I want to run a query from input. There are 4 input that are optional for user. So what is the simple and fastest way to do it instead of too many if statement and repeating query. What I've done now semilar like this
id = Request.Form("id")
tittle = Request.Form("tittle")
case = Request.Form("case")
desc = Request.Form("desc")
If id <> "" then
Run Query
Else
If tittle <> "" Then.......i have to insert more if statement..how can I make it more easier?
I do a SELECT * from table command in an ASP page to build a text file out on our server, but the export is not to allow a field name rows of records. The first thing I get is a row with all the field names. Why do these come in if they are not part of the table records? How do I eliminate this from being produced? Code:
how to elaborate this problem that i m facing. ok, let say ..i have a URL wit id number such as www.abc.com/memberpage.asp?memberid=12.
when i add the symbol ' at the end of the url (like that:www.abc.com/memberpage.asp?memberid=12'), and enter, it will display error for my page.
But when i try to put a ' at this web page here, it will not display any error, how can i do this with ASP languagE?how can i avoid it using ASP language ?
I'm getting crazy with this. You know that when you install office in your computer it install a plugin for Internet Explorer so when you click in a link to any office document it opens the document inside the explorer instead of asking to save it as normal files.
Do you know how to make internet explorer ask to save the document with HTML or ASP or Javascript?I know that i can disable this option in Internet Explorer options but i don't want to make people do this.I don't want to zip the file neither.
When I use funtion--CreateObject to create an instance of Msword in the client script, IE security will prevent my script to create. I would not like to alter the security option. how to resolve this problem?
I'm making an application and i need to print a report, the problem is that depending on the browser printer configuration it is printed ok or not. Is there any way to make a document, as pdf or doc, for asp to avoid this problems?
I have sometimes duplicate contents in a comments page because impatient people send the same form twice (they pressing in few seconds the Send button twice) . How can I avoid this?
I am writing a web app using asp.net 1.1 and C#. This web app is launched in another win32 application and this app needs to pass information to my web app. But this win32 application doesn't support long string(Maximum 255)
I hv to use an intermedia plain file and in my web app,usingScripting.FileSystemObject to open the file and read the information in. Each time when I launch the web page, I got a warning message saying "AnActiveX control on this page might be unsafe to interact with other parts of the page. Do you want to allow this interaction?" Users need to click Yes to proceed.
All applications run in Intranet environment within a corporate network. My question are "Can I avoid this error message?" and "Can I give permission to my particular web app to run Scripting.FileSystemObject?"
I am running IIS5.1. I am invoking an ASP page in ther server continously from the HTML Page, to update some contents of the html page. The ASP page seem to run from the cache sometimes(Not Always). I tried to give the following header to my ASP file.
I am using MS-Access database to display top 10 records containg title and date, and with each record a text named "NEW" is also displaying.
But I want to display "NEW" only with the records which are not older than a week. Is there some way to calculate the present date with the date of each record?
Currently i did 2 pages form and action pages, where form will have 2 inputs, and action page will insert the data into database.
but the i have tested once i keep refresh the action page, the data will be inserted again and again, anyone know how can i control this matter and avoid sql injection?
I am working on a web application that uses both asp classic and asp.net pages. We need to validate user input to avoid attacks like sql injection. Can a component be created that both page types can use? Is that the best approach? Would I simply use pattern matching to validate strings and/or remove any unwanted characters?
I need to provide a way to download a software and its corresponding manual from a web page.
So far I have done the sign in page where people give their data. I will then give access to a page with a link allowing to download the required file(s).
My worry is how to avoid that somebody grabs the URL of the file and send it to another for downloading directly from the server. What can I do to avoid this ?
I am working with website in which a user can login and then submit some forms. I want the user to avoid re-submitting the same form twice when he uses the browser refresh or when he goes to another page and then comes back to that same page using the browser back button.
I know of two solutions:
1. Redirect to a different page after form submission - The problem with this approach is that the website has many forms. So redirecting each form to a different one is not a very feasible solution.
2. A token can be stored in session (or somewhere) after each form submission. These tokens can be verified if the form is being resubmitted - The problem with this approach is that the user can submit
one form only once. I want the user to be able to submit the same form multiple times, provided with differetn data.
Is there a suitable solution where a form with same data is submitted only once, but there is no such restriction with different data?
Can the ASP request object be cleared after form submission, so even when refresh button is pressed, Request.Form elements dont have any data? (Storing ALL the information filled in each form during that session and then comparing for resubmit is not a clean solution I think??).
I know there really isn't a way to disable the "back button" on the browser BUT ... I'm trying to not allow multiple entries via a form submit when the back button is depressed on the browser.
