I'm attempting to implement Google's reCAPTCHA on a Classic ASP site and am attempting to follow the guidelines outline here:
https://developers.google.com/recaptcha/docs/asp
Following the instructions on that page, I've added this code to the top of the page that contains the form:
<%
recaptcha_challenge_field = Request("recaptcha_challenge_field")
recaptcha_response_field = Request("recaptcha_response_field")
recaptcha_public_key = "<font color=red>your_public_key</font>" ' your public key
recaptcha_private_key = "<font color=red>your_private_key</font>" ' your private key
' returns the HTML for the widget
function recaptcha_challenge_writer()
recaptcha_challenge_writer = _
"<script type=""text/javascript"">" & _
"var RecaptchaOptions = {" & _
" theme : 'red'," & _
" tabindex : 0" & _
"};" & _
"</script>" & _
"<script type=""text/javascript"" src=""http://www.google.com/recaptcha/api/challenge?k=" & recaptcha_public_key & """></script>" & _
"<noscript>" & _
"<iframe src=""http://www.google.com/recaptcha/api/noscript?k=" & recaptcha_public_key & """ frameborder=""1""></iframe><br>" & _
"<textarea name=""recaptcha_challenge_field"" rows=""3""cols=""40""></textarea>" & _
"<input type=""hidden"" name=""recaptcha_response_field""value=""manual_challenge"">" & _
"</noscript>"
end function
' returns "" if correct, otherwise it returns the error response
function recaptcha_confirm(rechallenge,reresponse)
Dim VarString
VarString = _
"privatekey=" & recaptcha_private_key & _
"&remoteip=" & Request.ServerVariables("REMOTE_ADDR") & _
"&challenge=" & rechallenge & _
"&response=" & reresponse
Dim objXmlHttp
Set objXmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXmlHttp.open "POST", "http://www.google.com/recaptcha/api/verify", False
objXmlHttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXmlHttp.send VarString
Dim ResponseString
ResponseString = split(objXmlHttp.responseText, vblf)
Set objXmlHttp = Nothing
if ResponseString(0) = "true" then
'They answered correctly
recaptcha_confirm = ""
else
'They answered incorrectly
recaptcha_confirm = ResponseString(1)
end if
end function
server_response = ""
newCaptcha = True
if (recaptcha_challenge_field <> "" or recaptcha_response_field <> "") then
server_response = recaptcha_confirm(recaptcha_challenge_field, recaptcha_response_field)
newCaptcha = False
end if
%>
Also per that page, I've added this code to the form itself to generate the reCAPTCHA widget:
<% if server_response <> "" or newCaptcha then %>
<% if newCaptcha = False then %>
<!-- An error occurred -->
Wrong!
<% end if %>
<%=recaptcha_challenge_writer()%>
<% else %>
<!-- The solution was correct -->
Correct!
<%end if%>
I can get the CAPTCHA to display properly, but it isn't verifying - it will accept any answer including being left blank. I believe some of the code needs to be added to my script that actually handles the data, but am not sure which code or where to put it.
I've tried moving portions of the above code that appear to be for validation purposes to the script that processes the responses and generates an e-mail, but have had no luck there either.
The for page can be viewed here:
http://www.onlyproforma.com/mktimg/landingPage_ResultsFirst4_CAPTCHA.asp
I am aware there are other options, but I would like to get this one working if possible.
Any help is greatly appreciated.
I had a similar issue especially with the NEW reCAPTCHA tick functionality. If you look at the reCAPTCHA admin site which gives you your public and private (secret) keys, you'll see that the server side integration URL to verify, is different from the code above. In the code above, the verify URL is _http://www.google.com/recaptcha/api/verify whereas the verify URL supplied by the reCAPTCHA admin page is _https://www.google.com/recaptcha/api/siteverify. Very different.
Also, the parameters required are different. In the above code, there is a call for Request("recaptcha_challenge_field") and Request("recaptcha_response_field"). Yet the new reCAPTCHA verify only requires the response field. But even that has changed! It is now request.form("g-recaptcha-response").
Granted, the code that you are using above comes straight from Google themselves (https://developers.google.com/recaptcha/old/docs/asp). But it appears that this code is outdated, especially if you consider that it is filed in a directory called OLD.
So this is what worked for me!
