How Do I Use A Passed Variable In A Query?

i need to add a variable brought into the
script like: script.asp?variable=var

and i need to make it for use in

var1 = request.querystring("var")
mySQL = "SELECT * FROM members WHERE nick = 'VAR1'"

can anyone tell me how to do this?

View Replies


ADVERTISEMENT

Passed A Variable

when guarding against sql injection attack from modified form or
querystring variables is it enough to strip out just apostrophes...if the
variable USERNAME is the name of a text box passed to a script is the below
always safe...

q1="select * from TABLENAME where username='" &
trim(replace(request("USERNAME"),"'","''")) & "'"

View Replies View Related

SQL Passed Variable

I have a page that passes a variable in to an sql query

It parses the string (a date) for month and year.

It works when i use the date() function Code:

View Replies View Related

Dump Query Into Variable

I need to loop through a query and dump the result into a variable that I can assign to the body of an email. something like: Code:

While Not objRS.EOF
Response.Write objRS("email") & "<BR>"
objRS.MoveNext
Wend

Mail.Body = objRS

View Replies View Related

Setting Variable In Query

I have a sql query that runs on my asp page.

select
contactname,contactnumber,contactnumber1,contactem ail,address,city,state
,zip,type,sqft,0,bedrooms,baths,lotsize,acreage,ga rage,comments,price,0,
0,county from table1 where active='Y'

I need HASPHOTO to equal 1 if hasphoto <> 0 and HASPHOTO=0 when
hasphoto=0. Make sense? HASPHOTO usually equals a number, but in this
case, I want it to equal a 1 or 0 because I am exporting this to a CSV
file. I know how to do everything else, just not this part.

View Replies View Related

Constructing An If Query From An URL Variable

I am trying to construct an If Statement from an URL variable.

Basically if a string in the URL variable, reads, 'Technology, then I want to response.write something. If its anything different, then i would like to response.write something different. The URL = news.asp?type=technology

I have already declared that the lngRecord = Request.QueryString("type") and I have constructed the following If statement off the top of my head, but its not working properly.

I have also been able to access an individual page depending on the URL variable so it's definitely a problem with only my poorly-constructed If statement and nothing else

Code:

View Replies View Related

Adding Variable To Query Line

The form post an agent name to the next page it then takes that name and matches it to the database and shows all entries that agent has. my problem is with calling the variable in the query I just cant seem to get the syntax right Code:

View Replies View Related

SQL Query Based On Session Variable

I have a SQL DB with a number of tables and queries (views) in.

In front of this is my ASP app I am designing.

When my users log in, their User ID is stored in a session variable.

One of the views determines which User ID can access which records, and
obviously then I want to base all my app around this so that a user can only
ever be working on data relevant to them.

Is there any way of using a variable in my SQL View outside of DWMX so that
once my users log in, the SQL View is automatically filtered based on their
User ID in the session variable?

Is there a way of inserting a variable/parameter into SQL so this happens?

View Replies View Related

Button Passed To URL

I've never seen this before. I am new to querystrings, as just using hidden
fields and the POST method has been more than adequate for me until
recently. But I started using the GET method, and I noticed that when I
clicked the submit button, it gave me this for a URL:

http://localhost/DisplayTickets.ASP...nsearchTSE.y=11

The thing is, selectTSE and Status are the two <SELECT> boxes, so I
understand them being there. But why is is telling me the x and y
coordinates of where I clicked the button to submit the form?
I should add that the submit button is an image, not a regular button.
This doesn't hurt anything, just wondering why it's there. And maybe it will
hurt something later on; I don't know enough to say.

View Replies View Related

Cookies Passed

can cookies be passed from a pop up "secure folder log in" window, provided by my hosting company? As I would like to display a welcome message with their name when they log in.

View Replies View Related

Zero's Omitted From Passed Value

when i try passing a numeric value as a string("0004") using asp to a stored procedure, the value is stored as 4 and not as 0004 in the table. In the table and stored procedure the value type is nvarchar.

View Replies View Related

Querystring Problem The Not Being Passed

I'm trying to pass paramter values to another .aspx page via a querystring. The record in the db table looks something like this lahlahlah. The value that gets passed looks like this lahblahblah. So basically the is not getting passed.

