User Genrated Contents
I have an ASP website that is reliant on user generated content. How do I stop SQL injection attacks without the need to replace words like , Join, Select, Delete etc.
View RepliesI have an ASP website that is reliant on user generated content. How do I stop SQL injection attacks without the need to replace words like , Join, Select, Delete etc.
View RepliesI have a dynamic table, with a column named "player" in this column is NBA player names - generated from a statistic database.
I am hoping to be able to create a link on the players name that will direct the webuser to a profile page like the following: Code:
This thread is not so much a big problem, but more to receive comments on my approach. You may have some other tips or advices of where to go or where absolutely not to go with my attempts. Code:
View Replies View RelatedI have written an ASP.NET 2.0 application that uses Active Directory or ADAM
to manage account users - the site has a page that allows people to create an
account (much like any site). The page populates the AD with all the
information and the user account but I am unable to enable the account.
Microsoft has information on how to do that here -->
http://msdn.microsoft.com/library/d...ting_a_user.asp
(the sample is for Visual Basic) - and I am unable to complete the bottom
portion of the script. Can some one point me in the right direction - or can
you tell me how I can add a snippet of VBscript code to an ASP.NET page.
I am using the Active DS Type library - not sure why there are multiple ones
(System.DirectoryServices) but it is rather confusing - I seem to accomplish
one thing with one and another with the other (they did have trouble
co-existing however). Anyway my script works very well but I am not able to
access the properties required to enable the account.
Here is a simple version (no error checking) of the code.....
I have a vars called param1 to param10. I need to iterate through them in a loop to see if theyre empty and set them to spaces if they are. i.e
for a = 1 to 10
newparam = "param" & a
if newparam = "" then
newparam = " "
end if
next
but I want the contents of newparam i.e param1, param2 etc... to be evaluated and not newparam and then param1, param2 etc.. to be set to " " .
I have a select element in a form on a page with some options. When i submit thet form and the target asp page is executed, i want to find retrieve all the values in that select element on the page...?
thru request.form("sel") i am able to retrieve only the vaue selected by the user.
I have the following code:
for each SesVar in Session.Contents
if( Session.Contents(SesVar) <> "" ) then
The problem is that most of the time this works okay, but sometimes the code
crashes on the compare.
I am wanting to do this but am not able to do it.
I have two fields: first name and last name and then submit button.
When i hit submit button ,according to the name entered in the first field ,some results are displayed from database.
Now when i hit submit ,the contents of my fields are cleared and i dont want that...i want the name to be still displayed in the textboxes...
How do i do this?
I dont want to basically clear the form contents on submit.
I am currently working on ASP. Users will input their contents into a textarea. The problem is that when they input and I retrieve them from the database, they will use the textarea space that was allocated to them and display exactly it is.
For example the text area given is 500px and i only give the display part of 250px. Despite that, it will fill up and scrollbars will appear on my bottom of the webpage and have to scroll to the right.
how i can display all text with the break lines in between yet still confined to the space of 250px.
I want to read a classic HTML Form using the ASP Request object on the server. This is a common approach. But how can I read all the contents of a listbox (the <select> tag)
View Replies View RelatedDoes anyone know of any issues interacting with asp pages from within Flash when you use Control>TestMovie ? i.e. When using a send and load, Flash seems to want to open my asp file (and return the contents in Flash) rather than run it and return a name/value pair as I'm expecting.
View Replies View RelatedI have successfully been able to load text from an SQL-DB into a <textarea>.Now I need to save the edited text back to the DB But I can't seem to extract the value from the <textarea> into a vbscript-variable.
When the user clicks the submit button under the textarea I need the text to be saved into a variable, how?
Code:
<FORM METHOD=POST ID="Form1">
<TEXTAREA NAME="text1" ID="text2"><%Response.Write(Recordset("text"))%>
</TEXTAREA><br><br>
<P><INPUT TYPE="submit" VALUE="submit2" ID="submit3" NAME="submit4">
</FORM>
what is the best way to protect a folder of files on an asp site so that only people who have logged into the site are allowed to view the files?
would it be best to put them inside a cgi-bin and then have a page with links to the files, or is there a better option?
I'm trying to figure out if there is an easy way to combine the contents of two arrays into one array. Order does not matter, I just want them all together. I'm sort of new to working with arrays, so I don't know if there is a really basic way to do this.
View Replies View RelatedI am creating a website which has a form for registration. I am not using any database or server side coding. The form details should be sent through an email to me. I tried the action = "emailto:me@myaddress.com" but it only fires my outlook when the submit button is clicked.if it could be done the way I want?
View Replies View RelatedIs there a way to export the DataTable contents to an XML file.
View Replies View RelatedI have worked in PHP / MySQL. But never worked in ASP/MSSQL. At the moment, i ma stuck with a problem. Hope someone here can figure it out.I have a list of countries in a Page. When the user MOUSE Over any Country, through Javascript, a small layer <DIV> appear that shows some data about that country. Up till now that XML File is filed MANUALLY.