Dim recaptcha_secret
recaptcha_secret = "your secret code"
Dim sendstring
sendstring = _
"https://www.google.com/recaptcha/api/siteverify?" & _
"secret=" & recaptcha_secret & _
"&response=" & request.form("g-recaptcha-response")
Set objXML = Server.CreateObject("MSXML2.ServerXMLHTTP")
objXML.Open "GET", sendstring , false
objXML.Send()
The code below reads the response from Google. The reply comes back as a JSON object, but I cannot read or process the JSON response on the server-side and I could not find an easy method.
So the workaround was to search for the string 'true'. If it returned TRUE (positive) then the reCAPTCHA was confirmed. If it does not return TRUE, then the response is essentially
FALSE and the reCAPTCHA was not submitted correctly.
It is ugly but it works:
if instr(objXML.responseText,"true") then
response.redirect "to an appropriate page"
else
response.redirect "to an appropriate page"
end if
Maybe there is a neater way to read the Google reply, but I have tested it and it works for me.
The full code then would look like this:
<%
Dim recaptcha_secret
recaptcha_secret = "your secret code"
Dim sendstring
sendstring = _
"https://www.google.com/recaptcha/api/siteverify?" & _
"secret=" & recaptcha_secret & _
"&response=" & request.form("g-recaptcha-response")
Set objXML = Server.CreateObject("MSXML2.ServerXMLHTTP")
objXML.Open "GET", sendstring , false
objXML.Send()
if instr(objXML.responseText,"true") then
response.redirect "to an appropriate page"
else
response.redirect "to an appropriate page"
end if
%>
The following code will go in the page where the form is posted. i.e. in your case L_Landing_actionJCR.asp
<% if server_response <> "" then %>
Wrong!
<% else %>
Correct!
<% else %>
Related
I have this problem with SOAP that I can't seem to solve.
No matter what I try, then I keep getting this error:
500 - Internal server error. There is a problem with the resource you
are looking for, and it cannot be displayed.
When digging further down the error code I'm told there is a EOF expected error?
Hope that some of you might be able to help me
<%
On Error Resume Next
Dim objXMLHTTP : set objXMLHTTP = Server.CreateObject("Msxml2.XMLHTTP.3.0")
Dim strFunction
Dim strRequest
Dim strResult
Dim strName
Dim strFirstName
Dim strLastname
Dim strAddress
Dim strZipCode
Dim strCity
Dim strTelephone
Dim strTelephone2
Dim strTelephone3
Dim strTelephone4
Dim strEmail
Dim strExtFields
Dim strStdFields
Dim CampaignID
Dim Page
Page = Request.Form("Page")
CampaignID = Request.Form("CampaignID")
StrName = Request.Form("Name")
StrTelephone = Request.Form("Phone")
strRequest = ""
<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/"">
<Body>
<InsertNewCustomer xmlns=""http://api.ivocall.dk/ivocallservice.asmx"">
<Login>Loginname</Login>
<Password>Password</Password>
<ClientID>1323</ClientID>
<IDPassword>ag4bghsitm8gatddbpt34qjndjrbsla</IDPassword>
<CampaignID>"& campaignid &"</CampaignID>
<Name>"& StrName &"</Name>
<Firstname></Firstname>
<Lastname></Lastname>
<Address></Address>
<City></City>
<ZipCode></ZipCode>
<Telephone>"& StrTelephone &"</Telephone>
<Telephone2></Telephone2>
<Telephone3></Telephone3>
<Telephone4></Telephone4>
<email></email>
<ExtFields>landingpage="& page &"</ExtFields>
<StdFields></StdFields>
<UserName></UserName>
</InsertNewCustomer>
</Body>
</Envelope>"
objXMLHTTP.open "post", "" & "http://api.ivocall.dk/ivocallservice.asmx" & "", False
objXMLHTTP.setRequestHeader "Content-Type", "text/xml; charset=UTF-8"
objXMLHTTP.setRequestHeader "Content-Length", Len(strRequest)
objXMLHTTP.setRequestHeader "SOAPAction", "http://www.ivocall.dk/ivocallservice/InsertNewCustomer"
'send the request and capture the result
Call objXMLHTTP.send(strRequest)
strResult = objXMLHTTP.responseText
'display the XML
response.write strResult
response.write strRequest
If Err.Number <> 0 Then
Response.Write (Err.Description)
ELSE
Response.Write ("task done")
Response.End
End If
%>
I really hope some of you can help me out her?
