Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
Author |
Topic |
jhermiz
3564 Posts |
Posted - 2004-01-20 : 17:18:37
|
I wanted to create a small form with two text boxes and a button...so I tried it out and created it in front page. The page shows up fine in Front page graphically...but when I do a submit I get a script error...I dont know why!!!!The code is as follows<%On Error Resume NextSession.CodePage = 1252Err.ClearstrErrorUrl = ""If Request.ServerVariables("REQUEST_METHOD") = "POST" ThenIf Request.Form("VTI-GROUP") = "0" Then Dim Conn Dim rs Set Conn = Server.CreateObject("ADODB.Connection") Set rs = Server.CreateObject("ADODB.Recordset") Conn.Open "Driver={SQL Server};" & _ "Server=HERCULES;" & _ "Database=SPI;" & _ "UID=SPI;" & _ "PWD=ibm123;" Err.Clear rs.Open "Bugs", Conn, 1, 3, 2 ' adOpenKeySet, adLockOptimistic, adCmdTable FP_DumpError strErrorUrl, "Cannot open record set" rs.AddNew Dim arFormFields0(2) Dim arFormDBFields0(2) Dim arFormValues0(2) arFormFields0(0) = "Name" arFormDBFields0(0) = "Name" arFormValues0(0) = Request("Name") arFormFields0(1) = "Description" arFormDBFields0(1) = "Description" arFormValues0(1) = Request("Description") FP_SaveFormFields rs, arFormFields0, arFormDBFields0 rs.Update rs.Close Conn.Close FP_FormConfirmationFromArrays "text/html; charset=windows-1252",_ "Form Confirmation",_ "Thank you for submitting the following information:",_ "submission_form.asp",_ "Return to the form.",_ arFormDBFields0,_ arFormValues0End IfEnd If Now the code for the entire page including the HTML and so on is here...<%On Error Resume NextSession.CodePage = 1252Err.ClearstrErrorUrl = ""If Request.ServerVariables("REQUEST_METHOD") = "POST" ThenIf Request.Form("VTI-GROUP") = "0" Then Dim Conn Dim rs Set Conn = Server.CreateObject("ADODB.Connection") Set rs = Server.CreateObject("ADODB.Recordset") Conn.Open "Driver={SQL Server};" & _ "Server=HERCULES;" & _ "Database=SPI;" & _ "UID=SPI;" & _ "PWD=ibm123;" Err.Clear rs.Open "Bugs", Conn, 1, 3, 2 ' adOpenKeySet, adLockOptimistic, adCmdTable FP_DumpError strErrorUrl, "Cannot open record set" rs.AddNew Dim arFormFields0(2) Dim arFormDBFields0(2) Dim arFormValues0(2) arFormFields0(0) = "Name" arFormDBFields0(0) = "Name" arFormValues0(0) = Request("Name") arFormFields0(1) = "Description" arFormDBFields0(1) = "Description" arFormValues0(1) = Request("Description") FP_SaveFormFields rs, arFormFields0, arFormDBFields0 rs.Update rs.Close Conn.Close FP_FormConfirmationFromArrays "text/html; charset=windows-1252",_ "Form Confirmation",_ "Thank you for submitting the following information:",_ "submission_form.asp",_ "Return to the form.",_ arFormDBFields0,_ arFormValues0End IfEnd IfSession.CodePage = Session("FP_OldCodePage")Session.LCID = Session("FP_OldLCID")%><%@ language=vbscript%><% Response.Buffer = True %><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><!-- BEGIN HOME_TOP --><HTML><HEAD><TITLE>JAK - Strategic Proposal Initiative</TITLE><META http-equiv=Content-Type content="text/html; charset=windows-1252"><STYLE type=text/css>BODY { FONT-SIZE: 10px; MARGIN: 0px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ffffff}TD { FONT-SIZE: 10px; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif}A:link { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline}A:active { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline}A:visited { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline}A:hover { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sublink:link { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sublink:active { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sublink:visited { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sublink:hover { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #ccccff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sidelink:link { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sidelink:active { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sidelink:visited { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.sidelink:hover { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.barlink:link { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline}A.barlink:active { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline}A.barlink:visited { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: underline}A.barlink:hover { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.subnavlink:link { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.subnavlink:active { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.subnavlink:visited { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}A.subnavlink:hover { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; TEXT-DECORATION: none}.maincontent { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ffffff}.contentbar1 { FONT-WEIGHT: bold; FONT-SIZE: 10px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #666699}.contentbar2 { FONT-WEIGHT: normal; FONT-SIZE: 10px; COLOR: #333333; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ffffff}.categorybar { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #ffffff; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #666699}.menubar { FONT-WEIGHT: normal; FONT-SIZE: 12px; COLOR: #000000; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif; BACKGROUND-COLOR: #ececec}.prohead { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #ff6600; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif}.enthead { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #669900; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif}.grokhead { FONT-WEIGHT: bold; FONT-SIZE: 12px; COLOR: #666699; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif}.normal { FONT-SIZE: 10px; COLOR: #333333; FONT-STYLE: normal; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif}.normalwt { FONT-SIZE: 10px; COLOR: #ffffff; FONT-STYLE: normal; FONT-FAMILY: Verdana, Arial, Helvetica, sans-serif}</STYLE></HEAD><BODY text=#333333 bgColor=#ffffff><SCRIPT language=javascript>function cellColor(id,color) { id.bgColor = color;}</SCRIPT><TABLE cellSpacing=0 cellPadding=0 width=740 align=center border=0> <TBODY> <TR vAlign=top align=left> <TD colSpan=2 height=15> <IMG height=15 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=25></TD></TR> <TR vAlign=top align=left> <TD vAlign=center align=middle width=200 background="g_date_bg.gif" bgColor=#9999cc><FONT face="Verdana, Arial, Helvetica, sans-serif" color=#ffffff size=1> <SCRIPT language=JavaScript>var now = new Date();var monNames = new Array("JANUARY","FEBRUARY","MARCH","APRIL","MAY","JUNE","JULY","AUGUST","SEPTEMBER","OCTOBER","NOVEMBER","DECEMBER");document.write(monNames[now.getMonth()] + " " + now.getDate() + ", " + now.getFullYear()); </SCRIPT> </FONT><a href="spibugs.htm">Back</a></TD> <TD vAlign=center align=left background="g_subnav_blue_bg.gif" bgColor=#000066> <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR vAlign=center align=middle> <TD> <p align="right"><font color="#FFFFFF">Johann A. Krause, Inc.</font></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><!-- END HOME_TOP --><!-- BEGIN CONTENT --><TABLE cellSpacing=0 cellPadding=1 width=740 align=center border=0> <TBODY> <TR> <TD vAlign=top align=left bgColor=#333366> <TABLE cellSpacing=0 cellPadding=0 width="100%" border=0> <TBODY> <TR vAlign=top align=left bgColor=#ffffff> <TD colSpan=13> </TD></TR> <TR vAlign=top align=left bgColor=#000066> <TD colSpan=13> <IMG height=1 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=25></TD></TR> <TR vAlign=top align=left bgColor=#cccccc> <TD> </TD> <TD colSpan=11> <TABLE cellSpacing=0 cellPadding=2 width="100%" border=0> <TBODY> <TR vAlign=center align=left> <TD width=5> <IMG height=25 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=12 border=0></TD> <TD width=18> <IMG src="http://www.jakrauseinc.com/spi/images/g_arrow2_btn.gif" border=0 width="18" height="19"></TD> <TD noWrap><font size="3"><b>Bugs</b></font></TD></TR></TBODY></TABLE></TD> <TD> </TD></TR> <TR vAlign=top align=left bgColor=#ffffff> <TD colSpan=13> <TABLE cellSpacing=0 cellPadding=13 width="100%" background="snowflake_bg.gif" border=0> <TBODY> <TR> <TD vAlign=top align=left width=215> <TABLE cellSpacing=0 cellPadding=3 width="702" border=0 height="152"> <TBODY> <TR vAlign=top align=left> <TD width=74 height="35"> <table cellSpacing="0" cellPadding="3" width="100%" border="0"> <tr vAlign="top" align="left"> <td width="53"> <img src="http://www.jakrauseinc.com/spi/images/globe.gif" border="0" width="53" height="63"></td> </tr> </table> </TD> <TD width="616" height="35">Insert A Bug<br> <b>Bugs</b></TD> </TR> <TR vAlign=top align=left> <TD colSpan=2 height=105 width=100%><!