<%
Function SearshSQL(Tname,Lname,Str) 'Tname-表名　Lname-列名　Str－查询的字符
 If Trim(Str)="" then
 MySql="Select * From "&Tname
 Else 
 Str=SqlEncode(Str)    '预处理查询字符串
 ArrStr=split(Str," ")  '用空格分割处理后字符串
 Umax=Ubound(ArrStr)   '分割后数组上维,确定分割成关键词的个数
 If Umax>0 Then    '关键词中多个空格的处理,从第2维开始处理
  For i=1 to Umax
   StrTemp=ArrStr(i)
   If Trim(StrTemp)="" Then StrTemp="/~~~~~/" '分割成的元素为空用特殊字符代替
   Sql=Sql &" Or "& Lname &" like '%"& StrTemp &"%'"
  Next
 End If
 
 MySql="Select * From "& Tname &" where "& Lname &" like '%"&ArrStr(0)&"%'"&Sql
 
 Do
   j=InStr(1,MySql, "%/~~~~~/%",1)
   If j=0 Then
  Exit Do
   End If
   MySql=Replace(MySql," Or "&Lname&" like '%/~~~~~/%'","")
 Loop
 End IF 
 
 
SearshSQL=MySql

end function

Function SqlEncode(Str)  '格式化字符串
str=replace(str,"　"," ") '先把左右的全角空格替换成半角空格
str=trim(str)
str=replace(str,"["," ")
str=replace(str,"';"," ")
str=replace(str,"'"," ")
str=replace(str,"_"," ")
str=replace(str,"%"," ")
str=replace(str,"+"," ")
str=replace(str,"　"," ")
sqlencode=str
end function
%>