Question 9: Is it necessary for me to use "Option Explicit" in every ASP file?
Answer: In practical applications, the concept of VBscript variables has been blurred, allowing variables to be used directly instead of using Dim to declare variables, but this is not a good habit and can easily cause program errors, because a variable may be defined repeatedly. We can use the Option Explicit statement in the program, so when using a variable, we must first declare it. If an undeclared variable is used, the program will make an error during runtime.
Practice has proved that using "Option Explicit" in ASP files can minimize the chance of program errors and greatly improve overall performance.
Question 10: What are the security measures when running ASP files?
Answer: ASP provides a good code protection mechanism, and all ASP code is executed on the server side and only returns the result of the client code execution. However, it is still not ruled out that malicious people deliberately destroy the web server, so you should pay more attention to security issues when writing ASP files.
Although in ASP is introduced with inc as the extension, it is still recommended to use ASP as the extension to introduce files. When these codes run on a Web Server with poor security mechanism, you can browse the contents of the imported file by simply entering the address bar (inc is the extension). This is because on Web Server, if a dynamic connection library that resolves a certain type (such as inc) is not defined, the file is displayed in source code.
In addition, do not place the database file inside the website structure, so that when a malicious person obtains the database path, he can easily obtain the database and then change the database content arbitrarily. A better approach is to create a data source name DSN (Date Source Name) for the database, which stores information about connecting to the specified data provider in the DSN, including: "the physical location of the database, the type of driver used to access the database, and any other parameters required for the driver to access the database". This DSN can be accessed directly during database access.
Question 11: What issues should be considered when evaluating a Web database management system?
Answer: When evaluating a Web database management system, three issues must be considered: multi-user problem; the established Web database should be relational; and the security of the database.
Question 12: What is ADO and how does it operate on the database?
Answer: The full name of ADO is ActiveX Data Object (ActiveX Data Object), which is an optimized set of dedicated objects to access the database. It provides ASP with a complete site database solution. It acts on the server side and provides homepage content containing database information. By executing SQL commands, users can enter, update and delete information about the site database in the browser screen.
ADO mainly includes three objects: Connection, Recordset and Command. Their main functions are as follows:
·Connection object: Responsible for opening or connecting to database files;
· Recordset object: accesses the content of the database;
Command object: Issuing action query instructions to the database and executing stored procedures for SQL Server.
Question 13: What is the difference between using Recordset objects and Command objects to access databases?
Answer: The Recordset object will require the database to transmit all data. When the amount of data is large, it will cause network blockage and excessive load on the database server, so the overall execution efficiency will be reduced.