You use inline code-tags.
<%
They do not contain any imported namespaces.
Additionally, you seem to want to copying XML into strRequest, but you're not properly escaping it, plus VB.NET (which is what you're using, not C#) doesn't support multiline strings.
And why do you use
Server.CreateObject("Msxml2.XMLHTTP.3.0")
You can use the normal WebRequest class, instead of an ActiveX-Object. And if you want to do it client-side, you need to use JavaScript (AJAX).
If you're doing a cross-domain request, you need to use CORs (and a browser supporting CORs), or you need to write a proxy that does the request for you.
Additionally, did you try adding a web-reference to your project ?
Visual Studio will automagically download the WSDL and generate the wrapper classes. Why do you want to do it by hand ? ...
Additionally, if you want to embed code in the ASPX page, do it in a "script"-tag using runat="server":
<%# Register TagPrefix="RS" Namespace="Microsoft.ReportingServices.WebServer" Assembly="ReportingServicesWebServer" %>
<%# Page Language="C#" AutoEventWireup="true" Inherits="Microsoft.ReportingServices.WebServer.ReportViewerPage" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<script type="text/C#" runat="server">
protected void SetDocumentMode()
{
if(System.Web.HttpContext.Current == null || System.Web.HttpContext.Current.Request == null || System.Web.HttpContext.Current.Request.Browser == null || System.Web.HttpContext.Current.Request.Browser.Browser == null)
// return "<null>";
return;
if (!StringComparer.OrdinalIgnoreCase.Equals(System.Web.HttpContext.Current.Request.HttpMethod, "GET"))
// return "<notget>";
return;
// fu IE 11
if(System.Web.HttpContext.Current.Request.Browser.Browser == "IE" || System.Web.HttpContext.Current.Request.Browser.Browser == "InternetExplorer")
{
if(System.Globalization.CultureInfo.InvariantCulture.CompareInfo.IndexOf(System.Convert.ToString(System.Web.HttpContext.Current.Request.QueryString), "stylesheet", System.Globalization.CompareOptions.IgnoreCase) == -1 )
{
System.Web.HttpContext.Current.Response.Write(#"<meta http-equiv='X-UA-Compatible' content='IE=5'>
");
//return "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=5\">"; // IE5-Quirks when no custom stylesheet (=not in iframe)
}
else
System.Web.HttpContext.Current.Response.Write("<meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'>");
// return "<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">"; // Switch to Standards mode when a custom stylesheet is set(=in iframe)
}
// return "<not ie: " + System.Web.HttpContext.Current.Request.Browser.Browser + ">";
//return "";
}
</script>
[...]
<%SetDocumentMode(); %>
Are you actually using ASP instead of ASP.NET ?
I have just migrated a website from Server 2003 to Server 2012, and MS Indexing service is not available.
In doing some research, I found that MS Search Service is the 'replacement,' and, as such, I installed it on Server 2012. Beyond this, I haven't found what ASP-Classic (VB) code would be necessary to enable the new Search Service to catalog my documents, as Indexing Service did.
Does MS Search Service have the capability and flexibility to catalog and search documents, and return results in the same way that MS Indexing Service did?
Below is an example of the code that currently calls the MS Indexing Service (on the Windows 2003 server):
<%
Dim strQuery ' The text of our query
Dim objQuery ' The index server query object
Dim rstResults ' A recordset of results returned from I.S.
Dim objField ' Field object for loop
Dim objUtility
' Retreive the query from the querystring
strQuery = Request.QueryString("CiRestriction")
if strQuery <> "" then
if Request.QueryString("ExactPhrase") = "Yes" then
strQuery = """" & strQuery & """"
end if
end if
' If the query isn't blank them proceed
If strQuery <> "" Then
' Create our index server object
Set objQuery = Server.CreateObject("IXSSO.Query")
' Set its properties
objQuery.Catalog = "Test_Docs" ' Catalog to query
objQuery.MaxRecords = 75 ' Max # of records to return
objQuery.SortBy = "Rank[d], size"
objQuery.Columns = "Characterization, DocTitle, Directory, Filename, Path, Rank, Size, Vpath, Write"
' Build our Query: Hide admin page and FPSE pages
'strQuery = "(" & strQuery & ")" _
' & " AND NOT #filename = *admin*" _
' & " AND NOT #path *\_vti_*"
' Uncomment to only look for files modified last 5 days
'strQuery = strQuery & " AND #write > -5d"
' To set more complex scopes we use the utility object.
