if ArticleId="" or Action<>"Del" then
FoundErr=True
ErrMsg=ErrMsg & "<br><li>参数不足!</li>"
end if
if FoundErr=False then
if instr(ArticleID,",")>0 then
dim idarr,i
idArr=split(ArticleID)
for i = 0 to ubound(idArr)
call DelArticle(clng(idarr(i)))
next
else
call DelArticle(clng(ArticleID))
end if
end if
if FoundErr=False then
call CloseConn()
response.Redirect "productmanage.asp"
else
call CloseConn()
call WriteErrMsg()
end if
sub DelArticle(ID)
PurviewChecked=False
sqlDel="select * from Product where ID=" & CLng(ID)
Set rsDel= Server.CreateObject("ADODB.Recordset")
rsDel.open sqlDel,conn,1,3
if FoundErr=False then
if DelUpFiles="Yes" and ObjInstalled=True then
dim fso,strUploadFiles,arrUploadFiles
strUploadFiles=rsDel("UploadFiles") & ""
if strUploadFiles<>"" then
Set fso = CreateObject("Scripting.FileSystemObject")
if instr(strUploadFiles,"|")>1 then
arrUploadFiles=split(strUploadFiles,"|")
for i=0 to ubound(arrUploadFiles)
if fso.FileExists(server.MapPath("../" & arrUploadfiles(i))) then
fso.DeleteFile(server.MapPath("../" & arrUploadfiles(i)))
end if
next
else
if fso.FileExists(server.MapPath("../" & strUploadfiles)) then
fso.DeleteFile(server.MapPath("../" & strUploadfiles))
end if
end if
Set fso = nothing
end if
end if
rsDel.delete
rsDel.update
set rsDel=nothing
'conn.execute "delete from Comment where ArticleID=" & CLng(ID)
end if
end sub
4.1.2 前台对数据的增查
前台就是用户所能看到的网页。
前台对数据的增、查也是对数据库的操作,和后台操作比起来,只是不能对其数据进行删除和修改,只能查看和增加,这样才会避免网站的数据被恶意的删除和修改。
用户通过是通过对网页功能的运用来对数据库进行操作的。至于内部怎么完成这些功能,是设计者通过特需的代码实现的。
下面的代码是关于查看的代码:
sub ShowAllClass()
if rsBigClass.bof and rsBigClass.eof then
response.Write " 没有任何栏目"
else
dim sqlClass,rsClass,strClassName,ClassN,product
product = trim(Request("product"))
Set rs= Server.CreateObject("ADODB.Recordset")
if product <>"" then
exec="select * from BigClass where BigClassName like '%"&product&+"%'"
set rs = conn.Execute(exec)
do while not rs.eof
strClassName= "【<a href='Product.asp?BigClassName=" & rs("BigClassName") & "'><b>" & rs("BigClassName") & "</b></a>】<br><br>"
sqlClass="select * from SmallClass where BigClassName='" & rs("BigClassName") & "' Order by SmallClassID"
Set rsClass= Server.CreateObject("ADODB.Recordset")
rsClass.open sqlClass,conn,1,1
do while not rsClass.eof
strClassName=strClassName & " <a href='Product.asp?BigClassName=" & rsClass("BigClassName") & "&SmallClassName=" & rsClass("SmallClassName") & "'>" & rsClass("SmallClassName") & "</a> "
rsClass.movenext
loop
response.write strClassName & "<br><br>"
rs.movenext
loop
else
exec="select * from BigClass"
set rs = conn.Execute(exec)
do while not rs.eof
strClassName= "【<a href='Product.asp?BigClassName=" & rs("BigClassName") & "'><b>" & rs("BigClassName") & "</b></a>】<br><br>"
sqlClass="select * from SmallClass where BigClassName='" & rs("BigClassName") & "' Order by SmallClassID"
Set rsClass= Server.CreateObject("ADODB.Recordset")
rsClass.open sqlClass,conn,1,1
do while not rsClass.eof
strClassName=strClassName & " <a href='Product.asp?BigClassName=" & rsClass("BigClassName") & "&SmallClassName=" & rsClass("SmallClassName") & "'>" & rsClass("SmallClassName") & "</a> "
rsClass.movenext
loop
response.write strClassName & "<br><br>"
rs.movenext
loop
end if
rsClass.close
set rsClass=nothing
rs.close
set rs = nothing
end if
end sub
