In the following asp page I am trying to get the fullName attribute from the first row of the result set. (there should only be one row) What is the right way to do this?
<%
set Y = server.CreateObject("ADODB.Connection")
X = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ= " & Server.MapPath(".\account.mdb")
Y.open X
user=request.Form("username")
passwd=request.Form("pwd")
set userexsist=Y.Execute("select * from logintable where username='" & user & "'")
set useraccount=Y.Execute("select * from logintable where username='"& user & "' and passwd='" & passwd & "'")
if userexsist.eof then
Response.Redirect("41697hw1noaccount.htm")
else
if useraccount.eof then
Response.Redirect("41697hw1wrongpasswd.htm")
else
Response.Write("<h1>Welcome, " & useraccount[0].fullName & "</h1>")
End if
end if
%>
The error is on `useraccount[0].fullName.
Whats the right way to get this information?
Thanks for your help!
Here's your code with as much wrong stuff as I could spot fixed:
I did test it, but not with an Access database.
It should work, but I only have a working knowledge of Classic ASP.
<%
Set Conn = Server.CreateObject("ADODB.Connection")
Set RS = Server.CreateObject("ADODB.Recordset")
Set RS2 = Server.CreateObject("ADODB.Recordset")
Conn.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ= " & Server.MapPath(".\account.mdb")
user = Request.Form("username")
passwd = Request.Form("pwd")
RS.Open "select * from logintable where username='" & user & "'", Conn
if RS.eof then
Response.Redirect("41697hw1noaccount.htm")
else
RS2.Open "select * from logintable where username='" & user & "' and passwd='" & passwd & "'", Conn
if RS2.eof then
Response.Redirect("41697hw1wrongpasswd.htm")
else
Response.Write("<h1>Welcome, " & RS2("fullName") & "</h1>")
end if
end if
%>
Related
I'm new to this old scripting language but it's all we have right now. I'm trying to get this code work.
I would like to compare USERID servervariable with the same USERID from a recordset, then if true it will redirect the name of that USERID.
<%
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=I:\storyData.mdb"
set rs = Server.CreateObject("ADODB.Recordset")
rs.Open "SELECT USERIDFROM preprod", conn
strName = "John"
strNo = "This is not you"
If Request.ServerVariables("HTTP_USERID") = (rs.Fields.Item("USERID").Value) Then
Response.Redirect("story.html?" & "name=" & strName)
Else
Response.Redirect("story.html?" & "name=" & strNo)
End If
%>
I hope this makes any sense. It seems simple but can't get it to work.
thanks
what "doesn't" work?
looking at your code, it seems you're only checking the the first record of your query. I think you want to do something like this:
<%
Set conn = Server.CreateObject("ADODB.Connection")
conn.Open "Driver={Microsoft Access Driver (*.mdb)}; DBQ=I:\storyData.mdb"
set rs = Server.CreateObject("ADODB.Recordset")
rs.Open "SELECT count( USERID ) FROM preprod where userID = " & Request.ServerVariables("HTTP_USERID"), conn
strName = "John"
strNo = "This is not you"
if CInt( rs( 0 ) ) > 0 then
Response.Redirect("story.html?" & "name=" & strName)
Else
Response.Redirect("story.html?" & "name=" & strNo)
End If
%>
this code does a count of userIDs in your table and if there are more than 1, it'll do the redirect properly. A lot more efficient this way.