' You can call AddScopeToQuery as many times as you need to.
' Shallow includes just files in that folder. Deep includes
' subfolders as well.
'
Set objUtility = Server.CreateObject("IXSSO.Util")
objUtility.AddScopeToQuery objQuery, "d:\test_shares\test_docs", "deep"
objQuery.Query = strQuery ' Query text
Set rstResults = objQuery.CreateRecordset("nonsequential") ' Get a recordset of our results back from Index Server
' Check for no records
If rstResults.EOF Then
Response.Write "Sorry. No results found."
Else
' Print out # of results
Response.Write "<p><strong>"
Response.Write rstResults.RecordCount
Response.Write "</strong> results found:</p>"
' Loop through results
Do While Not rstResults.EOF
' Loop through Fields
' Pretty is as pretty does... good enough:
%>
<%KSize=formatnumber(rstResults.Fields("size"))
KSize= round(KSize/1024,0)%>
<p>
<%'test below using PoorMansIsNull function%>
<% If PoorMansIsNull(rstResults.Fields("DocTitle")) Or rstResults.Fields("DocTitle")="" Then %>
<%= PathToVpath(rstResults.Fields("filename")) %>
<% Else %>
<font size="3"><%= rstResults.Fields("DocTitle") %></font>
<% End If %>
<br><%= rstResults.Fields("Characterization") %><br>
<font color="#009900"><%= PathToVpath(rstResults.Fields("path")) %> - <%= KSize %>k<br /></font>
</p>
<%
' Move to next result
rstResults.MoveNext
Loop
rstResults.MoveFirst
Response.Write "<pre>"
'Response.Write rstResults.GetString()
Response.Write "</pre>"
End If
' Kill our recordset object
Set rstResults = Nothing
Set objUtility = Nothing
Set objQuery = Nothing
End If
%>
</body>
</html>
<%
Function PathToVpath(strPath)
Const strWebRoot = "d:\test_shares\test_docs\"
Dim strTemp
strTemp = strPath
strTemp = Replace(strTemp, strWebRoot, "\")
strTemp = Replace(strTemp, "\", "/")
PathToVpath = strTemp
End Function
%>
And, the results would be listed, per document (the name of the document, with excerpt from document text, along with title, size), as illustrated below:
Thanks for any leads and/or alternatives.
This example is in fact incorrect. It does not work. The following code:
objRecordSet.Open "SELECT Top 20 " & _
"System.ItemPathDisplay " & _
",System.ItemName " & _
",System.Size " & _
"FROM SYSTEMINDEX", objConnection & _
"WHERE SCOPE='file:E:\MANIF\DAAP\AC'"
Should really use the connection object at the end of the query. Spent a few hours wondering why the WHERE clause was not working.
objRecordSet.Open "SELECT Top 20 " & _
"System.ItemPathDisplay " & _
",System.ItemName " & _
",System.Size " & _
"FROM SYSTEMINDEX " & _
"WHERE SCOPE='file:E:\MANIF\DAAP\AC'", objConnection
This should help all who are having the same difficulty.
I'm facing the same problem. I've found a MS guide about this issue: Querying the Index with Windows Search SQL Syntax.
I've tested this ASP (Classic) code and ran ok:
<html>
<body>
Results<br>
<ol>
<%
Set objConnection = CreateObject("ADODB.Connection")
Set objRecordSet = CreateObject("ADODB.Recordset")
objConnection.Open "Provider=Search.CollatorDSO;Extended Properties='Application=Windows';"
'change directory on scope clause
objRecordSet.Open "SELECT Top 20 " & _
"System.ItemPathDisplay " & _
",System.ItemName " & _
",System.Size " & _
"FROM SYSTEMINDEX" & _
" WHERE SCOPE='file:E:\MANIF\DAAP\AC'", objConnection
objRecordSet.MoveFirst
Do Until (objRecordSet.EOF)
%>
<li>
<strong>Path Display:</strong><%=objRecordSet("System.ItemPathDisplay")%><br>
<strong>Name:</strong><%=objRecordSet("System.ItemName")%><br>
<strong>Size:</strong><%=objRecordSet("System.Size")%><br>
<hr>
</li>
<%
objRecordSet.MoveNext
Loop
objRecordSet.Close
Set objRecordSet = Nothing
objConnection.Close
Set objConnection = Nothing
%>
</ol>
</body>
</html>
Other alternatives:
Try to register asp dll in windows server. For I could see, nobody related success on this approch. See this post;
Create a VM a previous windows version to support your asp. See this MS article.
