I haven't written ASP for a long time. I think it's a little difficult to write a message board this time. I 've been writing it for a whole day, haha.
There is only one message, and nothing else is written. It adopts a three-tier structure (I don't know if it is not counted, so I was confused about the three-tier concept)
This is a demonstration of the message board www.zj55.com. If you discover any vulnerability, please let me know here. Never let me know. Thank you first.
index. ASP
<% @ codePage = 65001%>
<%
Option explicit
%>
<% response. charset = "UTF-8" %>
<% session. codePage = 65001%>
<%
dim mybll
dim mylist
set mybll = new bll_guest
select case request ("tcmd ")
case "save"
mybll. insert ()
case "Del"
mybll. delete ()
end select
mylist = mybll. findbypage ()
%>
customer message
<% = mylist %>
Bll_guest.asp
<%
'// <Summary>
'// Summary.
'// </Summary>
Class bll_guest
Private mycom, mymod, mydal
Private Li, UL
Private del
'Get Information
Public sub getguest ()
Mydal. getguest (ID)
End sub
'Add information
Public sub insert ()
Mymod. content = request ("content ")
Mymod. Re = request ("re ")
Mymod. addtime = now ()
Mymod. IP = request. servervariables ("http_x_forwarded_for ")
If Len (mymod. IP) <= 0 then mymod. IP = request. servervariables ("remote_addr ")
Call mydal. insert (mymod)
End sub
'Update Information
Public sub Update ()
Call mydal. Update (mymod)
End sub
'Delete Information
Public sub Delete ()
Mydal. Delete (Request ("ID "))
End sub
'Query Information
Public Function findbypage ()
Dim pagesize, currentpage, wherevalue, ordervalue, recordcount
Dim objrs
Dim tmp1, tmp2, tmp3, parms, I
Dim tcmd
Tcmd = request ("tcmd ")
Pagesize = "8"
Currentpage = request ("pageno ")
If Len (currentpage) <= 0 then
Currentpage = 1
End if
Wherevalue = ""
Ordervalue = "ID"
Set objrs = mydal. findbypage (pagesize, CurrentPage-1, wherevalue, ordervalue)
I = 1
Recordcount = mydal. Count (wherevalue)
Do while not objrs. EOF
If tcmd = "Del" then
Del = "<a href = ""? Tcmd = del & id = "& objrs (" ID ") &" "> Delete </a>"
Else
Del = ""
End if
Parms = array (I, objrs ("content"), objrs ("ip"), objrs ("addtime"), del)
Tmp1 = tmp1 & mycom. Format (Li, parms)
Objrs. movenext
I = I + 1
Loop
Tmp3 = mycom. Page (pagesize, currentpage, recordcount, "guest/index. asp? Tcmd = List ")
Parms = array (tmp1, tmp3)
Tmp2 = tmp2 & mycom. Format (UL, parms)
Findbypage = tmp2
End Function
Private sub class_initialize ()
Li = "<li> <span >{0} </span> <span >{1} </span> <br/> <span> author: {2} </span> <span >{3} </span> <span >{4} </span> </LI> "& vbcrlf
Ul = "<ul> {0} <li> {1} </LI> </ul>"
Del = ""
Set mycom = new common
Set mymod = new mod_guest
Set mydal = new dal_guest
End sub
Private sub class_terminate ()
Set mycom = nothing
Set mymod = nothing
Set mydal = nothing
End sub
End Class
%>
Dal_guest.asp
<%
'// <Summary>
'// Summary.