--webbot BOT="GeneratedScript" PREVIEW=" " startspan --><script Language="JavaScript" Type="text/javascript"><!--function FrontPage_Form1_Validator(theForm){ if (theForm.Name.value.length > 255) { alert("Please enter at most 255 characters in the \"Name\" field."); theForm.Name.focus(); return (false); } return (true);}//--></script><!--webbot BOT="GeneratedScript" endspan --><form METHOD="POST" action="submission_form.asp" onsubmit="return FrontPage_Form1_Validator(this)" name="FrontPage_Form1" language="JavaScript" webbot-action="--WEBBOT-SELF--"><!--webbot bot="SaveDatabase" suggestedext="asp" s-dataconnection="database1" s-recordsource="Results" s-form-fields="Name Description" s-form-dbfields="Name Description " b-usedbfieldsforconfirmation="True" u-asp-include-url="../../_fpclass/fpdbform.inc" startspan --><input TYPE="hidden" NAME="VTI-GROUP" VALUE="0"><!--#include file="../../_fpclass/fpdbform.inc"--><!--webbot bot="SaveDatabase" endspan i-checksum="43152" --><font face="Verdana"></font><p><font face="Verdana"><b>Name</b><br> <!--webbot bot="Validation" s-display-name="Name" s-data-type="String" b-value-required="False" i-maximum-length="255" --><input type="TEXT" name="Name" size="64" value="" maxlength="255"><br></font></p><p><font face="Verdana"><b>Bug Description</b><br> <!--webbot bot="Validation" s-display-name="Description" s-data-type="String" b-value-required="False" i-maximum-length="0" --><textarea rows="10" name="Description" cols="64"></textarea><br></font></p><p><font face="Verdana"><input type="submit" value=" OK "><input type="reset" value=" Reset "></font></p></form></TD></TR> </TBODY></TABLE></TD> </TR></TBODY></TABLE></TD></TR> <TR vAlign=top align=left bgColor=#ffffff> <TD width=13> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=13></TD> <TD width=165> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=165></TD> <TD width=20> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=20></TD> <TD width=90> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=90></TD> <TD width=20> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=20></TD> <TD width=90> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=90></TD> <TD width=20> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=20></TD> <TD width=90> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=90></TD> <TD width=20> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=20></TD> <TD width=90> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=90></TD> <TD width=20> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=20></TD> <TD width=90> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=90></TD> <TD width=10> <IMG height=5 src="http://www.jakrauseinc.com/spi/images/transparent.gif" width=10></TD></TR></TBODY></TABLE></TD></TR></TBODY></TABLE><!-- END CONTENT --><TABLE cellSpacing=0 cellPadding=0 width=740 align=center background="http://www.jakrauseinc.com/spi/images/g_copy_bg.gif" border=0> <TBODY> <TR> <TD vAlign=center align=right> <p align="left"> <a href="http://www.jakrauseinc.com/spi/spi.htm"> <IMG src="http://www.jakrauseinc.com/spi/images/999.gif" border=0 align="right" width="450" height="60"></a> </p> <p align="left"><b>Johann A. Krause, Inc.