asp教程 刪除數據庫教程記錄其實在asp中是很非常容易做的事情了只要連接數據庫了再利用sql delete函數來刪除就ok了下面來看看實例吧
id = saferequest("id")
sql="delete from table where whereid>"&id&""
rsopen sqlconn
responsewrite "<script>alert(刪除成功);location;</script>"
set rs=nothing
set conn=nothing
這是過濾非法字符函數
function saferequest(paraname)
dim paravalue
paravalue=request(paraname)
if isnumeric(paravalue) = true then
saferequest=paravalue
exit function
elseif instr(lcase(paravalue)"select ") > or instr(lcase(paravalue)"insert ") > or instr(lcase(paravalue)"delete from") > or instr(lcase(paravalue)"count(") > or instr(lcase(paravalue)"drop table") > or instr(lcase(paravalue)"update ") > or instr(lcase(paravalue)"truncate ") > or instr(lcase(paravalue)"asc(") > or instr(lcase(paravalue)"mid(") > or instr(lcase(paravalue)"char(") > or instr(lcase(paravalue)"xp_cmdshell") > or instr(lcase(paravalue)"exec master") > or instr(lcase(paravalue)"net localgroup administrators") > or instr(lcase(paravalue)" and ") > or instr(lcase(paravalue)"net user") > or instr(lcase(paravalue)" or ") > or instr(lcase(paravalue)"""")> or instr(lcase(paravalue)"")> then
responsewrite "請不要在函數中加入非法字符!"
responseend
else
saferequest=paravalue
end if
end function
From:http://tw.wingwit.com/Article/program/net/201311/14340.html
