Information doesnt want to go in...

Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

All Forums

Development Tools

Other Development Tools

Information doesnt want to go in...

Author

Topic

jhermiz

3564 Posts

Posted - 2004-01-20 : 17:18:37

I wanted to create a small form with two text boxes and a button...
so I tried it out and created it in front page. The page shows up fine in Front page graphically...but when I do a submit I get a script error...I dont know why!!!!

The code is as follows


<%
On Error Resume Next

Session.CodePage = 1252
Err.Clear

strErrorUrl = ""

If Request.ServerVariables("REQUEST_METHOD") = "POST" Then
If Request.Form("VTI-GROUP") = "0" Then
	
	Dim Conn
	Dim rs

	Set Conn = Server.CreateObject("ADODB.Connection")
	Set rs = Server.CreateObject("ADODB.Recordset")


	Conn.Open "Driver={SQL Server};" & _
		  "Server=HERCULES;" & _
		  "Database=SPI;" & _
		  "UID=SPI;" & _
		  "PWD=ibm123;"
	Err.Clear

	rs.Open "Bugs", Conn, 1, 3, 2 ' adOpenKeySet, adLockOptimistic, adCmdTable
	FP_DumpError strErrorUrl, "Cannot open record set"

	rs.AddNew
	
	Dim arFormFields0(2)
	Dim arFormDBFields0(2)
	Dim arFormValues0(2)

	arFormFields0(0) = "Name"
	arFormDBFields0(0) = "Name"
	arFormValues0(0) = Request("Name")
	arFormFields0(1) = "Description"
	arFormDBFields0(1) = "Description"
	arFormValues0(1) = Request("Description")

	FP_SaveFormFields rs, arFormFields0, arFormDBFields0


	rs.Update
	rs.Close
	Conn.Close

	FP_FormConfirmationFromArrays "text/html; charset=windows-1252",_
						"Form Confirmation",_
						"Thank you for submitting the following information:",_
						"submission_form.asp",_
						"Return to the form.",_
						arFormDBFields0,_
						arFormValues0

End If
End If

Now the code for the entire page including the HTML and so on is here...


<%
On Error Resume Next

Session.CodePage = 1252
Err.Clear

strErrorUrl = ""

If Request.ServerVariables("REQUEST_METHOD") = "POST" Then
If Request.Form("VTI-GROUP") = "0" Then
	
	Dim Conn
	Dim rs

	Set Conn = Server.CreateObject("ADODB.Connection")
	Set rs = Server.CreateObject("ADODB.Recordset")


	Conn.Open "Driver={SQL Server};" & _
		  "Server=HERCULES;" & _
		  "Database=SPI;" & _
		  "UID=SPI;" & _
		  "PWD=ibm123;"
	Err.Clear

	rs.Open "Bugs", Conn, 1, 3, 2 ' adOpenKeySet, adLockOptimistic, adCmdTable
	FP_DumpError strErrorUrl, "Cannot open record set"

	rs.AddNew
	
	Dim arFormFields0(2)
	Dim arFormDBFields0(2)
	Dim arFormValues0(2)

	arFormFields0(0) = "Name"
	arFormDBFields0(0) = "Name"
	arFormValues0(0) = Request("Name")
	arFormFields0(1) = "Description"
	arFormDBFields0(1) = "Description"
	arFormValues0(1) = Request("Description")

	FP_SaveFormFields rs, arFormFields0, arFormDBFields0


	rs.Update
	rs.Close
	Conn.Close

	FP_FormConfirmationFromArrays "text/html; charset=windows-1252",_
						"Form Confirmation",_
						"Thank you for submitting the following information:",_
						"submission_form.asp",_
						"Return to the form.",_
						arFormDBFields0,_
						arFormValues0

End If
End If

Session.CodePage = Session("FP_OldCodePage")
Session.LCID = Session("FP_OldLCID")

