ASP Coding Optimization

Coding | optimization

ASP (Active Server Page) is an ISAPI based (Personal WEB server) &iis (internetinformation server) platform launched by Microsoft (PWS) ( INTERNETSERVICEAPI) Principle of Dynamic Web page development technology, is increasingly mature and perfect. Here are just some simple discussions about code optimization.

1. Declaring VBScript variables

In ASP, there is strong support for VBScript, the ability to seamlessly integrate VBScript functions, methods, so as to extend the existing functionality of the ASP to provide a great convenience. Since the concept of variable types has been blurred in ASP, many programmers are wont to declare VBScript variables in the process of interacting with VBScript, thus aggravating the resolution burden of the server and affecting the response request speed of the server.
For this reason, we can force a user to declare a variable in VBScript just as a variable declaration is enforced in VB. The implementation method is to place the <% optionexplicit%> at the beginning of the ASP program.

2, the URL address to encode

In our use of ASP dynamically generated with a parameter URL address and jump, in IE parsing is normal, but in the Netscrape browsing there are errors as follows:
HTTP Error 400
Bad Request
Due to malformed syntax, the request could not being understood by the server.
The client should not repeat the request without modifications.
The workaround is to URL-encode the generated URL parameters using the UrlEncode method of the ASP built-in server object, as shown in the following example:
<%
Url= "Xur.asp"
Var1= "username=" & Server. UrlEncode ("Xur")
Var2= "&company=" & Server. UrlEncode ("Xurstudio")
Var3= "&phone=" & Server. UrlEncode ("021-53854336-186")
Response.Redirect URL & "?" & Var1 & var2 & VAR3
%>

3, empty the object

When you finish working with the object, you first use the Close method to release the system resources occupied by the object, and then set the object value to "nothing" to free the object from memory. That's when I crashed my IIS on a page by creating a recordset that hundred didn't empty the object. The following code uses the database content to create a drop-down list. The code example is as follows:
<% mydsn= "Dsn=xur;uid=xur;pwd=xur"
Mysql= "SELECT * from authors where au_id<100"
Set Conntemp=server.createobject ("Adodb.connection")
Conntemp.open MyDSN
Set Rstemp=conntemp.execute (MySQL)
If Rstemp.eof Then
Response.Write "Database is empty"
Response.Write MySQL
Conntemp.close
Set conntemp=nothing
Response.End
End If%>
<%do until Rstemp.eof%>
<%
Rstemp.movenext
Loop
Rstemp.close
Set rstemp=nothing
Conntemp.close
Set conntemp=nothing
%>

4. Use string to establish SQL query

Using a string to establish a query does not speed up the resolution of the server, and, conversely, it increases the resolution time of the server. However, it is still recommended that you use strings instead of simple query statements to query. The advantage of doing this is that you can quickly discover where your program problems are, thus facilitating the efficient generation of programs. Examples are as follows:
<%mysql= "" SELECT * "
Mysql= MySQL & "From publishers"
Mysql= MySQL & "where state= ' NY"
Response.Write MySQL
Set Rstemp=conntemp.execute (MySQL)
Rstemp.close
Set rstemp=nothing
%>

5, use case to choose the conditions

When making a conditional selection, use the case statement as much as possible, avoiding the use of the IF statement. With case statements, you can process the program and execute it faster than if statements. Examples are as follows:
<%
For i = 1 to 1000
n = i
Response.Write Addsuffix (N) & "<br>"
NEXT
%>
<%
Function Addsuffix (num)
Numpart = Right (num,1)
SELECT Case Numpart
Case "1"
IF InStr (num, "one") THEN
num = num & "th"
ELSE
num = num & "St"
End IF
Case "2"
IF InStr (num, "a") THEN
num = num & "th"
ELSE
num = num & "nd"
End IF
Case "3"
IF InStr (num, "THEN")
num = num & "th"
ELSE
num = num & "rd"
End IF
Case "4"
num = num & "th"
Case ELSE
num = num & "th"
End SELECT
Addsuffix = num
End FUNCTION
%>

