I am working with Classic ASP and I have a need to make the code simpler. In an effort to do what is similar to what we see here: Auto-populating Select Field via jQuery's Ajax where we use ajax to populate a select filed, we load the contents of a area with by using a separate asp file to load. I assume that the loaded file is free of <% markings. While testing the commands contained in that file I am in the process of removing those marks. Why would removing a %><% mark (where it is just a close followed by an open) throw an error? And why would it be necessary to have something like %>"<% where it is just one character?
The reason why I posted an image of the code block was because the %> and %> symbols were highlighted by color in such a way as to better visualize what was going on.
Here is the code block:
<%
Function FunctionName(name, selection)
%>
<select name = "<%= name%>"><%
Set RTConn = Server.CreateObject("ADODB.Connection")
RTConn.Open("Provider=SQLOLEDB;Password=three4me;Persist Security Info=True;User ID=sa;Initial Catalog=DATABASE;Data Source=SERVER")
Set RT = Server.CreateObject("ADODB.Recordset")
sqlQuery = "SELECT DISTINCT id, Replace(Name, ' ', ' ') AS Name, Num, Address, City, State FROM RedactedTablename WHERE active = 1 OR ID = '" & selection & "' ORDER BY Replace(Name, ' ', ' '), State, City, Num"
RT.Open sqlQuery, RTConn, 3, 3
Do While Not RT.EOF
response.write "<option value=" & RT.Fields("id")
%>" <%
if cstr(RT.Fields("id")) = selection then
response.write " selected "
elseif (selection = "" OR selection = "0") AND trim(RT.Fields("Name")) = "NA" then
response.write " selected "
end if
%>><%=RT.Fields("Name")%><%
if not RT.Fields("Name") = "NA" AND not RT.Fields("Name") = "NA" then
response.write " (" & RT.Fields("City") & ", " & RT.Fields("State") & ") - " & RT.Fields("Num")
end if
%>
response.write"</option>"
<%
RT.MoveNext
Loop
RT.Close
RTConn.Close %>
</select>
<%
End function
%>
The end tag that was removed was paired with a start tag of <%= not <% which has caused the syntax error.
The reason is <%= is a shorthand form of Response.Write and has to be paired with a closing %> tag.
Acceptable:
<%= link_label %>
Invalid syntax:
<%= link_label
Also, there are other issues with the code, for example, #Flakes pointed out in the comments that response.write"</option>" is not located within Classic ASP preprocessor tags (<% and %>).
While this won't cause a syntax error it will cause the line to be interpreted as HTML and will be output to the client as is.
Related
I am trying to check or unchecked the check-boxes depends upon the data results that comes from server. But I cannot use below code correctly where I am doing wrong?
<%
Dim AFTER_SAVE, IN_VIEW, Y
Dim SQL, Data
SQL = " SELECT code, name, value FROM mytable WHERE code = '" & User & "'"
Data = Data(SQL)
%>
<%If IsArray(Data) Then%>
<%If ((Data(1,0) = "AFTER_SAVE") AND (Data(2,0) = "Y")) Then %>
document.getElementById("chkSave").checked == true;
<%End If%>
<% If ((Data(1,0) = "IN_VIEW") AND (Data(2,0) = "Y")) Then %>
document.getElementById("chkVIEW").checked == true;
<%End If%>
<%End If%>
You're trying to combine server-side code with client-side code in a very strange way. Sometimes, it's necessary to do that (i.e. use server-side VBScript to write client-side Javascript), but if I'm understanding your intent correctly, it's not needed here.
Basically, if this is actually a classic ASP page, then somewhere on that page you're generating the checkboxes in question. So all you need to do is put your database call somewhere before that, and then when you generate the checkboxes, you can output a checked='checked', or not, depending.
Note that I have no clue what Data = Data(SQL) is supposed to mean. There's no way for it to be valid VBScript code - parentheses are for arrays, but a string is not a valid array index, and then to assign it to itself like that? Anyway, I'm ignoring that part.
<html>
<head>
<%
Dim AFTER_SAVE, IN_VIEW
Dim SQL, RS, Conn
Dim User
'...blah blah blah, give a value to User, set up your DB connection, etc. etc....
SQL = "SELECT code, name, [value] FROM mytable WHERE code = '" & User & "'"
'- ("value" is a reserved keyword in SQL, hence the brackets)
Set RS = Server.Createobject("ADODB.Recordset")
RS.Open SQL, Conn, 1, 2 '- this is rather handwavy and unlikely to actually
'- work as-is; use the options and connection methods that make sense for you
Do Until RS.EOF
'- I have no idea how your data is set up; this may make no sense.