%>

<%@ language=vbscript%>
<% Response.Buffer = True %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- BEGIN HOME_TOP --><HTML><HEAD><TITLE>JAK - Strategic Proposal Initiative</TITLE>
<META http-equiv=Content-Type content="text/html; charset=windows-1252">
<STYLE type=text/css>BODY {
	FONT-SIZE: 10px; MARGIN: 0px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ffffff
}
TD {
	FONT-SIZE: 10px; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
A:link {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline
}
A:active {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline
}
A:visited {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline
}
A:hover {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sublink:link {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sublink:active {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sublink:visited {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sublink:hover {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ccccff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sidelink:link {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sidelink:active {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sidelink:visited {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.sidelink:hover {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.barlink:link {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline
}
A.barlink:active {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline
}
A.barlink:visited {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline
}
A.barlink:hover {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.subnavlink:link {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.subnavlink:active {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.subnavlink:visited {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
A.subnavlink:hover {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none
}
.maincontent {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ffffff
}
.contentbar1 {
	FONT-WEIGHT: bold; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #666699
}
.contentbar2 {
	FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ffffff
}
.categorybar {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #666699
}
.menubar {
	FONT-WEIGHT: normal; FONT-SIZE: 12px; COLOR: #000000; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ececec
}
.prohead {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #ff6600; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.enthead {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #669900; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.grokhead {
	FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.normal {
	FONT-SIZE: 10px; COLOR: #333333; FONT-STYLE: normal; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
.normalwt {
	FONT-SIZE: 10px; COLOR: #ffffff; FONT-STYLE: normal; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif
}
</STYLE>

</HEAD>

<BODY text=#333333 bgColor=#ffffff>
<SCRIPT language=javascript>
function cellColor(id,color) {
		id.bgColor = color;
}
</SCRIPT>

<TABLE cellSpacing=0 cellPadding=0 width=740 align=center border=0>
  <TBODY>
  <TR vAlign=top align=left>
    <TD colSpan=2 height=15>
    <IMG height=15 
      src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
      width=25></TD></TR>
  <TR vAlign=top align=left>
    <TD vAlign=center align=middle width=200 
    background="g_date_bg.gif" 
    bgColor=#9999cc><FONT face="Verdana, Arial, Helvetica, sans-serif" 
      color=#ffffff size=1>
      <SCRIPT language=JavaScript>
var now = new Date();
var monNames = new Array("JANUARY","FEBRUARY","MARCH","APRIL","MAY","JUNE","JULY","AUGUST","SEPTEMBER","OCTOBER","NOVEMBER","DECEMBER");
document.write(monNames[now.getMonth()] + " " + now.getDate() + ", " + now.getFullYear());
    </SCRIPT>
      </FONT><a href="spibugs.htm">Back</a></TD>
    <TD vAlign=center align=left 
    background="g_subnav_blue_bg.gif" 
    bgColor=#000066>
      <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
        <TBODY>
        <TR vAlign=center align=middle>
          <TD>
          <p align="right"><font color="#FFFFFF">Johann A. Krause, Inc.</font></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><!-- END HOME_TOP --><!-- BEGIN CONTENT -->
<TABLE cellSpacing=0 cellPadding=1 width=740 align=center border=0>
  <TBODY>
  <TR>
    <TD vAlign=top align=left bgColor=#333366>
      <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0>
        <TBODY>
        <TR vAlign=top align=left bgColor=#ffffff>
          <TD colSpan=13>
           </TD></TR>
        <TR vAlign=top align=left bgColor=#000066>
          <TD colSpan=13>
          <IMG height=1 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=25></TD></TR>
        <TR vAlign=top align=left bgColor=#cccccc>
          <TD> </TD>
          <TD colSpan=11>
            <TABLE cellSpacing=0 cellPadding=2 width="100%" border=0>
              <TBODY>
              <TR vAlign=center align=left>
                <TD width=5>
                <IMG height=25 
                  src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
                  width=12 border=0></TD>
                <TD width=18>
                <IMG 
                  src="http://www.jakrauseinc.com/spi/images/g_arrow2_btn.gif" 
                  border=0 width="18" height="19"></TD>
                <TD noWrap><font size="3"><b>Bugs</b></font></TD></TR></TBODY></TABLE></TD>
          <TD> </TD></TR>
        <TR vAlign=top align=left bgColor=#ffffff>
          <TD colSpan=13>
            <TABLE cellSpacing=0 cellPadding=13 width="100%" 
            background="snowflake_bg.gif" 
            border=0>
              <TBODY>
              <TR>
                <TD vAlign=top align=left width=215>
                  <TABLE cellSpacing=0 cellPadding=3 width="702" border=0 height="152">
                    <TBODY>
                    <TR vAlign=top align=left>
                      <TD width=74 height="35">
                      <table cellSpacing="0" cellPadding="3" width="100%" border="0">
                        <tr vAlign="top" align="left">
                          <td width="53">
                          <img src="http://www.jakrauseinc.com/spi/images/globe.gif" border="0" width="53" height="63"></td>
                        </tr>
                      </table>
                      </TD>
                      <TD width="616" height="35">Insert A Bug<br>
                      <b>Bugs</b></TD>
                      </TR>
                    <TR vAlign=top align=left>
                      <TD colSpan=2 height=105 width=100%>
<!--webbot BOT="GeneratedScript" PREVIEW=" " startspan --><script Language="JavaScript" Type="text/javascript"><!--
function FrontPage_Form1_Validator(theForm)
{

