Author: Liu Wei URL http://www.ceocio.net E-Mail: support@ceocio.net Keywords: ASP web site development time: 2002.8.6 Note: Due to the limited and hasty drafting of the level, fallible, welcome Letter to correct. Using ASP Development Web Site (Preface) General Large Website has become more and less use of ASP to architecture, but on small and medium-sized business sites, ASP still occupies a larger marketplace. ASP is favored by small and medium-sized site administrators with simple, develop cycle, and easy maintenance. However, as far as I know, use ASP to integrate Update Maintenance Site is only commonly used in those real business sites or more mature technology sites, more websites only have some independent columns in using the ASP program. This is the characteristic that the site management is too dispersed, such as: Enter a different account congratulation per entered a column management. Not only is a waste of administrators, but also more seriously of the level of maintenance of the website. The ASP program we use in those single-columns we have learned from the source code from the Internet, which makes your website security will also be threatened, because the source code provided online is open, each can To study this code, of course, you also know that the security of ASP is originally a long-term concern by users, while the source code opened is more dangerous. Of course, I don't agree that everyone uses the online source code. I just hope that you can pay attention to this problem. Don't completely believe in bouting, or to modify it, the patch is still going to patch (of course, never let You will modify the copyright information of the people). In summary, I think all people who have a certain understanding of the ASP can develop a set of whole station systems themselves and make integrated. The purpose of this topic is to guide everyone how to build a complete web dynamic site. In order to make the readers at all levels, it is necessary to talk about these words: If you are an initiator, what should you master? The necessary VBScript and JavaScript. As the main ASP program written language from Visual Basic, people who have learned VB can be mastered very quickly. JavaScript does not have to say, embedding inside the web, and the client uses ordinary scripting languages. You'd better have a certain HTML language knowledge, or you will feel very annoyed. SQL statement foundation is also the foundation! You don't have to master all the initials, you can basically. Prerequisites: We will write a set of web dynamic sites with the most basic statements and functions. As long as you carefully look at this topic, you can basically master the idea of developing the web whole station and have been able to give practical applications. Of course, with the deepening of learning, you can add more features or improve program algorithms.
(1) Analysis of the website: Many people have ignored this, they think that developing Web site programs do not need software engineering ideas, in fact, will eventually lead to disorderly, such as: some people think of developing I don't want to write the code directly, I think about what I want to write until they finished writing, and I find that I still need to write, and then return to the plus code. In this case, the program is extremely easy to go wrong. So when you start, it is recommended that you like software engineering, develop demand analysis of Web site development, which should include basic requirements for the development web system, such as function, performance, user group, basic data flow and processing flow, security and Confidential requirements. WEB systems goals, conditions, assumptions, restrictions, etc. In detail, in our site, it is a technical site, which should include news systems, article systems, download systems, etc., then which functions need to have what we want to analyze. Below we will analyze the functions to be implemented from an example: News: A news system is the most important point to communicate news to users in real time, then what functions should I have? Published, click, inserted into the picture, and some comments to the author's authors. Of course, the release time is a very easy implementation. Inserting images can be solved using HTML feature, UBB conversion table, or upload images, these methods are no longer elaborated, you can refer to the relevant information. In fact, regardless of the system, when you have analyzed the needs at the beginning, it will definitely be easily and efficient than what you think. If you are convenient, use a computer or paper to record the development needs of the web system, and you can also perform a reference during the development process. One topic here has to be mentioned is about user verification. Generally, we use the user's verification of session and cookies, session variables, and cookies are the same type. If a user sets the browser to be incompatible with any cookies, then the user cannot use this session variable and cookies. In general, I personally recommend the session for the operation of the website administrator, because our theme is to develop a web whole station, then administrators must jump in multiple management pages, which is very convenient here. If you verify the user, you can use the cookies, such as the user can set the forced browser to store the cookie on the computer, just need to use the response.cookies, which can be easily done, and one thing is because the sessionID information is Very easy to lose, for a long-time cluster for users, you must create a user ID by storing a dedicated cookie in the user's web browser and saving the cookie information to the database. The above section we talked about the prior demand analysis of the development of the Web's whole station, and I personally think is a very important step in the website engineering.
(2) The organization and management site structure is often developed when there is a certain size site, making the site have a better directory structure is a worthless issue. The procedure for commercial applications often requires the ability to run scripts and components within the transaction. The transaction is the server-side operation, simply that even if the operation contains many steps, for example, the order, view orders, print orders, etc., can only return the operation overall, is successful or fail. Users can create an ASP script running inside the transaction. If any of the people's division fail, the entire transaction is terminated. Here we must explain in detail is not the application of the transactional script in the whole station, but to let you be unable to be in many files in the development. I organize a reasonable file name. For example: We name the management page to admin.asp, and the page for each column can be used to add a line after admin, and then the name of this column, such as the news management page admin_news.asp, download the management page admin_download. ASP is placed on files. I am just explaining me in me, I believe that you can have your own opinion. Place all administrative operations pages in the same directory, which is more convenient to manage and allocate permissions. Each column user page can be placed in a directory convenient to manage. The database can be placed under the unified directory. How to reduce the number of files. You don't have to create a number of pages for each addition, delete, modify, or other operations, you can use the parameters to reduce the page, make a bit, in the management page admin_news.asp, when admin_news.asp? Action = addNew Add actions, execute the delete operation when admin_news.asp? Action = DEL, this will greatly enhance your site integration level. Code that can be reused. Many code is reused, such as UBB conversion tables, etc., you can put them separately in a directory.
(3) Development of the background management I don't know if the developers are like me, first develop the background after development. Or you are mixed together. However, I think the background is more appropriate. As us, we have to analyze the system first. What functions must be implemented in your heart. This will do half a job in this way, and there will be many unnecessary errors. Background management does not have the following functions: 1) User Verification 2) Add Website Data 3) Modify Website Data 4) Delete Website Data 5) Site System Settings 6) Site Access Statistics 7) Collect User Information ... How to agree It is a problem we have to solve together. For example, users verify that we can achieve this: <% ... username = replace (Trim ("" ""), "'", "") Password = Replace "'", "") SET RS = Server.createObject ("AdoDb.Recordset") SQL = "Select * from admin where password ='" & password "'and username ='" & username "ropen sql, conn 1, 1 if not (rs.bof and ly) Then if password = rs ("password") THEN SESSION ("UserName") Session ("flag") = rs ("Flag ") ELSE END IF ELSE END IF ...%> UserName and Password are values passed from the user form input, you must pay attention to the value stored in the database with the Replace processing. Because we know that username = 'username' is constant, you must enter the 'to enter. By verifying a session variable, it can be easily managed in each management page. To verify the user, you can write: <% if session ("admin") = "" Ten Response.write "no access" else ... End IF%> Someone will write this verification on the data processing page This is very dangerous, and the user can submit data through this defect. Let's talk about how to collect user information, this seems to not involve too many technologies, can usually do this, such as your site's feature is software download, you can let users fill in the user information table before downloading, this Methods have been used in foreign websites. It is rare in China. My website has this feature, which makes me relaxously know that users from the United States and New Zealand. This problem is often encountered when making background management development, and distributes different permissions for different administrators. Talking only to the West Road Site System. When verifying the user above, we also write FLAG to the session variable, we can judge the user level through Flag, of course, the premise is that you have allocated different values for Flag.