Hope it could help you.
anyone please know how to add recaptcha in .asp , i am having public and privte keys
<TD align="middle">Security Code: </TD>
<TD align="middle">
<script type="text/javascript"
src="http://www.google.com/recaptcha/api/challenge?k=01M2eMS32Xs6oGtCaBu3AkHQ==">
</script>
<noscript>
<iframe src="http://www.google.com/recaptcha/api/noscript?k=01M2eMS32Xs6oGtCaBu3AkHQ=="
height="300" width="500" frameborder="0"></iframe><br>
<textarea name="recaptcha_challenge_field" rows="3" cols="40">
</textarea>
<input type="hidden" name="recaptcha_response_field"
value="manual_challenge">
</noscript>
</TD>
Using reCAPTCHA with Classic ASP
The reCAPTCHA ASP guide provides a simple way to place a CAPTCHA on your ASP page, helping you stop bots from abusing it. The code below wraps the reCAPTCHA API.
After you've signed up for your API keys, you can add reCAPTCHA to your classic ASP site by pasting the code below at the top of your ASP page:
<%
recaptcha_challenge_field = Request("recaptcha_challenge_field")
recaptcha_response_field = Request("recaptcha_response_field")
recaptcha_public_key = "your_public_key" ' your public key
recaptcha_private_key = "your_private_key" ' your private key
' returns the HTML for the widget
function recaptcha_challenge_writer()
recaptcha_challenge_writer = _
"<script type=""text/javascript"">" & _
"var RecaptchaOptions = {" & _
" theme : 'red'," & _
" tabindex : 0" & _
"};" & _
"</script>" & _
"<script type=""text/javascript"" src=""http://www.google.com/recaptcha/api/challenge?k=" & recaptcha_public_key & """></script>" & _
"<noscript>" & _
"<iframe src=""http://www.google.com/recaptcha/api/noscript?k=" & recaptcha_public_key & """ frameborder=""1""></iframe><>" & _
"<textarea name=""recaptcha_challenge_field"" rows=""3"" cols=""40""></textarea>" & _
"<input type=""hidden"" name=""recaptcha_response_field""value=""manual_challenge"">" & _
"</noscript>"
end function
' returns "" if correct, otherwise it returns the error response
function recaptcha_confirm(rechallenge,reresponse)
Dim VarString
VarString = _
"privatekey=" & recaptcha_private_key & _
"&remoteip=" & Request.ServerVariables("REMOTE_ADDR") & _
"&challenge=" & rechallenge & _
"&response=" & reresponse
Dim objXmlHttp
Set objXmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXmlHttp.open "POST", "http://www.google.com/recaptcha/api/verify", False
objXmlHttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXmlHttp.send VarString
Dim ResponseString
ResponseString = split(objXmlHttp.responseText, vblf)
Set objXmlHttp = Nothing
if ResponseString(0) = "true" then
'They answered correctly
recaptcha_confirm = ""
else
'They answered incorrectly
recaptcha_confirm = ResponseString(1)
end if
end function
server_response = ""
newCaptcha = True
if (recaptcha_challenge_field <> "" or recaptcha_response_field <> "") then
server_response = recaptcha_confirm(recaptcha_challenge_field, recaptcha_response_field)
newCaptcha = False
end if
%>
What happens here is the variables server_response and newCaptcha are set whenever the page is loaded, allowing you to determine the state of your page.
You can use the following HTML as a skeleton:
<html>
<body>
<% if server_response <> "" or newCaptcha then %>
<% if newCaptcha = False then %>
<!-- An error occurred -->
Wrong!
<% end if %>
<!-- Generating the form -->
<form action="recaptcha.asp" method="post">
<%=recaptcha_challenge_writer()%>
</form>
<% else %>
<!-- The solution was correct -->
Correct!
