There are two ways to insert data in the form into the database. 1. Use the advantages of the SQL statement directly: fast, no resource shortcomings: can not pass too long field content, the field is more difficult to troubleshoot. Recommended experienced programming priority.
Specific operation: Suppose there is a field in the form: username, password, sex, agn corresponds, in the program has UserName, Password, SEX, AGE has taken the value of the field by request.form or request.QueryString. Database table User has UserName, Password, SEX, AGE field. Other Age is a digital field. The Connection object has been established and the link is opened.
SQL = "INSERT INTO [User] (Username, Password, SEX, AGE) Value ('" & username & ",'" & pass "", '"& sex", "& agne" "conn.execute (SQL)
It is worth noting that if the "'" single quotes are contained in the username, the solution is to process the string function. The usual method is to create a SQLENCode function. Function SQLENCODE (STR) SQLENCODE = "'" & repeate (str, "'", "'') &" '"End Function
The above SQL name can be simplified to sql = "INSERT INTO [User] (" & SQLENCode (Username) & "," & SQLENCode (SEX) & "," & agn & ")" Note When the field name in the previous list and the order of the values behind VALUES should pay attention to the correspondence, if the value is empty, you can not fill it, but indicate the separated "," Omit. The added field is to pay attention to the content before and after the string field. In addition, in the table name USER, the parentheses is because the USER table may be a system table, and the brackets can not conflict with the system. In addition to the table name, it is also a good habit of ensuring compatibility of the code.
2. Using the Recordset object advantage: the code is easy to read, except for disadvantages: consumption system resources recommend novice use
The environment is as follows:
