ASP Tutorials - Herong's Tutorial Examples - v5.10, by Dr. Herong Yang
Guest book Main Script
This section describes the main guest book script, uses the configuration file, page layout template file, the utility script library and the CSS file
Once we understand the database, configuration, and template, we are ready to look at the guestbook main page, default.asp. The main objectives of default.asp are:
1. Takes a topic id from the query string so that it can be invoked for any given topics defined in the database.
2. Displays then content of the given topic.
3. Displays all existing comments associated with the given topic.
4. Offers a blank form to allow visitors to enter their comment for the given topic.
5. Stores new comment into database, when a visitor submits the form.
Here is the source code of default.asp:
<!--#include file='_config.inc'--> <% ' comment_default.asp ' ' Comment default page ' hyBook version 2006.01.01 ' Copyright (c) 2006 by Dr. Herong Yang, http://www.herongyang.com/ Dim bgShowTopic, bgShowCommentList, bgShowCommentNew, ngTopicID Dim sgError, sgNotice Dim sgName, sgEmail, sgContent bgShowTopic = True bgShowCommentList = True bgShowCommentNew = True %> <!--#include file='_template.inc'--> <% Sub opening dbConnect ' Checking query string and form data sTopicID = myTrim(Request.Querystring("TopicID"),6) ngTopicID = Clng(sTopicID) If Request.Form("submit") = "Submit" Then sgName = myTrim(Request.Form("Name"),40) sgEmail = myTrim(Request.Form("Email"),40) sgContent = myTrim(Request.Form("Content"),2000) sTopicID = myTrim(Request.Form("TopicID"),6) ngTopicID = Clng(sTopicID) sgName = removeHTML(sgName) sgContent = removeHTML(sgContent) bOK = True ' Checking submit limit If bOK Then bOK = validateSubmitLimit End If ' Checking ngTopicID If bOK Then bOK = validateTopicID End If ' Checking required values If bOK Then bOK = validateRequiredValue End If ' Checking to stop re-post If bOK Then bOK = validateRepost End If ' Submit data If bOK Then sName = Replace(sgName, "'", "''") sEmail = Replace(sgEmail, "'", "''") sContent = Replace(sgContent, "'", "''") sAddress = Request.ServerVariables("REMOTE_ADDR") sSQL = "INSERT INTO [hyComment] ([Name]," _ & " [Email]," _ & " [TopicID]," _ & " [Content]," _ & " [Timestamp]," _ & " [IpAddress])" _ & " VALUES ('" & sName & "'" _ & ", '" & sEmail & "'" _ & ", " & ngTopicID _ & ", '" & sContent & "'" _ & ", #" & date() & "#" _ & ", '" & sAddress & "')" If bgDebug Then ogDebug.WriteLine("sSQL = " & sSQL) End If ogConn.Execute(sSQL) sgNotice = "Your comment has been added. Thank you!" sgName = "" sgEmail = "" sgContent = "" Else sgName = Server.HTMLEncode(sgName) sgEmail = Server.HTMLEncode(sgEmail) sgContent = Server.HTMLEncode(sgContent) End If End If If ngTopicID = 0 Then ngTopicID = ngDefaultTopicID End If End Sub Function validateSubmitLimit sAddress = Request.ServerVariables("REMOTE_ADDR") dYesterday = DateAdd("D", -1, DATE()) Set rSelect = Server.CreateObject("ADODB.Recordset") sSQL = "SELECT count(*) FROM [hyComment]" _ & " WHERE [IpAddress] = '" & sAddress & "'" _ & " AND [Timestamp] > #" & dYesterday & "#" rSelect.Open sSQL, ogConn If bgDebug Then ogDebug.WriteLine(sSQL) ogDebug.WriteLine("Count = " & rSelect.Fields(0)) End If If rSelect.Fields(0) < ngSubmitLimit Then validateSubmitLimit = True Else sgError = "You have reached your submission limit." _ & " Please submit your comment later." validateSubmitLimit = False End If set rSelect = Nothing End Function Function validateTopicID Set rSelect = Server.CreateObject("ADODB.Recordset") sSQL = "SELECT * FROM [hyTopic] WHERE [ID] = " & ngTopicID rSelect.Open sSQL, ogConn If NOT rSelect.EOF Then validateTopicID = True Else sgError = "Invalid topic ID. Please return to home page." validateTopicID = False End If set rSelect = Nothing End Function Function validateRequiredValue If sgName <> "" AND sgContent <> "" AND sTopicID = "" Then validateRequiredValue = True Else sgError = "Missing required values." _ & " Please update the form and submit it again." validateRequiredValue = False End If End Function Function validateRepost sName = Replace(sgName, "'", "''") sEmail = Replace(sgEmail, "'", "''") sContent = Replace(sgContent, "'", "''") sAddress = Request.ServerVariables("REMOTE_ADDR") dYesterday = DateAdd("D", -1, DATE()) Set rSelect = Server.CreateObject("ADODB.Recordset") sSQL = "SELECT * FROM [hyComment]" _ & " WHERE [IpAddress] = '" & sAddress & "'" _ & " AND [Timestamp] > #" & dYesterday & "#" _ & " AND [Name] = '" & sName & "'" _ & " AND [Email] = '" & sEmail & "'" _ & " AND [Content] = '" & sContent & "'" _ & " AND [TopicID] = " & ngTopicID If bgDebug Then ogDebug.WriteLine(sSQL) End If rSelect.Open sSQL, ogConn If rSelect.EOF Then validateRepost = True Else sgError = "You are reposting exactly the same comment." _ & " Replease review your comment and post it again." validateRepost = False End If set rSelect = Nothing End Function Sub outputHeader Response.Write("<p class=hy_title>") Response.Write(sgPageTitle) Response.Write("</p>") End Sub Sub outputBody If sgError <> "" Then htmlError(sgError) sgError = "" End If If sgNotice <> "" Then htmlNotice(sgNotice) sgNotice = "" End If If bgShowTopic Then htmlTopic(ngTopicID) End If If bgShowCommentList Then htmlCommentList(ngTopicID) End If If bgShowCommentNew Then htmlCommentNew(ngTopicID) End If End Sub Sub outputFooter ' Do nothing End Sub Sub closing dbClose End Sub Function htmlTopic(ngTopicID) Set rsTopic = Server.CreateObject("ADODB.Recordset") sSQL = "SELECT * FROM hyTopic WHERE ID=" & ngTopicID If bgDebug Then ogDebug.WriteLine(sSQL) End If rsTopic.Open sSQL, ogConn If NOT rsTopic.EOF Then Response.Write("<table class=hy_topic cellspacing=0" _ & " cellpadding=5><tr class=hy_topic_subject><td>") Response.Write(rsTopic("Subject")) Response.Write("</td></tr><tr class=hy_topic_content><td>") Response.Write(replace(rsTopic("Content"), vbcrlf, "<br>")) Response.Write("</td></tr></table>") Else htmlError("Invalid input data. Please return to home page.") bgShowCommentList = False bgShowCommentNew = False End If set rsTopic = Nothing End Function Function htmlCommentNew(ngTopicID) Response.Write("<table class=hy_comment cellspacing=0" _ & " cellpadding=5>") Response.Write("<form action=" _ & Request.ServerVariables("SCRIPT_NAME") & " method=post>") Response.Write("<input type=hidden name=TopicID" _ & " value=""" & ngTopicID & """>") Response.Write("<tr><td class=hy_comment_label>Your Name:</td>" _ & "<td><input type=text size=40 maxlength=40 name=Name" _ & " value=""" & sgName & """>(Req.)</td></tr>") Response.Write("<tr><td class=hy_comment_label>Your E-mail:</td>" _ & "<td><input type=text size=40 maxlength=40 name=Email" _ & " value=""" & sgEmail & """>(Opt.)</td></tr>") Response.Write("<tr><td class=hy_comment_label>Comment:</td>" _ & "<td><textarea name=Content cols=45 rows=10 wrap=virtual>" _ & sgContent & "</textarea>(Req.)</td></tr>") Response.Write("<tr><td></td>" _ & "<td><input name=submit value=Submit type=submit><br>" _ & "Note that your email is only for Webmaster use only." _ & " It will not be displayed.</td></tr>") Response.Write("</form>") Response.Write("</table>") End Function Function htmlCommentList(ngTopicID) Set rsComment = Server.CreateObject("ADODB.Recordset") sSQL = "SELECT * FROM [hyComment] WHERE [TopicID] =" _ & ngTopicID & " ORDER BY ID DESC" rsComment.Open sSQL, ogConn If rsComment.EOF Then htmlNotice("No comment has been submitted.") Else Response.Write("<table class=hy_list cellspacing=0" _ & " cellpadding=5>") sClass="hy_list_item_lo" Do While NOT rsComment.EOF Response.Write("<tr class=" & sClass & "><td><b>" _ & rsComment("Name") & "</b> wrote on " _ & rsComment("Timestamp") & ": <br><br>") Response.Write(replace(rsComment("Content"), vbcrlf, "<br>")_ & "</td></tr>") rsComment.MoveNext If sClass = "hy_list_item_lo" Then sClass = "hy_list_item_hi" Else sClass = "hy_list_item_lo" End If Loop Response.Write("</table>") End If set rsComment = Nothing End Function %> <!--#include file='_library.inc'--> <% %>
Interesting things to note here:
Table of Contents
ASP (Active Server Pages) Introduction
IIS (Internet Information Services) 5.0
Managing Sessions with and without Cookies
scrrun.dll - Scripting Runtime DLL
Managing Response Header Lines
Calculation Speed and Response Time
Working with MS Access Database
►Guest Book Application Example