I'm trying to display an image on website only if a value in the database is true. I'm using the below code as a template (which is currently working) as my guide, though mine is simpler. Any help would be greatly appreciated.
<% strSQL4 = valid SQL statement
set r4 = d2.execute(strSQL4)
if (r4.EOF = False) and (r4.BOF = False) then
else
r4.moveFirst
while (r4.EOF = False) and (r4.BOF = False) %>
<li><%= r4("Database Field") %></li>
<% r4.movenext
wend
end if %>
That is the code I'm basically emulating, but I'm just trying to display an image if a bool variable is true in a database, per my code below:
<%# ACTLBool = "SELECT ACTL FROM ATTORNEYS WHERE ATTY_ID = " & AttorneyID
if (ACTLBool = True) then %>
<div id="ACTLDiv"><img id="ACTLLogo" src="img/ACTL.jpg" alt="ACTL Logo" /> </div>
<%# else end if %>
I don't need it to do anything if the ACTLBool is false. Any ideas?
assuming conn is your adodb.connection object
Dim rs : set rs = conn.execute("SELECT count(ACTL) as c FROM ATTORNEYS WHERE ATTY_ID = " & CLng(AttorneyId))
If rs("c") > 0 Then
response.write "<div id='ACTLDiv'><img id='ACTLLogo' src='img/ACTL.jpg' alt='ACTL Logo' /> </div>"
End If
Set rs = Nothing
Related
I am working with Classic ASP and I have a need to make the code simpler. In an effort to do what is similar to what we see here: Auto-populating Select Field via jQuery's Ajax where we use ajax to populate a select filed, we load the contents of a area with by using a separate asp file to load. I assume that the loaded file is free of <% markings. While testing the commands contained in that file I am in the process of removing those marks. Why would removing a %><% mark (where it is just a close followed by an open) throw an error? And why would it be necessary to have something like %>"<% where it is just one character?
The reason why I posted an image of the code block was because the %> and %> symbols were highlighted by color in such a way as to better visualize what was going on.
Here is the code block:
<%
Function FunctionName(name, selection)
%>
<select name = "<%= name%>"><%
Set RTConn = Server.CreateObject("ADODB.Connection")
RTConn.Open("Provider=SQLOLEDB;Password=three4me;Persist Security Info=True;User ID=sa;Initial Catalog=DATABASE;Data Source=SERVER")
Set RT = Server.CreateObject("ADODB.Recordset")
sqlQuery = "SELECT DISTINCT id, Replace(Name, ' ', ' ') AS Name, Num, Address, City, State FROM RedactedTablename WHERE active = 1 OR ID = '" & selection & "' ORDER BY Replace(Name, ' ', ' '), State, City, Num"
RT.Open sqlQuery, RTConn, 3, 3
Do While Not RT.EOF
response.write "<option value=" & RT.Fields("id")
%>" <%
if cstr(RT.Fields("id")) = selection then
response.write " selected "
elseif (selection = "" OR selection = "0") AND trim(RT.Fields("Name")) = "NA" then
response.write " selected "
end if
%>><%=RT.Fields("Name")%><%
if not RT.Fields("Name") = "NA" AND not RT.Fields("Name") = "NA" then
response.write " (" & RT.Fields("City") & ", " & RT.Fields("State") & ") - " & RT.Fields("Num")
end if
%>
response.write"</option>"
<%
RT.MoveNext
Loop
RT.Close
RTConn.Close %>
</select>
<%
End function
%>
The end tag that was removed was paired with a start tag of <%= not <% which has caused the syntax error.
The reason is <%= is a shorthand form of Response.Write and has to be paired with a closing %> tag.
Acceptable:
<%= link_label %>
Invalid syntax:
<%= link_label
Also, there are other issues with the code, for example, #Flakes pointed out in the comments that response.write"</option>" is not located within Classic ASP preprocessor tags (<% and %>).
While this won't cause a syntax error it will cause the line to be interpreted as HTML and will be output to the client as is.
I am trying to check or unchecked the check-boxes depends upon the data results that comes from server. But I cannot use below code correctly where I am doing wrong?
