当前位置:编程学习 > asp >>
答案:Writing a Stored Procedure Part II
By Nathan Pond
--------------------------------------------------------------------------------
This article is a continuation of my previous article, Writing a Stored Procedure
Let me start out by first correcting (or rather updating) something I said in my first article. I said there that I wasn't aware of a way to update a stored procedure without deleting it and recreating it. Well now I am. :-) There is an ALTER comand you can use, like this:
ALTER PROCEDURE sp_myStoredProcedure
AS
......
Go
This will overwrite the stored procedure that was there with the new set of commands, but will keep permissions, so it is better than dropping and recreating the procedure. Many thanks to Pedro Vera-Perez for e-mailing me with this info.
As promised I am going to dive into more detail about stored procedures. Let me start out by answering a common question I received via e-mail. Many people wrote asking if it was possible, and if so how to do it, to use stored procedures do to more than select statements. Absolutely!!! Anything that you can accomplish in a sql statement can be accomplished in a stored procedure, simply because a stored procedure can execute sql statements. Let's look at a simple INSERT example.
CREATE PROCEDURE sp_myInsert
@FirstName varchar(20),
@LastName varchar(30)
As
INSERT INTO Names(FirstName, LastName)
values(@FirstName, @LastName)
Go
Now, call this procedure with the parameters and it will insert a new row into the Names table with the FirstName and LastName columns approiately assigned. And here is an example of how to call this procedure with parameters from an ASP page:
<%
dim dataConn, sSql
dim FirstName, LastName
FirstName = "Nathan"
LastName = "Pond"
set dataConn = Server.CreateObject("ADODB.Connection")
dataConn.Open "DSN=webData;uid=user;pwd=password" 'make connection
sSql = "sp_myInsert '" & FirstName & "', '" & LastName & "'"
dataConn.Execute(sSql) 'execute sql call
%>
Remeber, you can use stored procedures for anything, including UPDATE and DELETE calls. Just embed a sql statement into the procedure. Notice that the above procedure doesn't return anything, so you don't need to set a recordset. The same will be true for UPDATE and DELETE calls. The only statement that returns a recordset is the SELECT statement.
Now, just because a recordset isn't returned, it doesn't mean that there won't be a return value. Stored procedures have the ability to return single values, not just recordsets. Let me show you a practical example of this. Suppose you have a login on your site, the user enters a username and password, and you need to look these up in the database, if they match, then you allow the user to logon, otherwise you redirect them to an incorrect logon page. Without a stored procedures you would do something like this:
<%
dim dataConn, sSql, rs
set dataConn = Server.CreateObject("ADODB.Connection")
dataConn.Open "DSN=webData;uid=user;pwd=password" 'make connection
sSql = "Select * From User_Table Where UserName = '" & _
Request.Form("UserName") & "' And Password = '" & _
Request.Form("Password") & "'"
Set rs = dataConn.Execute(sSql) 'execute sql call
If rs.EOF Then
'Redirect user, incorrect login
Response.Redirect "Incorrect.htm"
End If
'process logon code
.............
%>
Now let's look at how we would accomplish this same task using a stored procedure. First let's write the procedure.
CREATE PROCEDURE sp_IsValidLogon
@UserName varchar(16),
@Password varchar(16)
As
if exists(Select * From User_Table
Where UserName = @UserName
And
Password = @Password)
return(1)
else
return(0)
Go
What this procedure does is take the username and password as input parameters and performs the lookup. If a record is returned the stored procedure will return a single value of 1, if not the procedure will return 0. No recordset is returned. Let's look at the asp you would use:
<%
<!--#INCLUDE VIRTUAL="/include/adovbs.inc"-->
dim dataConn, adocmd, IsValid
set dataConn = Server.CreateObject("ADODB.Connection")
dataConn.Open "DSN=webData;uid=user;pwd=password" 'make connection
Set adocmd = Server.CreateObject("ADODB.Command")
adocmd.CommandText = "sp_IsValidLogon"
adocmd.ActiveConnection = dataConn
adocmd.CommandType = adCmdStoredProc
adocmd.Parameters.Append adocmd.CreateParameter("return", _
adInteger, adParamReturnValue, 4)
adocmd.Parameters.Append adocmd.CreateParameter("username", _
adVarChar, adParamInput, 16, _
Request.Form("UserName"))
adocmd.Parameters.Append adocmd.CreateParameter("password", _
adVarChar, adParamInput, 16, _
Request.Form("Password"))
adocmd.Execute
IsValid = adocmd.Parameters("return").Value
If IsValid = 0 Then
'Redirect user, incorrect login
Response.Redirect "Incorrect.htm"
End If
'process logon code
.............
%>
In Part 2 we'll look at the ADO Command Object, and how you can use it to execute stored procedures through your ASP pages. We'll also look at why you should use stored procedures as opposed to dynamic queries.
Read Part 2
Writing a Stored Procedure Part II, Part 2
By Nathan Pond
--------------------------------------------------------------------------------
Read Part 1
In Part 1, I introduced a lot of new things, so lets slow down for a minute and I'll go through them. First thing I did was create a command object for ADO. I did this with:
Set adocmd = Server.CreateObject("ADODB.Command")
Next I had to tell the object what command it would be executing, with this line:
adocmd.CommandText = "sp_IsValidLogon"
Notice that the command is the name of the stored procedure. You must tell the command object which connection (
- 更多asp疑问解答:
- asp正则过滤重复字符串的代码
- 用asp过滤全部html但保留br类似的符号
- 会asp,但感觉asp要过点,想学php。但我一般做的都是小公司的站,用access数
- PHP的空间可以用ASP的源代码吗?
- 以前做asp程序,现在应该怎样发展?是学.net还是php
- 以前做asp程序,现在应该怎样发展?是学.net还是php
- 想做一个市级的人才网acess,sql数据库,语言asp,jsp,php分别用哪种好
- jsp,asp,php 区别
- 我想找一个有比较多漏洞的网站的源码,比如可以asp,php注入等都可以。供学习研究用。请提供下载地址。。
- 现在候找人做个网站,用ASP,还是PHP语言去做好
- asp,php ,jsp,.net 对于做网站前台的重要吗?
- asp和php的区别是什么?
- 我是新手SEO菜鸟 请问wp dw php asp cms myspl dede 这些软件应该如何区分呀?
- 网页制作相关的三种语言:ASP JSP PHP那个好点,简单点?
- 网页制作相关的三种语言:ASP JSP PHP那个好点,简单点?