  if (theForm.Name.value.length > 255)
  {
    alert("Please enter at most 255 characters in the \"Name\" field.");
    theForm.Name.focus();
    return (false);
  }
  return (true);
}
//--></script><!--webbot BOT="GeneratedScript" endspan --><form METHOD="POST" action="submission_form.asp" onsubmit="return FrontPage_Form1_Validator(this)" name="FrontPage_Form1" language="JavaScript" webbot-action="--WEBBOT-SELF--">

<!--webbot bot="SaveDatabase" suggestedext="asp" s-dataconnection="database1" s-recordsource="Results" s-form-fields="Name Description" s-form-dbfields="Name Description " b-usedbfieldsforconfirmation="True" u-asp-include-url="../../_fpclass/fpdbform.inc" startspan --><input TYPE="hidden" NAME="VTI-GROUP" VALUE="0"><!--#include file="../../_fpclass/fpdbform.inc"--><!--webbot bot="SaveDatabase" endspan i-checksum="43152" --><font face="Verdana">
</font>

<p><font face="Verdana"><b>Name</b><br>
 <!--webbot bot="Validation" s-display-name="Name" s-data-type="String" b-value-required="False" i-maximum-length="255" --><input type="TEXT" name="Name" size="64" value="" maxlength="255"><br>
</font>
</p>
<p><font face="Verdana"><b>Bug Description</b><br>
 <!--webbot bot="Validation" s-display-name="Description" s-data-type="String" b-value-required="False" i-maximum-length="0" --><textarea rows="10" name="Description" cols="64"></textarea><br>
</font>
</p>


<p><font face="Verdana"><input type="submit" value="    OK    "><input type="reset" value=" Reset "></font></p>

</form>
</TD></TR>
                    </TBODY></TABLE></TD>
                </TR></TBODY></TABLE></TD></TR>
        <TR vAlign=top align=left bgColor=#ffffff>
          <TD width=13>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=13></TD>
          <TD width=165>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=165></TD>
          <TD width=20>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=20></TD>
          <TD width=90>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=90></TD>
          <TD width=20>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=20></TD>
          <TD width=90>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=90></TD>
          <TD width=20>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=20></TD>
          <TD width=90>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=90></TD>
          <TD width=20>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=20></TD>
          <TD width=90>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=90></TD>
          <TD width=20>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=20></TD>
          <TD width=90>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=90></TD>
          <TD width=10>
          <IMG height=5 
            src="http://www.jakrauseinc.com/spi/images/transparent.gif" 
            width=10></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><!-- END CONTENT -->
<TABLE cellSpacing=0 cellPadding=0 width=740 align=center 
background="http://www.jakrauseinc.com/spi/images/g_copy_bg.gif" 
border=0>
  <TBODY>
  <TR>
    <TD vAlign=center align=right>
    <p align="left">
    <a href="http://www.jakrauseinc.com/spi/spi.htm">
    <IMG 
      src="http://www.jakrauseinc.com/spi/images/999.gif" border=0 align="right" width="450" height="60"></a> </p>
    <p align="left"><b>Johann A. Krause, Inc.</b><br>Copyright 2004   --  <b>Contact: <a href="mailto:jhermiz@tkt-jakusa.thyssenkrupp.com">jhermiz</a></b></p>    <font SIZE="4">
    <p> </font></TD></TR>
  <TR>
    <TD vAlign=bottom align=left>
    <IMG 
      src="http://www.jakrauseinc.com/spi/images/g_line_db740px.gif" width="740" height="1"></TD></TR></TBODY></TABLE>
<SCRIPT language=javascript>
var data,nhp,ntz,rf,sr;document.cookie='__support_check=1';nhp='http';
rf=document.referrer;sr=document.location.search;
if(top.document.location==document.referrer || 
   (document.referrer == '' && top.document.location != '')) {
  rf=top.document.referrer;sr=top.document.location.search}
  ntz=new Date();
  if((location.href.substr(0,6)=='https:') || 
     (location.href.substr(0,6)=='HTTPS:')) nhp='https'; 
  data='&an='+escape(navigator.appName)+'&ck='+document.cookie.length+
       '&rf='+escape(rf)+'&sl='+escape(navigator.systemLanguage)+
       '&av='+escape(navigator.appVersion)+'&l='+escape(navigator.language)+
       '&pf='+escape(navigator.platform)+'&pg='+escape(location.pathname);
  if(navigator.appVersion.substring(0,1)>'3')
    data=data+'&cd='+ screen.colorDepth+
              '&rs='+escape(screen.width+ ' x '+screen.height)+
              '&tz='+ntz.getTimezoneOffset()+'&je='+ navigator.javaEnabled()
  document.write('<img border=0 hspace=0 vspace=0 width=1 height=1 '+
                 'src="'+nhp+'://loc1.hitsprocessor.com/'+
                 'statistics.asp?v=1&s=22&pl=1&acct=groxis'+data+'">');
      </SCRIPT>

