← Back to Database Operations with ASPPY
Lesson 3

CRUD Operations

Database Operations with ASPPY · Created 2026-06-01 13:34:28

Insert, update, and delete rows using parameter-safe SQL patterns.

INSERT
Dim sql
sql = 'INSERT INTO users (username, email, password, role) VALUES ('' & SqlEscape(username) & '' ,'' & SqlEscape(email) & '' ,'' & SqlEscape(hash) & '' ,'student')'
conn.Execute sql

Get Last Insert ID
Set rs = conn.Execute('SELECT last_insert_rowid()')
Dim newId : newId = CInt(rs(0)) : rs.Close

UPDATE
sql = 'UPDATE users SET email='' & SqlEscape(newEmail) & '' WHERE id=' & CInt(userId)
conn.Execute sql

DELETE
sql = 'DELETE FROM users WHERE id=' & CInt(userId)
conn.Execute sql

SqlEscape
Replaces ' with '' to prevent SQL injection in string values
Always use CInt() for numeric IDs (never concatenate raw input)

Error Handling
On Error Resume Next
conn.Execute someSQL
If Err.Number <> 0 Then
Response.Write 'DB error: ' & Err.Description
Err.Clear : End If

Live Demo →