</b><br>Copyright 2004 -- <b>Contact: <a href="mailto:jhermiz@tkt-jakusa.thyssenkrupp.com">jhermiz</a></b></p> <font SIZE="4"> <p> </font></TD></TR> <TR> <TD vAlign=bottom align=left> <IMG src="http://www.jakrauseinc.com/spi/images/g_line_db740px.gif" width="740" height="1"></TD></TR></TBODY></TABLE><SCRIPT language=javascript>var data,nhp,ntz,rf,sr;document.cookie='__support_check=1';nhp='http';rf=document.referrer;sr=document.location.search;if(top.document.location==document.referrer || (document.referrer == '' && top.document.location != '')) { rf=top.document.referrer;sr=top.document.location.search} ntz=new Date(); if((location.href.substr(0,6)=='https:') || (location.href.substr(0,6)=='HTTPS:')) nhp='https'; data='&an='+escape(navigator.appName)+'&ck='+document.cookie.length+ '&rf='+escape(rf)+'&sl='+escape(navigator.systemLanguage)+ '&av='+escape(navigator.appVersion)+'&l='+escape(navigator.language)+ '&pf='+escape(navigator.platform)+'&pg='+escape(location.pathname); if(navigator.appVersion.substring(0,1)>'3') data=data+'&cd='+ screen.colorDepth+ '&rs='+escape(screen.width+ ' x '+screen.height)+ '&tz='+ntz.getTimezoneOffset()+'&je='+ navigator.javaEnabled() document.write('<img border=0 hspace=0 vspace=0 width=1 height=1 '+ 'src="'+nhp+'://loc1.hitsprocessor.com/'+ 'statistics.asp?v=1&s=22&pl=1&acct=groxis'+data+'">'); </SCRIPT><SCRIPT language=javascript1.2> document.write('<'); document.write('!-- '); </SCRIPT><NOSCRIPT><IMG height=1 hspace=0 src="" width=1 border=0></NOSCRIPT></table><!--//--><!-- End GetToTheTop statistics web tools hit counter code --></BODY></HTML> I dont know what seems to be the problem...I need to be able to hit the submit button and do an insert into the table Bugs.Jon |
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-01-20 : 19:06:46
|
FrontPage is NOT your friend for ASP. Use Visual InterDev or pretty much anything else besides FrontPage. Depending on what version you have, Frontpage might be "fixing" your code for you behind the scences.Ok, now on to the problem at hand.<%DIm FirstNameDim LastNameFirstName = Request.Form("FirstName")LastName = Request.Form("LastName") 'Put some code here to make sure they posted something and it's valid if len(LastName) >0 and len(FirstName) > 0 then 'Put into database Set Conn = Server.CreateObject("ADODB.Connection") Set rs = Server.CreateObject("ADODB.Recordset") Conn.Open "Driver={SQL Server};" & _ "Server=HERCULES;" & _ "Database=SPI;" & _ "UID=SPI;" & _ "PWD=ibm123;" 'Hopefully you'll have a stored proc that you'll use to insert 'You'll need slightly different code for that conn.Execute("INSERT INTO MyTable(FirstName, LastName) VALUES('" & FirstName & "', '" & LastName & "')" Response.Write LastName & ", " & FirstName & " was added to the database!" Response.End end if%><HTML><HEAD></HEAD><BODY> <Form action="jon.asp" method="POST"> <Input Type="Text" name="FirstName"> <BR> <Input Type="Text" name="LastName"> <BR> <Input type="submit" name="btnSubmit" value="Submit"> </BODY></HTML> BTW: Another resource : http://www.learnasp.com/learn/database.aspMichael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2004-01-20 : 20:40:30
|
Yes, I have to second Michael here, RUN AWAY FROM FRONTPAGE!!! It will turn you into a horrible coder and web designer. I would even suggest staying away from Interdev but as long as you turn off the wizards you should be OK. |
|
|
jhermiz
3564 Posts |
Posted - 2004-01-21 : 08:56:32
|
Hi Mike,I keep trying what you have...and in fact any asp I have and I always get an internal server 500 error. I googled and noticed a lot of people have had this problem.I did seperate the bottom part the HTML body portion in one file..jon.html.Then I took everything from <% to %> in another file and called it jon.aspI had to change the table names...but no luck<%DIm FirstNameDim LastNameFirstName = Request.Form("FirstName")LastName = Request.Form("LastName") 'Put some code here to make sure they posted something and it's valid if len(LastName) >0 and len(FirstName) > 0 then 'Put into database Set Conn = Server.CreateObject("ADODB.Connection") Set rs = Server.CreateObject("ADODB.Recordset") Conn.Open "Driver={SQL Server};" & _ "Server=HERCULES;" & _ "Database=SPI;" & _ "UID=SPI;" & _ "PWD=ibm123;" 'Hopefully you'll have a stored proc that you'll use to insert 'You'll need slightly different code for