3, the construction article publish part
The article publishing module has only two pages, one is the submit.asp used to provide the input form, and the other is the subresult.asp for processing form input. The front page is very simple, basically is an HTML form, there is nothing to talk about, the following look at the contents of the subresult.asp:
html>
head>
title> published an article on/title>
"Meta http-equiv=" Content-type "content=" text/html; charset=gb2312 ">
/head>
Body bgcolor= "#FFFFFF"
%
Author=request ("author")
Password=request ("password")
Topicid=request ("TopicID")
Boardid=request ("Boardid")
Content=request ("content")
Title=request ("title")
Note: This section takes out the table submitted in submit.asp but the contents are placed in the corresponding variable.
html>
head>
title> published an article on/title>
"Meta http-equiv=" Content-type "content=" text/html; charset=gb2312 ">
/head>
Body bgcolor= "#FFFFFF"
%
Author=request ("author")
Password=request ("password")
Topicid=request ("TopicID")
Boardid=request ("Boardid")
Content=request ("content")
Title=request ("title")
(1) query whether the author already exists
Cmd.commandtext = "SELECT * from author table where id= '" & Author & "'"
Set rs = cmd. Execute ()
(2) Check permissions
Cmd.commandtext = "SELECT * from author table where id= '" & Author & "'"
Set rs = cmd. Execute ()
Note: This section is for the author's permission to check, for the account does not exist or password error to make the appropriate error handling. Here you can see the usage of Response.End, which is used to end the current ASP script. Combined with an If statement, you can handle the expected errors in the program. In a good Web application, error handling is essential.
(3) Change the single quotation mark in the data to two single quotes and enclose the single quotation mark before and after
Function sqlstr (data)
Sqlstr = "'" & Replace (data, "'", "" ") &" "
End Function
' Write to the database
sql = "Insert into content table (Kanban ID, subject ID, author ID, title, content) Values ("
sql = SQL & Sqlstr (topicid) & ","
sql = SQL & Sqlstr (boardid) & ","
sql = SQL & Sqlstr (author) & ","
sql = SQL & Sqlstr (title) & ","
sql = SQL & SQLSTR (content) & ")"
Conn. Execute SQL
%>
The h2> article has been sent to the database, and when the
board is reviewed you can see
/body>
/html>
Here, the article has been saved in the database. However, it can not be immediately displayed, but also need to be approved by the moderator to do. Next, take a look at the content of the Management section of the Forum.