当我加载一个ASP页面时,我收到以下错误,该页面从加载ASP页面时使用的参数调用SQL 2000中的存储过程。
我犯了小学生错误吗?以及如何解决这个问题?
错误
Microsoft VBScript compilation error '800a0408'
Invalid character
/simon/stock_test.asp, line 6
declare @serial varchar(255)
--------^
,页面是stock_test.asp?ID = 980028001365274
<!--#include file="includes/functions_test.asp"-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<%
declare @serial varchar(255)
set @serial = Request.QueryString("ID")
Call OpenDB()
Call OpenRecordSet(stock, "Exec sp_report_simon_test @serial")
%>
<html lang="EN">
<head>
<title>Stock</title>
</head>
<body>
<table id="test">
<tr>
<td><b>Make</b></td>
<td><b>Model</b></td>
<td><b>Serial</b></td>
</tr>
<%DO WHILE NOT stock.EOF%>
<tr>
<td><%=stock.Fields("Make").value %></td>
<td><%=stock.Fields("Model").value %></td>
<td><%=stock.Fields("serial_number").value %></td>
</tr>
<%
stock.MoveNext
LOOP
%>
</table>
<%
Call CloseRecordSet(stock)
Call CloseDB()
%>
</body>
</html>
函数文件
<%
response.Charset="utf-8"
Session.lcid = 2057
Response.Buffer = False
Server.ScriptTimeout=200
Dim dbConn
Function OpenDB()
Set dbConn = Server.CreateObject("ADODB.Connection")
dbConn.Open "Driver={SQL Server}; Server=server_name; Database=db_name; UID=username; PWD=password; Option=4"
End Function
Function CloseDB()
If ucase(TypeName(dbConn)) = "OBJECT" Then
dbConn.Close
Set dbConn = Nothing
End If
End Function
Function OpenRecordSet(RecSet, SqlQuery)
Set RecSet = Server.CreateObject("ADODB.Recordset")
Set RecSet = dbConn.Execute(SqlQuery)
End Function
Function CloseRecordSet(RecSet)
RecSet.Close
Set RecSet = Nothing
End Function
Function ProcessSql(Sql, Page)
Call OpenDB()
dbConn.Execute(Sql)
Call CloseDB()
If Len(Page) > 0 Then
Response.Redirect(Page)
End If
End Function
Function Encode(DirtyText)
Dim CleanText
Cleantext = Server.HtmlEncode(DirtyText)
CleanText = Replace(CleanText, "'", "''")
CleanText = Replace(CleanText, vbCrLf, "<br>")
Encode = CleanText
End Function
Function mySqlDate(rawDate)
Dim dateString
dateString = DatePart("yyyy", cdate(rawDate))
dateString = dateString & "-" & DatePart("m", cdate(rawDate))
dateString = dateString & "-" & DatePart("d", cdate(rawDate))
mySqlDate = dateString
End Function
Function GetMonthName(monthId)
Dim monthNames
monthNames = Array("January", "February", "March", "April", "May", "June", "July", "August", "September", "October", "November", "December")
GetMonthName = monthNames(monthId -1)
End Function
Function CheckQueryString(Qstring, QName, Page)
If Not Len(QString) = 0 AND Len(QString) < 6 AND IsNumeric(QString) Then
QName = QString
Else
Response.redirect(Page)
End If
End Function
%>
答案 0 :(得分:2)
值得称道的是,您尝试使用SQL参数,但它们在ASP中不能以这种方式工作。不言而喻,您不能简单地将SQL放入ASP代码中。
改为使用Command对象。
Dim stock, serialVal
OpenDB()
serialVal = Request.QueryString("serial")
If serialVal = "" Then serialVal = vbNull
With Server.CreateObject("ADODB.Command")
Set .ActiveConnection = dbConn
.CommandText = "sp_report_simon_test"
.CommandType = adCmdStoredProc
.Parameters.Append .CreateParameter("@serial", adVarChar, adParamInput, 30, serialVal)
Set stock = .Execute
End With
文档:
为了能够在VBScript代码中直接使用adCmdStoredProc等常量,必须通过引用ASP页面顶部的类型库使它们可用。
对于Windows 7 / Windows Server 2008及更高版本,请使用版本6.1:
<!--metadata
type="TypeLib"
name="Microsoft ActiveX Data Objects 6.1 Library"
uuid="B691E011-1797-432E-907A-4D8C69339129"
version="6.1"-->
对于早期版本(Windows XP / Windows Server 2003),请使用版本2.8:
<!--metadata
type="TypeLib"
name="Microsoft ActiveX Data Objects 2.8 Library"
uuid="2A75196C-D9EB-4129-B803-931327F72D5C"
version="2.8"-->