菜鸟提问:数据库写入出问题!!conn.execute(SQL)出问题
请大家帮忙看一下:
<%'连数据库
dim conn
dim connstr
dim db
dim rescount
db="../query/ckdb.mdb" '数据库文件的位置
Set conn = Server.CreateObject("ADODB.Connection")
'connstr="driver={Microsoft Access Driver (*.mdb)};dbq=" & Server.MapPath(db)
connstr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=" & server.MapPath(db)&";Persist Security Info=False"
if err then
err.clear
else
conn.open connstr
if err then
err.clear
end if
end if
Set rs = Server.CreateObject("ADODB.Recordset")
%>
<%
dim sql
dim name,sex,add,qq,email,links,title,con,showip,ip
'将数据中的单引号改成两个单引号,并且在前后加单引号
Function SqlStr(data)
SqlStr = "'" & Replace(data,"'","''") & "'"
End Function
name=request.form("name")
if name="" then
Response.Redirect "error.asp?errmsg=敢问阁下尊姓大名?"
' response.end
end if
name=sqlstr(name)
sex=request.form("sex")
if sex=1 then
sex="男"
elseif sex=2 then
sex="女"
else sex="不详"
end if
sex=sqlstr(sex)
add=request.form("address")
if add="" then add="天堂"
add=sqlstr(add)
qq=request.form("qq")
If qq <> "" Then
If Len(qq) < 5 or Len(qq) > 10 Then
Response.Redirect "error.asp?errmsg=QQ信息输入有误,长度不符,请返回重新输入。"
' Response.End
End IF
For I = 1 To Len(qq)
temp = Mid(qq,I,1)
If Asc(temp) < 33 Or Asc(temp) > 57 Then
Response.Redirect "error.asp?errmsg=QQ信息输入有误,含非法字符,请返回重新输入。"
' Response.End
End If
Next
else qq = "真是的,连QQ号没有"
end if
qq=sqlstr(qq)
email=request.form("email")
If email = "" Then
email = "null"
else
'检查是否包含@
If inStr(1,email,"@",0)=0 Then
Response.Redirect "error.asp?errmsg=email地址中没有@,请重新输入。"
' Response.End
End If
'¼ì²éºó׺ÊÇ·ñ´æÔÚ"."
atposition = InStr(1,email,"@")
If atposition = 1 or Instr(atposition,email,".") = 0 Then
Response.Redirect "error.asp?errmsg=email地址输入有误,请重试……"
' Response.End
End If
end if
email=sqlstr(email)
links=request.form("link")
if links="" then
links="/"
else
if inStr(1,links,".",0)=0 Then
Response.Redirect "error.asp?errmsg=网址输入有误!"
' response.end
end if
end if
links=sqlstr(links)
title=request.form("title")
if title="" then title="无题"
title=sqlstr(title)
con=request.form("content")
if con="" then
Response.Redirect "error.asp?errmsg=请无论如何留了话再走:-)"
' response.end
end if
con=sqlstr(con)
con= Replace(con,chr(13),"<BR>")
IP = Request.ServerVariables("REMOTE_ADDR")
IP = SqlStr(IP)
If Request.Form("IP") = "0" Then
showIP = SqlStr("0.0.0.0")
Else
showIP = IP
End If
sql="insert into users(name,address,qq,email,link,title,content,submittime,sex,showip,ip) values("
sql=sql & name & "," & add & "," & qq & "," & email & "," & links & "," & title & "," & con & ",'" & now() & "'," & sex & "," & showip & "," & ip & ")"
' response.write sql
set res=conn.execute(sql) '老提示这句出问题
conn.close
Set conn=Nothing
Response.Redirect "index.asp"
%>