Example:
For example: Enter the field name: Username,password,email,telphone
Note: Different field names are separated by commas in English and do not support asterisks
Table name Enter the table name to query: such as: table1
Front desk Form page:
The main note is the Name property of the input field.
The commonly used code for adding data under ASP is:
Through Adodb.recordset
The advantage is: Database warehousing is relatively simple, do not consider the single quotation mark problem. There is no easy error.
Copy Code code as follows:
Username = Request ("username")
Password = Request ("password")
email = Request ("email")
Telphone = Request ("Telphone")
Sql= "SELECT * FROM table1"
Rs.Open sql,conn,1,3
Rs.addnew
RS ("username") =username
RS ("password") =password
RS ("email") =email
RS ("Telphone") =telphone
Rs.update
Rs.close
The second method is through the SQL data, to achieve high efficiency in warehousing, but prone to problems, need to consider single quotes and so on.
The code above is actually an encapsulation of the SQL INSERT statement.
Copy Code code as follows:
Set Conn=server.createobject ("Adodb.connection")
' Create a Recordset object method
Set Rst=server.createobject ("Adodb.recordset")
Set Rst1=conn.execute ("INSERT into User (U_user,u_pass) VALUES ('" &request.form ("U_user") & "', '" & Request.Form ("U_pass") & "')"
Cloud Habitat Community Friendship Reminder: In order to security considerations, in many cases, the user input to the content, the conversion of the antisense. such as using
Username=server.htmlencode (Request ("username"))
This eliminates the operation of some scripts, such as <script> will become <script>