'- The idea is, read the checkbox states from your database, and
'- stick them in variables for later reference.
Select Case RS("name")
Case "AFTER_SAVE" AFTER_SAVE = RS("value")
Case "IN_VIEW" IN_VIEW = RS("value")
End Select
RS.Movenext
Loop
RS.Close
Set RS = Nothing
%>
</head>
<body>
<form method="post" action="myformhandler.asp">
<!-- form fields and stuff -->
<input type="checkbox" name="chkSave" id="chkSave" <%
If AFTER_SAVE = "Y" Then Response.Write "checked='checked'"
%> value="Y"><label for="chkSave">After save</label>
<input type="checkbox" name="chkView" id="chkView" <%
If IN_VIEW = "Y" Then Response.Write "checked='checked'"
%> value="Y"><label for="chkView">In view</label>
<!-- more form stuff -->
</form>
</body>
</html>
I set a variable :
Dim adoRecordset
and set it as:
Set adoRecordSet = Server.CreateObject("ADODB.RecordSet")
adoRecordset.Open mSQL , adoConnection , adOpenForwardOnly
and I use it into show my data from database
eg. 1. <td align="left"><%=adoRecordset("loc")%></td>
and I would like add a asp code "if" & "else"
but this : 2. Response.Write "<td adoRecordset(loc)></td>"
doesn't work.
How can I make asp code 2. work as 1. ?
My asp classic is rusty, but I think you are looking for something like:
<%
If adoRecordset("loc") <> "" Then
Response.Write(adoRecordset("loc"))
End If
%>
Or with a local var to cache the result:
<%
Dim someLoc
Set someLoc = adoRecordset("loc")
If someLoc <> "" Then
Response.Write("<td>" & someLoc & "</td>")
End If
%>
If you've got large amounts of conditional Html output, then you can switch out of server code again, like so:
<% If something or other Then %>
Some Conditional Html Here
<% Else %>
Else Html here
<% End If %>
<%= is shorthand to emit a value
whereas <% escapes to server side code.
Dim adoRecordset
Set adoRecordSet = Server.CreateObject("ADODB.RecordSet")
adoRecordset.Open mSQL , adoConnection , adOpenForwardOnly
if not adoRecordset.EOF then
do while not adoRecordSet.EOF
if adoRecordset("columnName") = "test value 1" then
response.write("<td>" & adoRecordset("columnName") & "</td>")
else
response.write("<td>I want to do something else here</td>")
end if
adoRecordset.movenext
loop
end if
adoRecordset.close
set adoRecordset = nothing
I am using this code to send email using classic ASP:
Set oJMail = Server.CreateObject("JMail.SMTPMail")
with oJMail
.Sender = "myemail"
.SenderName = "Me"
.AddRecipient "some email"
.Subject = "some subject"
.Body = "Name: " & fname & " Email:" & email & "Phone: " & phone
end with
oJMail.ServerAddress = "mysmtp:25"
oJMail.Execute
Set oJMail = Nothing
But the server keep throwing this error:
Microsoft JScript compilation error '800a03ec'
Expected ';'
/index.asp, line 108
Set oJMail = Server.CreateObject("JMail.SMTPMail")
----^
Can it be something to do with my page header?
<%# Language="javascript" %>
Yes, that looks like VBScript code, in which case you'd want your page header to have:
<%# Language="VBScript" %>
Of course, this causes problems if the rest of your page is already written in JavaScript.
This is related to Classic ASP code.
A page fetches data for a particular ProjectCode.
There is a general text field which shows the Site-Location for selected Project-Code. I want to change it to drop down, so that a user can change the Site-Location from options available (fetched from DB) and then save it. Also, on page load the Site-Location of Project-Code for that particular entry should be selected.
I have added following code to my Page, but it doesn't work(definately I am new to classic ASP).
strSQL = "SP_GET_SiteLocation"
Set rsSiteList = RunSQLQuery(strSQL)
'show the list
If Not rsSiteList.EOF Then
Do While NOT rs.EOF
SiteLocationList= SiteLocationList & "<option value="">" & rs("LOCATION") & "</option>"
rs.MoveNext
Also, on click of save button, i have to send the selected drop down value to update query.
You use a wrong name for the recordset variable..
You named it rsSiteList but you use it as rs
Do While NOT rsSiteList.EOF
SiteLocationList= SiteLocationList & "<option value="">" & rsSiteList("LOCATION") & "</option>"
rsSiteList.MoveNext
Update
You are building a string with all the options ..
you should write it in the page at some point.. response.write(SiteLocationList)
or write the <options> directly to the page..