that Conn.Execute("INSERT INTO Bugs(Name, Description) VALUES('" & FirstName & "', '" & LastName & "'") Response.Write LastName & ", " & FirstName & " was added to the database!" Response.End end if%>[/code]I don't know what to do...I also noticed something that is really weird...before I could do<% hello donkey %>save the file as test.asp and view it and it would display hello donkey...not I try it and it doesnt show anything...the only way I got it to work was by:<% Response.write("Hello donkey") %>Can someone please tell me how to resolve these frustrating yet simple problems.Thanks again to both of you for your time and help.Rob I'll take what you said and have someone purchase interdev for me. I'm very new with asp and web stuff in general. I've always done client server stuff with C++ and VB.Thanks again,Jon |
|
|
jhermiz
3564 Posts |
Posted - 2004-01-21 : 09:13:03
|
aha...the asp was wrong!<%@ language=vbscript%><%Dim FirstNameDim LastNameFirstName = Request.Form("FirstName")LastName = Request.Form("LastName") 'Put some code here to make sure they posted something and it's valid if len(LastName) >0 and len(FirstName) > 0 then 'Put into database Set Conn = Server.CreateObject("ADODB.Connection") Set rs = Server.CreateObject("ADODB.Recordset") Conn.Open "Driver={SQL Server};" & _ "Server=HERCULES;" & _ "Database=SPI;" & _ "UID=SPI;" & _ "PWD=ibm123;" 'Hopefully you'll have a stored proc that you'll use to insert 'You'll need slightly different code for that Conn.Execute("INSERT INTO Bugs(Name, Description) VALUES('" & FirstName & "', '" & LastName & "')") Response.write(LastName & ", " & FirstName & " was added to the database!") Response.End end if%> thanks guys!jon |
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-01-21 : 10:00:46
|
Now what you need to do Jon is get rid of the INSERT INTO statement in your ASP, and move that to a stored proc. The code that I provided was a simple example to get you started. It doesn't protect you from SQL Injection attacks.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
jhermiz
3564 Posts |
Posted - 2004-01-21 : 10:17:21
|
yep I agree,I never never keep static SQL inside of a C++ / VB app, I'd think the same is with ASP....Although this page is just a feature request page and sits internally...so I don't think it will be to big a problem.Can you however post an example using what I have provided into a sproc? I'd assume its much like VB using a Command object and passing parameters.Thanks,Jon |
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2004-01-21 : 10:22:37
|
If you've done it in VB with a command object, it's the same thing.Just convert your DIm Blah as New ADODB.Connection (etc) to Server.CreateObject() and you should be fine.I'd reccomend at least calling the stored procs, just in case a user puts anything weird into your text boxes.You could also do what I do. I create an ActiveX DLL in VB 6, and do all my stored proc calls in VB 6. Then, in your ASP, you create one object, pass a bunch of vars to it, and then the stored procs are called by this VB6 data object.Michael<Yoda>Use the Search page you must. Find the answer you will.</Yoda> |
|
|
jhermiz
3564 Posts |
Posted - 2004-01-21 : 10:25:12
|
You guys are just too smart!! All of you on here..tara, rob, nr, brett, the cross join guy, damian, the date guy, you, each of you is UNIQUE just like a primary key.If I missed anyone its because Im a clown! |
|
|
mr_mist
Grunnio
1870 Posts |
Posted - 2004-01-21 : 11:44:56
|
One thing, which you will eventually come across if you read enough ASP pages, is that you should at the very least do some sanity checking on input variables before passing them into your SQL. Internally you may not have problems, but I always think it is wise to write things correctly anyway, so that you get into good habits. You can, to some extent, avoid various problems with stored procedures called through command objects, but I would still check input strings for things like quotes and funny characters that shouldn't be there.Yes.-------Moo. :) |
|
|
|
|
|
|
|