DaniWeb Forum Index > Web Development > ASP

Please check and provide solution for my code

Please support our ASP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases

•

Join Date: Jul 2004

Posts: 1

Reputation: Pradhuman is an unknown quantity at this point

Solved Threads: 0

Pradhuman

Offline

Newbie Poster

Please check and provide solution for my code

Jul 14th, 2004

<%@ Language=VBScript %>
<html>
<head>
<title>Furniture4all.com</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="links.css" type="text/css">
</head>
<body bgcolor="#800080" text="#FFFFFF" leftmargin="0" topmargin="0">
<%
function traceLine(str)
traceLine = replace(str, chr(13), "<br>")
end function

dim con, rs, id, pass, sNo
set con= server.CreateObject("ADODB.Connection")
set rs = server.CreateObject("ADODB.Recordset")
set rs1 = server.CreateObject("ADODB.Recordset")

name=session("userName")
pass=session("password")

con.Open "Provider=Microsoft.jet.OLEDB.4.0; data Source = " & server.MapPath("../FurnitureData.mdb")
rs.Open "SELECT * FROM adminUser WHERE adminName='"&name&"' AND adminPassword='"&pass&"'", con
if rs.EOF then
Response.Write "Unauthorised to access, Username or Password is incorrect"
Response.End
end if
rs.Close

id = Request.QueryString("id")

rs.Open "SELECT * FROM Feedback WHERE id="&id&"",con
Response.Write "<table width='100%'>"
if not rs.EOF then
uID= rs("FirstName")
rs1.Open "SELECT * FROM Feedback WHERE uId='"&FirstName&"'", con
str = str & "<table width=60% align=center border=1>"
str = str & "<tr bgcolor=darkblue><td colspan=2><FONT color=white style='BACKGROUND-COLOR: #00008b'><STRONG>User Information</STRONG></FONT>"
str = str & "<tr><td>FirstName<td> " & rs("firstname")
str = str & "<tr><td>Last Name<td> " & rs("LastName")
str = str & "<tr><td>Sex<td> " & rs("sex")
str = str & "<tr><td>Age<td> " & rs("age")
str = str & "<tr><td>Address<td> " & rs("HouseNo")
str = str & "<tr><td> <td> " & rs("Locality")
str = str & "<tr><td>City<td> " & rs("city")
str = str & "<tr><td>State<td> " & rs("state")
str = str & "<tr><td>Country<td> " & rs("country")
str = str & "<tr><td>Zip<td> " & rs("zip")
str = str & "<tr><td>Phone<td> " & rs("Phone")
str = str & "<tr><td>Email<td> " & rs("email")
str = str & "<tr><td>Query<td> " & traceline(rs("comment"))
Response.Write str
%><form action="replyQuery.asp" method=post id=form1 name=form1>
<tr>
<td>Answer
<td>
<input type=hidden value=<%=id%> name=id>
<textarea name=ans rows=10 cols=50><%=rs("answer")%></textArea>
<tr>
<td> 
<td>
<input type=submit value="Submit" id=submit1 name=submit1></form>
<%
rs1.Close
end if
rs.Close
%>
<tr>
<td> 
<td> 
<tr>
<td> 
<td> 
</table>

<div align="left"></body>
</html>

•

Join Date: Jul 2004

Posts: 32

Reputation: RobUK is an unknown quantity at this point

Solved Threads: 1

RobUK

Offline

Light Poster

Re: Please check and provide solution for my code

Jul 14th, 2004

what exactly is wrong here?

Rob - DMOZ Editor
Web Design Forums - Free website critiques. Web design + SEO Advice

•

Join Date: Apr 2004

Posts: 167

Reputation: Drew is an unknown quantity at this point

Solved Threads: 7

Drew

Offline

Junior Poster

Re: Please check and provide solution for my code

Jul 16th, 2004

Looks like the second SQL statement is missing a quote at the end.

Drew Gauderman
ASP / MSSQL Coder
http://www.iportalx.net - My ASP Portal

•

Join Date: Feb 2004

Posts: 4

Reputation: Ral is an unknown quantity at this point

Solved Threads: 0

Ral

Offline

Newbie Poster

Re: Please check and provide solution for my code

Jul 23rd, 2004

Actually the problem is this line: rs.Open "SELECT * FROM Feedback WHERE id="&id&"",con

You can't use a variable called id since it is a reserved word in ASP. It is good practice to mark your variables to something similar like this:

If you are using a character var start it with c_variablename, bit then b_varname, integer use i_varname. That way you won't run into reserved variable names while programming.