I have a function named GroupCheck, which is designed to get the logged in users group from AD. It is, however, giving me the following error:
Microsoft VBScript runtime error '800a000d'
Type mismatch: 'GroupCheck'
/ldap.asp, line 67
Line 67 is where I call the function, passing in the Request.ServerVariables("AUTH_USER")
The following function is stored in a file which is included at the top of the page:
<%
function GroupCheck(user)
dim user, ADUser, objCom, objCon, objRS, membership
ADUser = "LDAP://OU=Staff,OU=Users,DC=example,DC=internal"
' Make AD connection and run query'
Set objCon = Server.CreateObject("ADODB.Connection")
objCon.provider ="ADsDSOObject"
objCon.Properties("User ID") = "EXAMPLE\user"
objCon.Properties("Password") = "Test"
objCon.Properties("Encrypt Password") = TRUE
objCon.open "Active Directory Provider"
Set objCom = CreateObject("ADODB.Command")
Set objCom.ActiveConnection = objCon
objCom.CommandText = "SELECT memberOf FROM '" + ADUser + "' where sAMAccountName='*" + 'user + "*' AND UserAccountControl <> 514"
Set objRS = objCom.Execute
Do While Not objRS.EOF Or objRS.BOF
if isNull(objRS.Fields("memberOf").value) then
membership = ""
else
for each item in objRS.Fields("memberOf").value
membership = item + "<br>"
next
end if
if inStr(membership, "UserGroup") then
GroupCheck = 1
else
GroupCheck = 0
end if
objRS.MoveNext
Response.Flush
Loop
'Clean up'
objRS.Close
objCon.Close
Set objRS = Nothing
Set objCon = Nothing
Set objCom = Nothing
end function
%>
I really don't know what the problem is, because /ldap.asp, line 67 is :
Set getMembership(username)
EDIT: My code for ldap.asp is:
getMembership = GroupCheck(Request.ServerVariables("AUTH_USER"))
'This should fetch all the accounts that appears in the "Contact Centre" group
if getMembership = 1 then
'Response.Write "<td><a href='entry.asp?account_name=" & objRS("sAMAccountName") & "'>Edit</a></td>"
elseif objRS("sAMAccountName") = session("username") then
Response.Write "<td><a href='entry.asp?account_name=" & objRs("sAMAccountName") + "'>Edit</a></td>"
else Response.Write "<td></td>"
end if
Response.Write "</tr>" + vbCrL
objRS.MoveNext
Response.Flush
Loop
Response.Write "</table>"
' Clean up
objRS.Close
objCon.Close
Set objRS = Nothing
Set objCon = Nothing
Set objCom = Nothing
%>
So what exactly is in line 67?
Set getMembership(username)
or
[unknown variable] = GroupCheck(Request.ServerVariables("AUTH_USER"))
?
In any case, this is probably the cause of the problem:
objCom.CommandText = "SELECT memberOf FROM '" + ADUser + "' where sAMAccountName='*" + 'user + "*' AND UserAccountControl <> 514"
In VBScript, the + operator is for arithmetic addition. "SELECT memberOf From '" cannot be converted into a number; hence the type mismatch. Probably. (I can't be sure because I don't know how you're calling or including the function.)
Instead, use the proper VBScript concatenation operator, &.
objCom.CommandText = "SELECT memberOf FROM '" & ADUser & "' where sAMAccountName='*" & user & "*' AND UserAccountControl <> 514"
Also, you're potentially shooting yourself in the foot by dimming a variable with the same name as the function argument:
function GroupCheck(user)
dim user, ADUser, objCom, objCon, objRS, membership
'^^^^
It may still work if you do that, but it's just not a good idea.
While executing the following code in ASP.NET with VB, I am getting the error "No data exists for the row/column."
