web| site
Note: Due to the hasty writing and the author's limited level, it is inevitable that there are mistakes.
The General large Web site has been increasingly using ASP to structure, but in small and medium business sites, the ASP still occupies a larger market range. ASP with its simple, short development cycle, easy to maintain the advantages of small and medium-sized site administrators. However, as far as I know, the full use of ASP to integrate the update maintenance site is only common in those real business sites or more mature technology sites, more sites have only a few independent columns in the use of ASP programs. This is the characteristics of site management is too dispersed, such as: Each entry into a column management must enter a different account number and password. Not only waste the administrator's energy, but also aggravated the site's maintenance difficulty degree. And we see those single column use of ASP programs are looking for the source code from the Internet, so that your site security will also be a certain threat, because the source code is open online, everyone can study this code, of course, the consequences you know, The security of the ASP is a long-term concern of the user, and is open source code is more dangerous. Of course, I do not disapprove of the use of online source code, just hope that you can pay attention to this problem, do not fully believe in copycat, the modification of the place or to be modified, the place to play patches or to be patched (of course, is not to let you modify the copyright information of others).
To sum up, I think that all of the ASP have a certain understanding of people can develop their own set of whole station system, and make integrated. The purpose of this topic is to guide you through the establishment of a complete Web dynamic site.
In order to enable readers at all levels to understand this article, it is necessary to first talk about the following words:
If you are a beginner, what should you master?
The necessary VBScript and JavaScript. VBS as the main ASP programming language from Visual Basic, learned VB people can quickly grasp, JavaScript needless to say, embedded in the Web page, the client uses the ordinary scripting language. You'd better have some knowledge of HTML language, or you'll feel annoyed.
The base of SQL statement is also the foundation!
You don't have to master all the basics at the beginning.
Premise: We will use the most basic statements and functions to write a set of web dynamic site of the whole station system.
As long as you carefully read this topic, you can basically master the idea of Web site development, and has been able to give practical applications. Of course, with the depth of learning, you can add more features or improve the program algorithm.
(1) Analysis of the requirements of the website:
A lot of people have overlooked this, they think that the development of Web site programs do not need to use the idea of software engineering, in fact, will eventually lead to the chaos of the Web site, such as: Some people think of what to develop the site would not want to start writing code directly, think of what to write, until they have finished, To find out what else I need not write, and then immediately return the code. In this way, it makes the program extremely easy to make mistakes. So in the beginning, it's a good idea. Like software engineering, the requirements analysis of Web site development should include the basic requirements of the developed web system, such as: function, performance, user group, basic data flow and process, security and confidentiality requirements. Web system goals, conditions, assumptions, constraints, and so on.
In detail, on our site, it is a technical site, it should include news systems, article systems, download systems and so on, then these systems need to have what function is we want to analyze the problem.
Here we will analyze the features to be implemented from the example:
News system: The most important point of a news system is to be able to convey news to users in real time, what functions should the news system have? Publish time, click Times, insert pictures, and some comments about the news source. Of course release time these are very easy to implement the function. Insert picture can use HTML function, UBB conversion table or upload picture to solve, these methods this article is no longer one by one elaboration, you can refer to the relevant information.
In fact, no matter what the system is, when you start with a detailed analysis of its needs, it is certainly more efficient than what you think. If it is convenient to use a computer or paper to the development of the web system needs to record, in the development process can also be used for reference. Here also have to mention a topic is about user authentication, generally we authenticate users using session and Cookie,session variables and cookies are the same type. If a user sets the browser to be incompatible with any cookies, the user cannot use the session variable and cookies. In general, I personally recommend the use of the session for webmaster operations, because our theme is the development of the Web site, then the administrator is sure to be in multiple management page jump, where the session is very convenient. If you authenticate the user, you can use cookies, such as the user can set the Force browser to store cookies on the computer, Just use the response.cookies expires attribute to do it easily, and the point is that because SessionID information is very easy to lose, for a user that long time access to a cluster, you must store a dedicated cookie in the user's Web browser and cook IE information is saved to the database to create a user identity.
The above section we talked about the Web site development of the early requirements analysis, I personally think is a very important step in the website project.
