ASP.Classic Getting value from input to POST parameter - vbscript

Please excuse me if this question is dumb.
I need to get an input value and pass it in a POST parameter like follow:
SQL = "[proc_Happy]" & Request.Cookies("UserID")& "," & Request.Form("MYINPUTFIELD")
I have tried hardcoding MYINPUTFIELD with (it worked!):
SQL = "[proc_Happy]" & Request.Cookies("UserID")& "," & 54555152
My input in the asp page looks as follow:
<input type="number" name="MYINPUTFIELD " id="MYINPUTFIELD" value="<%=MYINPUTFIELD%>">
Things I have tried:
Getting the value with JS - failed.
Notes:
MYINPUTFIELD is an int

Is your input field in a form, i.e. is it between <form...> and </form> tags? If no, that's your problem right there. If yes, what does the <form...> tag have in it? Does it say method='get'? If yes, then your inputs are being put in the querystring, not the form object. For Request.Form(...) to work, your form needs to say method='post'.
If you need this code to work with both form methods, you can do something like
dim MyInputField
MyInputField = Request.Querystring("MyInputField")
If MyInputField = "" Then MyInputField = Request.Form("MyInputField")
'make the "OMGSQLINJECTION!!1!" people just go away already
'(note to such people: he's using a frigging stored procedure.)
If Not Isnumeric(MyInputField) Then
MyInputField = 0
End If
SQL = "[proc_Happy]" & Request.Cookies("UserID")& "," & MyInputField

Related

Expected Function or variable vb6.0

Hello i am coding in Visual Basic 6.0 and i have this error, i am trying to make a button inserting data in database.
Expected Function or variable
This is my code
Private Sub Command1_Click()
With ConString.Recordset.AddNew
!ID = txtID
!Emri = txtEmri
!Mbiemri = txtMbiemri
!Datelindja = txtData
!Telefon = !txtTelefon
!Gjinia = gender
!Punesuar = job
!Martese = cmbMartese
!Vendlindja = txtVendlindje
End With
End Sub
txtID is textbox
txtEmri is textbox
txtMbiemri is textbox
txtData is date picker
txtTelefon is textbox
gender is a string that takes value if a radio button is clicked
job is an integer if a checkbox is clicked
cmbMartese is combo box
txtVendlindje is textbox
Thank you in advance.
#JohnEason gave you the right answer. But there's another error in the line !Telefon = !txtTelefon, if I'm not mistaken. It should read !Telefon = txtTelefon, i.e. without the exclamation mark in front of txtTelefon.
I'm also not a big fan of that coding style. I prefer to not rely on default properties, but instead "spell out" the whole term, e.g.
With ConString.Recordset
.AddNew
!ID = txtID.Text
!Emri = txtEmri.Text
!Mbiemri = txtMbiemri.Text
!Datelindja = txtData.Text
!Telefon = txtTelefon.Text
' Since VB6 doesn't provide Intellisense for variables, I prefer to use some
' kind of hungarian notation for variable names, in this case sGender or strGender for a string variable
!Gjinia = gender
' Same here: iJob or intJob for an integer variable
!Punesuar = job
' You need to specify that you want the selected item of a combobox
!Martese = cmbMartese.List(cmbMartese.ListIndex)
!Vendlindja = txtVendlindje.Text
' If you're done setting column values and don't do so somewhere else,
' you also need to add a .Update statement here in order to finish the
' .AddNew action and actually persist the data to the database.
' .Update
End With
End Sub
As pointed out below by #JohnEason, there's also potentially an .Update statement missing within the With/End With block

Classic ASP: Session values fail to pass over to popup window

I'm trying to pass values through session from one page to a popup window. But it fail to pass the value. I checked the ISS where Enable Session State is true. I will post the code which I'm working please let me know something I'm missing in it or any other variable settings problem like php.ini
<script language="javascript" type="text/javascript">
function veh(url) {
popupWindow = window.open(url, 'popUpWindow', 'height=300,width=300,left=50,top=10,resizable=yes,scrollbars=yes,toolbar=yes,menubar=no,location=no,directories=no, status=yes');
}
</script>
<%
' Define to hold temporary super session
Dim strManu // Manufacture type
strManu = Session("Manu")
Dim objRS
Dim strSQL
Dim strVeh
Set objRS=Server.CreateObject ("ADODB.Recordset")
strSQL="SELECT vl.* FROM veh_tbl vl where vl.manuID= " & strManu
objRS.Open strSQL,objconn
if not objRS.eof then
strVeh=objRS("veh")
Session("Veh")=strVeh
end if
objRS.Close
Set objRS=Nothing
<a href='http://www.example.com/popup.asp' target='_self'
onclick='veh(this.href);return false'><img border='0'src='images/info.jpg'></a>
Popup window
<%
Dim strVal
strVal = Session("Veh")
%>
<FORM name=MyForm>
<% Response.Write "<label class = 'col-sm-4 col-form-label'>" & strVal & "</label>" %>
</FORM>
%>
I'm getting the value from the DB and I'm able to print the string(strVeh) in the same page. I'm not able to pass the same in pop window. It fails to show any error. Anyone please help me to address the issue.
Things I would check:
First, in href='http://www.example.com/popup.asp' does the domain and subdomain match the source page exactly? For example adding or removing the "www" may make a difference.
Are you positive if not objRS.eof then is resolving true? For example try just putting session("test") = "test" somewhere on the page outside of a conditional statement and see if that variable is available in the popup.
Had this issue recently, if I typed in 'https://www.myweb.com/checksession.asp' it would not load/could not see the session variables.
Type in 'https://myweb.com/checksession.asp' (i.e. remove the www.) and it works fine.
So something to bear in mind if referencing from another page/ajax/loading scripts etc.

