infoupdate.asp

fger th t ytwety w4t qrt 43 q34rt5 q34t3q4t

<!-- #include file="config.inc" -->
<%
  dim userid
  '将单引号改为双引号
   function sqlstr(data)
     sqlstr="'" & Replace(data,"'","''") & "'"
   end function
  '连接数据库
   set conn=server.createobject("adodb.connection")
   conn.open connstring
   set objusersrs=server.createobject("adodb.recordset")
   userid=session("loginuser")
  '接受新资料
   name=trim(request.form("name"))
   address=trim(request.form("address"))
   idnumber=trim(request.form("idnumber"))
   age=trim(request.form("age"))
   zipcode=trim(request.form("zipcode"))
   phone=trim(request.form("phone"))
   email=trim(request.form("email"))
  '防止用户直接进入该页面
   if name="" then
     response.write "非法操作！"
     response.end
   end if
  ssql="select * from users"
  objusersrs.open ssql,conn,1,3
  '构造更新资料的SQL语句
   ssql="update users set name=" & sqlstr(name) & ",address=" & sqlstr(address)
   ssql=ssql & ",idnumber=" & sqlstr(idnumber) & ",age=" & sqlstr(age)
   ssql=ssql & ",zipcode=" & sqlstr(zipcode) & ",phone=" & sqlstr(phone)
   ssql=ssql & ",email=" & sqlstr(email) 
   ssql=ssql & " where userid=" & sqlstr(userid)
  '因为要涉及到数据库的更新操作，因此需要对数据库的操作锁定
   application.lock
   conn.execute(ssql)
   application.unlock
  '打印出资料
   response.write "<p>"
   response.write "<font color=red size=2>您的资料被修改成：</font><br><hr color=#999933 size=1><br>"
   response.write "姓  名：" & name & "<br>"
   response.write "身份证：" & idnumber & "<br>"
   response.write "年  龄: " & age & "<br>"
   response.write "地  址: " & address & "<br>"
   response.write "邮  编：" & zipcode & "<br>"
   response.write "电  话: " & phone & "<br>"
   response.write "E-Mail: " & email & "<br>"
   response.write "<br><font size=4 color=red>资料被成功导入数据库，请<a href=temp.htm>继续购物</a></font>"
%>