeSearched is a string expression containing a sub-string to be replaced; strSearchFor is the string expression to search for within strToBeSearched; strReplaceWith is the string expression to replace sub-string strSearchFor; start (optional) is the numeric character position to begin search; count (optional) is a value indicating the comparision constant.
EXAMPLE: <%
strTest = "This is an apple!"
response.write Replace(strTest, "apple", "orange")
%>
RESULT: This is an orange!
Right()
FUNCTION: 返回字符串右边第length个字符以前的字符(含第length个字符).
SYNTAX: Right(string, length)
ARGUMENTS: .
EXAMPLE: <%
strTest = "This is an test!"
response.write Right(strTest, 3)
%>
RESULT: st!
Rnd()
FUNCTION: 产生一个随机数.
SYNTAX: Rnd [ (number) >
ARGUMENTS:
EXAMPLE: <%
Randomize()
response.write RND()
%>
RESULT: 任何一个在0 到 1 之间的数
Round()
FUNCTION: 返回按指定位数进行四舍五入的数值.
SYNTAX: Round(expression [, numRight>)
ARGUMENTS: numRight数字表明小数点右边有多少位进行四舍五入。如果省略,则 Round 函数返回整数.
EXAMPLE: <%
i = 32.45678
response.write Round(i)
%>
RESULT: 32
Rtrim()
FUNCTION: 去掉字符串右边的字符串.
SYNTAX: Rtrim(string)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!! "
response.write RTrim(strTest)
%>
RESULT: This is a test!!
Second()
FUNCTION: 返回秒.
SYNTAX: Second(time)
ARGUMENTS: .
EXAMPLE: <%=Second(#12:34:28 PM#)%>
RESULT: 28
StrReverse()
FUNCTION: 反排一字符串
SYNTAX: StrReverse(string)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!!"
response.write StrReverse(strTest)
%>
RESULT: !!tset a si sihT
Time()
FUNCTION: 返回系统时间.
SYNTAX: Time()
ARGUMENTS: .
EXAMPLE: <%=Time%>
RESULT: 9:58:28 AM
Trim()
FUNCTION: 去掉字符串左右的空格.
SYNTAX: Trim(string)
ARGUMENTS: string is any valid string expression.
EXAMPLE: <%
strTest = " This is a test!! "
response.write Trim(strTest)
%>
RESULT: This is a test!!
UBound()
FUNCTION: 返回指定数组维数的最大可用下标.
SYNTAX: Ubound(arrayname [, dimension>)
ARGUMENTS: dimension (optional) 指定返回哪一维上界的整数。1 表示第一维,2 表示第二维,以此类推。如果省略 dimension 参数,则默认值为 1.
EXAMPLE: <%
i = Array("Monday","Tuesday","Wednesday")
response.write UBound(i)
%>
RESULT: 2
UCase()
FUNCTION: 返回字符串的大写形式.
SYNTAX: UCase(string)
ARGUMENTS:
EXAMPLE: <%
strTest = "This is a test!!"
response.write UCase(strTest)
%>
RESULT: THIS IS A TEST!!
VarType()
FUNCTION: 返回指示变量子类型的值
SYNTAX: VarType(varName)
ARGUMENTS:
EXAMPLE: <%
i = 3
response.write varType(i)
%>
RESULT: 2(数字)详见"asp常数"
WeekDay()
FUNCTION: 返回在一周的第几天.
SYNTAX: WeekDay(date [, firstdayofweek>)
ARGUMENTS: .
EXAMPLE: <%
d = #8/4/99#
response.write Weekday(d)
%>
RESULT: 4(星期三)
WeekDayName()
FUNCTION: 返回一周第几天的名字.
SYNTAX: WeekDayName(weekday [, Abb [, firstdayofweek>>)
ARGUMENTS: Abb可选。Boolean 值,指明是否缩写表示星期各天的名称。如果省略, 默认值为 False,即不缩写星期各天的名称.firstdayofweek指明星期第一天的数值
EXAMPLE: <%
d = #8/4/99#
response.write WeekdayName(Weekday(d))
%>
RESULT: Wednesday
Year()
FUNCTION: 返回当前的年份.
SYNTAX: Year(date)
ARGUMENTS:
EXAMPLE: <%=Year(#8/4/99#)%>
RESULT: 1999
ASP最新SQL防注入过滤涵数
>> CODE
Function Checkstr(Str)
If Isnull(Str) Then
CheckStr = ""
Exit Function
End If
Str = Replace(Str,Chr(0),"", 1, -1, 1)
Str = Replace(Str, """", """, 1, -1, 1)
Str = Replace(Str,"<","<", 1, -1, 1)
Str = Replace(Str,">",">", 1, -1, 1)
Str = Replace(Str, "script", "script", 1, -1, 0)
Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0)
Str = Replace(Str, "Script", "Script", 1, -1, 0)
Str = Replace(Str, "script", "Script", 1, -1, 1)
Str = Replace(Str, "object", "object", 1, -1, 0)
Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0)
Str = Replace(Str, "Object", "Object", 1, -1, 0)
Str = Replace(Str, "object", "Object", 1, -1, 1)
Str = Replace(Str, "applet", "applet", 1, -1, 0)
Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0)
Str = Replace(Str, "Applet", "Applet", 1, -1, 0)
Str = Replace(Str, "applet", "Applet", 1, -1, 1)
Str = Replace(Str, "[", "[")
Str = Replace(Str, "]", "]")
Str = Replace(Str, """", "", 1, -1, 1)
Str = Replace(Str, "=", "=", 1, -1, 1)
Str = Replace(Str, "'", "''", 1, -1, 1)
Str = Replace(Str, "select", "select", 1, -1, 1)
Str = Replace(Str, "execute", "execute", 1, -1, 1)
Str = Replace(Str, "exec", "exec", 1, -1, 1)
Str = Replace(Str, "join", "join", 1, -1, 1)
Str = Replace(Str, "union", "union", 1, -1, 1)
Str = Replace(Str, "where", "where", 1, -1, 1)
Str = Replace(Str, "insert", "insert", 1, -1, 1)
Str = Replace(Str, "delete", "delete", 1, -1, 1)
Str = Replace(Str, "update", "update", 1, -1, 1)
Str = Replace(Str, "like", "like", 1, -1, 1)
Str = Replace(Str, "drop", "drop", 1, -1, 1)
Str = Replace(Str, "create", "create", 1, -1, 1)
Str = Replace(Str, "rename", "rename", 1, -1, 1)
Str = Replace(Str, "count", "count", 1, -1, 1)
Str = Replace(Str, "chr", "chr", 1, -1, 1)
Str = Replace(Str, "mid", "mid", 1, -1, 1)
Str = Replace(Str, "truncate", "truncate", 1, -1, 1)
Str = Replace(Str, "nchar", "nchar", 1, -1, 1)
Str = Replace(Str, "char", "char", 1, -1, 1)
Str = Replace(Str, "alter", "alter", 1, -1, 1)
Str = Replace(Str, "cast", "cast", 1, -1, 1)
Str = Replace(Str, "exists", "exists", 1, -1, 1)
Str = Replace(Str,Chr(13),"<br>", 1, -1, 1)
CheckStr = Replace(Str,"'","''", 1, -1, 1)
End Function
扫一扫
2021
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
