ASP simple Ajax Message Board (three-layer mode)

I haven't written ASP for a long time. I think it's a little difficult to write a message board this time. I 've been writing it for a whole day, haha.
There is only one message, and nothing else is written. It adopts a three-tier structure (I don't know if it is not counted, so I was confused about the three-tier concept)

This is a demonstration of the message board www.zj55.com. If you discover any vulnerability, please let me know here. Never let me know. Thank you first.

index. ASP
<% @ codePage = 65001%>
<%
Option explicit
%>
<% response. charset = "UTF-8" %>
<% session. codePage = 65001%>





<%
dim mybll
dim mylist
set mybll = new bll_guest
select case request ("tcmd ")
case "save"
mybll. insert ()
case "Del"
mybll. delete ()
end select
mylist = mybll. findbypage ()
%>

customer message

<% = mylist %>

Bll_guest.asp
<%
'// <Summary>
'// Summary.
'// </Summary>
Class bll_guest

Private mycom, mymod, mydal

Private Li, UL

Private del

'Get Information
Public sub getguest ()

Mydal. getguest (ID)

End sub

'Add information
Public sub insert ()

Mymod. content = request ("content ")
Mymod. Re = request ("re ")
Mymod. addtime = now ()
Mymod. IP = request. servervariables ("http_x_forwarded_for ")
If Len (mymod. IP) <= 0 then mymod. IP = request. servervariables ("remote_addr ")

Call mydal. insert (mymod)

End sub

'Update Information
Public sub Update ()

Call mydal. Update (mymod)

End sub

'Delete Information
Public sub Delete ()

Mydal. Delete (Request ("ID "))

End sub

'Query Information
Public Function findbypage ()

Dim pagesize, currentpage, wherevalue, ordervalue, recordcount
Dim objrs
Dim tmp1, tmp2, tmp3, parms, I
Dim tcmd
Tcmd = request ("tcmd ")
Pagesize = "8"
Currentpage = request ("pageno ")
If Len (currentpage) <= 0 then
Currentpage = 1
End if
Wherevalue = ""
Ordervalue = "ID"
Set objrs = mydal. findbypage (pagesize, CurrentPage-1, wherevalue, ordervalue)
I = 1
Recordcount = mydal. Count (wherevalue)
Do while not objrs. EOF
If tcmd = "Del" then
Del = "<a href = ""? Tcmd = del & id = "& objrs (" ID ") &" "> Delete </a>"
Else
Del = ""
End if
Parms = array (I, objrs ("content"), objrs ("ip"), objrs ("addtime"), del)
Tmp1 = tmp1 & mycom. Format (Li, parms)
Objrs. movenext
I = I + 1
Loop
Tmp3 = mycom. Page (pagesize, currentpage, recordcount, "guest/index. asp? Tcmd = List ")
Parms = array (tmp1, tmp3)
Tmp2 = tmp2 & mycom. Format (UL, parms)

Findbypage = tmp2

End Function

Private sub class_initialize ()

Li = "<li> <span >{0} </span> <span >{1} </span> <br/> <span> author: {2} </span> <span >{3} </span> <span >{4} </span> </LI> "& vbcrlf
Ul = "<ul> {0} <li> {1} </LI> </ul>"
Del = ""

Set mycom = new common
Set mymod = new mod_guest
Set mydal = new dal_guest

End sub

Private sub class_terminate ()

Set mycom = nothing
Set mymod = nothing
Set mydal = nothing

End sub

End Class
%>

Dal_guest.asp
<%
'// <Summary>
'// Summary.
'// </Summary>
Class dal_guest

Private SQL _01
Private SQL _02
Private SQL _03
Private SQL _04
Private SQL _05
Private SQL _06
Private SQL _07

Private mycom, myacc, mymod

'// <Summary>
'// Obtain information
'// </Summary>
'// <Param name = "ID"> determine a field </param>
'// <Returns> information body </returns>
Public Function getguest (ID)

Dim parms, SQL, objrs
Parms = array (ID)
SQL = mycom. Format (SQL _01, parms)
Set objrs = myacc. executereader (myacc. conn_string, SQL)
If not objrs. EOF then
Call mymod. setvar (objrs ("ID"), objrs ("content"), objrs ("re"), objrs ("addtime"), objrs ("ip "))
Set getguest = mymod
Else
Getguest = NULL
End if

End Function

'// <Summary>
'// Insert information
'// </Summary>
'// <Param name = ""> information body </param>
Public sub insert (vmod)

Dim parms, SQL
Parms = array (vmod. Content, vmod. Re, vmod. addtime, vmod. IP)
SQL = mycom. Format (SQL _02, parms)
Call myacc. executereader (myacc. conn_string, SQL)