<select name="somename"><%
Do While NOT rsSiteList.EOF
%>
<option value=""><%=rsSiteList("LOCATION")%></option>
<%
rsSiteList.MoveNext
Loop
%>
</select>
update 2
Not sure why you do not want to print the options as you read them from the recordset but prefer to make a huge string instead and print that at the end ... it is the same thing but much more cleaner ..
The following should select the location that matches the rsReqDetails("AppReqSiteID")
<td>
<%
strSQL="SP_EPAPM_GET_SiteLocation"
Set rsSiteList=RunSQLQuery(strSQL)
selectedValue = rsReqDetails("AppReqSiteID")
If Not rsSiteList.EOF Then
Do While NOT rsSiteList.EOF
loc = rsSiteList("LOCATION")
if loc <> selectedValue then
optionOpen = "<option>"
else
optionOpen = "<option selected=""selected"">"
end if
optionClose = "</option>"
SiteLocationList=SiteLocationList & optionOpen & rsSiteList("LOCATION") & optionClose
rsSiteList.MoveNext
Loop
End If
%>
<select id="SiteLocationList" NAME="SiteLocationList">
<%response.write(SiteLocationList)%>
</select>
</td>
In general you need to watch the nesting of html as it can mess everything up. Also you need to read a little on the interactions between ASP and HTML ...
You almost got it, you're missing the "select" tag:
strSQL = "SP_GET_SiteLocation"
Set rsSiteList = RunSQLQuery(strSQL)
'show the list
If Not rsSiteList.EOF Then %>
<select><%Do While NOT rs.EOF SiteLocationList= SiteLocationList & "<option value="">" & rs("LOCATION") & "</option>"
rs.MoveNext %>
</select>
I'm struggling with my code below, I'm reading the logged on users username and trying to insert their name into a SQL table called licenses, the table contains 2 columns 1 contains license numbers the other is all nulls at the moment but a username should be inserted along side one when this page loads. Currently the page just loops constantly and nothing is inserted into the table. The user inside connection1.asp does have read/write access to the database.
Any ideas? Thanks
<%#LANGUAGE="VBSCRIPT" LCID=1033%>
<%
aName = Split(Request.ServerVariables("LOGON_USER"), "\")
user = aName(UBound(aName))
user = UCase(user)
Erase aName
%>
<!--#include file="Connections/connection1.asp" -->
<%
Dim Recordset1
Dim Recordset1_numRows
Set Recordset1 = Server.CreateObject("ADODB.Recordset")
Recordset1.ActiveConnection = MM_connection1_STRING
Recordset1.Source = "SELECT * FROM Licenses2 WHERE userid = '" & user & "';"
Recordset1.Open()
%>
<HTML><HEAD></HEAD>
<BODY leftmargin="5" onLoad="setTimeout('reloadFunction()',500000)">
<% Do While NOT Recordset1.EOF %>
<% strUserName =(Recordset1.Fields.Item("userid").Value)%>
<% response.write strUserName %>'s Serial Number:
<% strSerial =(Recordset1.Fields.Item("serial").Value)%>
<% response.write strSerial %>
<% Recordset1.movenext %>
<% loop %>
<%
If strUserName = user then
'record found do nothing
'response.write "user found"
else
adoCon.Execute = "SET ROWCOUNT 1; UPDATE Licenses2 SET userid = '" & user & "' WHERE userid = 'NULL';"
Response.AddHeader "Refresh", "3"
End if
%>
</BODY>
</HTML>
<%
Recordset1.Close()
Set Recordset1 = Nothing
Set Recordset2 = Nothing
%>
If the user is NOT found, should you be doing an INSERT instead of UPDATE?
If the UPDATE is correct, change the last NULL ... remove the quotes. Right now you are comparing a STRING value of 'NULL' instead of the value NULL and it should be IS NULL
SET ROWCOUNT 1; UPDATE Licenses2 SET userid = '" & user & "' WHERE userid IS NULL;
Also, see if you can comment out the <BODY ... > tag and create a new one without the RELOADFUNCTION and see if that makes a difference.
Lastly, read up on SQL Injection because your code is prone to Injection attacks. Search on StackOverflow.com for SQL Injection and you will find plenty of explanations, examples and cures.
Check if LOGON_USER is actually returning any data. If you have IIS security set to 'Anonymous' access then this will not be populated with anything.
Your code would also be potentially prone to SQL injection attacks.