(2) Organize and manage the site structure
Often in the development of a certain size of the site, so that the site has a good directory structure is a noteworthy problem. Applications in business often require the ability to run scripts and components within a transaction. A transaction is a server-side operation, simply saying that even if the operation contains many steps, such as placing an order, viewing an order, printing an order, and so on, it is only a success or failure to return the operation as a whole. The user can create an ASP script that runs inside a transaction, and if any part of the textbooks fails, the entire transaction terminates.
Here we want to elaborate is not the application of transactional scripts in the whole station, but to let you in the development of the numerous files, many operations confused the head.
The proper organization of file names. For example: We name the admin page as admin.asp, and the pages in the Admin page that operate on each column can be underlined and then killed by the name of the column, such as the News management page admin_news.asp, download the admin page admin_ Download.asp
About placement of files. I am only here to explain the practice, I believe you can have their own views. Place all management action pages under the same directory for easier administration and allocation of permissions. Each column user page can be placed under a directory for easy management. The database can be placed under a unified directory.
How to reduce the number of files. You don't have to create a lot of pages for each add, delete, modify, or other operation, you can use the parameters to reduce the page, for example, in the admin page admin_news.asp, when the admin_news.asp?action=addnew to perform the add operation, When admin_news.asp?action=del the deletion operation, this will greatly enhance your site integration level.
Code that can be reused. Many of the code can be reused, such as UBB conversion tables, and so on, you can put them in a single directory.
(3) Development of background management
I do not know if you developers are the same as me, first of all after the background development and then the foreground development. Or you are mixed up to do it. However, I think it is more appropriate to develop the background first. We talked about the first to analyze the system, to achieve what functions in their hearts to have a bottom. Doing so will be more effective and will reduce the number of unnecessary mistakes. Background management has the following features:
1) User authentication
2) Add Web site data
3) Modify the website data
4) Delete site data
5 Site System settings
6) Site Access statistics
7) Collect user information
...
How to put together their agreed management is the problem we have to solve. For example, user authentication we can achieve this:
<%
...
Username=replace (Trim (Request ("username"), "", "")
Password=replace (Trim (Request ("password"), "", "")
Set Rs=server.createobject ("Adodb.recordset")
Sql= "SELECT * from admin where password=" &password& "and Username=" &username& ""
Rs.Open sql,conn,1,1
If not (RS.BOF and rs.eof) then
If Password=rs ("password") then
Session ("admin") =rs ("username")
Session ("Flag") =rs ("flag")
Else
End If
Else
End If
...
%>
Username and password are the values that are passed in from the user form input, and you must be careful to use the replace process to compare with the values stored in the database. Because we know that username=username is identical, we must remove the user input.
After validation, a session variable is established, which can be easily managed in each management page.
The page that you want to authenticate to the user can be written like this:
<%if session ("admin") = "" Then
Response.Write "No Access"
Else
...
End If
%>
Someone in the data processing page will forget to write this validation, which is very dangerous, users can illegally submit data through this flaw.
Again, how to collect user information doesn't seem to involve much technology, can generally do so, such as your site's characteristics are to provide independent property rights of the software download, you can let users fill in the download before the User information table, this method used in foreign sites more, in China is still very rare, my site has this function, Let me easily know that there are more users from the United States and New Zealand.
In the background management development is often encountered this problem, for different administrators to assign different permissions. Only the whole station system of West Road tells a method. When we validate the user, we also write flag to the session variable, we can judge the user level by flag, of course, if you have assigned a different value for flag. This can be achieved by:
<%
Select Case session ("flag")
Case "1"
Case "9"
Case "10"
Case Else
%>
<script language= "JavaScript" >
if (Confirm ("You do not have enough permissions (to enter the site news Setup interface requires 1th or 9, Level 10 permissions), the system denies your access, please click OK to return, or click Cancel to sign out again")
Location.href= "admin.asp";
Else
Location.href= "quit.asp";
</script>
<%end select%>
The above identifies three levels of administrators who can access the action page. Of course, this is just a simple verification method, but you can also use the Split function to determine the user permissions.