一、IIS配置
1、 启动internet 信息服务(IIS)管理
2、在打开的IIS界面中打开“Internet 信息服务”,再打开“本地计算机”,再打开“网站”。选择“默认网站”的属性
2、 在弹出的“默认网站”的属性面板中选择“主目录”。并设置“本地路径”为网站的文件夹,和将下面的副选框全部打钩。
3、 选择“文档”选项卡,查看启动默认内容文档中是否index.asp如果没有就添加一个
4、 点击“确定“到退出软件。
二、动态网站的配置
1、在本地计算机上的盘符创建一个管理网站的文件夹,并命名。(如:D:/123)
2、打开Adobe Dreamweaver CS3,并在“菜单栏”中选择站点菜单下的“新建站点菜单”。
3、在弹出“定义网站”的“编辑文件”对话框中输入网站的名称,下一步。
4、在“定义网站”的“编辑文件,第2部分”中设置如图,下一步。
5、在“定义网站”的“编辑文件,第3部分”中,选择“在本地进行编辑,然后上传到远程服测试务器”和配置网站的本地地址。à下一步。
6、 配置本地测试。à
选择“本地/网络”
选择网站的本地路径
下一步。
7、下面出现的每一项都以默认,下一步到对话框结束为止
数据库连接
<%
Set conn = Server.CreateObject("ADODB.Connection")
connstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("/database/mydate.mdb")
conn.open connstr
If Err Then
err.Clear
Set conn = Nothing
Response.Write "数据库连接出错,请检查连接字串。"
Response.End
End If '定义新闻阅读界面的读取
%>
记录集(“排序”)
<%
set rs=server.createobject("adodb.recordset")
sql="select * from [session] order by id DESC"
rs.open sql,conn,1,1
%>
记录集(“筛选”)
<%
set rs=server.createobject("adodb.recordset")
sql="select * from recruitment where id=” &request.querystring("id")
rs.open sql,conn,1,1
%>
<%
set rs=server.createobject("adodb.recordset")
sql="select * from [sector_news] where audit='审核通过' and class='" & request("class") & "'"
rs.open sql,conn,1,1
%>
记录集(“审核”)
<%
set rs=server.createobject("adodb.recordset")
sql="select * from recruitment where audit='审核通过' order by id DESC"
rs.open sql,conn,1,1
%>
数据显示
<%=rs(“title”)%>
重复区域
<% for i=1 to 8 %>
内容。。。。。。。。。。。。。。。。。。。。。。。。。
<%
rs.movenext
if rs.eof then '判断数据是否结束
exit for '退出FOR
end if '结束判断
next '下一个
%>
数据连接
<a href="<%=rs(“url”)%>" title="<%=rs("professionaltitle")%>" target="_blank">
<%=rs("professionaltitle")%></a>
或
<a href="123.asp" title="<%=rs("professionaltitle")%>" target="_blank">
<%=rs("professionaltitle")%></a>
数据图片及连接
<a href="123.asp" title="<%=rs("professionaltitle")%>" target="_blank">
<img name="<%=rs("imgname")%>" src="<%=rs("img")%>" width="" height="" alt="<%=rs("title")%>" /></a>
数据传递
123.asp?id=<%=rs(“id”)%>
数据添加
<%
action=trim(request("action"))
if action="add" then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from [graduate]",conn,1,3
rs.addnew
rs("title")=request.Form("title")
rs("cont")=request.Form("cont")
rs("time")=request.Form("title")
rs.update
response.Write"<script>alert('信息添加成功');location.href='graduate_add.asp'</script>"
response.end
end if
%>
数据修改
<%
title=trim(request("title"))
title=request.Form("title")
cont=request.Form("cont")
time1=request.Form("time1")
publisher=request.Form("publisher")
set rs=server.CreateObject("adodb.recordset")
sql="Select * from news where id"
rs.open sql,conn,1,3
rs("title")=title
rs("cont")=cont
rs("publisher")=publisher
rs("time1")=time1
rs.update
conn.close
set conn=nothing
response.Write"<script language='javascript'>alert('信息修改成功!');</script>"
response.Write"<script language='javascript'>parent.window.history.go(-1);location='main.asp'</script>"
%>
数据的删除
<%
set rs=server.createobject("adodb.recordset")
exec="delete * from guide where id="&request.querystring("id")
rs.open exec,conn,3,2
Response.Write "<script language='javascript'>alert('删除成功!');</script>"
Response.Write "<script language='javascript'>parent.window.history.go(-1);location='main.asp'</script>"
%>
插入页
<!--#include file="conn.asp" -->
弹出提示框
<%Response.Write "<script language='javascript'>alert('删除成功!');</script>"%>
按钮点击事件或连接点击事件
<a href="1.asp" onClick="return confirm('您确定进行删除操作吗?')">删除</a>
