AASP is an application developed by Microsoft to replace CGI scripting programs. It can interact with databases and other programs. Here, the editor will give him some simple discussions. The following content mainly talks about the essential principles of ASP writing code.
1. Declare VBScript variables
In ASP, vbscript is provided with strong support and can seamlessly integrate vbscript functions and methods, which provides great convenience for extending the existing functions of ASP. Since the concept of variable types has been blurred in ASP, many programmers are accustomed to not declaring vbscript variables during the interaction between ASP and vbscript, which increases the parsing burden of the server and thus affects the server's response request speed.
In view of this, we can force the user to perform variable declarations in vbscript just like we force the user to perform variable declarations in VB. The implementation method is to place <% option explicit%> at the beginning of the ASP program line.
2. Encode the URL address
When we use asp to dynamically generate a URL address with parameters and jump, it is normal to parse in IE, but when browsing NetScrape, there are errors as follows:
HTTP Error 400 400 Bad Request Due to malformed syntax, the request could not be understood by the server. The client should not repeat the request without modifications.
The solution is to use the URLencode method of ASP built-in server object to URL encoding the generated URL parameters. The example is as follows:
<% URL="xur.asp" var1="username=" & server.URLencode("xur") var2="&company=" & server.URLencode("xurstudio") var3="&phone=" & server.URLencode("021-53854336-186") response.redirect URL & "?" & var1 & var2 & var3 %>3. Clear the object
After using the object, first use the Close method to free up the system resources occupied by the object; then set the object value to "nothing" to free up the object's memory. Back then, I crashed my IIS by creating more than 100 recordsets on a page with no clear objects. The following code uses the database content to create a drop-down list. The code example is as follows:
<% myDSN="DSN=xur;uid=xur;pwd=xur" mySQL="select * from authors where AU_ID<100" set conntemp=server.createobject("adodb.connection") conntemp.open myDSN set rstemp=conntemp.execute(mySQL) if rstemp.eof then response.write "Database is empty" response.write mySQL conntemp.close set conntemp=nothing response.end end if %> <%do until rstemp.eof %> <%rstemp.movenext loop rstemp.close set rstemp=nothing conntemp.close set conntemp=nothing %>4. Create SQL query using strings
Using strings to establish queries does not speed up the server's parsing speed. On the contrary, it will also increase the server's parsing time. But it is still recommended to use strings instead of simple query statements to query. The advantage of this is that it can quickly discover the problem of the program, thereby facilitating and efficiently generating the program. Examples are as follows:
<%mySQL= ""select * " mySQL= mySQL & "from publishers" mySQL= mySQL & "where state='NY'" response.write mySQL set rstemp=conntemp.execute(mySQL) rstemp.close set rstemp=nothing %>
5. Use case to select the condition
When making conditional selection, try to use case statements and avoid using if statements. Using case statements can make the program flowable and execute faster than if statements. Examples are as follows:
<%FOR i = 1 TO 1000 n = i Response.Write AddSuffix(n) & "<br>" NEXT %> <% Function AddSuffix(num) numpart = RIGHT(num,1) Select CASE numpart CASE "1" IF InStr(num,"11") THEN num = num & "th" ELSE num = num & "st" END IF CASE "2" IF InStr(num,"12") THEN num = num & "th" ELSE num = num & "nd" END IF CASE "3" IF InStr(num,"13") THEN num = num & "th" ELSE num = num & "rd" END IF CASE "4" num = num & "th" CASE ELSE num = num & "th" END Select AddSuffix = num END FUNCTION %>
6. Use constants defined in adovbs.inc file to open the record set
When opening a record set, you can define the cursor type and lock type that the record set opens.
There are some constants defined in the adovbs.inc file to define these types. The adovbs.inc file is saved in the /inetpub/iissamples/IISamples directory. Below are a few commonly used cursor types and lock types.
Cursor type:
Lock type:
<!--#INCLUDE VIRTUAL="/ADOVBS.INC" --> <% connectme="DSN=xur;uid=xur;pwd=xur" sqltemp="select * from publishers where name='xur'" set rstemp=Server.CreateObject("adodb.Recordset") rstemp.open sqltemp, connectme, adOpenStatic, adLockOptimstic response.write rstemp.recordcount & " records in<br>" & sqltemp rstemp.close set rstemp=nothing %>7. Avoid object definition in the global.asa file
Since the contents in the global.asa file can be referenced by all files in the site, undoubtedly, defining objects in the global.asa file can save a lot of duplication.
For example, in the application_onstart function in global.asa, the following definition is made:
<%SUB application_onstart set application("theCONN")=server.createobject("adodb.connection") END SUB %>;This allows you to make similar references in any code on the site:
<% mySQL="select * from publishers where state='xur' set rstemp=application("theconn").execute(mySQL) %>Similarly, the record set object can be created in the session_onstart function
<%SUB session_onstart set session("rstemp")=server.createobject("adodb.recordset") END SUB %>Then, the following quotes are made in the site:
<% mySQL="select * from publishers where state='xur' set session("rstemp")=conntemp.execute(mySQL) %>However, doing this also has a great negative impact. Since both Application and session variables only release the occupied resources when closing the website, the session parameters will waste a lot of unnecessary memory, and at this time the application variable becomes a bottleneck in server performance.
Solution:
Create an asp page to define objects, and introduce this asp page on the page where these objects need to be called. Assuming that the asp page name of the defined object is defined.asp, the page can be introduced by adding the following statement to the corresponding asp page.
<!--#INCLUDE VIRTUAL="/define.asp" -->
When introducing pages, it is best not to include <%@LANGUAGE="VBSCRIPT"%> statement in the asp file to be introduced. Because in the asp file, there can only be one script parsing language defined by @.
8. Safety protection
Asp provides a good code protection mechanism, and all asp code is executed on the server side and only returns the result of the client code execution. Even so, in the old version of IIS, you can view the source code of asp after the file name::$DATA, which already falls within the scope of Web Server security and is not within the scope of this article. The following are two simple safety precautions.
Although it is recommended to introduce files with inc asp as the extension, it is still recommended to use asp as the extension to introduce files here. When these codes run on a Web Server with poor security mechanism, you can browse the contents of the imported file by simply entering the address bar (inc is the extension). This is because on Web Server, if a dynamic connection library that resolves a certain type (such as inc) is not defined, the file is displayed in source code.
Do not put the database file inside the website structure, so that when a malicious person obtains the database path, he can easily obtain the database and then change the database content arbitrarily. A better approach is to establish a DSN (Date Source Name) for the database, and access the DSN directly when accessing the database.
Through this article, do you have any understanding of ASP encoding? Hope it can help you.