开发者

Response.Write or plain ol' HTML

What is better coding practice, with speed in mind (Classic ASP):

sPg=sPg& "<select id=""actions"" onchange=""emact(this.value)"">"
sPg=sPg& "<option value=""""></option>"
sPg=sPg& "<option value=""read"">read</option>"
sPg=sPg& "<option value=""unread"">unread</option>"
sPg=sPg& "<option value=""spam"">spam</option>"
sPg=sPg& "<option value=""unspam"">unspam</option>"
sPg=sPg& "<option value=""delete"">delete</option>"
sPg=sPg& "<option value=""undelete"">undelete</option>"

OR

<select id="actions" onchange="emact(this.value)">
<option></option>
<开发者_运维技巧option value="read">read</option>
<option value="unread">unread</option>
<option value="spam">spam</option>
<option value="unspam">unspam</option>
<option value="delete">delete</option>
<option value="undelete">undelete</option>

think this, but on a way larger scale (online store backend written this way almost completely, working on a new version) - I am going convert it all to easy to manage HTML instead of response.write each time, but I just want to know the by doing that, I am not digging myself a hole.


If you are re-writing why are you going to use 10 year old technology?

(Use the 2nd one.)


That's what I would do.

There is absolutely no good reason to go with creating the whole HTML structure through string concatenation, and you will gain a bit of performance by changing to straight HTML.

It would also be more maintainable, as you won't have to worry about escaping quotes and making sure your strings are properly concatenated.


Wouldn't the argument for using Response.Write over HTML be the same one for parameterizing SQL statements over straight SQL queries? Meaning, to close a few loopholes for possible injection?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