how to elaborate this problem that i m facing. ok, let say ..i have a URL wit id number such as www.abc.com/memberpage.asp?memberid=12.
when i add the symbol ' at the end of the url (like that:www.abc.com/memberpage.asp?memberid=12'), and enter, it will display error for my page.
But when i try to put a ' at this web page here, it will not display any error, how can i do this with ASP languagE?how can i avoid it using ASP language ?
would this work if i only wanted the user to enter any number of letters?[a-zA-Z]*
would i need to add the beginning symbol ^ or the end symbol $ ?
I have a database query where it looks like this
strQuery = "UPDATE resource SET TITLE = ' "&request.form("TITLE")&" ' WHERE
ID = '"&request.form("ID")&"';"
the problem is that if the field called title has a ' in the text then the
UPDATE fails, because I have closed the TITLE field early. If I reverse the
" & ' marks then I will have the same problem but the opposite way
I thought about doing something with ASP, replace but I still cant get round
the fact that I will have a ' in the UPDATE statement
Can I do something like REPLACE ' with the CHAR code value and add the code
in the SQL record, and will this display the ' or the code.
anyone know what does the symbol <> means?
Example: Remove_Id <> ""
I ran my page through the W3C markup validator, and all's well except one thing. If I have the "&" symbol in my URLs, it says: Quote:
Line 143, column 66: cannot generate system identifier for general entity "cat"
Line 143, column 69: reference not terminated by REFC delimiter
Line 143, column 69: reference to external entity in attribute value
I tried doing "&-amp;" (without the -) and "%26" but even though %26 works for the validator, my ASP script doesn't know it's an amp.
I have ASP code displaying currency datatype data from Access database. I have copies of this asp code and tha database on two w2k/IIS5 computers, bothg having the decimal symbol set to "." in the Regional setting both for numbers and for currency. However on one PC it shows dots, while on the other - commas. What is actually controlling which decimal shows up?
View Replies View RelatedWondering if anyone can help me with this annoying problem. I want to display a (£) on an ASP page, but it keeps putting a J instead. I've tried formatcurrency on the variable that it displays, but still comes up as a J and I've tried changing session.LCID to 2057. Still shows a J.
If you check View Source it shows the £ but it shows as a J on the page. If you check on IE under View... Encoding it comes up as Cyrillic (Windows) and if you change this to Western European (Windows) the page refreshes and shows fine; £ signs come up. But, as soon as you click on a link, it reverts back to Cyrillic.
Is it possible to pass an -- & symbol --- in a query string.
ie: varialbe = Purple & Pink
page.asp?var=varialbe
-->> With this I get: Purple%20&%20Pink Passed through and the query string only picks up on the Purple.
I have a form which enters a URL into a file field in my database: E.G.
R:ConfidentialControlledWork.txt goes into field file_path_complete
However if the file name contains a ' character E.G.
r:confidentialjon's work.doc
Then it will not work correctly on my display page, as any text after
the ' will be ignored leaving it as r:confidentialjon
Here is how I create a link to this document on my display page ...
Response.write "<a href='"&rsNOTES("File Path Complete")&"'>"
Response.write (rsNOTES("File Name"))
With rsNotes(File Path Complete) being the full path and filename.
I'm getting crazy with this. You know that when you install office in your computer it install a plugin for Internet Explorer so when you click in a link to any office document it opens the document inside the explorer instead of asking to save it as normal files.
Do you know how to make internet explorer ask to save the document with HTML or ASP or Javascript?I know that i can disable this option in Internet Explorer options but i don't want to make people do this.I don't want to zip the file neither.
When I use funtion--CreateObject to create an instance of Msword in the client script,
IE security will prevent my script to create. I would not like to alter the security option. how to resolve this problem?
I want to run a query from input. There are 4 input that are optional for user. So what is the simple and fastest way to do it instead of too many if statement and repeating query. What I've done now semilar like this
id = Request.Form("id")
tittle = Request.Form("tittle")
case = Request.Form("case")
desc = Request.Form("desc")
If id <> "" then
Run Query
Else
If tittle <> "" Then.......i have to insert more if statement..how can I make it more easier?
I'm making an application and i need to print a report, the problem is that depending on the browser printer configuration it is printed ok or not. Is there any way to make a document, as pdf or doc, for asp to avoid this problems?
View Replies View RelatedI have sometimes duplicate contents in a comments page because impatient people send the same form twice (they pressing in few seconds the Send button twice) . How can I avoid this?
