高考问答up girls.net:高手看一下这段asp代码,哪里错了呢?
来源:百度文库 编辑:高考问答 时间:2024/04/28 06:20:44
<form name="form1" method="post" action="6.asp">
搜索:<br>
name =
<input type="text" name="name">
and tel=
<input type="text" name="tel">
<br>
<input type="submit" name="Submit" value="提交">
<input type="reset" name="Submit2" value="重置">
</form>
6.asp:
<%
a=request.form("name")
b=request.form("tel")
set conn=server.CreateObject("ADODB.connection")
conn.ConnectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.Mappath("db1.mdb") & ";Persist Security Info=False"
conn.Open
exec="select * from guestbook where name=a and tel=cint(b)"
set rs=server.createobject("adodb.recordset")
rs.open exec,conn,1,1
%>
<html>
<head>
<title>无标题文档</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<%
do while not rs.eof
%><tr>
<td><%=rs("name")%></td>
<td><%=rs("tel")%></td>
<td><%=rs("message")%></td>
<td><%=rs("time")%></td>
</tr>
<%
rs.movenext
loop
%>
</table>
</body>
</html>
搜索:<br>
name =
<input type="text" name="name">
and tel=
<input type="text" name="tel">
<br>
<input type="submit" name="Submit" value="提交">
<input type="reset" name="Submit2" value="重置">
</form>
6.asp:
<%
a=request.form("name")
b=request.form("tel")
set conn=server.CreateObject("ADODB.connection")
conn.ConnectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.Mappath("db1.mdb") & ";Persist Security Info=False"
conn.Open
exec="select * from guestbook where name=a and tel=cint(b)"
set rs=server.createobject("adodb.recordset")
rs.open exec,conn,1,1
%>
<html>
<head>
<title>无标题文档</title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<%
do while not rs.eof
%><tr>
<td><%=rs("name")%></td>
<td><%=rs("tel")%></td>
<td><%=rs("message")%></td>
<td><%=rs("time")%></td>
</tr>
<%
rs.movenext
loop
%>
</table>
</body>
</html>
我给你解释一下,什么叫'"+name+"'
数据库中表里的元素,必须用单引号括起来,打个比方,你的表里有一列名为name,这一列中有一个值为fei009的元素,那么sql语句,就得这么写select * from 表名 where name='fei009'
在下面这句话里
exec="select * from guestbook where name='"+name+"' and tel='"+tel"'"
以下三段
select * from guestbook where name='
' and tel='
'
都是asp的sql语句,必须用双引号括起来也就成了
"select * from guestbook where name='"
"' and tel='"
"'"
name和tel都是变量,它们的值是表单输入的值,在sql语句里必须用加号把sql语句和变量连接起来
那么以上三句连接在一起就是
exec="select * from guestbook where name='"+name+"' and tel='"+tel"'"
如果表单输入的数据是fei009和123456,那么以上这句话的意思,就是在guestbook这张表里查询name=fei009并且tel=123456的数据项
如果不用加号连接,以上这句话将变为,在guestbook这张表里查询name=name并且tel=tel的数据项
a=request.form("name")
b=cint(request.form("tel"))
exec="select * from guestbook where name="&a&" and tel="&b&""