Here's what my querystring looks like: Code:

View Replies View Related

Record Values Are Being Passed

When i submit this form all the record values are being passed to the next asp page. But i want only those records which the user has changed in this page.

View Replies View Related

XML STRING Passed To Stored Proc

I am using SQL SERVER 2005 and ASP.

Would anyone be kind enough to give me a solution to the problem below please?

If for example in the stored procedure looks like this:

-- Initialize the SQL Server XML stored procedures
EXEC sp_xml_preparedocument @xmlDoc OUTPUT, @xmlString

Insert into @TableBook
SELECT * FROM OPENXML (@xmlDoc, 'books/book') WITH
(
bookNameVARCHAR(100) 'name',
authorVARCHAR(100) 'author'
)

The question is supposing there is a node called 'Surname' but I am not adding 'Surname' to 'Author'. If I want to check 'Surname' value DOES exists and I want to replace it with 'Author' or if 'Surname' does not exist, just use 'Author' node instead.

I am not sure how you can use IF statement to check a node and put the value into SET @surname and then put something like author VARCHAR(100) '@surname' OR author VARCHAR(100) '@Author'. Just like switching it around.

View Replies View Related

Insert Passed Parameter To Table

I would like to clean up my mailing list by changing the URL I use at the moment which is in the format

www.mysite.com/view_pic.asp?pic_number=123

To be

http://www.mysite.com/view_pic.asp?p...il=bob@bob.com

it would then insert the email into a table, collect these for a while and only see these as active members.Any ideas how to do this, I've tried a few things but no luck.

View Replies View Related

Working Out Time Passed Between Two Dates

I am trying to work out the length of time that a page was opened till it reached another page, I amusing the script below Code:

View Replies View Related

No Session Data Being Passed Back To Clients

does anyone know why my session number doesnt stay the same when i pressed refresh?

it works on w2k, but not on w2k server

my programmer thinks that the IIS is not passing the session back to the client. is there a way to check or any other alternative for sessions?

View Replies View Related

Update Database Using Variables Passed Through Browser

I am creatiung a track record website which displays a list of branches and how many people are available at each individual time slot.

I thought the best way to update would be to create a link which passed two variables, the branch and what time slot. This would then be retrieved int he book.asp page which then would knock one of the current count. I came up with the below page: Code:

View Replies View Related

Creating VBScript Command Dynamically Using ASP Passed Value

my ASP code creates a form and an array of chekbox with this statement response.write "<input type='checkbox' name='chkProduct" & Cstr(counter) & "' value='delete'>" all goes well and i also have a button that points to a VBScript function passing one parameter the counter start value so i can loop throught the checkboxs on the client side and determine if checked or not.

Ok i can display my command "document.frmProductCart.chkProduct & (Cstr(counter)) & .checked" as a string in alert but cannot make it as a command like it should be, anyone got any pointers ?

View Replies View Related

Creating A Database Object Using Passed Parameters

I have created a database connection function which I use to open my database connection and recordset and another to close it. Easy stuff I know. The problem is this.

I want to be able to create database conenctions and recordsets specifically when I call the function. For example Code:

View Replies View Related

How To Form A Method To Change HTML TD Attributes When Passed Element ID?

I have a ton of TD attributes that have to be changed based on the
data in the DB. All TD elements are ID and runat=server.

Changing the attributes of a SINGLE TD is simple:

<td id=thisTD runat=server>

thisTD.Attributes.Clear();
thisTD.Attributes.Add("Class",reader["thisTD_Class"].toString());

Now, say we have 100 TD elements with IDs TD_1 to TD_100

I have not been able to find a way to (essentially) say:

for(int i=0;i<100;i++){
"TD_"+i.Attributes.Clear();
"TD_"+i.Attributes.Add("Class",reader["TDClass"+i].toString());
}

in J-Script, I could do it by Eval() or about eight ways through the
DOM. It seems crazy to me that if I can access the Attributes of a
specific element directly by ID (thisTD.Attributes), I couldn't also
access it by reference.

But I have been able to find NOTHING to indicate how this may be done.
Obviously, my problem is not limited to a single attribute, or else I
would have just typed them all out by now. Trouble is, there is a lot
of logic that must be applied to the data before setting the
attribute. Without being able to iterate or loop by reference, I will
be typing for ages just to change some freaking classes.