<%
Dim AFTER_SAVE, IN_VIEW, Y
Dim SQL, Data
SQL = " SELECT code, name, value FROM mytable WHERE code = '" & User & "'"
Data = Data(SQL)
%>
<%If IsArray(Data) Then%>
<%If ((Data(1,0) = "AFTER_SAVE") AND (Data(2,0) = "Y")) Then %>
document.getElementById("chkSave").checked == true;
<%End If%>
<% If ((Data(1,0) = "IN_VIEW") AND (Data(2,0) = "Y")) Then %>
document.getElementById("chkVIEW").checked == true;
<%End If%>
<%End If%>
You're trying to combine server-side code with client-side code in a very strange way. Sometimes, it's necessary to do that (i.e. use server-side VBScript to write client-side Javascript), but if I'm understanding your intent correctly, it's not needed here.
Basically, if this is actually a classic ASP page, then somewhere on that page you're generating the checkboxes in question. So all you need to do is put your database call somewhere before that, and then when you generate the checkboxes, you can output a checked='checked', or not, depending.
Note that I have no clue what Data = Data(SQL) is supposed to mean. There's no way for it to be valid VBScript code - parentheses are for arrays, but a string is not a valid array index, and then to assign it to itself like that? Anyway, I'm ignoring that part.
<html>
<head>
<%
Dim AFTER_SAVE, IN_VIEW
Dim SQL, RS, Conn
Dim User
'...blah blah blah, give a value to User, set up your DB connection, etc. etc....
SQL = "SELECT code, name, [value] FROM mytable WHERE code = '" & User & "'"
'- ("value" is a reserved keyword in SQL, hence the brackets)
Set RS = Server.Createobject("ADODB.Recordset")
RS.Open SQL, Conn, 1, 2 '- this is rather handwavy and unlikely to actually
'- work as-is; use the options and connection methods that make sense for you
Do Until RS.EOF
'- I have no idea how your data is set up; this may make no sense.
'- The idea is, read the checkbox states from your database, and
'- stick them in variables for later reference.
Select Case RS("name")
Case "AFTER_SAVE" AFTER_SAVE = RS("value")
Case "IN_VIEW" IN_VIEW = RS("value")
End Select
RS.Movenext
Loop
RS.Close
Set RS = Nothing
%>
</head>
<body>
<form method="post" action="myformhandler.asp">
<!-- form fields and stuff -->
<input type="checkbox" name="chkSave" id="chkSave" <%
If AFTER_SAVE = "Y" Then Response.Write "checked='checked'"
%> value="Y"><label for="chkSave">After save</label>
<input type="checkbox" name="chkView" id="chkView" <%
If IN_VIEW = "Y" Then Response.Write "checked='checked'"
%> value="Y"><label for="chkView">In view</label>
<!-- more form stuff -->
</form>
</body>
</html>
I set a variable :
Dim adoRecordset
and set it as:
Set adoRecordSet = Server.CreateObject("ADODB.RecordSet")
adoRecordset.Open mSQL , adoConnection , adOpenForwardOnly
and I use it into show my data from database
eg. 1. <td align="left"><%=adoRecordset("loc")%></td>
and I would like add a asp code "if" & "else"
but this : 2. Response.Write "<td adoRecordset(loc)></td>"
doesn't work.
How can I make asp code 2. work as 1. ?
My asp classic is rusty, but I think you are looking for something like:
<%
If adoRecordset("loc") <> "" Then
Response.Write(adoRecordset("loc"))
End If
%>
Or with a local var to cache the result:
<%
Dim someLoc
Set someLoc = adoRecordset("loc")
If someLoc <> "" Then
Response.Write("<td>" & someLoc & "</td>")
End If
%>
If you've got large amounts of conditional Html output, then you can switch out of server code again, like so:
<% If something or other Then %>
Some Conditional Html Here
<% Else %>
Else Html here
<% End If %>
<%= is shorthand to emit a value
whereas <% escapes to server side code.