Get Item Text with Persits Asp.Upload

I need help with the component Persits's AspUpload. I need a simply method to get item text from form. I read the manual online http://www.aspupload.com/manual_simple.html but i think that the method presented is not good. In the manual the used method is:
<%
For Each Item in Upload.Form
Response.Write Item.Name & "= " & Item.Value & "<BR>"
Next
%>
I need to get the item.value from item. I already know the item.name. I try with this code, but it doesnt run
var1 = Upload.Form.Item.Name("var1").Item.Value
The error is:
Wrong number of arguments or invalid property assignment: 'Upload.Form.Item'
I've found a solution but i don't like it
For Each Item in Upload.Form
if Item.Name = "var1" then var1=Item.Value end if
Next
Do you have any more elegant solution? Thanks
Admittedly the documentation isn't the clearest but Upload.Form is a collection the documentation says;
To reference an individual form item of the collection you may use a 1-based integer index, or a string corresponding to the NAME attribute of a text item of your upload form.
So you can access it like most collections in Classic ASP
name = Upload.Form("var1").Name
value = Upload.Form("var1").Value
As long as var1 equates to the NAME attribute of the HTML form field element (INPUT, SELECT, TEXTAREA etc).

Classic ASP Type Mismatch with If Then Statement

Can someone please tell me why this is tossing a Type Mismatch using Classic ASP error?
If (strPaidByPO = True) OR (arrResult(0) = "1") Then
'Do Stuff
Else
'Do Other stuff
End if
arrResults is an Array and strPaidByPO is a variable.
Thanks,
Before the If statement type the following (I think you may be making assumptions about the Types).
Call Response.Write(TypeName(strPaidByPO) & "<br />")
Call Response.Write(TypeName(arrResult) & "<br />")
Call Response.Flush()
If your variables are of the type you expected you should get the following output
Boolean
Variant()
Also you might receive this if your Array is multidimensional in which case you need to specify all the dimensions.
The other possibility is arrResult(0) contains something other than a String. In which case use TypeName(arrResult(0)) to check what that is.
Try this and see result based on which you can correct your script:
response.write(cStr(strPaidByPO) & "- My strPaidByPO value<br>")
response.write(arrResult(0) & "- My Array value")
If (strPaidByPO = True) OR (cStr(arrResult(0)) = "1") Then
'Do Stuff
Else
'Do Other stuff
End if
but if your strPaidByPO contain values other then true - false (Boolean) you need to review your approach to this completely. For example if strPaidByPO is NULL or empty your script will trough you an error like you described.

How to query XML by Attribute Index Using XMLDom

I am trying to query an XML File in order to get the attribute values for a specific element.
This works fine when the element has a unique set of attribute e.g.
<parent>
<child code="REWC" curr="PLN" amt="1000"/>
</parent>
In order to query the above I use:
object = Microsoft.XMLDOM
getElementsByTagName OR selectSingleNode method
Once I have that, I run the 'getAttribute' method, which gives me what I need
code snippet:
Set ElementValue = m_objXmlDom.selectSingleNode("//Txn[" & p_intIndex & "]/" & p_strElementName & " ")
'set attribute value
strAttributeValue = ElementValue.getAttribute(p_strAttributeName)
However, I am now in a situation where the XML looks as per below:
<parent>
<child code="REWC" curr="PLN" amt="1000"/>
<child code="xxxx" curr="EUR" amt="1500"/>
<child code="yyyy" curr="GBP" amt="1700"/>
</parent>
Is there a simple way to iterate through each attribute, get the value, and then I can do something with it.
I am looking for something like:
.getAttribute(code)[0]
.getAttribute(code)[1]
.getAttribute(code)[2]
Something like the above will print out all the values for all attributes. But Im not to sure how to index at the attribute level.
Any help would be great. I am using VBScript with Microsoft XMLDom.
Ok, I have gotten around the issue now by doing a for loop in order to iterate
over all of the elements that have been returned, and then reading in each attribute.
If the attribute matches the one I am looking for then I exit the for loop.
if there is a better way of doing this, then please share any answers, in the meantime my
code is working as per below.
Code snippet:
Set Data = m_objXmlDom.getElementsByTagName(".//Txn[" & p_intIndex & "]/" & p_strElementName & "/" & p_strSubElementName & "")
'loop through each one
For Each DataItem in Data
strTemp1 = DataItem.getAttribute("code")
strTemp2 = DataItem.getAttribute("curr")
strTemp3 = DataItem.getAttribute("amt")
If strTemp1 = strExpectedValue Then
'set the values
m_strTemp1 = strTemp1
m_strTemp2 = strTemp2
m_strTemp3 = strTemp3
'set pass flag
blnDataFound = True
Exit For
End If
Next

Resources