<%end if%>
</body>
</html>
As shown here:
http://developers.google.com/recaptcha/docs/asp
I'm trying to use this example of classic ASP but I have 2 pages, one is form page, the other is verify page. I'm a total newb at classic ASP so I'm not sure if I'm making some syntax errors or not.
https://developers.google.com/recaptcha/docs/asp
On my form page, I'm loading reCAPTCHA via JS and that part is working fine. On the verify page, I have the code below.
Main code (I removed stuff from Google that I wasn't going to use like generate a recaptcha form field with ASP)
recaptcha_challenge_field = Request.Form("recaptcha_challenge_field")
recaptcha_response_field = Request.Form("recaptcha_response_field")
recaptcha_public_key = "hidden" //your public key
recaptcha_private_key = "hidden" //your private key
// returns "" if correct, otherwise it returns the error response
function recaptcha_confirm(rechallenge,reresponse)
Dim VarString
VarString = _
"privatekey=" & recaptcha_private_key & _
"&remoteip=" & Request.ServerVariables("REMOTE_ADDR") & _
"&challenge=" & rechallenge & _
"&response=" & reresponse
Dim objXmlHttp
Set objXmlHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
objXmlHttp.open "POST", "http://www.google.com/recaptcha/api/verify", False
objXmlHttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
objXmlHttp.send VarString
Dim ResponseString
ResponseString = split(objXmlHttp.responseText, vblf)
Set objXmlHttp = Nothing
if ResponseString(0) = "true" then
'They answered correctly
recaptcha_confirm = ""
else
'They answered incorrectly
recaptcha_confirm = ResponseString(1)
end if
end function
server_response = ""
newCaptcha = True
if (recaptcha_challenge_field <> "" or recaptcha_response_field <> "") then
server_response = recaptcha_confirm(recaptcha_challenge_field, recaptcha_response_field)
newCaptcha = False
end if
This is where I'm trying to detect if captcha is correct, but it submits form either way.
if recaptcha_response_field <> "" AND newCaptcha = False then
// submit form
Else
Response.Write "Error: Please fill out all form fields correctly."
End If
Well looks like I had to do it this way:
If server_response = "" AND newCaptcha = False then
// Captcha correct
ElseIf server_response <> "" OR newCaptcha then
// Captcha incorrect
Else
// Some other form error
End If
Paypal has been sending emails warning IPN is failing.
I've not made any changes to my code, and it is really old code.... has been working for 5+ years.... been so long that I've had to do anything on this site.
I searched the server logs for more information... this is what I found repeatedly
|35|80040e14|Syntax_error_(missing_operator)_in_query_expression_'OrderID='.
I checked the code on the ipn page of the site, and I'm stumped.
Nothing is changed but it stopped working
This is line 34 thru 36 of the code of the ipn page:
MM_Cmd.CommandText = "UPDATE Orders SET txn_id='" & txn_id & "',payment_status='" & payment_status & "' WHERE OrderID=" & Item_number
MM_Cmd.Execute
end function
UPDATE:
Here is the full code that shows Item_number:
<%
str = Request.Form & "&cmd=_notify-validate"
' post back to PayPal system to validate
set objHttp = Server.CreateObject("Msxml2.ServerXMLHTTP")
objHttp.open "POST", "https://www.paypal.com/cgi-bin/webscr", false
objHttp.setRequestHeader "Content-type", "application/x-www-form-urlencoded"
objHttp.Send str
' assign posted variables to local variables
Item_number = Request("item_number")
Payment_status = Request("payment_status")
Txn_id = Request("txn_id")
if (objHttp.status <> 200 ) then
' HTTP error handling
elseif (objHttp.responseText = "VERIFIED") then
if Payment_status = "Completed" then 'only update database if the response text is verified and the payment complete
UpdateOrder
end if
elseif (objHttp.responseText = "INVALID") then
' log for manual investigation
else
' error
end if
set objHttp = nothing
function UpdateOrder
'on error resume next
Set MM_Cmd = Server.CreateObject("ADODB.Command")
MM_Cmd.ActiveConnection = MM_CharonCart_STRING
MM_Cmd.CommandText = "UPDATE Orders SET txn_id='" & txn_id & "',payment_status='" & payment_status & "' WHERE OrderID=" & Item_number
MM_Cmd.Execute
end function
%>
The problem is with your variable Item_number. There's a small chance that if you rewrite the end of your query as
... where OrderID=" & Cint(Item_number)
then you will solve your problem, however you probably need to look at the code which assigns a value to Item_number