You have seen how the backend was created. Now we take you through the ASP scripts that interact with the database. To manage our database connections, we create an ASP file, utility.asp. This asp page is included in all pages that interact with the database. We use the ASP extension instead of INC (the typical include extension) to ensure that this page cannot be easily viewed by the client since it contains the name and password to connect to the database. In a production system, this file should be placed in a non-browsable directory with the appropriate NT security permissions.
Below are the commented functions used that interact with the database.
function GetConnection() ' GetConnection 'Used to obtain a connection to the backend database ' Update the following for your connection const DSN = "membershipdemo" const UID = "webuser" const PASSWORD = "mypassword" Dim p_oConn, sDSN Set p_oConn = server.createObject("ADODB.Connection") sDSN = "DSN=" & DSN & ";uid=" & UID & ";password=" & PASSWORD p_oConn.open sDSN Set GetConnection = p_oConn end function function GetStoredProcedure(oConnection, sName) ' GetStoredProcedure ' A helper function for quickly creating ' a stored procedure object Dim oCmd Set oCmd = Server.createobject("ADODB.Command") Set oCmd.ActiveConnection = oConnection oCmd.CommandText = sName oCmd.CommandType = adCmdStoredProc Set GetStoredProcedure = oCmd end function function GetTable(oConnection, sName) ' GetTable ' A helper function for quickly opening a ' table. Set GetTable = oConnection.Execute(sName) end function
In addition, the utility.asp file contains a few generic functions that help simplify constructing a form. While these functions are very simplistic they help to provide style guidelines. For example, we created the BuildInput() function to make sure that all text input fields have an appropriate size and maximum length specified. Without this function, it becomes very easy to forget this information.
function BuildInput(sType,sName,sValue,iSize,iLength) ' A helper function for building input boxes. select case sType case "text": BuildInput = "<INPUT TYPE=""text"" NAME=""" & sName & """ VALUE=""" & sValue & """ SIZE=""" & iSize & """ MAXLENGTH=""" & iLength & """>" case "password" BuildInput = "<INPUT TYPE=""password"" NAME=""" & sName & """ VALUE=""" & sValue & """ SIZE=""" & iSize & """ MAXLENGTH=""" & iLength & """>" case "submit" BuildInput = "<INPUT TYPE=""submit"" NAME=""" & sName & """ VALUE=""" & sValue & """>" end select end function function EscapeString(str) ' Used to prevent HTML from being entered and ' and to escape any quotation marks. ' Escaping quotes is necessary so when the values can be ' specified in an input field. str = replace(str,"<","<") str = Trim(replace(str,"""",""")) escapeString = str end function function BuildForm(sName,sMethod) ' Returns a simple form tag. Used to ensure tha the appropriate ' submission method is specified BuildForm = "<FORM NAME=""" & sName & """ METHOD=""" & sMethod & """>" end function
This file also includes the constants necessary for interacting with the stored procedures. These constants are a subset of all the constants available for manipulating databases and recordsets. We created our own subset to reduce the overall size of our pages. Rather than list the constants, they are in the download available at the end of the article. In addition, we defined two additional constants that help define the site's name and home page:
const SITENAME = "SiteExperts.com" const HOMEPAGE = "<A HREF=""/default.asp"">Home Page</A>" function OutputHeader() OutputHeader="<H2>" & HOMEPAGE & "</H2>" end function
We included this to demonstrate ways to more generically define your web-site. By defining globally used as constants, you can quickly change aspects of your site. You will see these constants used to generate our page headers and other items.
Finally, as we said earlier, utility.asp is intended to be included in every page that interacts with the database. For example:
<%@ Language=VBScript %> <% option explicit %> <HTML> <HEAD> <!-- #include virtual="/inc/utility.asp" --> </HEAD> <BODY> ... </BODY>
Next we explain how user's can join and log into the community.
Page 1:Adding Site Registration
© 1997-2000 InsideDHTML.com, LLC. All rights reserved.