6. Open a Recordset using constants defined in the Adovbs.inc file

When you open a recordset, you can define the cursor type and lock type that the recordset opens. Some constants are defined in the Adovbs.inc file to define these types. The Adovbs.inc file is saved under the \inetpub\iissamples\iisamples directory. Several commonly used cursor types and locking types are listed below.
Cursor Type: Adopenfowardonly cursors can only forward, adOpenKeyset cursors can be forward or backward, and a new record will not appear in a recordset if the user adds a record; adopendynamic cursor dynamic The adOpenStatic recordset does not reflect changes to records caused by other users.
Lock type: Adlockreadoney cannot modify records in a recordset; adLockPessimistic locks a record when it is edited; locks a record when Adlockoptimstic calls the recordset Update method ; Adlockbatchopeimstic records can only be updated in batches.
<!--#INCLUDE virtual= "/adovbs. INC "-->
<%
Connectme= "Dsn=xur;uid=xur;pwd=xur"
Sqltemp= "SELECT * From Publishers where name= ' Xur '"
Set Rstemp=server.createobject ("ADODB. Recordset ")
Rstemp.open sqltemp, Connectme, adopenstatic,adlockoptimstic
Response.Write Rstemp.recordcount & "Records in<br>" & Sqltemp
Rstemp.close
Set rstemp=nothing
%>

7, avoid the use of global.asa files in the definition of objects

Because the contents of the Global.asa file can be referenced for all the files in the site, there is no doubt that the object definition in the Global.asa file can save a lot of duplication of effort. For example, in the Application_OnStart function in Global.asa, define the following:
<%sub Application_OnStart
Set Application ("Theconn") =server.createobject ("Adodb.connection")
End SUB%>;
This allows you to make similar references in any site code:
<%
Mysql= "SELECT * From Publishers where state= ' Xur '
Set Rstemp=application ("Theconn"). Execute (MySQL)
%>
Similarly, you can create a Recordset object in the Session_OnStart function
<%sub Session_OnStart
Set session ("Rstemp") =server.createobject ("Adodb.recordset")
End SUB%>
Then make the following reference in the site also:
<%
Mysql= "SELECT * From Publishers where state= ' Xur '
Set session ("Rstemp") =conntemp.execute (MySQL)
%>
But this also has a great negative impact, because application and session variables are only when the site is closed to release the resources occupied, so session parameters will waste a lot of unnecessary memory, and at this time application variable become server performance bottleneck.
Workaround: Create an ASP page for the definition object, and introduce the ASP page on the page where you need to invoke these objects. Assuming that the ASP page name of the defined object is define.asp, the page can be introduced as long as the following statement is added to the corresponding ASP page.
<!--#INCLUDE virtual= "/define.asp"-->
When introducing a page, it is best to not include <% @LANGUAGE = "VBSCRIPT"%> statements in the ASP file to be introduced. Because in an ASP file, there can be only one sentence parsing language defined by @.

8. Safety protection

ASP provides a good code protection mechanism in which all ASP code is executed on the server side and returned only to client code execution results. Even so, in the old version of IIS can also be in the back of the file name:: $DATA to view the ASP's source code, this is already in the Webserver security category is not covered in this article. Here are two simple security considerations.
Although it is recommended in ASP to introduce files to Inc as an extension, the ASP is still recommended as the extension of the primer file. When the code runs on a webserver that is not safe, you can browse the contents of the introduced file by simply entering the address of the address bar where you introduced the file (inc), because on webserver, if you don't have a dynamic connection library defined to resolve a type (such as Inc), The file is displayed in Source mode.
Do not put database files inside the structure of the site, so that when the malicious person to obtain the database path, you can easily access the database, and then arbitrarily change the database content. It is a good practice to establish a DSN (Datesource Name) for the database and access the DSN directly when making database access.