carpenterworm 2007-07-18
代码如下:
<%@LANGUAGE="VBSCRIPT" CODEPAGE="936"%> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" c /> <title>Ajax的二级联动by啊峰</title> <script language="javascript" src="js.js"></script> </head> <body> <h2><a href="http://yeahdown.com/">Ajax的二级联动by啊峰</a></h2> <!--#include file="iconn.asp"--> <% Set afeng = Conn.Execute("select bigclassid,bigclassname from bigclass") %> <form id="form1" name="form1" method="post" action=""> <div id="bigclass" style="float:left"> <select name="select" > <option value="0">选择一级分类</option> <%If Not afeng.Eof then Do While Not afeng.Eof bigclassid= afeng("bigclassid") bigclassname = afeng("bigclassname")%> <option value="<%=bigclassid%>"><%=bigclassname%></option> <%afeng.Movenext Loop End If afeng.Close Set afeng = Nothing Conn.Close Set Conn = Nothing%> </select> </div> <div id="subclass" style="float:left"><select name="select2"> <option value="0">选择二级分类</option> </select> </div> </form> </body> </html>
代码如下:
<% Response.Charset="GB2312" '设置字符集 原默认为utf-8 bigclassid=safe(request.QueryString("bigclassid")) '非法字符过滤 If bigclassid<>"" Then Set Re=New RegExp Re.IgnoreCase=true Re.Global=false Re.Pattern = "^[0-9]{1,3}$" If Not Re.Test(bigclassid) Then Response.Write "非法参数" Response.End End If%> <!--#include file="iconn.asp"--> <%On error Resume Next set p = conn.execute("select * from smallclass where bigclassid="&bigclassid&"") If Err Then Err.Clear Response.Write "查询出错" Response.End End If If Not p.Eof Then html = "<select name='smallclassid'>"&vbnewline Do While Not p.Eof html = html&"<option value='"&p("smallclassid")&"'>"&p("smallclassname")&"</option>"&vbnewline p.Movenext Loop html = html&"</select>" Else html = "<select name='smallclassid'><option value='0' selected>暂无小类</option></select>" End If p.Close Set p = Nothing Conn.Close Set Conn = Nothing Response.write html html = "" End If %>
代码如下:
<% Set conn=server.CreateObject("adodb.connection") db = "$#yeahdown.com@$$$@@%%.asp" C & Server.MapPath(db) On Error Resume Next conn.open ConnStr If Err Then Err.Clear Response.Write "<div id=""error"">连接数据库出错</div>" Response.End End If Function safe(Str) If Isnull(Str) Then safe = "" Exit Function End If Str = Replace(Str,Chr(0),"", 1, -1, 1) Str = Replace(Str, """", """, 1, -1, 1) Str = Replace(Str,"<","<", 1, -1, 1) Str = Replace(Str,">",">", 1, -1, 1) Str = Replace(Str, "script", "script", 1, -1, 0) Str = Replace(Str, "SCRIPT", "SCRIPT", 1, -1, 0) Str = Replace(Str, "Script", "Script", 1, -1, 0) Str = Replace(Str, "script", "Script", 1, -1, 1) Str = Replace(Str, "object", "object", 1, -1, 0) Str = Replace(Str, "OBJECT", "OBJECT", 1, -1, 0) Str = Replace(Str, "Object", "Object", 1, -1, 0) Str = Replace(Str, "object", "Object", 1, -1, 1) Str = Replace(Str, "applet", "applet", 1, -1, 0) Str = Replace(Str, "APPLET", "APPLET", 1, -1, 0) Str = Replace(Str, "Applet", "Applet", 1, -1, 0) Str = Replace(Str, "applet", "Applet", 1, -1, 1) Str = Replace(Str, "[", "[") Str = Replace(Str, "]", "]") Str = Replace(Str, """", "", 1, -1, 1) Str = Replace(Str, "=", "=", 1, -1, 1) Str = Replace(Str, "'", "''", 1, -1, 1) Str = Replace(Str, "select", "select", 1, -1, 1) Str = Replace(Str, "execute", "execute", 1, -1, 1) Str = Replace(Str, "exec", "exec", 1, -1, 1) Str = Replace(Str, "join", "join", 1, -1, 1) Str = Replace(Str, "union", "union", 1, -1, 1) Str = Replace(Str, "where", "where", 1, -1, 1) Str = Replace(Str, "insert", "insert", 1, -1, 1) Str = Replace(Str, "delete", "delete", 1, -1, 1) Str = Replace(Str, "update", "update", 1, -1, 1) Str = Replace(Str, "like", "like", 1, -1, 1) Str = Replace(Str, "drop", "drop", 1, -1, 1) Str = Replace(Str, "create", "create", 1, -1, 1) Str = Replace(Str, "rename", "rename", 1, -1, 1) Str = Replace(Str, "count", "count", 1, -1, 1) Str = Replace(Str, "chr", "chr", 1, -1, 1) Str = Replace(Str, "mid", "mid", 1, -1, 1) Str = Replace(Str, "truncate", "truncate", 1, -1, 1) Str = Replace(Str, "nchar", "nchar", 1, -1, 1) Str = Replace(Str, "char", "char", 1, -1, 1) Str = Replace(Str, "alter", "alter", 1, -1, 1) Str = Replace(Str, "cast", "cast", 1, -1, 1) Str = Replace(Str, "exists", "exists", 1, -1, 1) Str = Replace(Str,Chr(13),"<br>", 1, -1, 1) safe = Replace(Str,"'","''", 1, -1, 1) End Function %>
代码如下:
function createxmlhttp() { xmlhttpobj = false; try{//创建对象,一个一个的试,哎,要是能统一标准都好。。 xmlhttpobj = new XMLHttpRequest; }catch(e){ try{ xmlhttpobj=new ActiveXObject("MSXML2.XMLHTTP"); }catch(e2){ try{ xmlhttpobj=new ActiveXObject("Microsoft.XMLHTTP"); }catch(e3){ xmlhttpobj = false; } } } return xmlhttpobj; } function getsubcategory(bigclassid){ if(bigclassid==0){ document.getElementById("subclass").innerHTML="<select name='smallclassid'><option value='0' selected>选择二级分类</option></select>"; return; }; var xmlhttpobj = createxmlhttp(); if(xmlhttpobj){//如果创建对象xmlhttpobj成功 xmlhttpobj.open('get',"getsubcategory.asp?bigclassid="+bigclassid+"&number="+Math.random(),true);//get方法 加个随机数。 xmlhttpobj.send(null); xmlhttpobj.onreadystatechange=function(){//客户端监控函数 if(xmlhttpobj.readystate==4){//服务器处理请求完成 if(xmlhttpobj.status==200){ //alert('ok'); var html = xmlhttpobj.responseText;//获得返回值 document.getElementById("subclass").innerHTML=html; }else{ document.getElementById("subclass").innerHTML="对不起,您请求的页面有问题..."; } }else{ document.getElementById("subclass").innerHTML="加载中,请梢候...";//服务器处理中 } } } }