View Replies View Related

Null Parameters Passed From XMLHTTP In Javascript To C# Webservice With SOAP

I have encountered some strange behaviour when using the XMLHTTP Request object in Javascript to return xml from a C# Webservice Method. I create a SOAP envelope and send it off to the Webservice, which I have debug points in, which when hit I can see that all the parameters are coming thru as null....

View Replies View Related

Need To Convert This Sql Query For Access To Identical Sql Query For Sql 2005..

My code retrieves a username and a password from a form. Then this information is compared to some usernames and passwords that are stored in a database. The important thing here is that the comparison must be case sensitive meaning that "passWord" is not the same thing as "password"

I have this code, working fine in access 2003

SQL = "SELECT * FROM users WHERE StrComp(username_column,'" & entered_username_in_form & "',0) = 0 AND StrComp(password_column,'" & entered_password_in_form & "',0) = 0"

but get the following error when I run it against my sql 2005 database.

[Microsoft][SQL Native Client][SQL Server]'StrComp' is not a recognized built-in function name.

I don't know the corresponding t-sql for the query.

View Replies View Related

Calling Com + Object Variable Or With Block Variable Not Set

I'm turning my application into a "DLL". Everything worked fine untill I try to do a "While" in my asp code. Then I recieve an error like this:

"Object variable or With block variable not set"

My vb code look like this.....

View Replies View Related

Passing Data From Javascript Variable To Asp Variable.

is there any way of passing a javascript variable over to a asp variable so
i can write it to my database.

View Replies View Related

Parameter Not Passed From For Loop To While Loop

I'm trying to pass a parameter from a for loop to the nested while loop
but only the first counter is passed. Here is the code:

View Replies View Related

Query A DB - Pass The Query To Next Page

I am running a querry on an access database and have set the number of records/page displayed at 20. if there are more than 20 records returned, then 1st page will show the first 20, the next page will show next 20 and so on....

The trouble:

the count of total records displayed is correct and the first page is displayed correctly. But when i click on *Next* to go to the next page, all the records of the database get displayed (not the 2nd page of records from the query).

View Replies View Related

Query Access With Multiple Query

I am using ASP/MS ACCESS to see how I can query the same database, via 2 formfields.

{name: - search}Textfield 1: - Search by Category
AND/OR By
{name: - searchT}Textfield 2: - Location

Currently,

strSearchwords = Trim(Request.QueryString("search")); where "search" is the name of Textfield1

Which is fine, but how can I set it so that on Submit, the string from search, and searchT are somehow joined together into one string?

View Replies View Related

Convert ASP Variable To Javascript Variable

How do I convert an ASP variable to a Javascript variable?

View Replies View Related

ASP LIKE Query Using Parameterized Query

In Access you use "*" + [passed variable] + "*", + can be replaced with &
Calling a parameterized query in Access requires % be used in place of *,
however, all that I have read show dynamic SQL passed to Access:

WHERE [some column] LIKE '" & ASPvar & "' % ORDER BY ...

However, my call is similar to:

conn.qMyLookup strVar, rs

If I modify the query in Access to:

"%" & [passed variable] & "%"

I get all records. If I only put it at the end, as suggested, I only get
matches at the end, not throughout the column. Code:

View Replies View Related

How Do I Put A Variable And A Non Variable In A From Statement?

sql = "SELECT * FROM & console &'news'"

I got that right now but i want the variable, console to be placed along with news so when it selects from the db it selects from gcnnews or whatever variable it's on. How do I do that?

View Replies View Related

Variable-variable=junk

im trying to subtart one quantity from another then stick the answer in to an update statment, but all i get is an error in syntax message

variable math bit=
qty=request.form("oqty")-Request.form("qty")

sql =
sSQL="Update spares SET spares.location='"&request("location")&_
"',spares.machine='"&request("machine")&_
"',spares.part_desc='"&request("part_desc")&_
"',spares.part_number='"&request("part_number")&_
"',spares.qty='(" & qty & ") "&_
"',spares.min_qty='"&request("min_qty")&_
"',spares.updated_by='"&session("name")&"' WHERE(spares.id)=" & form_id

View Replies View Related

Variable Name, Dependant On The Value Of Another Variable...

I need to assign a value to a variable, but this variable name is dependant upon another variable!! I am including the code below so you can see it, cos if not I am sure you are thinking whattt?? Code:

View Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved