www.gusucode.com > 因特达Access数据库在线管理系统 > 因特达Access数据库在线管理系统\code\access\fun.asp
<%
Function Add_ziduan(tbName,columnName,typ)'表中添加一列
On Error Resume Next
conn.execute("alter table "&tbName&" add column "&columnName&" "&typ)'添加一列
end function
function check_ziduan(tbName,ziduan)'检查字段是否存在
err.clear'先清空错误,开始测试
on error resume next
dim rs
set rs=server.CreateObject("adodb.recordset")
sql="select "&ziduan&" from "&tbName
rs.open sql,conn,1,1'测试数据库中是否有指定字段
if ERR.Number<>0 then'说明有错,
check_ziduan=false
err.clear
else
check_ziduan=true
end if
rs.close'测试结束
end function
function sql_id(s1) '过滤数值型参数
if s1&""="" then
sql_id=""
exit function
end if
if not isnumeric(s1) then
response.write(s1&"<br>ID只能为正整数!")
response.end
else
if s1<0 or s1>2147483647 then
response.write("数值过大或过小!")
response.end
else
sql_id=s1
end if
end if
end function
function sql_num(s1)' 过滤货币型参数
if not isnumeric(s1) then
sql_num=0
else
sql_num=s1
end if
end function
function sql_str(s1) '过滤字符型参数
if s1&""="" then
sql_str=""
else
sql_str=trim(replace(replace(s1,Chr(34), """),chr(39),"'"))
end if
end function
function sql_kill(s1)' 过滤所有危险字符,适合传回来的列名
If s1&"" = "" then
sql_kill=""
else
s1=replace(s1,">","")
s1=replace(s1,"<","")
s1=replace(s1,"=","")
s1=replace(s1,"(","")
s1=replace(s1,")","")
s1=replace(s1,",","")
s1=replace(s1,";","")
s1=replace(s1,"%","")
s1=replace(s1,"*","")
s1=replace(s1,"+","")
s1=replace(s1,"-","")
s1=replace(s1,chr(9),"")
s1=replace(s1,chr(10),"")
s1=replace(s1,chr(13),"")
s1=replace(s1,chr(32),"")'空格
s1=replace(s1,chr(34),"")
s1=replace(s1,chr(39),"")
sql_kill =s1
end if
end function
%>