'// </Summary>
Class dal_guest
Private SQL _01
Private SQL _02
Private SQL _03
Private SQL _04
Private SQL _05
Private SQL _06
Private SQL _07
Private mycom, myacc, mymod
'// <Summary>
'// Obtain information
'// </Summary>
'// <Param name = "ID"> determine a field </param>
'// <Returns> information body </returns>
Public Function getguest (ID)
Dim parms, SQL, objrs
Parms = array (ID)
SQL = mycom. Format (SQL _01, parms)
Set objrs = myacc. executereader (myacc. conn_string, SQL)
If not objrs. EOF then
Call mymod. setvar (objrs ("ID"), objrs ("content"), objrs ("re"), objrs ("addtime"), objrs ("ip "))
Set getguest = mymod
Else
Getguest = NULL
End if
End Function
'// <Summary>
'// Insert information
'// </Summary>
'// <Param name = ""> information body </param>
Public sub insert (vmod)
Dim parms, SQL
Parms = array (vmod. Content, vmod. Re, vmod. addtime, vmod. IP)
SQL = mycom. Format (SQL _02, parms)
Call myacc. executereader (myacc. conn_string, SQL)
End sub
'// <Summary>
'// Update information
'// </Summary>
'// <Param name = ""> information body </param>
Public sub Update (vmod)
Dim parms, SQL
Parms = array (vmod. ID, vmod. Content, vmod. Re, vmod. addtime, vmod. IP)
SQL = mycom. Format (SQL _03, parms)
Call myacc. executereader (myacc. conn_string, SQL)
End sub
'// <Summary>
'// Delete information
'// </Summary>
'// <Param name = ""> information body </param>
Public sub Delete (ID)
Dim parms, SQL
Parms = array (ID)
SQL = mycom. Format (SQL _04, parms)
Call myacc. executenonquery (myacc. conn_string, SQL)
End sub
'// <Summary>
'// Statistics
'// </Summary>
'// <Param name = ""> information body </param>
Public Function count (wherevalue)
Dim parms, SQL, objrs
Parms = array (wherevalue)
SQL = mycom. Format (SQL _07, parms)
Set objrs = myacc. recordset (myacc. conn_string, SQL)
Count = objrs. recordcount
End Function
'// <Summary>
'// List all information based on conditions (with pagination)
'// </Summary>
'// <Param name = "pagesize"> Number of records per page </param>
'// <Param name = "currentpage"> page number </param>
'// <Param name = "wherevalue"> value </param>
'// <Param name = "ordervalue"> sort </param>
'// <Returns> Returns objrs </returns>
Public Function findbypage (pagesize, currentpage, wherevalue, ordervalue)
Dim parms, SQL, objrs
Dim S1
If currentpage = "0" then
S1 = pagesize & "|" + ordervalue & "|" & wherevalue
Parms = Split (S1, "| ")
SQL = mycom. Format (SQL _05, parms)
Else
S1 = pagesize & "|" & ordervalue & "|" + wherevalue & "|" & currentpage * pagesize
Parms = Split (S1, "| ")
SQL = mycom. Format (SQL _06, parms)
End if
Set objrs = myacc. executereader (myacc. conn_string, SQL)
Set findbypage = objrs
End Function
Private sub class_initialize ()
SQL _01 = "select * from [Guest] Where id = {0 }"
SQL _02 = "insert into [Guest] ([content], [re], [addtime], [IP]) values ('{0}', '{1 }', '{2}', '{3 }')"
SQL _03 = "Update [Guest] Set [content] = '{1}', [re] = '{2}', [addtime] = '{3 }', [IP] = '{4}' Where id = {0 }"
SQL _04 = "delete from [Guest] Where ID in ({0 })"
SQL _05 = "select top {0} * from [Guest] Where content like '% {2} %' order by {1} DESC, Id DESC"
SQL _06 = "select top {0} * from [Guest] Where content like '% {2} %' and id not in (select top {3} ID from [Guest] Where content like '% {2} %' order by {1} DESC, id DESC) order by {1} DESC, Id DESC"
SQL _07 = "select * from [Guest] Where content like '% {0} % '"
Set mycom = new common
Set myacc = new acchelper
Set mymod = new mod_guest
End sub
Private sub class_terminate ()
Set mycom = nothing
Set myacc = nothing
Set mymod = nothing
End sub
End Class
%>
Mod_guest.asp
<%
'// <Summary>
'// Summary.
