UC知道语法错误 (操作符丢失) 在查询表达式 'id=' 中 /editsave.asp, 第 28 行
来源:百度知道 编辑:UC知道 时间:2024/05/20 08:39:00
<!--#include file="bbsconn.asp"-->
<%
if session("user")="" then
response.redirect "bbslogin.asp"
Response.End
end if
Function GetSafeStr(str)
' Get1SafeStr = Replace(Replace(Replace(Trim(str), "'", ""), Chr(34), ""), ";", "")
GetSafeStr = Replace(Replace(Replace(Replace(Replace(str,"'","‘"),"""","“"),"&",""),"<","<"),">",">")
End Function
id=request("id")
bt=GetSafeStr(Request.Form("bt"))
user=GetSafeStr(Request.Form("user"))
email=GetSafeStr(Request.Form("email"))
tx=GetSafeStr(Request.Form("tx"))
qq=GetSafeStr(Request.Form("qq"))
web=GetSafeStr(Request.Form("web"))
nr=GetSafeS
<%
if session("user")="" then
response.redirect "bbslogin.asp"
Response.End
end if
Function GetSafeStr(str)
' Get1SafeStr = Replace(Replace(Replace(Trim(str), "'", ""), Chr(34), ""), ";", "")
GetSafeStr = Replace(Replace(Replace(Replace(Replace(str,"'","‘"),"""","“"),"&",""),"<","<"),">",">")
End Function
id=request("id")
bt=GetSafeStr(Request.Form("bt"))
user=GetSafeStr(Request.Form("user"))
email=GetSafeStr(Request.Form("email"))
tx=GetSafeStr(Request.Form("tx"))
qq=GetSafeStr(Request.Form("qq"))
web=GetSafeStr(Request.Form("web"))
nr=GetSafeS
看你的程序:
sql="select * from book where id="&id
rs.open sql,conn,1,3 (错误行)
当id值为空的时候(直接输入地址调用,没有通过表单),那么SQL语句如下:
select * from book where id=
这明显是个不合法的SQL语句,你应该在程序里面进行判断,比如:
if id="" then
response.write "调用错误!"
else
'你以前的代码写在这里
end if
应该是没获得id值
在rs.open sql,conn,1,3 上面加上response.write sql ,查看id是否有值传过来。
楼上的方法,在id=request("id")
bt=GetSafeStr(Request.Form("bt"))
这两句之间加上if id="" then
response.write "调用错误!"
else
再在Response.End
%>之间加入end if'查看id值
我的方法.在sql="select * from book where id="&id
rs.open sql,conn,1,3 (错误行)
这两句之间加入 response.write sql
response.end()
只显示select * from book where id 这句吗,这就说明id值的确没有传过来。