dennisa
-
Posts
14 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by dennisa
-
-
I have set password for my database file. I'm using .mdbusername = ghostpassword = ghostbut I cant display the page.how to send username & password variable via ASP page??
-
I have created a website using asp. I split the directory for the website. one for user and the other for administrator.from the index page I can access both.so, I want to restrict any user to access administrator's pages.maybe I can prompt for password from the index page....but let say that user know the address, he can still screw my database by accessing the pages for administrator. for examples:>>this is the address for the index pagehttp://10.20.30.27/webnilai/index.htm>>this is the address for administrator pagehttp://10.20.30.27/admin/admin.htmand of course there are the other pages in the admin folder such us add_record.htm, add_record.asp, etc.so, anonymous user can manipulate my database if he knows the address.I want to restrict any user from accessing the administrator's pages.so eventhough he knows the address, he will be prompted to put his password and username.how can I do that?any idea??or can I attach the Username value or Password value in rs.querystring ??? so I dont bother to set security for database??
-
yeah Of course I know......but let say that the nip value is somethin like this = 12a63112a63212a63312s12912s13011a34512s12712a635I want to display every 12a6(something), and then I will put the sql like this :select * from tkelas where nip like ('12a6%')but I want to request the value from the html page, so I put the sql like this :select * from tkelas where nip like ('"&nip%&"')and thus it was ended with an error....then tell me how to put the sql with '%' without causing errorremove the % signs they are the syntax error -
just look at my code>>html<html><body><h1>query_nip</h1><hr>input nip<p><form method="POST" action="query_display.asp"><p>nip <input name="nip"><p><input type="Submit" value="SHOW"></form></body></html>>>asp<html><body><h1>display_Query</h1><hr>example :<p><table border="1" width="100%"><%set conn=server.CreateObject("ADODB.Connection")conn.provider="Microsoft.JET.OLEDB.4.0"conn.open server.mappath("dbkelas.mdb")nip=request.form("nip")set rs=server.CreateObject("ADODB.Recordset")rs.open "select * from tkelas where nip like '"&nip&"' ",conn%><tr><%for each x in rs.fieldsresponse.write("<th>"&x.name&"</th>")next%></tr><%do until rs.eof%><tr><% for each x in rs.fields %><td><%response.write(x.value)%></td><%nextrs.movenext%></tr><%looprs.closeconn.close%></table></body></html>I want to put the sql like this:select * from tkelas where nip like ('%nip%')but when I try using this:select * from tkelas where nip like '"&%nip%&"' >> the error message appearinvalid character???how should I write??
-
event handler
in ASP
thanks youre really helpful....another problem comes...<html><head><script>function onFormSubmit(){ var nip = document.getElementById('nip'); if(nip.value == "") { alert('you must give nip a value'); return false; }}</script><body><h1>Adding_record</h1><hr>input new record<p><form method="POST" action="add_confirm.asp" onsubmit="javascript:return onFormSubmit()"><p>nip <input name="nip" id="nip"><p>name <input name="name"><p><input type="Submit" value="ADD"></form></body></html>
That should work.