Dim adoRecordset
Set adoRecordSet = Server.CreateObject("ADODB.RecordSet")
adoRecordset.Open mSQL , adoConnection , adOpenForwardOnly
if not adoRecordset.EOF then
do while not adoRecordSet.EOF
if adoRecordset("columnName") = "test value 1" then
response.write("<td>" & adoRecordset("columnName") & "</td>")
else
response.write("<td>I want to do something else here</td>")
end if
adoRecordset.movenext
loop
end if
adoRecordset.close
set adoRecordset = nothing
I am trying to force users to only select certain values when adding a record. So naturally I am using a dropdown, but I'd like the options to be populated by a specific field in the database. I figured I'd do a Do/Loop but I am apparently doing something wrong.
Dim dstrSQL
Dim drs
dstrSQL = "SELECT EventID FROM Events"
set conn2 = CreateObject("ADODB.Connection")
conn2.open CONN_STRING
set drs = conn2.execute(dstrSQL)
conn2.close: set conn2 = nothing
Do
Response.Write "<option value=" & drs.Fields(0) & " >" & drs.Fields(0) & "</option>"
drs.MoveNext
Loop
It's been a long time. Something like this:
conn2.open CONN_STRING
set drs = conn2.execute(dstrSQL)
do while not drs.eof %>
<option value="<%= drs.Fields(0) %>" ><%= drs.Fields(0) %></option>
<% drs.MoveNext
Loop
conn2.close
set conn2 = nothing %>
I'm struggling with my code below, I'm reading the logged on users username and trying to insert their name into a SQL table called licenses, the table contains 2 columns 1 contains license numbers the other is all nulls at the moment but a username should be inserted along side one when this page loads. Currently the page just loops constantly and nothing is inserted into the table. The user inside connection1.asp does have read/write access to the database.
Any ideas? Thanks
<%#LANGUAGE="VBSCRIPT" LCID=1033%>
<%
aName = Split(Request.ServerVariables("LOGON_USER"), "\")
user = aName(UBound(aName))
user = UCase(user)
Erase aName
%>
<!--#include file="Connections/connection1.asp" -->
<%
Dim Recordset1
Dim Recordset1_numRows
Set Recordset1 = Server.CreateObject("ADODB.Recordset")
Recordset1.ActiveConnection = MM_connection1_STRING
Recordset1.Source = "SELECT * FROM Licenses2 WHERE userid = '" & user & "';"
Recordset1.Open()
%>
<HTML><HEAD></HEAD>
<BODY leftmargin="5" onLoad="setTimeout('reloadFunction()',500000)">
<% Do While NOT Recordset1.EOF %>
<% strUserName =(Recordset1.Fields.Item("userid").Value)%>
<% response.write strUserName %>'s Serial Number:
<% strSerial =(Recordset1.Fields.Item("serial").Value)%>
<% response.write strSerial %>
<% Recordset1.movenext %>
<% loop %>
<%
If strUserName = user then
'record found do nothing
'response.write "user found"
else
adoCon.Execute = "SET ROWCOUNT 1; UPDATE Licenses2 SET userid = '" & user & "' WHERE userid = 'NULL';"
Response.AddHeader "Refresh", "3"
End if
%>
</BODY>
</HTML>
<%
Recordset1.Close()
Set Recordset1 = Nothing
Set Recordset2 = Nothing
%>
If the user is NOT found, should you be doing an INSERT instead of UPDATE?
If the UPDATE is correct, change the last NULL ... remove the quotes. Right now you are comparing a STRING value of 'NULL' instead of the value NULL and it should be IS NULL
SET ROWCOUNT 1; UPDATE Licenses2 SET userid = '" & user & "' WHERE userid IS NULL;
Also, see if you can comment out the <BODY ... > tag and create a new one without the RELOADFUNCTION and see if that makes a difference.
Lastly, read up on SQL Injection because your code is prone to Injection attacks. Search on StackOverflow.com for SQL Injection and you will find plenty of explanations, examples and cures.
Check if LOGON_USER is actually returning any data. If you have IIS security set to 'Anonymous' access then this will not be populated with anything.
Your code would also be potentially prone to SQL injection attacks.