<SCRIPT language=javascript1.2>
  document.write('<');
  document.write('!--  ');
      </SCRIPT>
<NOSCRIPT><IMG height=1 hspace=0 src="" width=1 border=0></NOSCRIPT>
</table>
<!--//--><!-- End GetToTheTop statistics web tools hit counter code -->
</BODY></HTML>

I dont know what seems to be the problem...
I need to be able to hit the submit button and do an insert into the table Bugs.

Jon

MichaelP
Jedi Yak

2489 Posts

Posted - 2004-01-20 : 19:06:46

FrontPage is NOT your friend for ASP. Use Visual InterDev or pretty much anything else besides FrontPage. Depending on what version you have, Frontpage might be "fixing" your code for you behind the scences.

Ok, now on to the problem at hand.


<%
DIm FirstName
Dim LastName

FirstName = Request.Form("FirstName")
LastName = Request.Form("LastName")

	'Put some code here to make sure they posted something and it's valid
	if len(LastName) >0 and len(FirstName) > 0 then
		'Put into database
		Set Conn = Server.CreateObject("ADODB.Connection")
		Set rs = Server.CreateObject("ADODB.Recordset")


		Conn.Open "Driver={SQL Server};" & _
			  "Server=HERCULES;" & _
			  "Database=SPI;" & _
			  "UID=SPI;" & _
			  "PWD=ibm123;"
			  
		'Hopefully you'll have a stored proc that you'll use to insert
		'You'll need slightly different code for that
		
		conn.Execute("INSERT INTO MyTable(FirstName, LastName) VALUES('" & FirstName & "', '" & LastName & "')"
		
		Response.Write LastName & ", " & FirstName & " was added to the database!"		Response.End 
		


	end if


%>


<HTML>
<HEAD></HEAD>
<BODY>
	<Form action="jon.asp" method="POST">
	<Input Type="Text" name="FirstName">
	<BR>
	
	<Input Type="Text" name="LastName">
	<BR>
	
	<Input type="submit" name="btnSubmit" value="Submit">
	
</BODY>
</HTML>

BTW: Another resource : http://www.learnasp.com/learn/database.asp

Michael

<Yoda>Use the Search page you must. Find the answer you will.</Yoda>

robvolk
Most Valuable Yak

15732 Posts

Posted - 2004-01-20 : 20:40:30

Yes, I have to second Michael here, RUN AWAY FROM FRONTPAGE!!! It will turn you into a horrible coder and web designer. I would even suggest staying away from Interdev but as long as you turn off the wizards you should be OK.

jhermiz

3564 Posts

Posted - 2004-01-21 : 08:56:32

Hi Mike,

I keep trying what you have...
and in fact any asp I have and I always get an internal server 500 error. I googled and noticed a lot of people have had this problem.
I did seperate the bottom part the HTML body portion in one file..jon.html.

Then I took everything from <% to %> in another file and called it jon.asp

I had to change the table names...
but no luck

<%
DIm FirstName
Dim LastName

FirstName = Request.Form("FirstName")
LastName = Request.Form("LastName")

'Put some code here to make sure they posted something and it's valid
if len(LastName) >0 and len(FirstName) > 0 then
'Put into database
Set Conn = Server.CreateObject("ADODB.Connection")
Set rs = Server.CreateObject("ADODB.Recordset")

Conn.Open "Driver={SQL Server};" & _
"Server=HERCULES;" & _
"Database=SPI;" & _
"UID=SPI;" & _
"PWD=ibm123;"

'Hopefully you'll have a stored proc that you'll use to insert
'You'll need slightly different code for that

Conn.Execute("INSERT INTO Bugs(Name, Description) VALUES('" & FirstName & "', '" & LastName & "'")

Response.Write LastName & ", " & FirstName & " was added to the database!" Response.End

end if

%>
[/code]

I don't know what to do...