View Replies View Relatedhow can I avoid the windows authentication screen for viewing a report in Reporting Service.
View Replies View RelatedI am writing a web app using asp.net 1.1 and C#. This web app is launched in another win32 application and this app needs to pass information to my web app. But this win32 application doesn't support long string(Maximum 255)
I hv to use an intermedia plain file and in my web app,usingScripting.FileSystemObject to open the file and read the information in. Each time when I launch the web page, I got a warning message saying "AnActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" Users need to click Yes to proceed.
All applications run in Intranet environment within a corporate network. My question are "Can I avoid this error message?" and "Can I give permission to my particular web app to run Scripting.FileSystemObject?"
I am running IIS5.1. I am invoking an ASP page in ther server continously from the HTML Page, to update some contents of the html page. The ASP page seem to run from the cache sometimes(Not Always). I tried to give the following header to my ASP file.
Response.Expires = 0
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
still the contents seem to get cached. how can i avoid this ?
Is there a way to avoid On Error Resume Next for:
cnn.Open strCon
SQL = "EXEC Customer @txtEmail='" & email_address & "'"
set rs = cnn.execute(SQL)
'On error resume next
rs("email_address")
'// This record does not exist thus throwing up an error. I could use On
Error to resume and then do this
'// If rs.eof or rs.bof
'//
.....But I hate this convention as I find debugging a problem. Is there a
better way?
I have a table with "title" field set to unique In PHP I can do this following code to check whether the same input already exist or not:
$query = "insert into table (title) values ('".$title."')";
if (mysql_query($query)) {
echo "Title already exist!!"
} else {
echo "New Title saved!!"
}
My question, is there some similar method to do above operation in ASP? Code:
I am using MS-Access database to display top 10 records containg title and date, and with each record a text named "NEW" is also displaying.
But I want to display "NEW" only with the records which are not older than a week. Is there some way to calculate the present date with the date of each record?
Currently i did 2 pages
form and action pages, where form will have 2 inputs, and action page will insert the data into database.
but the i have tested once i keep refresh the action page, the data will be inserted again and again, anyone know how can i control this matter and avoid sql injection?
I want to avoid client to open a file from my site by typing its path in their address bars . Is there any solution for that?
View Replies View RelatedI would like to know how I can do to avoid that Google index some doc files that are on a specified folder.
View Replies View RelatedI am working on a web application that uses both asp classic and asp.net
pages. We need to validate user input to avoid attacks like sql injection.
Can a component be created that both page types can use? Is that the best
approach? Would I simply use pattern matching to validate strings and/or
remove any unwanted characters?
I need to provide a way to download a software and its corresponding
manual from a web page.
So far I have done the sign in page where people give their data. I
will then give access to a page with a link allowing to download the
required file(s).
My worry is how to avoid that somebody grabs the URL of the file and
send it to another for downloading directly from the server. What can
I do to avoid this ?
I am working with website in which a user can login and then submit some forms. I want the user to avoid re-submitting the same form twice when he uses the browser refresh or when he goes to another page and then comes back to that same page using the browser back button.
I know of two solutions:
1. Redirect to a different page after form submission - The problem with this approach is that the website has many forms. So redirecting each form to a different one is not a very feasible solution.
2. A token can be stored in session (or somewhere) after each form submission. These tokens can be verified if the form is being resubmitted - The problem with this approach is that the user can submit
one form only once. I want the user to be able to submit the same form multiple times, provided with differetn data.
Is there a suitable solution where a form with same data is submitted only once, but there is no such restriction with different data?
Can the ASP request object be cleared after form submission, so even when refresh button is pressed, Request.Form elements dont have any data? (Storing ALL the information filled in each form during that session and then comparing for resubmit is not a clean solution I think??).
while updating the database through a asp page i am getting an error:
Microsoft VBScript runtime (0x800A000D)
Type mismatch:'Clng'
I do a SELECT * from table command in an ASP page to build a text file
out on our server, but the export is not to allow a field name rows of
records. The first thing I get is a row with all the field names. Why
do these come in if they are not part of the table records? How do I
eliminate this from being produced? Code:
I know there really isn't a way to disable the "back button" on the browser BUT ... I'm trying to not allow multiple entries via a form submit when the back button is depressed on the browser.
Basically is there a code snippet that somebody can provide so that when a form is submitted and somebody attempts to go back by hitting the "back" button, that form information just entered won't resubmit into the database?