region.asp
来自「江西旅行网整站源码下载 希望对大家有用 经过测试 安全可用」· ASP 代码 · 共 67 行
ASP
67 行
<!--#include file="../Conn.asp"-->
<%
Dim Province
Province = ReplaceBadChar(Trim(Request("Province")))
If Province <> "" Then
Call getCity(Province)
Else
Call getProvince
End If
Function getProvince()
Dim strTemp,strSql,rs
strSql = "Select Province From PE_Province Order By ProvinceID"
Call OpenConn
Set rs = server.CreateObject("Adodb.recordset")
rs.Open strSql, Conn, 1, 1
Do While Not rs.EOF
strTemp = strTemp & rs("Province") & ","
rs.MoveNext
Loop
rs.Close
Set rs = Nothing
Call CloseConn
Response.Write escape(strTemp)
End Function
Function getCity(ByVal Province)
Dim strTemp,strSql,rs
strSql = "Select DISTINCT City From PE_City Where Province='" & Province & "'"
Call OpenConn
Set rs = server.CreateObject("Adodb.recordset")
rs.Open strSql, Conn, 1, 1
Do While Not rs.EOF
strTemp = strTemp & rs("City") & ","
rs.MoveNext
Loop
rs.Close
Set rs = Nothing
Call CloseConn
Response.Write escape(strTemp)
End Function
'**************************************************
'函数名:ReplaceBadChar
'作 用:过滤非法的SQL字符
'参 数:strChar-----要过滤的字符
'返回值:过滤后的字符
'**************************************************
Public Function ReplaceBadChar(strChar)
If strChar = "" Or IsNull(strChar) Then
ReplaceBadChar = ""
Exit Function
End If
Dim strBadChar, arrBadChar, tempChar, i
strBadChar = "+,',--,%,^,&,?,(,),<,>,[,],{,},/,\,;,:," & Chr(34) & "," & Chr(0) & ""
arrBadChar = Split(strBadChar, ",")
tempChar = strChar
For i = 0 To UBound(arrBadChar)
tempChar = Replace(tempChar, arrBadChar(i), "")
Next
tempChar = Replace(tempChar, "@@", "@")
ReplaceBadChar = tempChar
End Function
%>
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?