<%
class quickdb
private conn, connstr
private sqldatabasename, sqlpassword, sqlusername, sqllocalname, sqlnowstring
public rs
private sub class_initialize()
sqldatabasename = "db"
sqlusername = "sa"
sqlpassword = "123456"
sqllocalname = "a01"
sqlnowstring = "getdate()"
opendb
end sub
private sub opendb()
on error resume next
connstr = "provider = sqloledb; user id = " & sqlusername & "; password = " & replace(sqlpassword, chr(0), "") & ";initial catalog = " & sqldatabasename & "; data source = " & sqllocalname & ";"
set conn = createobject("adodb.connection")
conn.open connstr
if err then
err.clear
set conn = nothing
on error goto 0
err.raise 1, "myclass", "資料庫連線出錯,請檢查連線字串。"
end if
set rs = server.createobject("adodb.recordset")
end sub
public sub setrs(strsql,cursorandlocktype) '執行乙個查詢 返回紀錄集
dim c,l
if cursorandlocktype="" then
cursorandlocktype=13
end if
if cursorandlocktype<9 then
cursorandlocktype=13
end if
c=left(cursorandlocktype,1)
l=right(cursorandlocktype,1)
rs.open strsql, conn, c,l
end sub
public sub execute(sql,outrs)
if instr(ucase(sql),ucase("select"))>0 then
set outrs = conn.execute(sql)
else
call conn.execute(sql)
outrs=1
end if
end sub
public sub selectdb(table, where,outrs)
dim sqlstr
sqlstr = "select * from " & table & " where " & where
call execute(sqlstr,outrs)
end sub
public function delete(table, where)
dim flag, sqlstr,nulltmp
flag = false
on error resume next
sqlstr = "delete from " & table & " where " & where
execute sqlstr,nulltmp
if err.number = 0 then
flag = true
end if
delete = flag
end function
public function insert(table, myfields, values)
dim sql,nulltmp
insert = false
sql = "insert into table1(fields) values (values)"
sql = replace(sql, "table1", table)
sql = replace(sql, "fields", myfields)
sql = replace(sql, "values", values)
on error resume next
execute sql,nulltmp
if err.number = 0 then
insert = true
end if
on error goto 0
end function
public function update(table,field,value,where)
update=false
dim sqlstr
if sqlinject(table) or sqlinject(field) then'因為value和where中可能包含',不對他們進行安全校驗
response.write "引數中含有不安全因素,程式被終止"
exit function
end if
sqlstr="update [table] set [field]=value where where1"
sqlstr=replace(sqlstr,"table",table)
sqlstr=replace(sqlstr,"field",field)
sqlstr=replace(sqlstr,"value",value)
sqlstr=replace(sqlstr,"where1",where)
on error resume next
dim qdb,tmprs
set qdb=new quickdb
call qdb.execute(sqlstr,tmprs)
if err.number=0 then
if tmprs=1 then
update=true
end if
end if
set qdb=nothing
on error goto 0
end function
function sqlinject(byval sqlstr) 'false 安全 true不安全
sqlinject = true
dim tmpstr, arrstr, originallen
tmpstr = "'',',or,not,and,--, ,chr,asc"
originallen = len(sqlstr)
arrstr = split(tmpstr, ",")
tmpstr = ucase(tmpstr)
for i = 0 to ubound(arrstr)
sqlstr = replace(sqlstr, ucase(arrstr(i)), "")
next
if len(sqlstr) = originallen then
sqlinject = false
end if
end function
private sub class_terminate()
if isobject(conn) then
if conn.state <> 0 then
conn.close
set conn = nothing
end if
end if
if isobject(rs) then
if rs.state <> 0 then
rs.close
set rs = nothing
end if
end if
end sub
end class
%>
asp資料庫操作類
class quickdb private conn,connstr private sqldatabasename,sqlpassword,sqlusername,sqllocalname,sqlnowstring public rs private sub class initialize sq...
C SQL資料庫操作通用類
c sql資料庫操作通用類 using system using system.configuration using system.data using system.data.sqlclient using system.collections namespace framework.datab...
C 通用資料庫操作類
使用ado.net的方式運算元據庫時,對於經常需要操作不同資料庫的同學,需要對不同的資料庫翻來覆去地寫操作類。對ado.net,運算元據庫需要有幾個核心的東西 以mysql為例 負責mysql的連線,在操作mysql前,需要先獲得連線。負責具體命令的類,具體需要執行的sql的語句需要放到它的comm...