End sub

'// <Summary>
'// Update information
'// </Summary>
'// <Param name = ""> information body </param>
Public sub Update (vmod)

Dim parms, SQL
Parms = array (vmod. ID, vmod. Content, vmod. Re, vmod. addtime, vmod. IP)
SQL = mycom. Format (SQL _03, parms)
Call myacc. executereader (myacc. conn_string, SQL)

End sub

'// <Summary>
'// Delete information
'// </Summary>
'// <Param name = ""> information body </param>
Public sub Delete (ID)

Dim parms, SQL
Parms = array (ID)
SQL = mycom. Format (SQL _04, parms)
Call myacc. executenonquery (myacc. conn_string, SQL)

End sub

'// <Summary>
'// Statistics
'// </Summary>
'// <Param name = ""> information body </param>
Public Function count (wherevalue)

Dim parms, SQL, objrs
Parms = array (wherevalue)
SQL = mycom. Format (SQL _07, parms)
Set objrs = myacc. recordset (myacc. conn_string, SQL)
Count = objrs. recordcount

End Function

'// <Summary>
'// List all information based on conditions (with pagination)
'// </Summary>
'// <Param name = "pagesize"> Number of records per page </param>
'// <Param name = "currentpage"> page number </param>
'// <Param name = "wherevalue"> value </param>
'// <Param name = "ordervalue"> sort </param>
'// <Returns> Returns objrs </returns>
Public Function findbypage (pagesize, currentpage, wherevalue, ordervalue)

Dim parms, SQL, objrs
Dim S1
If currentpage = "0" then
S1 = pagesize & "|" + ordervalue & "|" & wherevalue
Parms = Split (S1, "| ")
SQL = mycom. Format (SQL _05, parms)
Else
S1 = pagesize & "|" & ordervalue & "|" + wherevalue & "|" & currentpage * pagesize
Parms = Split (S1, "| ")
SQL = mycom. Format (SQL _06, parms)
End if

Set objrs = myacc. executereader (myacc. conn_string, SQL)
Set findbypage = objrs

End Function

Private sub class_initialize ()

SQL _01 = "select * from [Guest] Where id = {0 }"
SQL _02 = "insert into [Guest] ([content], [re], [addtime], [IP]) values ('{0}', '{1 }', '{2}', '{3 }')"
SQL _03 = "Update [Guest] Set [content] = '{1}', [re] = '{2}', [addtime] = '{3 }', [IP] = '{4}' Where id = {0 }"
SQL _04 = "delete from [Guest] Where ID in ({0 })"
SQL _05 = "select top {0} * from [Guest] Where content like '% {2} %' order by {1} DESC, Id DESC"
SQL _06 = "select top {0} * from [Guest] Where content like '% {2} %' and id not in (select top {3} ID from [Guest] Where content like '% {2} %' order by {1} DESC, id DESC) order by {1} DESC, Id DESC"
SQL _07 = "select * from [Guest] Where content like '% {0} % '"

Set mycom = new common
Set myacc = new acchelper
Set mymod = new mod_guest

End sub

Private sub class_terminate ()

Set mycom = nothing
Set myacc = nothing
Set mymod = nothing

End sub

End Class
%>

Mod_guest.asp
<%
'// <Summary>
'// Summary.
'// </Summary>
Class mod_guest

Public ID
Public content
Public re
Public addtime
Public IP

Public sub setvar (VID, vcontent, VRE, vaddtime, VIP)
Id = vid
Content = vcontent
Re = vcontent
Addtime = vaddtime
IP = VIP
End sub

End Class
%>

Common. asp
<%
'// <Summary>
'// Summary
'// </Summary>
Class common

'// <Summary>
'// Obtain information
'// </Summary>
'// <Param name = "ID"> required content </param>
'// <Param name = "ID"> replace keyword </param>
'// <Returns> formatted content </returns>
Public Function Format (STR, arr)

Dim R, I
R = Str
For I = 0 to ubound (ARR)
R = Replace (R, "{" & I & "}", arr (I ))
Next
Format = r

End Function

Public Function page (pagesize, currentpage, recordcount, pageurl)

const c_recordcount = "Total {0} | "
const c_firstpage1 = " homepage "
const c_firstpage2 =" Homepage "
const c_prevpage1 =" previous page "
const c_prevpage2 =" Previous Page "
const c_nextpage1 =" next page "
const c_nextpage2 =" next page "
const c_lastpage1 =" last page "
const c_lastpage2 =" last page "
const c_currentpage =" Page times: {0} /{1} page"
const c_pagesize = " {0} Article/page "
const c_gotopage =" Jump:

