|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有帐号?立即注册
x
ASP是依赖组件的,能访问数据库的组件好多就有好多种,再有就是你微软的工具可是什么都要收钱的啊!历程WritingaStoredProcedurePartII
ByNathanPond
--------------------------------------------------------------------------------
Thisarticleisacontinuationofmypreviousarticle,WritingaStoredProcedure
Letmestartoutbyfirstcorrecting(orratherupdating)somethingIsaidinmyfirstarticle.IsaidtherethatIwasntawareofawaytoupdateastoredprocedurewithoutdeletingitandrecreatingit.WellnowIam.:-)ThereisanALTERcomandyoucanuse,likethis:
ALTERPROCEDUREsp_myStoredProcedure
AS
......
Go
Thiswilloverwritethestoredprocedurethatwastherewiththenewsetofcommands,butwillkeeppermissions,soitisbetterthandroppingandrecreatingtheprocedure.ManythankstoPedroVera-Perezfore-mailingmewiththisinfo.
AspromisedIamgoingtodiveintomoredetailaboutstoredprocedures.LetmestartoutbyansweringacommonquestionIreceivedviae-mail.Manypeoplewroteaskingifitwaspossible,andifsohowtodoit,tousestoredproceduresdotomorethanselectstatements.Absolutely!!!Anythingthatyoucanaccomplishinasqlstatementcanbeaccomplishedinastoredprocedure,simplybecauseastoredprocedurecanexecutesqlstatements.LetslookatasimpleINSERTexample.
CREATEPROCEDUREsp_myInsert
@FirstNamevarchar(20),
@LastNamevarchar(30)
As
INSERTINTONames(FirstName,LastName)
values(@FirstName,@LastName)
Go
Now,callthisprocedurewiththeparametersanditwillinsertanewrowintotheNamestablewiththeFirstNameandLastNamecolumnsapproiatelyassigned.AndhereisanexampleofhowtocallthisprocedurewithparametersfromanASPpage:
<%
dimdataConn,sSql
dimFirstName,LastName
FirstName="Nathan"
LastName="Pond"
setdataConn=Server.CreateObject("ADODB.Connection")
dataConn.Open"DSN=webData;uid=user;pwd=password"makeconnection
sSql="sp_myInsert"&FirstName&","&LastName&""
dataConn.Execute(sSql)executesqlcall
%>
Remeber,youcanusestoredproceduresforanything,includingUPDATEandDELETEcalls.Justembedasqlstatementintotheprocedure.Noticethattheaboveproceduredoesntreturnanything,soyoudontneedtosetarecordset.ThesamewillbetrueforUPDATEandDELETEcalls.TheonlystatementthatreturnsarecordsetistheSELECTstatement.
Now,justbecausearecordsetisntreturned,itdoesntmeanthattherewontbeareturnvalue.Storedprocedureshavetheabilitytoreturnsinglevalues,notjustrecordsets.Letmeshowyouapracticalexampleofthis.Supposeyouhavealoginonyoursite,theuserentersausernameandpassword,andyouneedtolooktheseupinthedatabase,iftheymatch,thenyouallowtheusertologon,otherwiseyouredirectthemtoanincorrectlogonpage.Withoutastoredproceduresyouwoulddosomethinglikethis:
<%
dimdataConn,sSql,rs
setdataConn=Server.CreateObject("ADODB.Connection")
dataConn.Open"DSN=webData;uid=user;pwd=password"makeconnection
sSql="Select*FromUser_TableWhereUserName="&_
Request.Form("UserName")&"AndPassword="&_
Request.Form("Password")&""
Setrs=dataConn.Execute(sSql)executesqlcall
Ifrs.EOFThen
Redirectuser,incorrectlogin
Response.Redirect"Incorrect.htm"
EndIf
processlogoncode
.............
%>
Nowletslookathowwewouldaccomplishthissametaskusingastoredprocedure.Firstletswritetheprocedure.
CREATEPROCEDUREsp_IsValidLogon
@UserNamevarchar(16),
@Passwordvarchar(16)
As
ifexists(Select*FromUser_Table
WhereUserName=@UserName
And
Password=@Password)
return(1)
else
</p>缺点:安全性不是太差了,还行,只要你充分利用系统自带的工具;唯一缺点就是执行效率慢,如何进行网站优化以后,效果会比较好。 |
|