Splurd
-
Posts
60 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by Splurd
-
-
<form action="display.asp" method="post">Select what you want<select name="fields" multiple="true"> <option value="dog">dog</option> <option value="cat">cat</option> <option value="bird">bird</option> <option value="wale">wale</option> <option value="fish">fish</option> <option value="Godzilla">Godzilla</option> <option value="ET">ET</option> <option value="pedobear">pedobear</option></select><input type="submit" value="hit buttan"></form>
this is some basic html code, and the user can select more then one value, but the problem is, they would have to press ctrl + click if they want to select more then one, (or drag, but then you get the problem of chosing dog, and bird, but not cat)And most users are dumb so they dont know to push ctrl...So is there a away to get such a list, where the user just clicks on it to select them and click again to de select them? Also, in IE it displays with a scrollbar, but in firefox, it displays as one long list. Is there a way to put a scrollbar in firefox?
-
date format
in SQL
Basicly I am storing data and there are dateformats, which is all very nice and fine but I just want to check some stuff.When inputting/inserting dates into the tables thru codes, what format does the text have to be? I mean, the user only gets to input via a text box.How does searching work with dates? Does a search like find * in tb where date > 6/06/06. (which is today btw. =D)Also, is it possible to do stuff like search per month? Like find all birthdays found in july.For the record I am doing this in asp, using access .mdb as my database.
-
Its usualy to distinguish them from normal members, so the members will sit up and take notice of what they are saying.Double egeded sword as people will also notice moderators if they every do anything silly. =p
-
Doesnt this mean you are storing the password in your cookies? Wont that be a security risk?Belzar,VBScript as a client-side language is browser specific, it only works on IE. However, client-side VBScript is dead, NO ONE uses anymore. To get a password box that works on all browsers, you have to convert your script to client-side Javascript.However, there is a significant problem with using client-side scripts to password protect pages, namely on the basis that they don't protect anything at all. Anyone can view the source of your page and see everything you've written.Here are 2 ways to password protect pages, but here's a simpler ASP-specific way:<%Dim strPasswordstrPassword = request("password")if Password = "baby" then%> The rest of your page contents should go here.<%else%> <form action="<%=Request.ServerVariables("SCRIPT_NAME")%>" method="post"> What's the password:<br> <input type="password" name="password"> <p> <input type="Submit" value="Go!"> </p> </form><%end if%>
Using this code, no one can see any code they shouldn't when they view your source.Alternatively, I like to use this method on my sites:Login.asp:
'You should always use a function like the one below to protect'against SQL injectionFunction SQLSecurity(strString) SQLSecurity = replace(strString, "'", "\'", 1, -1, vbBinaryCompare)End FunctionSub Login Dim Conn, RS, SQL, Redirect Redirect = True Conn = Server.CreateObject("ADODB.Connection") RS = Server.CreateObject("ADODB.Recordset") sql = "SELECT Count(*) as Count FROM my_table WHERE Username = " & _ "'" & SQLSecurity(Request.Cookies("Username")) & "' " & _ "AND Password = '" & SQLSecurity(Request.Cookies("Password")) & "';" Conn.Open my_connection_string RS.Open sql, Conn, 1, 1 if RS("Count") then Redirect = False end if RS.Close Conn.Close set conn = nothing set rs = nothing if Redirect = True then 'if a valid username and password is not found response.redirect "error.asp" end ifEnd Sub
On any other page, all I have to do is insert the following two lines at the top of any page:
<!--include file="login.asp"-->Call Login... rest of page goes here ...
If the user is not logged in, then he or she is automatically redirected to an error.asp page. Otherwise, the page loads as normal.
-
Another question, tho not really a lessonWhat are the curor types and lock types and what do that mean for the record set,http://www.w3schools.com/ado/met_rs_open.asp <-- is what I am talking about, I dont quite understand them, and what should I use. (I see some tutorials useing 1,1, and some using 3,3 etc)
-
http://w3schools.invisionzone.com/index.php?showforum=38I belive you should be looking in there for asp.net applications, since this is just mearly the asp forum.
-
I dont understand the limit = 1 bit, what does it do, why is it needed, and why do I get this error message "Syntax error (missing operator) in query expression"
-
when I say updating, I ment I am modifying the code.But, I just want to ask, when I want to do two select statements within 1 asp file, what is the best way to do it.
-
Ok, I've doing something basic
<%'Dimension variablesDim adoCon 'Holds the Database Connection ObjectDim rsGuestbook 'Holds the recordset for the records in the databaseDim strSQL 'Holds the SQL query for the database'Create an ADO connection odjectSet adoCon = Server.CreateObject("ADODB.Connection")'Set an active connection to the Connection object using a DSN-less connectionadoCon.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("guestbook.mdb")'Create an ADO recordset objectSet rsGuestbook = Server.CreateObject("ADODB.Recordset")'Initialise the strSQL variable with an SQL statement to query the databasestrSQL = "SELECT * FROM table;"'Open the recordset with the SQL query rsGuestbook.Open strSQL, adoCon'Loop through the recordset'blahblahLoop'Reset server objectsrsGuestbook.CloseSet rsGuestbook = NothingSet adoCon = Nothing%>
Thats abit of copypasta of code from a tutorial.Right now, I am updating it, and I am finding I have to do1) do a select * from table 2)after using this record set to populate some stuff, (and form the next sql statement)3) do a select z,y,x from table where a=b,c=d4)Use this to populate a table.So how do I do that, effectivly. Like do I close the record set then re-open it with the next sqlstatement?
-
Awesome man, many thanks.One more question, is there anyway to get the number of fields? Although I dont really need it, its just a good number to get (when your making arrays or looping)
-
http://w3schools.invisionzone.com/index.php?showtopic=4753Somewhat related?
-
basicly doing a simple page to get stuff from a database, select update add that sorta stuff.But one problem I want to avoid is if there are stuff like < > tags in the db, when I extract the values, will it error my html in my page. Like what if someone did a <script> 1337 h@x </script> on me.So the obvious way would be to replace the < tags, with > < (I think that was it, got to checK)But I am not sure the best way to do it, and where to do it? (like, should I do it before the db is updated, or do it when I am response.writing my data
-
ah no, you sorta mis read me.What I am looking for are the field names, the headers, or whatever the correct term is.using your example, it would be "ArticleID Author Content DatePublished Category Rating"
-
Basicly instead of hard codding Response.Write (rs("name"))Response.Write (rs("whatever"))Response.Write (rs("omg"))is there a way, where I can get the field names from a databse? then the page can loop thru the field names.Edit: Or to be more specific, to get the field names from a recordset.I am asking this because I am trying to make a page, where people can select the fields they want (probably by a drop down, or by a checkbox) and the page does its thing and displays the data.Now, I COULD something like, if "from.name isChecked then response.write(rs("name"))" but its alot of hardcoding, and its not flexible.I'm still relativly new to asp and I'm just messing around with various tutorials I found in the net, so I hope I dont screw up and break the internet or something.
selecting multiple values in ddl,
in JavaScript
Posted