asp 删除数据库记录的代码

2018-09-06 13:13

阅读:564

  删除单条记录
复制代码 代码如下:
id = saferequest(id)
sql=delete from table1 where whereid>&id&
rs.open sql,conn,1,3
response.write <script>alert(删除成功);location.href=del.asp;</script>
set rs=nothing
set conn=nothing

这是过滤非法字符函数
复制代码 代码如下:
function saferequest(paraname)
dim paravalue
paravalue=request(paraname)
if isnumeric(paravalue) = true then
saferequest=paravalue
exit function
elseif instr(lcase(paravalue),select ) > 0 or instr(lcase(paravalue),insert ) > 0 or instr(lcase(paravalue),delete from) > 0 or instr(lcase(paravalue),count() > 0 or instr(lcase(paravalue),drop table) > 0 or instr(lcase(paravalue),update ) > 0 or instr(lcase(paravalue),truncate ) > 0 or instr(lcase(paravalue),asc() > 0 or instr(lcase(paravalue),mid() > 0 or instr(lcase(paravalue),char() > 0 or instr(lcase(paravalue),xp_cmdshell) > 0 or instr(lcase(paravalue),exec master) > 0 or instr(lcase(paravalue),net localgroup administrators) > 0 or instr(lcase(paravalue), and ) > 0 or instr(lcase(paravalue),net user) > 0 or instr(lcase(paravalue), or ) > 0 or instr(lcase(paravalue),)>0 or instr(lcase(paravalue),)>0 then
response.write 请不要在函数中加入非法字符!
response.end
else
saferequest=paravalue
end if
end function


批量删除方法:
主要是利用for循环来实现。
复制代码 代码如下:
id=request.form(checkbox)
id=Split(id,,)
shu=0
for i=0 to UBound(id)
sql=select * from jiang_fname where id=&id(i)
set rs=conn.execute(sql)
shu=shu+1
next


评论


亲,登录后才可以留言!