Basically is there a code snippet that somebody can provide so that when a form is submitted and somebody attempts to go back by hitting the "back" button, that form information just entered won't resubmit into the database?
return all of the exact matches Jon Doe (user uses quotes to clarify an exact search) along with that: return all of the James and all of the Doh as well qry to look like this as soon as I am able to divide up the string entered in by the user select * from table where (NAME LIKE '%Jon Doe%') or (NAME LIKE '%James%') or (NAME LIKE '%Doh%')
Thinking of using the instr to find the " but then what do I do to find the string inside of the two quotes, One quote would be easy. there is a couple of checks to preform:anyone run into this before or have any ideas/samples, etc
I have created a query wizard page with ddl as your choice to find info. now each ddl has a default of a dash.
The thing is I want to do is have the sql statement to look through the database even when some of the ddl have a dash on them. or just ignore the ones with a dash and look for the ones that are selected. Is there any suggestions for this.
Below is my code for a question system i have created. However, i need to insert an if statement that redirects the user to test.asp if the value of q_id is not in my database, but i dont know how to do it?
<% q_id = request("q_id")
sql = "SELECT * FROM questions WHERE PARENT_ID = 1" Set objRS2 = Server.CreateObject("ADODB.Recordset") objRS2.Open sql, objConn
sql_sql = "SELECT * FROM questions WHERE PARENT_ID = " & q_id Set objRS3 = Server.CreateObject("ADODB.Recordset") objRS3.Open sql_sql, objConn
i make a form with an AccountId box on it , when u enter the accountid in the box , and submit it will send u to a page that show u all the data for this accountid(retreive data)
until here everything is ok , and when i enter for ex. accountid : 5 , all the aacountid fiel data will be show to me , but the problem when i enter am unvalid accountid , it will give the error page that
what iwant to do that i want when i enter an unvaildaccountid an error text show to me like
response.write("The Id that u entered is unvaild , Try Again")
and this is the code , if u can change on it Code:
I am trying to use the following IF statement, and whenever I use a single or double quote, I receive a syntax error. When using no quotes, the syntax is accepted, but the statement does not perform properly.
***The problem line*** <% if violation_type=''Tardy'' THEN %> ***rest of the statement*** TARDY VIOLATIONS <% if rs2.Fields(0) = 0 THEN %> This is the first unexcused Tardy violation for this employee. A coaching is required. Click <A HREF=blah>HERE</Ato issue the coaching. <% ELSE %> This employee has <%response.write(rs2.Fields(0))%previous violations. <% END IF %> <% ELSE %> The <%response.write(violation_type)%violation has been recorded. <% END IF %>
On a page with a form (post method) and a hidden field "Process value = true", why would this statement not work:
<% if request.Form("Process") = "true" THEN The code in here sends an email to the user via CDOSYS End IF %>
This is what I have going on and it does not send the emal when the form is posted. Removing the If statement obviously sends the email the moment the form page is accessed, but thats not right.
i have a couple of if statements and it goes something like this, the user will try entering their username and password in the login page then they will be taken to a verify page, then it will decided if the user can be send to the login page again or to the invalid page. The problem is that after 3 times the user is still send to the login page and not the invalid page My verify page code is :- <% session("try") = try if try = "" then try = 0 else try = try + 1 end if if try <> 3 then response.redirect("login.asp") else response.redirect("invalid.asp") end if
Recordset1.Source = "SELECT `bestsellerslists`.`itemnumber`, `bestsellerslists`.`list`, `products`.`Product_ID`, `products`.`Product_Name`, `products`.`Price`, `products`.`Sale_Price`, `products`.`Smallpic` FROM `bestsellerslists` INNER JOIN `products` ON (`bestsellerslists`.`itemnumber` = `products`.`Product_ID`) WHERE (`bestsellerslists`.`list` = "girlinfant")"
In Macromedia, the recordset tests fine. When I start the page, I get an error. Do you see anything wrong with this? If I delete the WHERE clause it works.
I'm having a problem with my variables. They print to screen fine, but when I try comparing them, they don't work. Can anyone tell me what I'm doing wrong?
If Category <> CurrentCategory then response.write "<tr><td>Category:" & Category & "</td></tr>" response.write "<tr><td>CurCategory:" & CurrentCategory & "</td></tr>" else response.write "<tr><td>hello</td></tr>" End If
I am passing in values either customer id (key) or their names (name) from a form . You don't have to use both the id and the name to search for the customer however I don't know how to do this! If the keyform = "" then , use the name to find the customer else can't find it! this is what I have at the moment :
keyForm = Trim(request("key")) name Form = Trim(request("name ")) Dim name , cyfeiriad, tref, sir, codpost, ebost, ffon, cyfrif, dyddiad Set dnsSQL = g_con.Execute("SELECT key_user_accounts,name ,cyfeiriad,tref,sir,codpost,ebost,ffon,cyfrif,dydd iadcreucyfrif from cwsmeriaid Where key_user_accounts = " & keyForm & " if not name = "" then and name = '" & nameForm & "'") else ") end if
ii am using a statement to send a query to the SQL server and i am getting errors like expected end of statement. what might be the problem and do i use a statement like this for dynamically assign values or it's better to use stored procedures.
dim mySQL="Select * from logindetails where loginname='" & logname & "'"