登陆检测
<%
dim name,pwd
name=trim(request("name"))
pwd=trim(request("pwd"))
if name=”” or ped=”” then
response.Write "<script>alert('账户密码不能为空!');location='manage/main.asp'</script>"
set rs=server.createobject("adodb.recordset")
sql="select * from admin where name='"&name&"'"
rs.open sql,conn,1,1
if not rs.eof then
if pwd=rs("pwd") then
session("mm_username")=""
session("mm_username")=rs("name")
session("qx")=rs("qx")
response.Write "<script>alert('登陆成功');location='manage/main.asp'</script>"
else
Response.Write "<script language='javascript'>window.confirm('帐号和密码不正确,请返回重填!');</script>"
Response.Write "<script language='javascript'>parent.window.history.go(-1);location='login.asp'</script>"
end if
else
Response.Write "<script language='javascript'>window.confirm('用户名不正确,请返回重填!');location='index.asp'</script>"
Response.Write "<script language='javascript'>parent.window.history.go(-1);</script>"
end if
end if
%>
注销用户
<%
Session("mm_username")=""
Response.Cookies("mm_username")=""
response.write"<script>alert('成功退出系统!');location='index.asp'</script>"
%>
检查表单及用户是否被注册
<%
if trim(request("action"))="add" then
if request.form("cn_name1")=Empty or request.Form("pwd")=Empty or request.Form("pwd2")=Empty or request.Form("class")=Empty then
response.Write("<script language=javascript>" & chr(13) & "alert('错误:请将信息输入完整!带*项必须填写!');" & "javascript:history.go(-1)" & "</script>")
elseif request.form("pwd") <> request.form("pwd2") then
response.write("<script language='javascript'> alert('错误:密码与确认密码不符!'); javascript:history.go(-1) </script>")
elseif len(request.form("cn_name1"))>16 then
response.write("<script language='javascript'> alert('错误:用户名长度超过16个字符,10个汉字'); javascript:history.go(-1) </script>")
elseif len(request.form("cn_name1"))<4 then
response.write("<script language='javascript'> alert('错误:用户名长度少于4个字符,2个汉字'); javascript:history.go(-1) </script>")
elseif len(request.form("class"))<2 then
response.write("<script language='javascript'> alert('错误:班级名称少于4个字符!'); javascript:history.go(-1) </script>")
elseif len(request.form("pwd"))>20 or len(request.form("pwd"))<6 then
response.write("<script language='javascript'> alert('错误:你输入的密码长度不符合!'); javascript:history.go(-1) </script>")
else
strsql = "select name from student where name ='"&request.form("cn_name1") &"'"
set rs = conn.Execute (strsql)
if not ( rs.Bof or rs.Eof ) then
response.write "<script language='javascript'> alert('错误:你选择的用户名 " & (request.form("cn_name1")) & " 已被其它用户使用,请选择其它用户名!'); javascript:history.go(-1) </script>"
%>
登陆表单检查
<%
dim name,pwd
name=trim(request("name"))
pwd=trim(request("pwd"))
set rs=server.createobject("adodb.recordset")
sql="select * from admin where name='"&name&"'"
rs.open sql,conn,1,1
if not rs.eof then
if pwd=rs("pwd") then
session("mm_username")=""
session("mm_username")=rs("name")
response.Write "<script>alert('登陆成功');location='manage/main.asp'</script>"
else
Response.Write "<script language='javascript'>window.confirm('帐号和密码不正确,请返回重填!');</script>"
Response.Write "<script language='javascript'>parent.window.history.go(-1);location='login.asp'</script>"
end if
else
Response.Write "<script language='javascript'>window.confirm('用户名不正确,请返回重填!');location='login.asp'</script>"
Response.Write "<script language='javascript'>parent.window.history.go(-1);</script>"
end if
%>
用户追踪
<%=session("mm_username")%>
用户修改密码
<%
Set conn = Server.CreateObject("ADODB.Connection")
connstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & Server.MapPath("/data/#-!jsj.cc")
conn.open connstr
If Err Then
err.Clear
Set conn = Nothing
Response.Write "数据库连接出错,请检查连接字串。"
Response.End
End If '定义新闻阅读界面的读取
%>
<%
set rs=server.createobject("adodb.recordset")
sql="select * from [news] order by id DESC"
rs.open sql,conn,1,1
%>
<%
set rs=server.createobject("adodb.recordset")
sql="select * from [graduate] where id="&request.querystring("id")
rs.open sql,conn,1,1
%>
<%
action=trim(request("action"))
if action="add" then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from [graduate]",conn,1,3
rs.addnew
rs("title")=request.Form("title")
rs("cont")=request.Form("cont")
rs("time")=request.Form("title")
rs.update
response.Write"<script>alert('信息添加成功');location.href='graduate_add.asp'</script>"
response.end
end if
%>
<!--#include file="conn.asp"-->
<%
if session("mm_username")="" Then
Response.Write "<script language='javascript'>window.confirm('登陆超时!');</script>"
Response.Write "<script language='javascript'>parent.window.history.go(-1);location='login.asp'</script>"
end if
%>
<%
set rs=server.createobject("adodb.recordset")
sql="select * from [graduate] where id="&request.querystring("id")
rs.open sql,conn,1,3
rs("g_name")=request.Form("g_name")
rs("g_class")=request.Form("g_class")
rs("g_photo")=request.Form("g_photo")
rs("g_income")=request.Form("g_income")
rs("g_unit")=request.Form("g_unit")
rs("g_resume")=request.Form("content1")
rs("time")=request.Form("time")
rs("witer")=request.Form("witer")
rs.update
response.Write"<script>alert('数据修改成功');location.href='graduate_list.asp'</script>"
response.end
%>
<%set rs=server.CreateObject("adodb.recordset")
sql="select * from [student_admin] order by id DESC"
rs.open sql,conn,1,3
%>
<%
rs.pagesize=15'这个是显示最新的8条记录,可以按自己需要改
curpage=Request.QueryString("curpage")'记录页码数
if curpage="" then curpage=1'如果为空就让它为1,不可能要它0页嘛
if rs.bof and rs.eof then'判断数据库有没有记录,没有就下面
response.Write("")
else
rs.AbsolutePage=curpage '记录当前页码
for i= 1 to rs.pagesize'循环,从1到当前页码
if rs.eof then'如果到最后一条记录,退出循环
exit for
end if
%>
<tr>
<td width="14" height="25"><img src="images/ico_d.GIF" width="14" height="7" /></td>
<td><a href="student_admin_xx.asp?id=<%=rs("id")%>" title="<%=rs("title")%>"> <%=rs("title")%> [<%=rs("time")%>] </a> </td>
</tr>
<%
rs.movenext
if rs.eof then
exit for
end if
next
%>
<div align="center" class="STYLE4" style="height:35px; padding-top:10px"> 共有<%=rs.pagecount%>页
当前第<%=curpage%>页
<%if curpage=1 then%>
首页
<%else%>
<a href="?curpage=1" class="a2">首页</a>
<%end if%>
<%if curpage<>1 then%>
<a href="?curpage=<%=curpage-1%>" class="a2">上一页</a>
<%end if%>
<%if rs.pagecount>=curpage+1 then%>
<a href="?curpage=<%=curpage+1%>" class="a2">下一页</a>
<%end if%>
<%if rs.pagecount<curpage+1 then%>
尾页
<%else%>
<a href="?curpage=<%=rs.pagecount%>" class="a2">尾页</a>
<%end if%>
</div>
<%
set rs=server.createobject("adodb.recordset")
sql="select * from [img] order by id DESC"
rs.open sql,conn,1,3
%>
<%
rs.pagesize=10
pagecount=rs.pagecount
page=int(request("page"))
if page<=0 then page=1
if request("page")="" then page=1
rs.absolutepage=page
for i=1 to rs.pagesize
if rs.eof or rs.bof then
response.Write ""
exit for
end if
%>
内容。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。。
<%rs.movenext
next %>
当前第<%=page%>页,共<%=rs.pagecount%>页,共<%=rs.recordcount%>条记录 <%for i=1 to pagecount%><a href="?page=<%=i%>&class=<%=request("class")%>">[<%=i%>页]</a><%next%>
ASP实现“上一个”和“下一个”
简单介绍方法:
数据表articles中有id(文章ID)、title(文章标题)、content(文章内容)、addtime(文章发布时间)等其它各相关字段。
<!--数据库连接文件-->
<!--#include file="conn.asp"-->
<%
`定义一个nextrs函数来找出下一篇的ID
function nextrs
nextrsd=server.CreateObject("adodb.recordset")
sql="select top 1 * from articles where id>"&a1&" order by id"
set nextrsd=conn.execute(sql)
if nextrsd.eof then
response.Write "下一篇:这是本分类下的最后一篇文章"
else
a2=nextrsd("id")
response.Write "下一篇:<a href='article.asp?id="&a2&"'>"&nextrsd("title")&"</a>"
end if
end function
`定义一个backrs函数来找出上一篇的ID
function backrs
backrsd=server.CreateObject("adodb.recordset")
sql="select top 1 * from articles where id<"&a1&" order by id desc"
set backrsd=conn.execute(sql)
if backrsd.eof then
response.Write "上一篇:这是本分类下的第一篇文章"
else
a0=backrsd("id")
response.Write "上一篇:<a href='article.asp?id="&a0&"'>"&backrsd("title")&"</a>"
end if
end function
`取得传递过来的文章ID
ID=request("id")
sql="select * from articles where id="&id
set rs=conn.execute(sql)
a1=rs("id")
%>
<!--显示文章内容..............................-->
<!--调用前面定义的显示上一篇文章的函数--><% backrs %><br>
<!--调用前面定义的显示下一篇文章的函数--><% nextrs %>
<!--程序结束-->
===================================================================
防SQL注入
<%
Dim Fy_Post,Fy_Get,Fy_cook,Fy_In,Fy_Inf,Fy_Xh,Fy_db,Fy_dbstr,aa
On Error Resume Next
Fy_In = "'|exec|insert|select|delete|update|count|chr|truncate|char|declare|--|script|*|char|set|(|)"
aa=" " '------------------------------------------如入侵记录保存文件
Fy_Inf = split(Fy_In,"|")
'1--------POST部份------------------
If Request.Form<>"" Then
For Each Fy_Post In Request.Form
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Form(Fy_Post)),Fy_Inf(Fy_Xh))<>0 Then
flyaway1=""&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'post'+"&Fy_post&"+"&replace(Request.Form(Fy_post),"'","*")&""
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway1
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'2--------GET部份-------------------
If Request.QueryString<>"" Then
For Each Fy_Get In Request.QueryString
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.QueryString(Fy_Get)),Fy_Inf(Fy_Xh))<>0 Then
flyaway2=""&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'get'+"&Fy_get&"+"&replace(Request.QueryString(Fy_get),"'","*")&""
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway2
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'3--------cookies部份-------------------
If Request.Cookies<>"" Then
For Each Fy_cook In Request.Cookies
For Fy_Xh=0 To Ubound(Fy_Inf)
If Instr(LCase(Request.Cookies(Fy_cook)),Fy_Inf(Fy_Xh))<>0 Then
flyaway3=""&Request.ServerVariables("REMOTE_ADDR")&","&Request.ServerVariables("URL")&"+'cook'+"&Fy_cook&"+"&replace(Request.Cookies(Fy_cook),"'","*")&""
set fs=server.CreateObject("Scripting.FileSystemObject")
set file=fs.OpenTextFile(server.MapPath(aa),8,True)
file.writeline flyaway3
file.close
set file=nothing
set fs=nothing
call aaa()
End If
Next
Next
End If
'在conn.asp插入
squery=lcase(Request.ServerVariables("QUERY_STRING"))
sURL=lcase(Request.ServerVariables("HTTP_HOST"))
SQL_injdata =":|;|>|<|--|sp_|xp_|\|dir|cmd|^|(|)|+|$|'|copy|format|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|truncate|char|declare"
SQL_inj = split(SQL_Injdata,"|")
For SQL_Data=0 To Ubound(SQL_inj)
if instr(squery&sURL,Sql_Inj(Sql_DATA))>0 Then
Response.Write "请不要注入系统"
Response.end
end if
next
%>