'// </Summary>
Class mod_guest
Public ID
Public content
Public re
Public addtime
Public IP
Public sub setvar (VID, vcontent, VRE, vaddtime, VIP)
Id = vid
Content = vcontent
Re = vcontent
Addtime = vaddtime
IP = VIP
End sub
End Class
%>
Common. asp
<%
'// <Summary>
'// Summary
'// </Summary>
Class common
'// <Summary>
'// Obtain information
'// </Summary>
'// <Param name = "ID"> required content </param>
'// <Param name = "ID"> replace keyword </param>
'// <Returns> formatted content </returns>
Public Function Format (STR, arr)
Dim R, I
R = Str
For I = 0 to ubound (ARR)
R = Replace (R, "{" & I & "}", arr (I ))
Next
Format = r
End Function
Public Function page (pagesize, currentpage, recordcount, pageurl)
const c_recordcount = "Total {0} | "
const c_firstpage1 = " homepage "
const c_firstpage2 =" Homepage "
const c_prevpage1 =" previous page "
const c_prevpage2 =" Previous Page "
const c_nextpage1 =" next page "
const c_nextpage2 =" next page "
const c_lastpage1 =" last page "
const c_lastpage2 =" last page "
const c_currentpage =" Page times: {0} /{1} page"
const c_pagesize = " {0} Article/page "
const c_gotopage =" Jump:
Dim pagecount, pages
Dim lrecordcount, lfirstpage, lprevpage, lnextpage, llastpage, lcurrentpage, lpagesize, lgotopage
Dim P, parms
If recordcount mod pagesize <> 0 then
Pages = 1
Else
Pages = 0
End if
Pagecount = CINT (recordcount/pagesize + pages)
Parms = array (recordcount)
Lrecordcount = format (c_recordcount, parms)
If CINT (currentpage)> 1 then
Parms = array (pageurl, 1)
Lfirstpage = format (c_firstpage1, parms)
Parms = array (pageurl, CINT (currentpage)-1)
Lprevpage = format (c_prevpage1, parms)
Else
Lfirstpage = c_firstpage2
Lprevpage = c_prevpage2
End if
If CINT (currentpage) <pagecount then
Parms = array (pageurl, CINT (currentpage) + 1)
Lnextpage = format (c_nextpage1, parms)
Parms = array (pageurl, CINT (currentpage) + 1)
Llastpage = format (c_lastpage1, parms)
Else
Lnextpage = c_nextpage2
Llastpage = c_lastpage2
End if
Parms = array (currentpage, pagecount)
Lcurrentpage = format (c_currentpage, parms)
Parms = array (pagesize)
Lpagesize = format (c_pagesize, parms)
Parms = array (pageurl, currentpage)
Lgotopage = format (c_gotopage, parms)
P = lrecordcount & lfirstpage & lprevpage & lnextpage & llastpage & lcurrentpage & lpagesize & lgotopage
Page = P
End Function
End Class
%>
Acchelper. asp
<%
'// <Summary>
'// Acchelper's summary.
'// </Summary>
Class acchelper
Public conn_string
'// <Summary>
'// Execute executenonquery
'// </Summary>
'// <Param name = "connstring"> connection character </param>
'// <Param name = "plain text"> SQL command </param>
Public Function executenonquery (connstring, plain text)
Dim objconn
Set objconn = server. Createobject ("ADODB. Connection ")
Objconn. Open connstring
Objconn. Execute (plain text)
End Function
'// <Summary>
'// Execute executereader
'// </Summary>
'// <Param name = "connstring"> connection character </param>
'// <Param name = "plain text"> SQL command </param>
'// <Returns> RS </returns>
Public Function executereader (connstring, plain text)
Dim objconn, objrs
Set objconn = server. Createobject ("ADODB. Connection ")
Objconn. Open connstring
Set objrs = objconn. Execute (plain text)
Set executereader = objrs
End Function
'// <Summary>
'// Execute recordset
'// </Summary>
'// <Param name = "connstring"> connection character </param>
'// <Param name = "plain text"> SQL command </param>
'// <Returns> RS </returns>
Public Function recordset (connstring, plain text)
Dim objconn, objrs
Set objconn = server. Createobject ("ADODB. Connection ")
Objconn. Open connstring
Set objrs = server. Createobject ("ADODB. recordset ")
Objrs. open plain text, objconn, 1, 3
Set recordset = objrs
End Function
Private sub class_initialize ()
Conn_string = "provider = Microsoft. Jet. oledb.4.0; Data Source =" & server. mappath ("DB. mdb ")
End sub
End Class
%>
Ajax. js
CopyCode The Code is as follows: var http_request = false;
Function makerequest (OBJ, URL ){
Http_request = false;
If (window. XMLHttpRequest) {// Mozilla, Safari ,...
Http_request = new XMLHttpRequest ();
If (http_request.overridemimetype ){
Http_request.overridemimetype ('text/xml ');
}
} Else if (window. activexobject) {// IE
Try {
Http_request = new activexobject ("msxml2.xmlhttp ");
} Catch (e ){
Try {
Http_request = new activexobject ("Microsoft. XMLHTTP ");
} Catch (e ){}
}
}
If (! Http_request ){
Alert ('Giving up cannot create an XMLHTTP instance ');
Return false;
}
Http_request.onreadystatechange = function ()
{
If (http_request.readystate = 4 ){
If (http_request.status = 200 ){
Updateobj (OBJ, http_request.responsetext );
}
Else
{
Updateobj (OBJ ,"");
}
}
}
Http_request.open ('get', URL, true );
Http_request.send (null );
}
Function updateobj (OBJ, data ){
OBJ. innerhtml = data;
}
Function $ (URL ){
VaR OBJ = Document. getelementbyid ("content ");
OBJ. style. Display = 'block ';
Document. getelementbyid ("Container"). style. Margin = "10px auto 0px ";
OBJ. innerhtml = "loading... ";
Makerequest (OBJ, URL );
}
HTML call method: copy Code the code is as follows: News Products case contact blog