Dim hdnuserid = e.CommandArgument
If e.CommandName = "additem" Then
' First, see if the product is already in the vendor_catalog table
Dim dr, dr2, username
dr = connection.returnsqlresult("SELECT * FROM vendor_users where vendor_id = '" & Request("vendor_id") & "' AND userid = '" & hdnuserid & "'")
If dr.hasrows() Then
dr.read()
Response.Write("<script type=""text/javascript"">alert(""User already assigned to this vendor."");</script>")
Else
dr2 = connection.returnsqlresult("SELECT * FROM users WHERE userid = '" & hdnuserid & "'")
Response.Write(hdnuserid)
If dr2.hasrows() Then
dr2.read()
username = dr("username")
connection.executesql("INSERT INTO vendor_users(userid, vendor_id, username) VALUES('" & hdnuserid & "','" & Request("vendor_id") & "','" & username & "')")
'ScriptManager.RegisterStartupScript(Me, GetType(Page), "itemsadded", "window.opener.__doPostBack('__Page', 'populate_usergrid');window.close();", True)
Else
Response.Write("<script type=""text/javascript"">alert(""User does not exist."");</script>")
End If
dr2.close()
End If
dr.close()
Else
End If
I have checked that the columns exist in my tables, and also checked the select * from users statement in SQL directly with a hard coded value and I see the result I expect. I'm not sure why I am getting this error. The error is being thrown on the username = dr("username") line.
Any assistance in this would be very helpful.
JV
I think you have a bit of a typo. Change
username = dr("username")
to
username = dr2("username")
Shouldnt the reader object be dr2 instead of dr? since dr doesnt have any rows, dr("username") wouldnt be accessible.
username = dr2("username")
im trying to insert a new row with new data to an ms access table, using asp page.
i have no background in asp, im an android developer, but those are my client specifications.
i know im doing something very wrong, but i dont know what...
can you please help me?
this is what i was trying to do:
<%
'define variables
dim conn, strsql, strMDBPath
Set conn = Server.CreateObject("ADODB.Connection")
'Connect to the database
strMDBpath = Server.MapPath("data.mdb")
conn.open "PROVIDER=MICROSOFT.JET.OLEDB.4.0;DATA SOURCE=" & strMDBPath
'On Error Resume Next
'write to the database
strSql = "INSERT INTO avi (id,first,last) VALUES ("4", '" yom "','" cobi "')"
conn.Execute(strSql)
'close database
conn.close
Set conn = nothing
%>
You're missing some ampersands.
strSql = "INSERT INTO avi (id,first,last) VALUES (4, '" & yom & "', '" & cobi & "')"
I am using the following code to update an Access Database with Classic Asp:
<%# Language=VBScript %>
<% Option Explicit %>
<%
Response.Buffer = True
'First, we need to get the total number of items that could be updated
Dim iCount
iCount = Request("Count")
'We need to obtain each cost and ID
Dim strstudent, strcourse, strgrade, strcomments
'We will also need to build a SQL statement
Dim strSQL
Dim conn
set conn=server.CreateObject("ADODB.connection")
conn.ConnectionString="provider=Microsoft.jet.OLEDB.4.0;data source=C:\db\agsystem.mdb"
conn.Open
'Now, we want to loop through each form element
Dim iLoop
For iLoop = 0 to iCount
'student data
strstudent = Request(iLoop & ".Student")
'course data
strcourse = Request(iLoop & ".course")
'grade
if isNull(Request(iLoop & ".grade")) or Request(iLoop & ".grade")="" then
strgrade="null"
else
strgrade= Request(iLoop & ".grade")
end if
if isNull(Request(iLoop & ".comments")) or Request(iLoop & ".comments")="" then
strcomments=null
else
strcomments=Request(iLoop & ".comments")
end if
strSQL = "UPDATE testing SET semester2 = " & strgrade & ", commentss=" & "'" & strcomments & "'" & " WHERE newstudentid = " &"'"& strstudent&"'" & " and Courseid = " & "'"& strcourse & "'"
conn.Execute strSQL
Next
conn.Close
Set conn = Nothing
Response.Redirect "protected.asp"
%>
The problem is that when tested in the server it updates without any issues. But when access from a wireless network it won't update.
The target table to update has about 27,000 records
I need to know what I'm doing wrong or if there is another approach.
I found the error after carefully analyzing the situation.
Records in primary key that have spaces for example '2 OR 13' will not update. But records without spaces in primary key like '2CEN13' updates perfectly. I did not had time to solve it in my asp code, so i edited all records with spaces and that solve the problem.