Dim pagecount, pages
Dim lrecordcount, lfirstpage, lprevpage, lnextpage, llastpage, lcurrentpage, lpagesize, lgotopage
Dim P, parms

If recordcount mod pagesize <> 0 then
Pages = 1
Else
Pages = 0
End if
Pagecount = CINT (recordcount/pagesize + pages)

Parms = array (recordcount)
Lrecordcount = format (c_recordcount, parms)

If CINT (currentpage)> 1 then
Parms = array (pageurl, 1)
Lfirstpage = format (c_firstpage1, parms)
Parms = array (pageurl, CINT (currentpage)-1)
Lprevpage = format (c_prevpage1, parms)
Else
Lfirstpage = c_firstpage2
Lprevpage = c_prevpage2
End if

If CINT (currentpage) <pagecount then
Parms = array (pageurl, CINT (currentpage) + 1)
Lnextpage = format (c_nextpage1, parms)
Parms = array (pageurl, CINT (currentpage) + 1)
Llastpage = format (c_lastpage1, parms)
Else
Lnextpage = c_nextpage2
Llastpage = c_lastpage2
End if

Parms = array (currentpage, pagecount)
Lcurrentpage = format (c_currentpage, parms)
Parms = array (pagesize)
Lpagesize = format (c_pagesize, parms)
Parms = array (pageurl, currentpage)
Lgotopage = format (c_gotopage, parms)

P = lrecordcount & lfirstpage & lprevpage & lnextpage & llastpage & lcurrentpage & lpagesize & lgotopage
Page = P

End Function

End Class
%>

Acchelper. asp
<%
'// <Summary>
'// Acchelper's summary.
'// </Summary>
Class acchelper

Public conn_string

'// <Summary>
'// Execute executenonquery
'// </Summary>
'// <Param name = "connstring"> connection character </param>
'// <Param name = "plain text"> SQL command </param>
Public Function executenonquery (connstring, plain text)

Dim objconn
Set objconn = server. Createobject ("ADODB. Connection ")
Objconn. Open connstring
Objconn. Execute (plain text)

End Function

'// <Summary>
'// Execute executereader
'// </Summary>
'// <Param name = "connstring"> connection character </param>
'// <Param name = "plain text"> SQL command </param>
'// <Returns> RS </returns>
Public Function executereader (connstring, plain text)

Dim objconn, objrs
Set objconn = server. Createobject ("ADODB. Connection ")
Objconn. Open connstring
Set objrs = objconn. Execute (plain text)
Set executereader = objrs

End Function

'// <Summary>
'// Execute recordset
'// </Summary>
'// <Param name = "connstring"> connection character </param>
'// <Param name = "plain text"> SQL command </param>
'// <Returns> RS </returns>
Public Function recordset (connstring, plain text)

Dim objconn, objrs
Set objconn = server. Createobject ("ADODB. Connection ")
Objconn. Open connstring
Set objrs = server. Createobject ("ADODB. recordset ")
Objrs. open plain text, objconn, 1, 3
Set recordset = objrs

End Function

Private sub class_initialize ()
Conn_string = "provider = Microsoft. Jet. oledb.4.0; Data Source =" & server. mappath ("DB. mdb ")
End sub

End Class
%>
Ajax. js

CopyCode The Code is as follows: var http_request = false;

Function makerequest (OBJ, URL ){

Http_request = false;

If (window. XMLHttpRequest) {// Mozilla, Safari ,...
Http_request = new XMLHttpRequest ();
If (http_request.overridemimetype ){
Http_request.overridemimetype ('text/xml ');
}
} Else if (window. activexobject) {// IE
Try {
Http_request = new activexobject ("msxml2.xmlhttp ");
} Catch (e ){
Try {
Http_request = new activexobject ("Microsoft. XMLHTTP ");
} Catch (e ){}
}
}

If (! Http_request ){
Alert ('Giving up cannot create an XMLHTTP instance ');
Return false;
}

Http_request.onreadystatechange = function ()
{
If (http_request.readystate = 4 ){
If (http_request.status = 200 ){
Updateobj (OBJ, http_request.responsetext );
}
Else
{
Updateobj (OBJ ,"");
}
}
}
Http_request.open ('get', URL, true );
Http_request.send (null );
}

Function updateobj (OBJ, data ){
OBJ. innerhtml = data;
}
Function $ (URL ){
VaR OBJ = Document. getelementbyid ("content ");
OBJ. style. Display = 'block ';
Document. getelementbyid ("Container"). style. Margin = "10px auto 0px ";
OBJ. innerhtml = "loading... ";
Makerequest (OBJ, URL );
}

HTML call method: copy Code the code is as follows: News Products case contact blog