<% ’On Error Resume Next Class ConnEx public ConnEx public DBpath ’---------数据库路径 public DBtype ’---------数据库类型 1(Access) 2(SqlServer) 3(可扩充) public ConnMethod ’--------连接方式 (DSN,非DSN) public User public Pass Sub Class_initialize End Sub
Sub Init() ConnStr = "Driver={Microsoft Access Driver (*.mdb)};dbq="&Server.MapPath("Date.mdb") Set ConnEx = Server.Createobject("ADODB.CONNECTION") ConnEx.Open ConnStr CatchError("Class_Terminate") End Sub
Sub CatchError( Str ) If Err Then Err.Clear Class_Terminate() Response.Write("捕捉到错误,程序结束!在"&Str&"处") Response.End() End If End Sub
’****************************************** ’*通过SQL语句来查找记录是否存在,容易出错 ’******************************************
Function HasRecordBySql( Sql ) Call CheckSql(Sql,"R") Dim Rs,HasR Set Rs = ConnEx.Execute( Sql ) CatchError("HasReordSql") If Not (Rs.eof Or Rs.bof) Then HasR = False Else HasR = True End If Rs.Close Set Rs = Nothing HasRecordBySql = HasR End Function
’*************************************** ’*通过ID来查找记录是否存在 ’***************************************
Function HasRecordById( StrTableName , IntID ) ’CheckValue( IntID , 1 ) Dim Rs,HasR Sql = "Select top 1 * from "&StrTableName&" Where Id = "&IntID Call CheckSql(Sql,"R") Set Rs = ConnEx.Execute(Sql) CatchError("HasRecordByID") If Not (Rs.eof Or Rs.bof) Then HasR = False Else HasR = True End If Rs.close Set Rs = Nothing HasRecordById = HasR End Function
’********************************************** ’*通过SQL语句取得记录集 ’********************************************** Function GetRsBySql( Sql ) Call CheckSql(Sql,"R") Dim Rs Set Rs = Server.CreateObject("Adodb.RecordSet") Rs.Open Sql,ConnEx,1,1 Set GetRsBySql = Rs End Function
’********************************************* ’*取得某个字段的值 ’********************************************* Function GetValueBySql( Sql ) Call CheckSql(Sql,"R") Dim Rs,ReturnValue Set Rs = ConnEx.Execute(Sql) CatchError("GetValueBySql") If Not( Rs.Eof Or Rs.Bof ) Then ReturnValue = Rs(0) Else ReturnValue = "没有记录" End If Rs.Close Set Rs = Nothing GetValueBySql = ReturnValue End Function
’==================================================Update,Insert===================================
’********************************************* ’*利用SQL修改数据 ’********************************************* Function UpdateBySql( Sql ) Call CheckSql(Sql,"w") ConnEx.Execute(Sql) CatchError("UpdateBySql") UpdateBySql = True End Function
’******************************************** ’*利用SQL语句插入数据 ’******************************************** Function InsertBySql(Sql) Call CheckSql(Sql,"w") ConnEx.Execute(Sql) CatchError("InsertBySql") InsertBySql = True End Function
’======================================================Delete========================================
’******************************************** ’*通过SQL语句删除 ’******************************************** Function DeleteBySql( Sql ) Call CheckSql(Sql,"D") ConnEx.Execute(Sql) CatchError("DeleteBySql") DeleteBySql = True End Function
’******************************************** ’*检查SQL语句权限,根据标志Flag 来检测语句拥有的权限 ’******************************************** Sub CheckSql( Sql , Flag ) Dim StrSql,SinCounts,DouCounts,i StrSql = Lcase(Sql) SinCounts = 0 DouCounts = 0 For i = 1 to Len(StrSql) If Mid(StrSql,i,1) = "’" Then SinCounts = SinCounts + 1 If Mid(StrSql,i,1) = """" Then DouConnts = DouCounts + 1 Next
If (SinCounts Mod 2) <> 0 Or (DouCounts Mod 2) <> 0 Or Instr(StrSql,";") > 0 Then Call Class_Terminate() Response.Write("SQL语法错误!") Response.End() End If Select Case Flag Case "R","r": If Instr(StrSql,"delete") > 0 Or Instr(StrSql,"update") Or Instr(StrSql,"drop") > 0 Or Instr(StrSql,"insert") > 0 Then Class_Terminate() Response.Write("权限不足,没有执行写操作的权限") Response.End() End If Case "W","w": If Instr(StrSql,"delete") > 0 Or Instr(StrSql,"drop") > 0 Or Instr(StrSql,"select") > 0 Then Class_Terminate() Response.Write("权限不足,没有执行删除操作的权限") Response.End() End If Case "D","d": Case Else: Response.Write("函数CheckSql标志错误!") End Select End Sub
Sub Class_Terminate If Not IsEmpty(FriendConn) Then FriendConn.Close Set FriendConn = Nothing CatchError() End If End Sub End Class %>
|