-
event handler
in ASP
thanks asp net guy!!!yes, any other way??because actually I want the pop up message appear if I press the submit button so the user dont bother to go to the asp page.....the html page will prompt the user to fill the nip field!!change thisnip= request.form("nip")name= request.form("name")conn.execute "insert into tkelas(nip,name) values('"&nip&"','"&name&"')",recordsaffectedif err<>0 thenresponse.write("You dont have any permission to update the database")elseresponse.write(recordsaffected&" record was added")end if
to
nip= request.form("nip")name= request.form("name")if nip <> "" then conn.execute "insert into tkelas(nip,name) values ('"&nip&"','"&name&"')",recordsaffected if err<>0 then response.write("You dont have any permission to update the database") else response.write(recordsaffected&" record was added") end ifelse response.write("you must give a value for nip")end if
-
event handler
in ASP
when I want to insert a new record, or update the database, I just want ... uhh just look at my code...html>><html><body><h1>Adding_record</h1><hr>input new record<p><form method="POST" action="add_confirm.asp"><p>nip <input name="nip"><p>name <input name="name"><p><input type="Submit" value="ADD"></form></body></html>asp>><html><body><h1>add_Confirm</h1><hr><%on error resume nextset conn = Server.Createobject("ADODB.Connection")conn.Provider = "Microsoft.JET.OLEDB.4.0"conn.open server.Mappath("dbkelas.mdb")nip= request.form("nip")name= request.form("name")conn.execute "insert into tkelas(nip,name) values('"&nip&"','"&name&"')",recordsaffectedif err<>0 thenresponse.write("You dont have any permission to update the database")elseresponse.write(recordsaffected&" record was added")end ifconn.closeset conn=nothing%></body></html>nip=primary keyso you must notice that the fatal error is when I try to insert new record...if I only fill the name, the record will appear in my database... eventhough the nip=""(null). I dont want that happen!!what I want is, whenever the user do not put the nip, hence alert message will b displayed prompting the user to fill the nip... so every record in my db will have an nip...do you think that what I need is an event handler?? or do you have any other idea??
-
whoaaa...you the man!!I have forced my hardisk to be ntfs, though my disk is already in ntfs.... he he he that was futile....but when I tried to uncheck the simple file sharing... it just suddenly worked!!thuaaanks very muaaach!!!I owe you netcracker!!but I got another problem here...I will post in the new topic... please help me...!!hmmm... this means u r not using the NTFS file system format... I just cannot remember how to allow permissons on FAT32 table... however, u might try disabling the "simple file sharing" option from "folder option" for one... hope u'll do just fine... -
Still cant find the security tab...but when I tried at another pc, the security tab appeared...how come??is there something wrong with my windows? or User?because, I logged as Administrator already...any idea??anyway thanks to you - aspnetguy,akasha and netcracker-...the problem has been solvedbut I'm still curious....Perhaps you forget to click on the properties firstright click on your file then propertiesand then you will see a security tab -
I use windows xp sp 2, when I right clicked the .mdb file there was no security tab?what am I suppose to do?? I logged as administrator already...It is a windows permissions error.Navigate Windows Explorer to your database file (.mdb). Right click and choose Properties.Click the Security tab. Make sure that the Everyone account has full control.That should solve your problem. -
I also got error with the same type of yours, "syntax error in insert statement"what the ######??somebody help us?
-
then tell me how to make my database become updateable...sorry, I never learn how to use Access before...
-
I tried to add record to my database, but I got this kind of error>>Error Type:Microsoft JET Database Engine (0x80004005)Operation must use an updateable query./web_nilai/add_confirm.asp, line 10what am I suppose to do with my code?? or is there any mistake in my database?this is the html code:<html><body><h1>add_record</h1><hr><form method="POST" action="add_confirm.asp">nip <input type="text" name="nip"><p>nama <input type="text" name="nama"><p><input type="submit" value="add"></form></body></html>this is the asp code:<html><body><h1>add_confirm</h1><hr><%set conn=Server.CreateObject("ADODB.Connection")conn.Provider= "Microsoft.JET.OLEDB.4.0"conn.open server.mappath("kelas.mdb")conn.execute "insert into Tnama(nip,nama) values('"&request.form("nip")&"','"&request.form("nama")&"')"conn.closeset conn=nothing%></body></html>my database is created by microsoft access 2000, database name = kelas.mdbtabel name = tnamafields = - nip(text) primary key- nama(text) primary keyplease tell me where is my mistake...
anonymous access
in ASP
Posted
I was desperate on setting up the security for multiple user....so I opened up the IIS at control panelI directly went to the admin folder which contains ASP pages to manipulate database.I opened the properties, and I did several settings.I set the anonymous access being restricted.I fill the username and the password.lets say:username = ghostpassword = ghostlet IIS control password => uncheckedWindows Integrated Authentication => checkedyes, It was succesful.anytime the user access the admin pages, they will be prompt to fill username & password.but, when I tried to add new record, the record couldnt be sent. the ASP page POST'd nothing.....?whats wrong??please help me on this...I really appreciate it if you directly response my Question rather than show me the W3schools tutorial address....