Now that Data is changing frequently. What we want is that to do the same thing described above through database. Like when the user mouse over any country, that will load XML and connect the Database, extract info and then show in the same DIV layer. Or alternatively, there might be some sript, that will RUN AUTOMATICALLY daily or weekly and update all the countries data XML files. please guide me how to achieve this in ASP + MSSQL + XML + Javascriptor any combination of these.
I'm trying to access and iterate through POST variables. I'm thinking of something similar to PHP, where on a submit it creates a POST object, which is an associative array of all the variables. Is ASP the same way? Is there any way to see what is in the array and have access to it's contents without knowing the contents beforehand?
The reason I ask is because I have about 100 check boxes, and the user only checks a number of them - each check box is named differently. I want to, on the post page, to find out which ones were checked, short of putting an if else or select to check all 100 of them. Is there an easier way? I tried printing out the post: Response.Write(Request.Form()), and all that gave me was the querystring .
I am developing a website and in particular, a shopping cart for the company I work for and I have everything working fine. This website is written in ASP. When you add a product to the database, it adds it along with a UserID based on a Session variable.
Everything is working fine regarding the user functionality of updating particular product quantity and options. However I am having trouble finding any information on how to send the contents of that recordset via email, when the user decides he is ready to send it. I have no trouble sending forms and such via CDOSYS and ASP but how can I send the contents of an entire recordset?
I'm trying to compare fields in two recordsets. I'm having fun with apparently empty fields. In order to avoid displaying meaningless messages, I need to know what is in these fields - e.g. is it a space, a null, an empty string, or what?
I'm not much of a programmer - how do you display the contents of the field using asp, for example, to return the ascii character code? Or is there a simple way to check for non-printing character codes?
this is an asp/ javascript question.Say I have a variable in asp.
dim myVariable = "hello big boy"
How can I get JavaScript to read the contents of that variable?can I use it straight away?
<script language="javascript">
document.write(myVariable);
</script>
Or is it more complicated than that?
I want to display two times which are entered in a form right beside each other. I dont want to use a <td> as this takes up too much space, so i atte,pted to do something like this, but it isn't working:
<%response.write rsCheckUser.fields("MondayFive").value, response.write rsCheckUser.fields("MondayEight").value%>
is there anything like this i can use?
I need to do the following in the asp project.
The form contains the file upload component and textarea objects.
After the user uploads the word file (using file upload), the entire contents of the word file should be copied to the textarea and displayed.
I am trying to have a web page list the contents of my database table. I have been trying for ever and cannot find what I am doing wrong.
Here is my code: (I hope it is not a mess I am new too this)I have included comments to walk myself through this. Code:
Is it possible to print the contents of a file located on the server. This file is a txt file and must be printed without the header and the footer.
View Replies View Relatedfor each item in Session.Contents
if NOT( Instr( item, "customer_" ) = 1 OR Instr( item, "user_" ) = 1 ) Then
Session.Contents( item ) = ""
Session.Contents.Remove( item )
end if
next 'item
response.redirect( "menu.asp" )
the code essentially - is supposed to - go through the session variables and remove every one that doesn't being with "user_" or "customer_". So when i try this out, it goes through and removes some, but not all of the session variables in question.
run the script 3 more times and then they are all gone. So i inserted a bunch of response.write statements and found that not ALL of the session variables were even being tested. Can anyone offer explanations as to why?
I am having 14 textboxes on the form and One data grid control and one
Button That button allows to open new web page (in new window) where in I can
select some products from the list.
The products selected in the list are added in the Grid of my original
form. I use response.redirect by passing parameters for that purpose.
but that wipes out the contents of the textboxes. how can i retain
them.
If I want to display lets say some stock quotes or news from different websites onto my website, is it possible in ASP?I do not want to use RSS or webparts in this case.
View Replies View RelatedThis ASP page is a page which has FAQ. Some of the FAQ have answers with line breaks.
Questions and answers are stored in the database
When I output the answer, it displays like one long line. Hence I have written a small function to render this answer with line breaks where ever there are line breaks in this db field.
My code for the function is: ...
I have NT4 and I installed recently PWS. Otherwise it works okay, but when I try to use Session.contents.RemoveAll on an ASP-page the following message appears on my screen: Object does not support,I get the message in Finnish,what the problem.
View Replies View RelatedI have an asp script which updates upto 300000 records each time it is run.I would like to have a textbox which says records progressed : then in increments of 100 or 1000 whilst the script is running. Is this possible to do with a textbox? I've tried using the response.flush with a variable which kinda works but it displays as follows;
1000
2000
3000
4000
and keeps scrolling. If its not possible to do in a textbox then is there a way to deleting a line and overwrite it?
I am writing vbscript code in an .asp page.I need to display field values from a sql table consisting of several fields, one of them is of type "Long Text".This field contains XML data. I like to be able to assign vale of this field to a variable display it and write out a text file using file streaming object.
When I set a variable to this field, the data is truncated.I am using "Recordset" object, is that not an appropriate type to retrieve <long Text> fields.
I have a text file where each record has two fields, name and number, separated by a delimiter. I would like to sort the file contents by the second filed, number, and display to browser. I can do this in php readily, but not seeing how to do it in asp. Can it be done?
View Replies View Related