asp教程 删除数据库教程记录其实在asp中是很非常容易做的事情了只要连接数据库了再利用sql delete函数来删除就ok了下面来看看实例吧
id = saferequest("id")
sql="delete from table where whereid>"&id&""
rsopen sqlconn
responsewrite "<script>alert(删除成功);location;</script>"
set rs=nothing
set conn=nothing
这是过滤非法字符函数
function saferequest(paraname)
dim paravalue
paravalue=request(paraname)
if isnumeric(paravalue) = true then
saferequest=paravalue
exit function
elseif instr(lcase(paravalue)"select ") > or instr(lcase(paravalue)"insert ") > or instr(lcase(paravalue)"delete from") > or instr(lcase(paravalue)"count(") > or instr(lcase(paravalue)"drop table") > or instr(lcase(paravalue)"update ") > or instr(lcase(paravalue)"truncate ") > or instr(lcase(paravalue)"asc(") > or instr(lcase(paravalue)"mid(") > or instr(lcase(paravalue)"char(") > or instr(lcase(paravalue)"xp_cmdshell") > or instr(lcase(paravalue)"exec master") > or instr(lcase(paravalue)"net localgroup administrators") > or instr(lcase(paravalue)" and ") > or instr(lcase(paravalue)"net user") > or instr(lcase(paravalue)" or ") > or instr(lcase(paravalue)"""")> or instr(lcase(paravalue)"")> then
responsewrite "请不要在函数中加入非法字符!"
responseend
else
saferequest=paravalue
end if
end function
