<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%response.Charset="utf-8"%>
<%response.codepage=65001%>
<%
'==================数据库路,变量名多处使用,请不要改动
Dim DatabasePath,DatabasePathBak,Database9yc1
Database9yc1=""
DatabasePath=""&Database9yc1&"../System#Data/Myrequest.mdb"
'==================数据库连接
Dim Conn,ConnStr
'On error resume next
Set Conn=Server.CreateObject("Adodb.Connection")
ConnStr="Provider=Microsoft.Jet.OLEDB.4.0;Data Source="&Server.MapPath(DatabasePath)
Conn.open ConnStr
if err then
err.clear
Set Conn = Nothing
Response.Write "数据库连接出错,请检查数据库连接文件中的数据库参数设置。"
Response.End
end if
'过滤SQL非法字符
Function checkStr(Chkstr)
dim Str:Str=Chkstr
if isnull(Str) then
checkStr = ""
exit Function
else
Str=replace(Str,"'","")
Str=replace(Str,";","")
Str=replace(Str,"--","")
checkStr=Str
end if
End Function
if request("act")="send" then
set rs=server.CreateObject("adodb.recordset")
rs.open "select * from kf_require where (id is null)",conn,1,2
rs.addnew
rs("t1")=request.Form("t1")
rs("t2")=request.Form("t2")
rs("t3")=request.Form("t3")
rs("t4")=request.Form("t4")
rs("t5")=request.Form("t5")
rs("t6")=request.Form("t6")
rs("t7")=request.Form("t7")
rs("t8")=request.Form("t8")
rs("t9")=request.Form("t9")
rs("t10")=request.Form("t10")
rs("t11")=request.Form("t11")
rs("t12")=request.Form("t12")
rs("t13")=request.Form("t13")
for i=1 to 15
rs("t"&i)=checkStr(request.Form("t"&i))
next
rs("T16")=now()
rs.update
response.Write("")
rs.close
set rs=nothing
conn.close
set conn=nothing
end if
%>
无标题文档