°Ô½ÃÆÇ¿¡ Ç¥½ÃµÇ´Â ½Ã°£À» ¿ÀÀü,¿ÀÈÄ°¡ ¾Æ´ÑAM,PMÀ¸·Î
¹Ù²Ù°í ½ÍÀºµ¥ ..
SQL = "INSERT INTO my (name,email,homepage,title,content,num,"
SQL = SQL & " readnum,writeday,pwd) VALUES "
SQL = SQL & "('" & name & "'"
SQL = SQL & ",'" & email & "'"
SQL = SQL & ",'" & homepage & "'"
SQL = SQL & ",'" & title & "'"
SQL = SQL & ",'" & content & "'"
SQL = SQL & "," & number
SQL = SQL & ", 0 ,'" & now() & "'"
SQL = SQL & ",'" & pwd & "')"
writedayÀÇ ÇÔ¼ö¸¦ now°¡¾Æ´Ñ ´Ù¸¥°ÍÀ¸·Î ¹Ù²Ù¾î¾ßÇÏ´ÂÁö¿ä ¼Ò½º´Â ÀÌ°ÍÀÔ´Ï´Ù.<%
'request°´Ã¼¸¦ ÅëÇØ ³Ñ¾î¿Â °ªµéÀ» º¯¼ö¿¡ ÀúÀåÇÑ´Ù. (ÃßõµÇ´Â ¹æ¹ýÀÌ´Ù)
name = request("name")
email = request("email")
homepage = request("homepage")
title = request("title")
pwd = request("pwd")
content = request("content")
'Äõ¸®¿¡ '°¡ µé¾î°¡¸é ¿¡·¯°¡ ³ª±â¿¡ ±×°ÍÀ» replace ó¸®ÇØÁØ´Ù.
title = replace(title,"'","''")
content = replace(content,"'","''")
content = replace(content,"|","chr(124)_pipe")
'HTML ű×(tag) È¿°ú¸¦ Á¦ÇÑÇÏ°í ½ÍÀ¸½Ã´Ù¸é
'title = replace(title,"&","&")
'title = replace(title,"<","<")
'title = replace(title,">",">")
'content = replace(content,"&","&")
'content = replace(content,"<","<")
'content = replace(content,">",">")
Set db = Server.CreateObject("ADODB.Connection")
db.Open("DSN=sql;UID=sa;PWD=;")
SQL = "Select Max(num) from my"
Set rs = Server.CreateObject("ADODB.Recordset")
rs.Open SQL, db
If IsNULL(rs(0)) Then
number = 1
else
number = rs(0) + 1
End If
SQL = "INSERT INTO my (name,email,homepage,title,content,num,"
SQL = SQL & " readnum,writeday,pwd) VALUES "
SQL = SQL & "('" & name & "'"
SQL = SQL & ",'" & email & "'"
SQL = SQL & ",'" & homepage & "'"
SQL = SQL & ",'" & title & "'"
SQL = SQL & ",'" & content & "'"
SQL = SQL & "," & number
SQL = SQL & ", 0 ,'" & now() & "'"
SQL = SQL & ",'" & pwd & "')"
' Response.Write sql
db.Execute SQL
rs.Close
db.close
Set rs = Nothing
Set db = Nothing
Response.redirect "list.asp"
%>
|