I also noticed something that is really weird...
before I could do

<% hello donkey %>

save the file as test.asp and view it and it would display hello donkey...not I try it and it doesnt show anything...the only way I got it to work was by:

<% Response.write("Hello donkey") %>

Can someone please tell me how to resolve these frustrating yet simple problems.

Thanks again to both of you for your time and help.
Rob I'll take what you said and have someone purchase interdev for me. I'm very new with asp and web stuff in general. I've always done client server stuff with C++ and VB.

Thanks again,
Jon

jhermiz

3564 Posts

Posted - 2004-01-21 : 09:13:03

aha...
the asp was wrong!


<%@ language=vbscript%>
<%
Dim FirstName
Dim LastName

FirstName = Request.Form("FirstName")
LastName = Request.Form("LastName")

	'Put some code here to make sure they posted something and it's valid
	if len(LastName) >0 and len(FirstName) > 0 then
		'Put into database
		Set Conn = Server.CreateObject("ADODB.Connection")
		Set rs = Server.CreateObject("ADODB.Recordset")


		Conn.Open "Driver={SQL Server};" & _
			  "Server=HERCULES;" & _
			  "Database=SPI;" & _
			  "UID=SPI;" & _
			  "PWD=ibm123;"
			  
		'Hopefully you'll have a stored proc that you'll use to insert
		'You'll need slightly different code for that
		
		Conn.Execute("INSERT INTO Bugs(Name, Description) VALUES('" & FirstName & "', '" & LastName & "')")
		
		Response.write(LastName & ", " & FirstName & " was added to the database!")
		Response.End 
		


	end if


%>

thanks guys!
jon

MichaelP
Jedi Yak

2489 Posts

Posted - 2004-01-21 : 10:00:46

Now what you need to do Jon is get rid of the INSERT INTO statement in your ASP, and move that to a stored proc. The code that I provided was a simple example to get you started. It doesn't protect you from SQL Injection attacks.

Michael

<Yoda>Use the Search page you must. Find the answer you will.</Yoda>

jhermiz

3564 Posts

Posted - 2004-01-21 : 10:17:21

yep I agree,

I never never keep static SQL inside of a C++ / VB app, I'd think the same is with ASP....

Although this page is just a feature request page and sits internally...
so I don't think it will be to big a problem.

Can you however post an example using what I have provided into a sproc? I'd assume its much like VB using a Command object and passing parameters.

Thanks,
Jon

MichaelP
Jedi Yak

2489 Posts

Posted - 2004-01-21 : 10:22:37

If you've done it in VB with a command object, it's the same thing.
Just convert your DIm Blah as New ADODB.Connection (etc) to Server.CreateObject() and you should be fine.

I'd reccomend at least calling the stored procs, just in case a user puts anything weird into your text boxes.

You could also do what I do. I create an ActiveX DLL in VB 6, and do all my stored proc calls in VB 6. Then, in your ASP, you create one object, pass a bunch of vars to it, and then the stored procs are called by this VB6 data object.

Michael

<Yoda>Use the Search page you must. Find the answer you will.</Yoda>

jhermiz

3564 Posts

Posted - 2004-01-21 : 10:25:12

You guys are just too smart!! All of you on here..tara, rob, nr, brett, the cross join guy

, damian, the date guy

, you, each of you is UNIQUE just like a primary key

.

If I missed anyone its because Im a clown!

mr_mist
Grunnio

1870 Posts

Posted - 2004-01-21 : 11:44:56

One thing, which you will eventually come across if you read enough ASP pages, is that you should at the very least do some sanity checking on input variables before passing them into your SQL.

Internally you may not have problems, but I always think it is wise to write things correctly anyway, so that you get into good habits. You can, to some extent, avoid various problems with stored procedures called through command objects, but I would still check input strings for things like quotes and funny characters that shouldn't be there.

Yes.

-------
Moo. :)

Subscribe to SQLTeam.com

SQLTeam.com Articles via RSS

SQLTeam.com Weblog via RSS

- Advertisement -

Resources