how to elaborate this problem that i m facing. ok, let say ..i have a URL wit id number such as www.abc.com/memberpage.asp?memberid=12.
when i add the symbol ' at the end of the url (like that:www.abc.com/memberpage.asp?memberid=12'), and enter, it will display error for my page.
But when i try to put a ' at this web page here, it will not display any error, how can i do this with ASP languagE?how can i avoid it using ASP language ?
strQuery = "UPDATE resource SET TITLE = ' "&request.form("TITLE")&" ' WHERE ID = '"&request.form("ID")&"';"
the problem is that if the field called title has a ' in the text then the UPDATE fails, because I have closed the TITLE field early. If I reverse the " & ' marks then I will have the same problem but the opposite way I thought about doing something with ASP, replace but I still cant get round the fact that I will have a ' in the UPDATE statement Can I do something like REPLACE ' with the CHAR code value and add the code in the SQL record, and will this display the ' or the code.
I ran my page through the W3C markup validator, and all's well except one thing. If I have the "&" symbol in my URLs, it says: Quote:
Line 143, column 66: cannot generate system identifier for general entity "cat" Line 143, column 69: reference not terminated by REFC delimiter Line 143, column 69: reference to external entity in attribute value
I tried doing "&-amp;" (without the -) and "%26" but even though %26 works for the validator, my ASP script doesn't know it's an amp.
I have ASP code displaying currency datatype data from Access database. I have copies of this asp code and tha database on two w2k/IIS5 computers, bothg having the decimal symbol set to "." in the Regional setting both for numbers and for currency. However on one PC it shows dots, while on the other - commas. What is actually controlling which decimal shows up?
Wondering if anyone can help me with this annoying problem. I want to display a (£) on an ASP page, but it keeps putting a J instead. I've tried formatcurrency on the variable that it displays, but still comes up as a J and I've tried changing session.LCID to 2057. Still shows a J.
If you check View Source it shows the £ but it shows as a J on the page. If you check on IE under View... Encoding it comes up as Cyrillic (Windows) and if you change this to Western European (Windows) the page refreshes and shows fine; £ signs come up. But, as soon as you click on a link, it reverts back to Cyrillic.
I'm getting crazy with this. You know that when you install office in your computer it install a plugin for Internet Explorer so when you click in a link to any office document it opens the document inside the explorer instead of asking to save it as normal files.
Do you know how to make internet explorer ask to save the document with HTML or ASP or Javascript?I know that i can disable this option in Internet Explorer options but i don't want to make people do this.I don't want to zip the file neither.
When I use funtion--CreateObject to create an instance of Msword in the client script, IE security will prevent my script to create. I would not like to alter the security option. how to resolve this problem?
I want to run a query from input. There are 4 input that are optional for user. So what is the simple and fastest way to do it instead of too many if statement and repeating query. What I've done now semilar like this
id = Request.Form("id") tittle = Request.Form("tittle") case = Request.Form("case") desc = Request.Form("desc")
If id <> "" then Run Query Else If tittle <> "" Then.......i have to insert more if statement..how can I make it more easier?
I'm making an application and i need to print a report, the problem is that depending on the browser printer configuration it is printed ok or not. Is there any way to make a document, as pdf or doc, for asp to avoid this problems?
I have sometimes duplicate contents in a comments page because impatient people send the same form twice (they pressing in few seconds the Send button twice) . How can I avoid this?
I am writing a web app using asp.net 1.1 and C#. This web app is launched in another win32 application and this app needs to pass information to my web app. But this win32 application doesn't support long string(Maximum 255)
I hv to use an intermedia plain file and in my web app,usingScripting.FileSystemObject to open the file and read the information in. Each time when I launch the web page, I got a warning message saying "AnActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" Users need to click Yes to proceed.
All applications run in Intranet environment within a corporate network. My question are "Can I avoid this error message?" and "Can I give permission to my particular web app to run Scripting.FileSystemObject?"
I am running IIS5.1. I am invoking an ASP page in ther server continously from the HTML Page, to update some contents of the html page. The ASP page seem to run from the cache sometimes(Not Always). I tried to give the following header to my ASP file.
I am using MS-Access database to display top 10 records containg title and date, and with each record a text named "NEW" is also displaying.
But I want to display "NEW" only with the records which are not older than a week. Is there some way to calculate the present date with the date of each record?
Currently i did 2 pages form and action pages, where form will have 2 inputs, and action page will insert the data into database.
but the i have tested once i keep refresh the action page, the data will be inserted again and again, anyone know how can i control this matter and avoid sql injection?
I am working on a web application that uses both asp classic and asp.net pages. We need to validate user input to avoid attacks like sql injection. Can a component be created that both page types can use? Is that the best approach? Would I simply use pattern matching to validate strings and/or remove any unwanted characters?
I need to provide a way to download a software and its corresponding manual from a web page.
So far I have done the sign in page where people give their data. I will then give access to a page with a link allowing to download the required file(s).
My worry is how to avoid that somebody grabs the URL of the file and send it to another for downloading directly from the server. What can I do to avoid this ?
I am working with website in which a user can login and then submit some forms. I want the user to avoid re-submitting the same form twice when he uses the browser refresh or when he goes to another page and then comes back to that same page using the browser back button.
I know of two solutions:
1. Redirect to a different page after form submission - The problem with this approach is that the website has many forms. So redirecting each form to a different one is not a very feasible solution.
2. A token can be stored in session (or somewhere) after each form submission. These tokens can be verified if the form is being resubmitted - The problem with this approach is that the user can submit
one form only once. I want the user to be able to submit the same form multiple times, provided with differetn data.
Is there a suitable solution where a form with same data is submitted only once, but there is no such restriction with different data?
Can the ASP request object be cleared after form submission, so even when refresh button is pressed, Request.Form elements dont have any data? (Storing ALL the information filled in each form during that session and then comparing for resubmit is not a clean solution I think??).
I do a SELECT * from table command in an ASP page to build a text file out on our server, but the export is not to allow a field name rows of records. The first thing I get is a row with all the field names. Why do these come in if they are not part of the table records? How do I eliminate this from being produced? Code:
I know there really isn't a way to disable the "back button" on the browser BUT ... I'm trying to not allow multiple entries via a form submit when the back button is depressed on the browser.
Basically is there a code snippet that somebody can provide so that when a form is submitted and somebody attempts to go back by hitting the "back" button, that form information just entered won't resubmit into the database?