page.asp

网上购物系统 asp+sql server 2005

<!--#include file="include/dbopenbd.asp" -->
<%
'获取上页传递的信息，aspsql对信息进行安全处理，防止用sql注入法控制数据库
id=aspsql(request("id"))
If not isNumeric(id) then
response.redirect "main.asp"
response.end
end if

title="title"&cstr(id)
body="body"&cstr(id)
Set rsp = conn.Execute("select * from s_page where status='1' and id="&id)
title=rsp("txttitle") 
url=rsp("txturl")
body=rsp("txtbody")
set rsp=nothing
if url<>"" then response.redirect url
%>
<html><head>
<title><%=title%>-<%=sitename%>-<%=siteurl%></title>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<meta name="description" content="<%=sitedescription%>">
<meta name="keywords" content="<%=sitekeywords%>">
<link rel="stylesheet" href="include/css.css" type="text/css">
</head>

<center>
<!--#include file="a_top.asp"-->

<table width="760" border=0 cellspacing=0 cellpadding=0 align=center bgcolor="#FFFFFF"  class="grayline">  
<tr><td bgcolor="FFFBF7" align=center valign=top width=185> 

<!--#include file="a_login.asp" -->

<!--#include file="a_tree.asp" -->

</td>
<td bgcolor="#CCCCCC" width="1"></td>
<td width=569 height=155 align=center valign=top>

<table width="100%" border="0" align="center" cellpadding=2 cellspacing=2 bgcolor="#FFFFFF">
<tr><td height=8></td></tr>
<tr><td>目前位置：<a href=main.asp>首页</a> >  <%=title%></td></tr>
<tr><td width="572" align="center" height="1" background="images/small/bgline.gif"></td></tr>
</TABLE>

<table width="95%" align=center border="0" align="center" cellpadding=2 cellspacing=2 bgcolor="#FFFFFF" style="word-break:break-all">
<tr><td><%=body%></td></tr>
</TABLE>

</td></tr></table>
  <!--#include file="a_bottom.asp"-->
</body></center>

</html>
<%
conn.close
set conn=nothing
%>